Wednesday, February 24, 2016

Security Update: libgcrypt, bind, glibc, and ntp

There are 4 security updates released today for Slackware:
  • libgcrypt upgraded to 1.5.5 for all stable releases back to 13.0 and 1.6.5 for current
  • bind upgraded to 9.9.8_P3 for all stable releases back to 13.0 and 9.10.3 for current
  • ntp upgraded to 4.2.8p6 for all branches
  • glibc rebuilt to add a fix for CVE 2015-7547 for 14.1 and upgraded to 2.23 for current
Please note that Slackware IS NOT vulnerable to CVE 2015-7547 due to patch that were applied back in 2009 and not removed by Pat even though it was fixed in the main tree since then.

There are also some other changes in current tree:
  • kernel upgraded to 4.4.2
  • some changes in cups, mc, GConf, blueman, and alsa-lib to fix some issues
  • upgrade some packages: libproxy, nmap, xf86-video-amdgpu, and tigervnc