[A-642] New on Slackware-current

Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-i486-1.txz: Upgraded.
Fixed a memory allocation error in texttops.
Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote attacker to reconfigure or disable CUPS if a CUPS admin logged into the web interface visited a specially-crafted website.
Fixed a bug where uninitialized memory from the cupsd process could reveal sensitive information.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
(* Security fix *)
d/ccache-3.0-i486-1.txz: Upgraded.
d/gdb-7.1-i486-2.txz: Rebuilt.
Added --with-python=no to fix errors about missing backtrace.py, which is not yet in stable glib. Thanks to David Woodfall.
l/imlib-1.9.15-i486-7.txz: Rebuilt.
This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-i486-1.txz: Upgraded.
n/bind-9.7.1-i486-1.txz: Upgraded.
This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
and checking is disabled (CD).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
(* Security fix *)
Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-i686-1.txz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)
xap/mozilla-thunderbird-3.1-i686-1.txz: Upgraded.
(* Security fix *)
xap/seamonkey-2.0.5-i486-1.txz: Upgraded.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
(* Security fix *)

Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-x86_64-1.txz: Upgraded.
Fixed a memory allocation error in texttops.
Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote attacker to reconfigure or disable CUPS if a CUPS admin logged into the web interface visited a specially-crafted website.
Fixed a bug where uninitialized memory from the cupsd process could reveal sensitive information.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
(* Security fix *)
d/ccache-3.0-x86_64-1.txz: Upgraded.
d/gdb-7.1-x86_64-2.txz: Rebuilt.
Added --with-python=no to fix errors about missing backtrace.py, which is not yet in stable glib. Thanks to David Woodfall.
l/imlib-1.9.15-x86_64-7.txz: Rebuilt.
This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-x86_64-1.txz: Upgraded.
n/bind-9.7.1-x86_64-1.txz: Upgraded.
This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
(* Security fix *)
Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-x86_64-1.txz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)
xap/mozilla-thunderbird-3.1-x86_64-1.txz: Upgraded.
(* Security fix *)
xap/seamonkey-2.0.5-x86_64-1.txz: Upgraded.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
(* Security fix *)