Slackware64-14.0 ChangeLog (2016-02-08)
Mon Feb 8 22:08:35 UTC 2016
Packages
Upgraded
- patches/packages/curl-7.47.1-x86_64-1_slack14.0.txz
This update fixes a security issue where NTLM credentials are not checked
for proxy connection reuse. The effects of this flaw is that the application
could be reusing a proxy connection using the previously used credentials
and thus it could be given to or prevented access from resources that it
wasn't intended to. Thanks to Isaac Boukris.
For more information, see:
https://curl.haxx.se/docs/adv_20160127A.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755
(* Security fix *) - patches/packages/flac-1.3.1-x86_64-1_slack14.0.txz
This update is needed by the latest version of libsndfile. - patches/packages/libsndfile-1.0.26-x86_64-1_slack14.0.txz
This release fixes security issues which may allow attackers to cause
a denial of service, or possibly execute arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
(* Security fix *)
Giuseppe Di Terlizzi