• patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz (Security fix)
• patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz

Tue Apr  8 14:19:51 UTC 2014
patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz:  Upgraded.
  This update fixes two security issues:
  A missing bounds check in the handling of the TLS heartbeat extension
  can be used to reveal up to 64k of memory to a connected client or server.
  Thanks for Neel Mehta of Google Security for discovering this bug and to
  Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
  preparing the fix.
  Fix for the attack described in the paper "Recovering OpenSSL
  ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
  by Yuval Yarom and Naomi Benger. Details can be obtained from:
  http://eprint.iacr.org/2014/140
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz:  Upgraded.