Slackware64-current ChangeLog

ChangeLog for: 2016-11-01 00:38:24

a/grep-2.26-x86_64-1.txz:  Upgraded.
a/kernel-generic-4.4.29-x86_64-1.txz:  Upgraded.
  Fixes a security issue (Dirty COW).
  (* Security fix *)
a/kernel-huge-4.4.29-x86_64-1.txz:  Upgraded.
  Fixes a security issue (Dirty COW).
  (* Security fix *)
a/kernel-modules-4.4.29-x86_64-1.txz:  Upgraded.
ap/mariadb-10.0.28-x86_64-1.txz:  Upgraded.
  This update fixes several security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7440
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5584
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
  (* Security fix *)
d/gdb-7.12-x86_64-1.txz:  Upgraded.
d/guile-2.0.13-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.4.29-x86-1.txz:  Upgraded.
k/kernel-source-4.4.29-noarch-1.txz:  Upgraded.
  This kernel fixes a security issue known as "Dirty COW".  A race
  condition was found in the way the Linux kernel's memory subsystem
  handled the copy-on-write (COW) breakage of private read-only
  memory mappings.  An unprivileged local user could use this flaw to
  gain write access to otherwise read-only memory mappings and thus
  increase their privileges on the system.
  For more information, see:
    https://dirtycow.ninja/
    https://www.kb.cert.org/vuls/id/243144
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
  (* Security fix *)
l/libcdio-0.94-x86_64-1.txz:  Upgraded.
n/nmap-7.30-x86_64-1.txz:  Upgraded.
n/php-5.6.27-x86_64-1.txz:  Upgraded.
  This release fixes bugs and security issues.
  For more information, see:
    https://php.net/ChangeLog-5.php#5.6.27
  (* Security fix *)
x/libX11-1.6.4-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory read in XGetImage() or write in XListFonts().
  Affected versions libX11 <= 1.6.3.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943
  (* Security fix *)
x/libXfixes-5.0.3-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause an integer
  overflow on 32 bit architectures.
  Affected versions : libXfixes <= 5.0.2.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944
  (* Security fix *)
x/libXi-1.7.8-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory access or endless loops (Denial of Service).
  Affected versions libXi <= 1.7.6.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7945
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7946
  (* Security fix *)
x/libXrandr-1.5.1-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory writes.
  Affected versions: libXrandr <= 1.5.0.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
  (* Security fix *)
x/libXrender-0.9.10-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory writes.
  Affected version: libXrender <= 0.9.9.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7949
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7950
  (* Security fix *)
x/libXtst-1.2.3-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory access or endless loops (Denial of Service).
  Affected version libXtst <= 1.2.2. 
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7952
  (* Security fix *)
x/libXv-1.0.11-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause out of boundary
  memory and memory corruption.
  Affected version libXv <= 1.0.10.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5407
  (* Security fix *)
x/libXvMC-1.0.10-x86_64-1.txz:  Upgraded.
  Insufficient validation of data from the X server can cause a one byte buffer
  read underrun.
  Affected version: libXvMC <= 1.0.9.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953 
  (* Security fix *)
xap/mozilla-firefox-49.0.2-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/xscreensaver-5.36-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.