Slackware64-current ChangeLog

ChangeLog for: 2016-06-25 00:37:19

Sorry about the delay, but we had to wait for this kernel.  At least we were
able to get some other good fixes in this week while we were waiting.  :-)
a/aaa_elflibs-14.2-x86_64-23.txz:  Rebuilt.
a/kernel-generic-4.4.14-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.4.14-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.4.14-x86_64-1.txz:  Upgraded.
ap/mariadb-10.0.26-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.4.14-x86-1.txz:  Upgraded.
k/kernel-source-4.4.14-noarch-1.txz:  Upgraded.
  This kernel release fixes two security issues:
  Corrupted offset allows for arbitrary decrements in compat
  IPT_SO_SET_REPLACE setsockopt.  Risk:  High.  Impact:  Kernel memory
  corruption, leading to elevation of privileges or kernel code execution.
  This occurs in a compat_setsockopt() call that is normally restricted to
  root, however, Linux 3/4 kernels that support user and network namespaces
  can allow an unprivileged user to trigger this functionality.  This is
  exploitable from inside a container.
  Out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt.
  Risk:  Medium.  Impact:  Out of bounds heap memory access, leading to a
  Denial of Service (or possibly heap disclosure or further impact).
  This occurs in a setsockopt() call that is normally restricted to root,
  however, Linux 3/4 kernels that support user and network namespaces can
  allow an unprivileged user to trigger this functionality.  This is
  exploitable from inside a container.
  For more information, see:
    http://www.openwall.com/lists/oss-security/2016/06/24/5
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998
  (* Security fix *)
l/libpng-1.6.23-x86_64-1.txz:  Upgraded.
l/librsvg-2.40.16-x86_64-1.txz:  Upgraded.
n/php-5.6.23-x86_64-1.txz:  Upgraded.
  This release fixes bugs and security issues.
  For more information, see:
    http://php.net/ChangeLog-5.php#5.6.23
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5769
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5770
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5771
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5772
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5773
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.