news:2014:04:21:slackware64-current-changelog

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
news:2014:04:21:slackware64-current-changelog [2015/03/10 01:13] – creata Giuseppe Di Terlizzinews:2014:04:21:slackware64-current-changelog [2015/03/26 10:43] (current) Giuseppe Di Terlizzi
Line 2: Line 2:
  
 ====== Mon Apr 21 20:09:48 UTC 2014 ====== ====== Mon Apr 21 20:09:48 UTC 2014 ======
- 
- 
 ===== Packages ===== ===== Packages =====
  
 ==== Upgraded ==== ==== Upgraded ====
-  * [[slackware64.current>l/libyaml-0.1.6-x86_64-1.txz]] (Security fix) +  * [[slackware64.current>l/libyaml-0.1.6-x86_64-1.txz]] \\   This update fixes a heap overflow in URI escape parsing of YAML in Ruby, \\   where a specially crafted string could cause a heap overflow leading to \\   arbitrary code execution. \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 \\     https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/ \\   (* Security fix *) 
-  * [[slackware64.current>n/php-5.4.27-x86_64-1.txz]] (Security fix) +  * [[slackware64.current>n/php-5.4.27-x86_64-1.txz]] \\   This update fixes a security issue in the in the awk script detector \\   which allows context-dependent attackers to cause a denial of service \\   (CPU consumption) via a crafted ASCII file that triggers a large amount \\   of backtracking. \\   For more information, see: \\     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 \\   (* Security fix *)
-===== ChangeLog ===== +
-<code> +
-Mon Apr 21 20:09:48 UTC 2014 +
-l/libyaml-0.1.6-x86_64-1.txz:  Upgraded. +
-  This update fixes a heap overflow in URI escape parsing of YAML in Ruby, +
-  where a specially crafted string could cause a heap overflow leading to +
-  arbitrary code execution. +
-  For more information, see: +
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 +
-    https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/ +
-  (* Security fix *) +
-n/php-5.4.27-x86_64-1.txz:  Upgraded. +
-  This update fixes a security issue in the in the awk script detector +
-  which allows context-dependent attackers to cause a denial of service +
-  (CPU consumption) via a crafted ASCII file that triggers a large amount +
-  of backtracking. +
-  For more information, see: +
-    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 +
-  (* Security fix *) +
-</code> +
  
  
-{{tag>news 2014/04 slackware64-current changelog}}+{{tag>slackware changelog slackware64-current 2014/04}}
  
  • news/2014/04/21/slackware64-current-changelog.1425946422.txt.gz
  • Last modified: 9 years ago
  • by Giuseppe Di Terlizzi