Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-14.1 ChangeLog (2017-11-28) ====== ====== Tue Nov 28 06:20:03 UTC 2017 ====== ===== Packages ===== ==== Rebuilt ==== * [[slackware.14.1>patches/packages/samba-4.4.16-i486-2_slack14.1.txz]] \\ This is a security update in order to patch the following defects: \\ CVE-2017-14746 (Use-after-free vulnerability.) \\ All versions of Samba from 4.0.0 onwards are vulnerable to a use after \\ free vulnerability, where a malicious SMB1 request can be used to \\ control the contents of heap memory via a deallocated heap pointer. It \\ is possible this may be used to compromise the SMB server. \\ CVE-2017-15275 (Server heap memory information leak.) \\ All versions of Samba from 3.6.0 onwards are vulnerable to a heap \\ memory information leak, where server allocated heap memory may be \\ returned to the client without being cleared. \\ For more information, see: \\ https://www.samba.org/samba/security/CVE-2017-14746.html \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746 \\ https://www.samba.org/samba/security/CVE-2017-15275.html \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275 \\ (* Security fix *) {{tag>slackware changelog slackware-14.1 2017-11}} news/2017/11/28/slackware-14.1-changelog.txt Last modified: 9 months agoby Giuseppe Di Terlizzi Log In