Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-12.0 ChangeLog (2010-12-24) ====== ====== Fri Dec 24 00:53:19 UTC 2010 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.12.0>patches/packages/php-5.2.16-i486-1_slack12.0.tgz]] \\ This fixes many bugs, including some security issues. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150 \\ (* Security fix *) * [[slackware.12.0>patches/packages/proftpd-1.3.3d-i486-1_slack12.0.tgz]] \\ This update fixes an unbounded copy operation in sql_prepare_where() that \\ could be exploited to execute arbitrary code. However, this only affects \\ servers that use the sql_mod module (which Slackware does not ship), and \\ in addition the ability to exploit this depends on an SQL injection bug \\ that was already fixed in proftpd-1.3.2rc2 (this according to upstream). \\ So in theory, this fix should only be of academic interest. \\ But in practice, better safe than sorry. \\ (* Security fix *) {{tag>slackware changelog slackware-12.0 2010-12}} news/2010/12/24/slackware-12.0-changelog.txt Last modified: 12 months agoby Giuseppe Di Terlizzi Log In