Slackware64-14.1 ChangeLog (2013-07-16)
Tue Jul 16 21:18:56 UTC 2013
Packages
Upgraded
- n/php-5.4.17-x86_64-1.txz
This update fixes an issue where XML in PHP does not properly consider
parsing depth, which allows remote attackers to cause a denial of service
(heap memory corruption) or possibly have unspecified other impact via a
crafted document that is processed by the xml_parse_into_struct function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113
(* Security fix *)
Rebuilt
- n/cyrus-sasl-2.1.23-x86_64-5.txz
Patched for new glibc crypt(). Thanks to mancha.