Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-14.1 ChangeLog (2014-08-08) ====== ====== Fri Aug 8 19:02:50 UTC 2014 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.14.1>patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz]] \\ This update fixes several security issues: \\ Double Free when processing DTLS packets (CVE-2014-3505) \\ DTLS memory exhaustion (CVE-2014-3506) \\ DTLS memory leak from zero-length fragments (CVE-2014-3507) \\ Information leak in pretty printing functions (CVE-2014-3508) \\ Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) \\ OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) \\ OpenSSL TLS protocol downgrade attack (CVE-2014-3511) \\ SRP buffer overrun (CVE-2014-3512) \\ Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) \\ For more information, see: \\ https://www.openssl.org/news/secadv_20140806.txt \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 \\ (* Security fix *) * [[slackware.14.1>patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz]] \\ (* Security fix *) {{tag>slackware changelog slackware-14.1 2014-08}} news/2014/08/08/slackware-14.1-changelog.txt Last modified: 9 months agoby Giuseppe Di Terlizzi Log In