Slackware-14.1 ChangeLog (2015-01-28)
Wed Jan 28 19:23:00 UTC 2015
Packages
Rebuilt
- patches/packages/glibc-2.17-i486-10_slack14.1.txz
This update patches a security issue __nss_hostname_digits_dots() function
of glibc which may be triggered through the gethostbyname*() set of
functions. This flaw could allow local or remote attackers to take control
of a machine running a vulnerable version of glibc. Thanks to Qualys for
discovering this issue (also known as the GHOST vulnerability.)
For more information, see:
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
(* Security fix *)
Upgraded
- patches/packages/glibc-zoneinfo-2014j-noarch-1.txz
Upgraded to tzcode2014j and tzdata2014j.