Sun Mar 3 22:10:56 UTC 2013
ap/cdrtools-3.01a13-i486-1.txz: Upgraded.
l/apr-util-1.5.1-i486-1.txz: Upgraded.
n/httpd-2.4.4-i486-1.txz: Upgraded.
This update provides bugfixes and enhancements.
Two security issues are fixed:
* Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
[Jim Jagielski, Stefan Fritsch, Niels Heinen ]
* XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
Niels Heinen ]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
(* Security fix *)
n/php-5.4.12-i486-1.txz: Upgraded.
x/fontconfig-2.10.2-i486-3.txz: Rebuilt.
Applied patch from upstream git to fix 10-autohint.conf.