Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.2 ChangeLog (2017-01-12) ====== ====== Thu Jan 12 19:20:21 UTC 2017 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.14.2>patches/packages/bind-9.10.4_P5-arm-1_slack14.2.txz]] \\ This update fixes a denial-of-service vulnerability. An error in handling \\ certain queries can cause an assertion failure when a server is using the \\ nxdomain-redirect feature to cover a zone for which it is also providing \\ authoritative service. A vulnerable server could be intentionally stopped \\ by an attacker if it was using a configuration that met the criteria for \\ the vulnerability and if the attacker could cause it to accept a query \\ that possessed the required attributes. \\ Please note: This vulnerability affects the "nxdomain-redirect" feature, \\ which is one of two methods of handling NXDOMAIN redirection, and is only \\ available in certain versions of BIND. Redirection using zones of type \\ "redirect" is not affected by this vulnerability. \\ For more information, see: \\ https://kb.isc.org/article/AA-01442 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778 \\ (* Security fix *) * [[slackwarearm.14.2>patches/packages/gnutls-3.5.8-arm-1_slack14.2.txz]] \\ This update fixes some bugs and security issues. \\ For more information, see: \\ https://gnutls.org/security.html#GNUTLS-SA-2017-1 \\ https://gnutls.org/security.html#GNUTLS-SA-2017-2 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337 \\ (* Security fix *) * [[slackwarearm.14.2>patches/packages/irssi-0.8.21-arm-1_slack14.2.txz]] \\ Fixed security issues that may result in a denial of service. \\ For more information, see: \\ https://irssi.org/security/irssi_sa_2017_01.txt \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196 \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.2 2017-01}} news/2017/01/12/slackwarearm-14.2-changelog.txt Last modified: 6 months agoby Giuseppe Di Terlizzi Log In