Slackware64-current ChangeLog (2016-09-21)
Wed Sep 21 21:10:52 UTC 2016
Packages
Upgraded
- n/irssi-0.8.20-x86_64-1.txz
This update fixes two remote crash and heap corruption vulnerabilites
in Irssi's format parsing code. Impact: Remote crash and heap
corruption. Remote code execution seems difficult since only Nuls are
written. Bugs discovered by, and patches provided by Gabriel Campana
and Adrien Guinet from Quarkslab.
For more information, see:
https://irssi.org/security/irssi_sa_2016.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
(* Security fix *)
Wed Sep 21 15:54:06 UTC 2016
Packages
Rebuilt
- a/mkinitrd-1.4.8-x86_64-9.txz
When generating the initrd, include dmsetup whenever LUKS is requested.
Thanks to TracyTiger for the bug report and Eric Hameleers for the patch. - l/qt-4.8.7-x86_64-5.txz
In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid
ld warnings when using qmake on a multilib system.
Thanks to Jonathan Woithe for the bug report and fix. - n/network-scripts-14.2-noarch-4.txz
rc.inet1.new: Use return (not continue) to leave the if_up() function.
Thanks to Tim Thomas for the bug report.
Upgraded
- xap/mozilla-firefox-49.0-x86_64-1.txz
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *) - xap/pidgin-2.11.0-x86_64-1.txz
This release fixes bugs and security issues.
For more information, see:
https://www.pidgin.im/news/security/
(* Security fix *)