Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.0 ChangeLog (2016-10-31) ====== ====== Mon Oct 31 23:38:24 UTC 2016 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.0>patches/packages/inputproto-2.3.2-noarch-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/libX11-1.6.4-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory read in XGetImage() or write in XListFonts(). \\ Affected versions libX11 <= 1.6.3. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXext-1.3.3-x86_64-1_slack14.0.txz]] * [[slackware64.14.0>patches/packages/libXfixes-5.0.3-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause an integer \\ overflow on 32 bit architectures. \\ Affected versions : libXfixes <= 5.0.2. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXi-1.7.8-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory access or endless loops (Denial of Service). \\ Affected versions libXi <= 1.7.6. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXrandr-1.5.1-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory writes. \\ Affected versions: libXrandr <= 1.5.0. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXrender-0.9.10-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory writes. \\ Affected version: libXrender <= 0.9.9. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXtst-1.2.3-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory access or endless loops (Denial of Service). \\ Affected version libXtst <= 1.2.2. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXv-1.0.11-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause out of boundary \\ memory and memory corruption. \\ Affected version libXv <= 1.0.10. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libXvMC-1.0.10-x86_64-1_slack14.0.txz]] \\ Insufficient validation of data from the X server can cause a one byte buffer \\ read underrun. \\ Affected version: libXvMC <= 1.0.9. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/libxcb-1.11.1-x86_64-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/linux-3.2.83/*]] \\ This kernel fixes a security issue known as "Dirty COW". A race \\ condition was found in the way the Linux kernel's memory subsystem \\ handled the copy-on-write (COW) breakage of private read-only \\ memory mappings. An unprivileged local user could use this flaw to \\ gain write access to otherwise read-only memory mappings and thus \\ increase their privileges on the system. \\ Be sure to upgrade your initrd and reinstall LILO after upgrading \\ the kernel packages. \\ For more information, see: \\ https://dirtycow.ninja/ \\ https://www.kb.cert.org/vuls/id/243144 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/php-5.6.27-x86_64-1_slack14.0.txz]] \\ This release fixes bugs and security issues. \\ For more information, see: \\ https://php.net/ChangeLog-5.php#5.6.27 \\ (* Security fix *) * [[slackware64.14.0>patches/packages/randrproto-1.5.0-noarch-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/xcb-proto-1.11-x86_64-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/xextproto-7.3.0-x86_64-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/xproto-7.0.29-noarch-1_slack14.0.txz]] \\ This update is a prerequisite for other security updates. * [[slackware64.14.0>patches/packages/xscreensaver-5.36-x86_64-1_slack14.0.txz]] \\ Here's an upgrade to the latest xscreensaver. {{tag>slackware changelog slackware64-14.0 2016-10}} news/2016/10/31/slackware64-14.0-changelog.txt Last modified: 5 months agoby Giuseppe Di Terlizzi Log In