[FYI] slackware 13.37 x86 current changelog

vvoody

Thu Jul 14 21:34:41 UTC 2011
l/seamonkey-solibs-2.2-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
xap/mozilla-firefox-5.0.1-i486-1.txz:  Upgraded.
  I guess this is only a fix for Mac OS X, but it's still 0.0.1 better.  ;-)
xap/mozilla-thunderbird-5.0-i486-1.txz:  Upgraded.
  Thanks to dolphin77 for some hints about the ./configure options.
xap/seamonkey-2.2-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
+--------------------------+

vvoody

Fri Jul 29 18:22:40 UTC 2011
ap/screen-4.0.3-i486-3.txz:  Rebuilt.
  Use a larger buffer for the termtype variable to fix crashes with long
  names (e.g. rxvt-unicode-256color).
  Thanks to cteg.
l/libpng-1.4.8-i486-1.txz:  Upgraded.
  Upgraded to libpng-1.2.46 and libpng-1.4.8.
  Fixed uninitialized memory read in png_format_buffer()
  (Bug report by Frank Busse, related to CVE-2004-0421).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
  (* Security fix *)
n/dhcpcd-5.2.12-i486-1.txz:  Upgraded.
  Sanitize the host name provided by the DHCP server to insure that it does
  not contain any shell metacharacters.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996
  (* Security fix *)
n/samba-3.5.10-i486-1.txz:  Upgraded.
  Fixed cross-site request forgery and cross-site scripting vulnerability
  in SWAT (the Samba Web Administration Tool).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
  (* Security fix *)
+--------------------------+

vvoody

Fri Aug 12 23:20:00 UTC 2011
d/binutils-2.21.53.0.2-i486-1.txz:  Upgraded.
n/bind-9.7.4-i486-1.txz:  Upgraded.
  This BIND update addresses a couple of security issues:
  * named, set up to be a caching resolver, is vulnerable to a user
    querying a domain with very large resource record sets (RRSets)
    when trying to negatively cache the response. Due to an off-by-one
    error, caching the response could cause named to crash. [RT #24650]
    [CVE-2011-1910]
  * Change #2912 (see CHANGES) exposed a latent bug in the DNS message
    processing code that could allow certain UPDATE requests to crash
    named. [RT #24777] [CVE-2011-2464]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
  (* Security fix *)
+--------------------------+
Fri Aug 12 16:25:35 UTC 2011
ap/htop-0.9-i486-1.txz:  Added.
  Oops, this was missing on 32-bit.  Thanks to Willy Sudiarto Raharjo.
+--------------------------+
Fri Aug 12 00:29:11 UTC 2011
a/lilo-23.2-i486-1.txz:  Upgraded.
ap/htop-0.9-i486-1.txz:  Added.
  htop is an ncurses-based interactive process viewer.
  Thanks to Michal Dorocinski for the suggestion.
ap/sqlite-3.7.7.1-i486-1.txz:  Upgraded.
  Added options: -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_PARENTHESIS=1
e/emacs-23.3a-i486-1.txz:  Upgraded.
testing/packages/mozilla-firefox-6.0b5-i486-1.txz:  Added.
testing/packages/mozilla-thunderbird-6.0b3-i486-1.txz:  Added.
testing/packages/seamonkey-2.3b3-i486-1.txz:  Added.
testing/packages/seamonkey-solibs-2.3b3-i486-1.txz:  Added.
+--------------------------+

vvoody

Sun Aug 14 17:49:30 UTC 2011
n/wget-1.13-i486-1.txz:  Upgraded.
xap/mozilla-firefox-6.0-i486-1.txz:  Upgraded.
+--------------------------+

carptain

Thu Aug 25 09:10:45 UTC 2011
a/kernel-firmware-20110814git-noarch-1.txz:  Upgraded.
  Fetch the latest kernel firmware from git -- the stuff in the kernel sources
  is somewhat stale.
ap/soma-2.7.1-noarch-1.txz:  Added.
  Soma is a command line/dialog Internet radio player.
  Thanks to David Woodfall.
l/jre-6u27-i586-1.txz:  Upgraded.
n/php-5.3.8-i486-1.txz:  Upgraded.
  Security fixes vs. 5.3.6 (5.3.7 was not usable):
  Updated crypt_blowfish to 1.2. (CVE-2011-2483)
  Fixed crash in error_log(). Reported by Mateusz Kocielski
  Fixed buffer overflow on overlog salt in crypt().
  Fixed bug #54939 (File path injection vulnerability in RFC1867
  File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
  Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
  Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
  (* Security fix *)
extra/jdk-6/jdk-6u27-i586-1.txz:  Upgraded.
testing/packages/mozilla-firefox-7.0b1-i486-1.txz:  Added.
+--------------------------

