Slackware64-current ChangeLog

ChangeLog for: 2016-04-29 21:54:01

ap/cups-filters-1.8.3-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-0.43.0.
kde/calligra-2.9.11-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-0.43.0.
l/poppler-0.43.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/ntp-4.2.8p7-x86_64-1.txz:  Upgraded.
  This release patches several low and medium severity security issues:
  CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering
  CVE-2016-1549: Sybil vulnerability: ephemeral association attack,
    AKA: ntp-sybil - MITIGATION ONLY
  CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion
    botch
  CVE-2016-2517: Remote configuration trustedkey/requestkey values are not
    properly validated
  CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with
    MATCH_ASSOC
  CVE-2016-2519: ctl_getitem() return value not always checked
  CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos
  CVE-2016-1548: Interleave-pivot - MITIGATION ONLY
  CVE-2015-7704: KoD fix: peer associations were broken by the fix for
    NtpBug2901, AKA: Symmetric active/passive mode is broken
  CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks
  CVE-2016-1550: Improve NTP security against buffer comparison timing attacks,
    authdecrypt-timing, AKA: authdecrypt-timing
  For more information, see:
    http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519
  (* Security fix *)
n/php-5.6.21-x86_64-1.txz:  Upgraded.
  This release fixes bugs and security issues.
  For more information, see:
    http://php.net/ChangeLog-5.php#5.6.21
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074
  (* Security fix *)
x/libdrm-2.4.68-x86_64-1.txz:  Upgraded.
xfce/tumbler-0.1.31-x86_64-6.txz:  Rebuilt.
  Recompiled against poppler-0.43.0.