Slackware-current ChangeLog (2016-09-10)
Sat Sep 10 18:04:42 UTC 2016
Packages
Upgraded
- l/gtk+2-2.24.31-i586-1.txz
This update fixes a security issue: Integer overflow in the
gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c allows remote
attackers to cause a denial of service (crash) via a large image file,
which triggers a large memory allocation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447
(* Security fix *) - n/gnutls-3.4.15-i586-1.txz
libgnutls: Corrected the comparison of the serial size in OCSP response.
Previously the OCSP certificate check wouldn't verify the serial length
and could succeed in cases it shouldn't (GNUTLS-SA-2016-3).
Reported by Stefan Buehler.
For more information, see:
https://www.gnutls.org/security.html
(* Security fix *)