Slackware64-14.0 ChangeLog (2017-03-23)
Thu Mar 23 21:38:23 UTC 2017
Packages
Upgraded
- patches/packages/glibc-zoneinfo-2017b-noarch-1_slack14.0.txz
This package provides the latest timezone updates. - patches/packages/mcabber-1.0.5-x86_64-1_slack14.0.txz
This update fixes a security issue:
An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
clients allows a remote attacker to impersonate any user, including
contacts, in the vulnerable application's display. This allows for various
kinds of social engineering attacks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *) - patches/packages/samba-4.4.12-x86_64-1_slack14.0.txz
This update fixes a security issue:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
(* Security fix *)