Slackware-14.2 ChangeLog (2017-03-23)

Thu Mar 23 21:38:23 UTC 2017

  • patches/packages/glibc-zoneinfo-2017b-noarch-1_slack14.2.txz
    This package provides the latest timezone updates.
  • patches/packages/mcabber-1.0.5-i586-1_slack14.2.txz
    This update fixes a security issue:
    An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
    clients allows a remote attacker to impersonate any user, including
    contacts, in the vulnerable application's display. This allows for various
    kinds of social engineering attacks.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
    (* Security fix *)
  • patches/packages/samba-4.4.12-i586-1_slack14.2.txz
    This update fixes a security issue:
    All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
    a malicious client using a symlink race to allow access to areas of
    the server file system not exported under the share definition.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
    (* Security fix *)
  • news/2017/03/23/slackware-14.2-changelog.txt
  • Last modified: 3 years ago
  • by Giuseppe Di Terlizzi