[A-193] New on ARMedslack-current
Page 1 of 1 • Share •
[A-193] New on ARMedslack-current
Oncle Jean on Wed Mar 10, 2010 4:38 pm
Wed Mar 10 09:57:53 UTC 2010
a/openssl-solibs-0.9.8m-arm-2.tgz: Rebuilt.
ap/cupsddk-1.2.3-arm-2.tgz: Removed.
The CUPS Driver Development Kit (DDK) is part of the main CUPS package now.
ap/hplip-3.10.2-arm-1.tgz: Upgraded.
n/httpd-2.2.15-arm-1.tgz: Upgraded.
This update addresses a few security issues.
mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations.
mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
when request headers indicate a request body is incoming; not a case of
HTTP_INTERNAL_SERVER_ERROR.
mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers.
[This is the most serious flaw, but does not affect Linux systems]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
(* Security fix *)
n/openssh-5.4p1-arm-1.tgz: Upgraded.
n/openssl-0.9.8m-arm-2.tgz: Rebuilt.
The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL.
This same fix appears in the latest upstream snapshots.
ftp://ftp.armedslack.org/armedslack/armedslack-current/ChangeLog.txt
Oncle Jean- Admin
- Posts: 8332
Join date: 2009-10-24
Age: 53
Location: Québec -
Similar topics» Current status
» Current weight! Goals!
» List Of Current Mods/Judges
» Current food crisis at the new campus
» My current activity- Traffic Court and Banks
» Current weight! Goals!
» List Of Current Mods/Judges
» Current food crisis at the new campus
» My current activity- Traffic Court and Banks
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum