Thu Aug 30 23:35:53 UTC 2012
patches/packages/glibc-2.13-i486-6_slack13.37.txz: Rebuilt.
Patched multiple integer overflows in the strtod, strtof, strtold, and
strtod_l functions in stdlib in the GNU C Library allow local users to
cause a denial of service (application crash) and possibly execute
arbitrary code via a long string, which triggers a stack-based buffer
overflow.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480
(* Security fix *)
patches/packages/glibc-i18n-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-profile-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-solibs-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-zoneinfo-2.13-noarch-6_slack13.37.txz: Rebuilt.
patches/packages/mozilla-firefox-15.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
patches/packages/mozilla-thunderbird-15.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
patches/packages/seamonkey-2.12-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.12-i486-1_slack13.37.txz: Upgraded.
patches/packages/slocate-3.1-i486-4_slack13.37.txz: Rebuilt.
Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Thanks to Mancha+.
Patched to fix information leak of filenames in protected directories.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227
(* Security fix *)