Slackers (Slackware current journal) - Slackware – GNU/Linux per SubGeni e Fannulloni

Tue Jun 30 00:39:54 CDT 2009
ap/ghostscript-8.64-i486-2.txz: Rebuilt.
Patched various problems with ghostscript that could lead to a denial
of service or the execution of arbitrary code when processing a malicious
or malformed file.
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792

(* Security fix *)

Mon Jun 29 14:44:25 CDT 2009
kde/kdenetwork-4.2.4-i486-2.txz: Rebuilt.
Patched to fix Yahoo! protocol. Thanks to Matt Rogers.
xap/pidgin-2.5.8-i486-1.txz: Upgraded.

Mon Jun 29 02:14:32 CDT 2009
d/git-1.6.3.3-i486-1.txz: Upgraded.
d/subversion-1.6.3-i486-1.txz: Upgraded.
kde/amarok-2.1.1-i486-1.txz: Upgraded.
kde/koffice-2.0.1-i486-1.txz: Upgraded.
kdei/koffice-l10n-*-2.0.1-noarch-1.txz:
Upgraded to KOffice 2.0.1 l10n packages.

Sat Jun 27 19:02:36 CDT 2009
ap/most-5.0.0a-i486-2.txz: Fixed doc directory.
Thanks to Ellington Santos.
xap/mozilla-thunderbird-2.0.0.22-i686-1.txz:
Upgraded to thunderbird-2.0.0.22.
This upgrade fixes some more security bugs.
For more information, see:

http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html

(* Security fix *)

Fri Jun 26 22:06:58 CDT 2009
n/samba-3.2.13-i486-1.txz: Upgraded.
This upgrade fixes the following security issues:
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when “dos filemode”
is set to “yes”.
o CVE-2009-1886:
In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing
with file names treat user input as a format string to asprintf.
With a maliciously crafted file name smbclient can be made
to execute code triggered by the server.
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886

(* Security fix *)
n/sendmail-8.14.3-i486-2.txz: Rebuilt.
Fixed missing praliases. Thanks to Mark Post.
n/sendmail-cf-8.14.3-noarch-2.txz: Rebuilt.
xap/MPlayer-r29390-i486-1.txz: Upgraded.
testing/packages/mesa-7.4.4-i486-1.txz: Upgraded.

Wed Jun 24 19:48:10 CDT 2009
l/seamonkey-solibs-1.1.17-i486-1.txz:
Upgraded to seamonkey-1.1.17 shared libraries.
xap/seamonkey-1.1.17-i486-1.txz:
Upgraded to seamonkey-1.1.17.
This release fixes some more security vulnerabilities.
For more information, see:

http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html

(* Security fix *)

Mon Jun 22 22:24:01 CDT 2009
a/quota-3.17-i486-1.txz: Upgraded.
a/sharutils-4.7-i486-1.txz: Upgraded.
ap/lm_sensors-3.1.1-i486-1.txz: Upgraded.
ap/mc-20090621_git-i486-1.txz: Upgraded.
ap/most-5.0.0a-i486-1.txz: Upgraded.
l/exiv2-0.18.1-i486-1.txz: Upgraded.
l/slang-2.1.4-i486-1.txz: Upgraded.
extra/aspell-word-lists/aspell-pt_BR-20080707_0-noarch-4.txz: Added.

Sun Jun 21 13:23:07 CDT 2009
xap/pidgin-2.5.7-i486-1.txz: Upgraded.
This fixes the Yahoo protocol plugin. Thanks to Willy Sudiarto Raharjo
for letting us know about the problem and the new Pidgin release.

Sat Jun 20 12:49:02 CDT 2009
testing/packages/bash-4.0.024-i486-1.txz: Upgraded.
testing/packages/mesa-7.4.3-i486-1.txz: Upgraded.

Sat Jun 20 00:10:23 CDT 2009
x/mesa-7.4.1-i486-2.txz: Rebuilt. The software rasterizer was missing
again. Thanks to Mark Post for catching the omission.