vvoody

Tue Sep  6 16:53:43 UTC 2011
n/openssh-5.9p1-i486-1.txz:  Upgraded.
+--------------------------+
Tue Sep  6 00:15:03 UTC 2011
l/seamonkey-solibs-2.3.3-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
    http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
  (* Security fix *)
n/httpd-2.2.20-i486-1.txz:  Upgraded.
  SECURITY: CVE-2011-3192 (cve.mitre.org)
  core: Fix handling of byte-range requests to use less memory, to avoid
  denial of service. If the sum of all ranges in a request is larger than
  the original file, ignore the ranges and send the complete file.
  PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
  (* Security fix *)
xap/mozilla-firefox-6.0.2-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
    http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
  (* Security fix *)
xap/mozilla-thunderbird-6.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
    http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
  (* Security fix *)
xap/seamonkey-2.3.3-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
    http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
  (* Security fix *)
testing/packages/mozilla-firefox-7.0b4-i486-1.txz:  Upgraded.
+--------------------------+

ginkgo

Tue Oct 11 07:50:04 UTC 2011
a/file-5.09-i486-1.txz:  Upgraded.
l/seamonkey-solibs-2.4.1-i486-1.txz:  Upgraded.
n/httpd-2.2.21-i486-1.txz:  Upgraded.
  Respond with HTTP_NOT_IMPLEMENTED when the method is not
  recognized.  [Jean-Frederic Clere]  SECURITY: CVE-2011-3348
  Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
  PR 51748. [<lowprio20 gmail.com>]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
  (* Security fix *)
xap/mozilla-firefox-7.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-7.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.4.1-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
testing/packages/mozilla-firefox-8.0b2-i486-1.txz:  Upgraded.
+--------------------------+

vvoody

Tue Nov  8 04:07:49 UTC 2011
n/openssh-5.9p1-i486-2.txz:  Rebuilt.
  Upstream different timestamp, size, ChangeLog.  GPG verifies on both
  this newer one and what we had before (?).
xap/mozilla-firefox-8.0-i486-1.txz:  Upgraded.
+--------------------------+

vvoody

Sun Nov 27 03:37:52 UTC 2011
d/yasm-1.2.0-i486-1.txz:  Upgraded.
l/seamonkey-solibs-2.5-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
xap/mozilla-firefox-8.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-8.0-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.5-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
testing/packages/mozilla-firefox-9.0b3-i486-1.txz:  Upgraded.
+--------------------------+
Wed Nov 23 15:17:39 UTC 2011
d/make-3.82-i486-3.txz:  Rebuilt.
  Patched a free() crash when building Android.  Thanks to Troy Unrau.
  Fixed IA32 arch, package locations...  sorry
+--------------------------+
Tue Nov 22 15:23:55 UTC 2011
d/make-3.82-x86_64-3.txz:  Rebuilt.
  Patched a free() crash when building Android.  Thanks to Troy Unrau.
testing/packages/mozilla-firefox-9.0b2-i486-1.txz:  Upgraded.
+--------------------------+
Thu Nov 17 02:12:33 UTC 2011
n/bind-9.7.4_P1-i486-1.txz:  Upgraded.
        --- 9.7.4-P1 released ---
3218.   [security]      Cache lookup could return RRSIG data associated with
                        nonexistent records, leading to an assertion
                        failure. [RT #26590]
  (* Security fix *)
+--------------------------+
Sun Nov 13 16:03:06 UTC 2011
a/glibc-solibs-2.14.1-i486-2.txz:  Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-2.txz:  Rebuilt.
l/glibc-2.14.1-i486-2.txz:  Rebuilt.
  Merged ELF patches -- Matt Burgess <matthew_at_linuxfromscratch_dot_org>
l/glibc-i18n-2.14.1-i486-2.txz:  Rebuilt.
l/glibc-profile-2.14.1-i486-2.txz:  Rebuilt.
testing/packages/mozilla-firefox-9.0b1-i486-1.txz:  Added.
+--------------------------+
Fri Nov 11 18:58:21 UTC 2011
  Good 11-11-11, everyone!  Enjoy some fresh time.  
a/glibc-solibs-2.14.1-i486-1.txz:  Upgraded.
a/glibc-zoneinfo-2011i_2011n-noarch-1.txz:  Upgraded.
  New upstream homepage:  http://www.iana.org/time-zones
l/glibc-2.14.1-i486-1.txz:  Upgraded.
l/glibc-i18n-2.14.1-i486-1.txz:  Upgraded.
l/glibc-profile-2.14.1-i486-1.txz:  Upgraded.
+--------------------------+

vvoody

Tue Nov 29 00:09:21 UTC 2011
testing/packages/mozilla-thunderbird-9.0b2-i486-1.txz:  Upgraded.
+--------------------------+