Slackware-12.2 ChangeLog (2009-06-16)
Mon Jun 15 22:14:45 CDT 2009
Packages
Upgraded
- patches/packages/apr-1.3.5-i486-1_slack12.2.tgz
- patches/packages/apr-util-1.3.7-i486-1_slack12.2.tgz
Fix underflow in apr_strmatch_precompile.
Fix a denial of service attack against the apr_xml_* interface
using the “billion laughs” entity expansion technique.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
(* Security fix *)
patches/packages/mozilla-firefox-3.0.11-i686-1.tgz:
Upgraded to firefox-3.0.11.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
(* Security fix *)