Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-14.0 ChangeLog (2014-08-10) ====== ====== Sun Aug 10 07:43:09 UTC 2014 ====== ===== Packages ===== ==== Rebuilt ==== * [[slackwarearm.14.0>patches/packages/dhcpcd-5.5.6-arm-2_slack14.0.txz]] \\ This update fixes a security issue where a specially crafted packet \\ received from a malicious DHCP server causes dhcpcd to enter an infinite \\ loop causing a denial of service. \\ Thanks to Tobias Stoeckmann for the bug report. \\ (* Security fix *) ==== Upgraded ==== * [[slackwarearm.14.0>patches/packages/openssl-1.0.1i-arm-1_slack14.0.txz]] \\ This update fixes several security issues: \\ Double Free when processing DTLS packets (CVE-2014-3505) \\ DTLS memory exhaustion (CVE-2014-3506) \\ DTLS memory leak from zero-length fragments (CVE-2014-3507) \\ Information leak in pretty printing functions (CVE-2014-3508) \\ Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) \\ OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) \\ OpenSSL TLS protocol downgrade attack (CVE-2014-3511) \\ SRP buffer overrun (CVE-2014-3512) \\ Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) \\ For more information, see: \\ https://www.openssl.org/news/secadv_20140806.txt \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 \\ (* Security fix *) * [[slackwarearm.14.0>patches/packages/openssl-solibs-1.0.1i-arm-1_slack14.0.txz]] \\ (* Security fix *) {{tag>slackware changelog slackwarearm-14.0 2014-08}} news/2014/08/10/slackwarearm-14.0-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In