Slackwarearm-current ChangeLog (2016-09-15)
Thu Sep 15 19:20:21 UTC 2016
Packages
Upgraded
- ap/mariadb-10.0.27-arm-1.txz
This update fixes a critical vulnerability which can allow local and
remote attackers to inject malicious settings into MySQL configuration
files (my.cnf). A successful exploitation could allow attackers to
execute arbitrary code with root privileges which would then allow them
to fully compromise the server.
This issue was discovered and reported by Dawid Golunski.
For more information, see:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://jira.mariadb.org/browse/MDEV-10465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
(* Security fix *) - ap/texinfo-6.3-arm-1.txz
- ap/vim-8.0.0003-arm-1.txz
- x/libXfont-1.5.2-arm-1.txz
- x/mesa-12.0.2-arm-1.txz
- xap/vim-gvim-8.0.0003-arm-1.txz
Rebuilt
- d/guile-2.0.12-arm-2.txz
Match timestamps across all $ARCH on *.go and *.scm files, otherwise
on multilib systems the compiled (go) files may be detected as older
than the source (scm) files, causing guile to attempt to recompile
itself with every use. - l/sdl-1.2.15-arm-2.txz
Fixed a regression that broke MOD support. Thanks to B Watson.