Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.2 ChangeLog (2016-05-11) ====== ====== Wed May 11 05:20:01 UTC 2016 ====== ===== Packages ===== ==== Rebuilt ==== * [[slackware64.14.2>a/dcron-4.5-x86_64-5.txz]] \\ Patched bug where cron.update is not picked up while jobs are still running. \\ Thanks to Jeroen Hendriks. * [[slackware64.14.2>ap/lxc-2.0.0-x86_64-4.txz]] \\ Applied "[PATCH] cgfsng: don't require that systemd subsystem be mounted". \\ Thanks to Johannes Schöpfer. ==== Upgraded ==== * [[slackware64.14.2>ap/moc-2.5.1-x86_64-1.txz]] * [[slackware64.14.2>ap/slackpkg-2.82.1-noarch-1.txz]] \\ Updated x86* mirrors lists for Slackware 14.2. * [[slackware64.14.2>n/openvpn-2.3.11-x86_64-1.txz]] * [[slackware64.14.2>x/mesa-11.2.2-x86_64-1.txz]] * [[slackware64.14.2>xap/imagemagick-6.9.4_1-x86_64-1.txz]] \\ This release addresses several security issues in ImageMagick, including: \\ Insufficient shell characters filtering allows code execution (CVE-2016-3714) \\ Server Side Request Forgery (CVE-2016-3718) \\ File deletion (CVE-2016-3715) \\ File moving (CVE-2016-3716) \\ Local file read (CVE-2016-3717) \\ In addition, the default policy.xml config file has been modified to disable \\ all of the previously vulnerable coders, and to disable indirect reads. \\ For more information, see: \\ https://imagetragick.com \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3714 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3718 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3715 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3716 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3717 \\ (* Security fix *) {{tag>slackware changelog slackware64-14.2 2016/05}} news/2016/05/11/slackware64-14.2-changelog.txt Last modified: 8 years agoby Giuseppe Di Terlizzi Log In