Slackware64-14.0 ChangeLog (2017-09-23)
Sat Sep 23 01:02:32 UTC 2017
Packages
Upgraded
- patches/packages/libxml2-2.9.5-x86_64-1_slack14.0.txz
This release fixes some security issues:
Detect infinite recursion in parameter entities (Nick Wellnhofer),
Fix handling of parameter-entity references (Nick Wellnhofer),
Disallow namespace nodes in XPointer ranges (Nick Wellnhofer),
Fix XPointer paths beginning with range-to (Nick Wellnhofer).
(* Security fix *) - patches/packages/python-2.7.14-x86_64-1_slack14.0.txz
Updated to the latest 2.7.x release.
This fixes some security issues related to the bundled expat library.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
(* Security fix *)