This is an old revision of the document!
Slackware64-14.0 ChangeLog (2016-02-03)
Wed Feb 3 22:39:25 UTC 2016
Packages
Upgraded
- patches/packages/glibc-zoneinfo-2016a-noarch-1_slack14.0.txz
This package provides the latest timezone updates. - patches/packages/MPlayer-1.2_20160125-x86_64-1_slack14.0.txz
This is the latest MPlayer-1.2 branch, identical to the 1.2.1 stable release.
The bundled ffmpeg has been upgraded to 2.8.5, which fixes two security
issues by which a remote attacker may conduct a cross-origin attack and read
arbitrary files on the system.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898
(* Security fix *) - patches/packages/openssl-1.0.1r-x86_64-1_slack14.0.txz
This update fixes the following security issue:
SSLv2 doesn't block disabled ciphers (CVE-2015-3197).
For more information, see:
https://openssl.org/news/secadv/20160128.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197
(* Security fix *) - patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz
- patches/packages/php-5.6.17-x86_64-1_slack14.0.txz
This release fixes bugs and security issues.
*
* IMPORTANT: READ BELOW ABOUT POTENTIALLY INCOMPATIBLE CHANGES *
*
PHP 5.4.x has been declared EOL (end of life) and is no longer receiving
upstream support. PHP 5.5.x is also no longer on active support status and
security fixes will continue only until 5 months from now. For this reason
we have provided PHP 5.6 packages as security updates. Be aware that PHP
5.6 is not 100% compatible with PHP 5.4, and some changes may be required
to existing web pages written for PHP 5.4.
For information on how to migrate from PHP 5.4, please see:
http://php.net/manual/en/migration55.php
http://php.net/manual/en/migration56.php
The final PHP 5.4 packages may be found in /pasture in case there is a need
to revert this update.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903
(* Security fix *)