Slackware64-current ChangeLog (2016-05-03)
Tue May 3 20:30:53 UTC 2016
Packages
Upgraded
- n/openssl-1.0.2h-x86_64-1.txz
This update fixes the following security issues:
Memory corruption in the ASN.1 encoder (CVE-2016-2108)
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
EVP_EncodeUpdate overflow (CVE-2016-2105)
EVP_EncryptUpdate overflow (CVE-2016-2106)
ASN.1 BIO excessive memory allocation (CVE-2016-2109)
EBCDIC overread (CVE-2016-2176)
For more information, see:
https://www.openssl.org/news/secadv/20160503.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176
(* Security fix *)
Added
- testing/packages/tmux-2.2-x86_64-1.txz
For those using a UTF8 locale, I'm adding back the latest tmux in /testing.
Most likely we'll throw the switch on “UTF8 by default” shortly into the
next development cycle, but now isn't the time for it.