Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-current ChangeLog (2016-10-31) ====== ====== Mon Oct 31 23:38:24 UTC 2016 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>a/grep-2.26-i586-1.txz]] * [[slackware.current>a/kernel-generic-4.4.29-i586-1.txz]] \\ Fixes a security issue (Dirty COW). \\ (* Security fix *) * [[slackware.current>a/kernel-generic-smp-4.4.29_smp-i686-1.txz]] \\ Fixes a security issue (Dirty COW). \\ (* Security fix *) * [[slackware.current>a/kernel-huge-4.4.29-i586-1.txz]] \\ Fixes a security issue (Dirty COW). \\ (* Security fix *) * [[slackware.current>a/kernel-huge-smp-4.4.29_smp-i686-1.txz]] \\ Fixes a security issue (Dirty COW). \\ (* Security fix *) * [[slackware.current>a/kernel-modules-4.4.29-i586-1.txz]] * [[slackware.current>a/kernel-modules-smp-4.4.29_smp-i686-1.txz]] * [[slackware.current>ap/mariadb-10.0.28-i586-1.txz]] \\ This update fixes several security issues. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663 \\ (* Security fix *) * [[slackware.current>d/gdb-7.12-i586-1.txz]] * [[slackware.current>d/guile-2.0.13-i586-1.txz]] * [[slackware.current>d/kernel-headers-4.4.29_smp-x86-1.txz]] * [[slackware.current>k/kernel-source-4.4.29_smp-noarch-1.txz]] \\ This kernel fixes a security issue known as "Dirty COW". A race \\ condition was found in the way the Linux kernel's memory subsystem \\ handled the copy-on-write (COW) breakage of private read-only \\ memory mappings. An unprivileged local user could use this flaw to \\ gain write access to otherwise read-only memory mappings and thus \\ increase their privileges on the system. \\ For more information, see: \\ https://dirtycow.ninja/ \\ https://www.kb.cert.org/vuls/id/243144 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 \\ (* Security fix *) * [[slackware.current>l/libcdio-0.94-i586-1.txz]] * [[slackware.current>n/nmap-7.30-i586-1.txz]] * [[slackware.current>n/php-5.6.27-i586-1.txz]] \\ This release fixes bugs and security issues. \\ For more information, see: \\ https://php.net/ChangeLog-5.php#5.6.27 \\ (* Security fix *) * [[slackware.current>x/libX11-1.6.4-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory read in XGetImage() or write in XListFonts(). \\ Affected versions libX11 <= 1.6.3. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943 \\ (* Security fix *) * [[slackware.current>x/libXfixes-5.0.3-i586-1.txz]] \\ Insufficient validation of data from the X server can cause an integer \\ overflow on 32 bit architectures. \\ Affected versions : libXfixes <= 5.0.2. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944 \\ (* Security fix *) * [[slackware.current>x/libXi-1.7.8-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory access or endless loops (Denial of Service). \\ Affected versions libXi <= 1.7.6. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946 \\ (* Security fix *) * [[slackware.current>x/libXrandr-1.5.1-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory writes. \\ Affected versions: libXrandr <= 1.5.0. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948 \\ (* Security fix *) * [[slackware.current>x/libXrender-0.9.10-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory writes. \\ Affected version: libXrender <= 0.9.9. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950 \\ (* Security fix *) * [[slackware.current>x/libXtst-1.2.3-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory access or endless loops (Denial of Service). \\ Affected version libXtst <= 1.2.2. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952 \\ (* Security fix *) * [[slackware.current>x/libXv-1.0.11-i586-1.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory and memory corruption. \\ Affected version libXv <= 1.0.10. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407 \\ (* Security fix *) * [[slackware.current>x/libXvMC-1.0.10-i586-1.txz]] \\ Insufficient validation of data from the X server can cause a one byte buffer \\ read underrun. \\ Affected version: libXvMC <= 1.0.9. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953 \\ (* Security fix *) * [[slackware.current>xap/mozilla-firefox-49.0.2-i586-1.txz]] \\ This release contains security fixes and improvements. \\ For more information, see: \\ http://www.mozilla.org/security/known-vulnerabilities/firefox.html \\ (* Security fix *) * [[slackware.current>xap/xscreensaver-5.36-i586-1.txz]] * [[slackware.current>extra/linux-4.4.29-nosmp-sdk/*]] * [[slackware.current>kernels/*]] ==== Rebuilt ==== * [[slackware.current>isolinux/initrd.img]] * [[slackware.current>usb-and-pxe-installers/usbboot.img]] {{tag>slackware changelog slackware-current 2016/10}} news/2016/10/31/slackware-current-changelog.txt Last modified: 8 years agoby Giuseppe Di Terlizzi Log In