ChangeLog for: 2016-12-24 19:14:51
a/aaa_elflibs-14.2-x86_64-25.txz: Upgraded.
l/expat-2.2.0-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Multiple integer overflows in XML_GetBuffer.
Fix crash on malformed input.
Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716.
Use more entropy for hash initialization.
Resolve troublesome internal call to srand.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
(* Security fix *)
l/ncurses-6.0-x86_64-2.txz: Rebuilt.
Fixed install script to correctly remove "lint" from the 5.x package.