Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-current ChangeLog (2014-04-21) ====== ====== Mon Apr 21 20:09:48 UTC 2014 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.current>l/libyaml-0.1.6-x86_64-1.txz]] \\ This update fixes a heap overflow in URI escape parsing of YAML in Ruby, \\ where a specially crafted string could cause a heap overflow leading to \\ arbitrary code execution. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 \\ https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/ \\ (* Security fix *) * [[slackware64.current>n/php-5.4.27-x86_64-1.txz]] \\ This update fixes a security issue in the in the awk script detector \\ which allows context-dependent attackers to cause a denial of service \\ (CPU consumption) via a crafted ASCII file that triggers a large amount \\ of backtracking. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 \\ (* Security fix *) {{tag>slackware changelog slackware64-current 2014/04}} news/2014/04/21/slackware64-current-changelog.txt Last modified: 9 years agoby Giuseppe Di Terlizzi Log In