ChangeLog for: 2016-12-28 22:05:19

ap/nano-2.7.3-x86_64-1.txz:  Upgraded.
d/python-2.7.13-x86_64-1.txz:  Upgraded.
  This release fixes security issues:
  Issue #27850: Remove 3DES from ssl module's default cipher list to counter
  measure sweet32 attack (CVE-2016-2183).
  Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
  HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
  that the script is in CGI mode.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
  (* Security fix *)
n/samba-4.5.3-x86_64-1.txz:  Upgraded.
  This release fixes security issues:
  CVE-2016-2123 (Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer
    Overflow Remote Code Execution Vulnerability).
  CVE-2016-2125 (Unconditional privilege delegation to Kerberos servers
    in trusted realms).
  CVE-2016-2126 (Flaws in Kerberos PAC validation can trigger privilege
    elevation).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2123
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2125
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2126
  (* Security fix *)