diff options
| author | Adrien Nader <adrien@notk.org> | 2014-02-14 01:52:34 +0100 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2014-02-14 01:52:34 +0100 |
| commit | da3efa08aa12cbece3a6ac9c1718e245c9148946 (patch) | |
| tree | 469f18fc6c275741a849312fefc5d1a3338b7ef5 /n | |
| parent | 527e8de634bfcd91a60261644e85391d5e0aa651 (diff) | |
Thu Feb 13 23:45:53 UTC 2014
n/curl-7.35.0-x86_64-1.txz: Upgraded.
This update fixes a flaw where libcurl could, in some circumstances, reuse
the wrong connection when asked to do an NTLM-authenticated HTTP or HTTPS
request.
For more information, see:
http://curl.haxx.se/docs/adv_20140129.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
(* Security fix *)
n/ntp-4.2.6p5-x86_64-5.txz: Rebuilt.
All stable versions of NTP remain vulnerable to a remote attack where the
"ntpdc -c monlist" command can be used to amplify network traffic as part
of a denial of service attack. By default, Slackware is not vulnerable
since it includes "noquery" as a default restriction. However, it is
vulnerable if this restriction is removed. To help mitigate this flaw,
"disable monitor" has been added to the default ntp.conf (which will disable
the monlist command even if other queries are allowed), and the default
restrictions have been extended to IPv6 as well.
All users of the NTP daemon should make sure that their ntp.conf contains
"disable monitor" to prevent misuse of the NTP service. The new ntp.conf
file will be installed as /etc/ntp.conf.new with a package upgrade, but the
changes will need to be merged into any existing ntp.conf file by the admin.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
http://www.kb.cert.org/vuls/id/348126
(* Security fix *)
Diffstat (limited to 'n')
| -rw-r--r-- | n/curl/cacert.pem.bz2 | bin | 134101 -> 133372 bytes | |||
| -rw-r--r-- | n/curl/curl-7.31.0.tar.bz2.asc | 7 | ||||
| -rw-r--r-- | n/curl/curl-7.35.0.tar.bz2.asc | 7 | ||||
| -rwxr-xr-x | n/curl/curl.SlackBuild | 2 |
4 files changed, 8 insertions, 8 deletions
diff --git a/n/curl/cacert.pem.bz2 b/n/curl/cacert.pem.bz2 Binary files differindex 51d93ce..1b50280 100644 --- a/n/curl/cacert.pem.bz2 +++ b/n/curl/cacert.pem.bz2 diff --git a/n/curl/curl-7.31.0.tar.bz2.asc b/n/curl/curl-7.31.0.tar.bz2.asc deleted file mode 100644 index 9194f19..0000000 --- a/n/curl/curl-7.31.0.tar.bz2.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (GNU/Linux) - -iEYEABECAAYFAlHFb/gACgkQeOEcayedXJGA0gCg1x3WYOYmaUT7coXJCXSxXfET -42EAnjejdWmsAzAkHwK9xzgfZrBw3gwF -=Iliw ------END PGP SIGNATURE----- diff --git a/n/curl/curl-7.35.0.tar.bz2.asc b/n/curl/curl-7.35.0.tar.bz2.asc new file mode 100644 index 0000000..b432331 --- /dev/null +++ b/n/curl/curl-7.35.0.tar.bz2.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlLoqU0ACgkQeOEcayedXJEoOgCgp9/5lVJf6w1xJoupo94fKXC8 +bdMAoK7MvEsDwju7gZJEQhKf0TSyJ6hW +=WfMR +-----END PGP SIGNATURE----- diff --git a/n/curl/curl.SlackBuild b/n/curl/curl.SlackBuild index 16535a4..e471b11 100755 --- a/n/curl/curl.SlackBuild +++ b/n/curl/curl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2014 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is |