Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-13.1 ChangeLog (2015-12-16) ====== ====== Wed Dec 16 04:21:07 UTC 2015 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.13.1>patches/packages/bind-9.9.8_P2-x86_64-1_slack13.1.txz]] \\ This update fixes three security issues: \\ Update allowed OpenSSL versions as named is potentially vulnerable \\ to CVE-2015-3193. \\ Insufficient testing when parsing a message allowed records with an \\ incorrect class to be be accepted, triggering a REQUIRE failure when \\ those records were subsequently cached. (CVE-2015-8000) \\ Address fetch context reference count handling error on socket error. \\ (CVE-2015-8461) \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461 \\ (* Security fix *) * [[slackware64.13.1>patches/packages/libpng-1.4.18-x86_64-1_slack13.1.txz]] \\ Fixed incorrect implementation of png_set_PLTE() that uses png_ptr \\ not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126 \\ vulnerability. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472 \\ (* Security fix *) * [[slackware64.13.1>patches/packages/openssl-0.9.8zh-x86_64-1_slack13.1.txz]] \\ This update fixes the following security issues: \\ BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193). \\ Certificate verify crash with missing PSS parameter (CVE-2015-3194). \\ X509_ATTRIBUTE memory leak (CVE-2015-3195). \\ Race condition handling PSK identify hint (CVE-2015-3196). \\ Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794). \\ For more information, see: \\ https://openssl.org/news/secadv_20151203.txt \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196 \\ (* Security fix *) * [[slackware64.13.1>patches/packages/openssl-solibs-0.9.8zh-x86_64-1_slack13.1.txz]] {{tag>slackware changelog slackware64-13.1 2015-12}} news/2015/12/16/slackware64-13.1-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In