Slackware-12.1 ChangeLog (2008-03-01)
Sat Mar 1 16:21:49 CST 2008
Packages
Upgraded to Python-2.5.2
- d/python-2.5.2-i486-1.tgz
Patched with a fix for kdvi
- kde/kdegraphics-3.5.9-i486-3.tgz
xap/mozilla-thunderbird-2.0.0.12-i686-1.tgz:
Upgraded to thunderbird-2.0.0.12.
This update fixes the following security related issues:
MFSA 2008-12: Heap buffer overflow in external MIME bodies
MFSA 2008-05: Directory traversal via chrome: URI
MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution
MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12)
For more information, see:
http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
These are the related CVE entries:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
(* Security fix *)
Sat Mar 1 12:59:58 CST 2008
a/lilo-22.8-i486-8.tgz: Fixed a bug using append= in the expert menu.
Thanks to Eric Hameleers for pointing it out.
ap/lm_sensors-2.10.5-i486-2.tgz: Fixed incorrect install path.
Giuseppe Di Terlizzi