Slackware-12.2 ChangeLog detailed RSS at Slackware.PL

en-us shasta@slackware.pl (Slackware.PL staff) http://blogs.law.harvard.edu/tech/rss http://slackware.pl/ Slackware-12.2 ChangeLog detailed RSS at Slackware.PL Changelog activity and resources for slackware-12.2 (detailed version) patches/packages/pidgin-2.6.6-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/pidgin-2.6.6-i486-1_slack12.2.tgz Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 (* Security fix *) Wed, 10 Mar 2010 22:38:18 +0100 patches/packages/openssl-0.9.8m-i486-2_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8m-i486-2_slack12.2.tgz Rebuilt. Tue, 09 Mar 2010 21:31:21 +0100 patches/packages/openssl-solibs-0.9.8m-i486-2_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8m-i486-2_slack12.2.tgz Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. Tue, 09 Mar 2010 21:31:21 +0100 patches/packages/httpd-2.2.15-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.15-i486-1_slack12.2.tgz Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 (* Security fix *) Mon, 08 Mar 2010 20:49:02 +0100 patches/packages/mozilla-firefox-3.0.18-i686-1.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/mozilla-firefox-3.0.18-i686-1.tgz Upgraded. Upgraded to firefox-3.0.18. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) Sat, 06 Mar 2010 18:57:32 +0100 patches/packages/openssl-0.9.8m-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8m-i486-1_slack12.2.tgz Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 (* Security fix *) Mon, 01 Mar 2010 05:02:21 +0100 patches/packages/openssl-solibs-0.9.8m-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8m-i486-1_slack12.2.tgz Upgraded. Mon, 01 Mar 2010 05:02:21 +0100 patches/packages/proftpd-1.3.3-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/proftpd-1.3.3-i486-1_slack12.2.tgz Upgraded. Mon, 01 Mar 2010 05:02:21 +0100 patches/packages/seamonkey-2.0.3-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/seamonkey-2.0.3-i486-1_slack12.2.tgz Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html (* Security fix *) Mon, 01 Mar 2010 05:02:21 +0100 patches/packages/httpd-2.2.14-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.14-i486-1_slack12.2.tgz Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 (* Security fix *) Sun, 24 Jan 2010 20:22:46 +0100 patches/packages/php-5.2.12-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/php-5.2.12-i486-1_slack12.2.tgz Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 (* Security fix *) Sun, 24 Jan 2010 20:22:46 +0100 patches/packages/pidgin-2.6.5-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/pidgin-2.6.5-i486-1_slack12.2.tgz : Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 (* Security fix *) Sun, 24 Jan 2010 20:22:46 +0100 patches/packages/seamonkey-2.0.1-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/seamonkey-2.0.1-i486-1_slack12.2.tgz Upgraded. Upgraded to seamonkey-2.0.1. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html (* Security fix *) Sat, 19 Dec 2009 00:09:53 +0100 patches/packages/mozilla-firefox-3.0.16-i686-1.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/mozilla-firefox-3.0.16-i686-1.tgz Upgraded. Upgraded to firefox-3.0.16. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) Thu, 17 Dec 2009 21:20:39 +0100 patches/packages/gimp-2.4.7-i486-2_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/gimp-2.4.7-i486-2_slack12.2.tgz Rebuilt. This fixes integer overflows in the image handling plugins that could lead to the execution of arbitrary code or an application crash if a malicious image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570 (* Security fix *) Sat, 12 Dec 2009 04:51:11 +0100 patches/packages/ntp-4.2.4p8-i486-1_slack12.2.tgz ftp://ftp.slackware.pl/pub/slackware/slackware-12.2/patches/packages/ntp-4.2.4p8-i486-1_slack12.2.tgz Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 (* Security fix *) Thu, 10 Dec 2009 00:12:58 +0100