Slackware64-13.1 ChangeLog (2011-05-25)
Wed May 25 20:03:16 UTC 2011
Packages
Upgraded
- patches/packages/apr-1.4.5-x86_64-1_slack13.1.txz
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *) - patches/packages/apr-util-1.3.12-x86_64-1_slack13.1.txz
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). - patches/packages/httpd-2.2.19-x86_64-1_slack13.1.txz
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.