Slackware-12.0 ChangeLog (2011-05-25)
Wed May 25 20:03:16 UTC 2011
Packages
Upgraded
- patches/packages/apr-1.4.5-i486-1_slack12.0.tgz
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *) - patches/packages/apr-util-1.3.12-i486-1_slack12.0.tgz
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). - patches/packages/httpd-2.2.19-i486-1_slack12.0.tgz
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.