Slackware-14.0 ChangeLog (2016-09-21)
Wed Sep 21 21:10:52 UTC 2016
Packages
Upgraded
- patches/packages/irssi-0.8.20-i486-1_slack14.0.txz
This update fixes two remote crash and heap corruption vulnerabilites
in Irssi's format parsing code. Impact: Remote crash and heap
corruption. Remote code execution seems difficult since only Nuls are
written. Bugs discovered by, and patches provided by Gabriel Campana
and Adrien Guinet from Quarkslab.
For more information, see:
https://irssi.org/security/irssi_sa_2016.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
(* Security fix *)
Wed Sep 21 15:54:06 UTC 2016
Packages
Upgraded
- patches/packages/pidgin-2.10.11-i486-1_slack14.0.txz
This release fixes bugs and security issues.
For more information, see:
https://www.pidgin.im/news/security/
(* Security fix *)