Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-current ChangeLog (2015-07-17) ====== ====== Fri Jul 17 19:38:52 UTC 2015 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>n/httpd-2.4.16-i586-1.txz]] \\ This update fixes the following security issues: \\ * CVE-2015-0253: Fix a crash with ErrorDocument 400 pointing to a local \\ URL-path with the INCLUDES filter active, introduced in 2.4.11. \\ * CVE-2015-0228: mod_lua: A maliciously crafted websockets PING after a \\ script calls r:wsupgrade() can cause a child process crash. \\ * CVE-2015-3183: core: Fix chunk header parsing defect. Remove \\ apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN \\ filter, parse chunks in a single pass with zero copy. Limit accepted \\ chunk-size to 2^63-1 and be strict about chunk-ext authorized characters. \\ * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache \\ httpd 2.4) with new ap_some_authn_required and ap_force_authn hook. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185 \\ (* Security fix *) * [[slackware.current>n/php-5.6.11-i586-1.txz]] \\ This update fixes some bugs and security issues. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644 \\ (* Security fix *) * [[slackware.current>xap/xscreensaver-5.33-i586-1.txz]] {{tag>slackware changelog slackware-current 2015/07}} news/2015/07/17/slackware-current-changelog.txt Last modified: 9 years agoby Giuseppe Di Terlizzi Log In