This is an old revision of the document!
Slackware-14.1 ChangeLog (2012-12-07)
Fri Dec 7 01:41:59 UTC 2012
Packages
Upgraded
- d/ruby-1.9.3_p327-i486-1.txz (Security fix)
- l/libssh-0.5.3-i486-1.txz (Security fix)
- n/bind-9.9.2_P1-i486-1.txz (Security fix)
Rebuilt
- l/libxml2-2.8.0-i486-2.txz (Security fix)
ChangeLog
Fri Dec 7 01:41:59 UTC 2012
ap/sqlite-3.7.14.1-i486-1.txz: Upgraded.
This is a bugfix release.
d/ruby-1.9.3_p327-i486-1.txz: Upgraded.
This release fixes a hash-flooding DoS vulnerability and many other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5371
(* Security fix *)
l/libssh-0.5.3-i486-1.txz: Upgraded.
This release fixes several security bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4562
(* Security fix *)
l/libxml2-2.8.0-i486-2.txz: Rebuilt.
Patched a heap-based buffer underflow in the xmlParseAttValueComplex
function in parser.c in libxml2 2.9.0 and earlier that could allow a
remote attacker to cause a denial of service or possibly execute
arbitrary code via crafted entities in an XML document.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
(* Security fix *)
n/bind-9.9.2_P1-i486-1.txz: Upgraded.
This release addresses some denial-of-service and other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868
https://kb.isc.org/article/AA-00829
(* Security fix *)
Giuseppe Di Terlizzi