Repository 32bit  Forum
Repository 64bit  Wiki
Fri Dec 7 01:41:59 UTC 2012
patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded.
  IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to
  9.8.4_P1 since the 9.7 series is no longer supported. It is
  possible that some changes may be required to your local
  configuration.
  This release addresses some denial-of-service and other bugs.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868
  (* Security fix *)
patches/packages/libssh-0.5.3-i486-1_slack14.0.txz: Upgraded.
  This release fixes several security bugs.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4559
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4560
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4561
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4562
  (* Security fix *)
patches/packages/libxml2-2.8.0-i486-2_slack14.0.txz: Rebuilt.
  Patched a heap-based buffer underflow in the xmlParseAttValueComplex
  function in parser.c in libxml2 2.9.0 and earlier that could allow a
  remote attacker to cause a denial of service or possibly execute
  arbitrary code via crafted entities in an XML document.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
  (* Security fix *)
patches/packages/ruby-1.9.3_p327-i486-1_slack14.0.txz: Upgraded.
  This release fixes a hash-flooding DoS vulnerability and many other bugs.
  For more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5371
  (* Security fix *)
patches/packages/sqlite-3.7.14.1-i486-1_slack14.0.txz: Upgraded.
  This is a bugfix release.