Slackware-current ChangeLog (2014-08-01)
Fri Aug 1 21:13:18 UTC 2014
Packages
Rebuilt
- n/dhcpcd-6.0.5-i486-3.txz
This update fixes a security issue where a specially crafted packet
received from a malicious DHCP server causes dhcpcd to enter an infinite
loop causing a denial of service.
Thanks to Tobias Stoeckmann for the bug report.
(* Security fix *) - xap/xscreensaver-5.29-i486-2.txz
Disabled nag screen that says “This version of XScreenSaver is very old!
Please upgrade!” when the age of the software exceeds 12 months.
Upgraded
- n/samba-4.1.11-i486-1.txz
This update fixes a remote code execution attack on unauthenticated nmbd
NetBIOS name services. A malicious browser can send packets that may
overwrite the heap of the target nmbd NetBIOS name services daemon.
It may be possible to use this to generate a remote code execution
vulnerability as the superuser (root).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3560
(* Security fix *)