Slackware-13.0 ChangeLog (2009-04-26)

Sun Apr 26 15:11:57 CDT 2009

a/cups-1.3.10-i486-1.tgz:
Upgraded to cups-1.3.10.
This fixes several security issues, including an integer overflow in the TIFF
decoder, a failure to properly verify the Host HTTP header, and several
problems with PDF handling (the new CUPS uses a wrapper rather than embedded
code taken from xpdf). These issues could result in a denial of service or
the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
(* Security fix *)
  • a/dialog-1.1_20080819-i486-2.tgz
    checkboxes and menuboxes 4. This fixes a bug where installer menus were
    taller than they needed to be, and in some cases filled the screen
    overwriting the information at the top.
  • a/pkgtools-12.34567890-noarch-4.tgz
    package extension (.tgz, .tbz, .tlz, .txz) is embedded somewhere in the
    directory path, or the package's name, version, or build number.
    Thanks to Erik Jan Tromp.
  • a/sysvinit-scripts-1.2-noarch-29.tgz
    {a,}quota.{group,user}.new from the top of filesystems that use quota. These
    can be created if quota is interrupted by a reboot or power failure and cause
    quotacheck at boot time to fail. Thanks to Erik Jan Tromp.
  • n/bitchx-1.1-i486-5.tgz
    BitchX has several known security flaws for which there are no known
    workarounds, and upstream progress seems to have stalled. Users should
    switch to a supported IRC client such as irssi.
    (* Security fix *)
    n/metamail-2.7-i486-3.tgz: Updated patch and recompiled.
    Moved fonts for mailto-hebrew to /usr/share/metamail/fonts/.
  • xap/xfractint-20.04p09-i486-1.tgz
    isolinux/initrd.img: Regenerated modules.dep to reflect the compressed kernel
    modules. Thanks to Piter Punk and Eric Hameleers.
    When formatting an ext3 partition, don't use '-j' (using mkfs.ext3 already
    takes care of that).
    Use the patched dialog to fix the formatting of the installer menus.
    testing/packages/bash-4.0.017-i486-1.tgz: Updated with upstream patches.
    usb-and-pxe-installers/usbboot.img: Same fixes as initrd.img.
  • news/2009/04/26/slackware-13.0-changelog.txt
  • Last modified: 4 years ago
  • by Giuseppe Di Terlizzi