Slackwarearm-14.0 ChangeLog (2011-06-13)
Mon Jun 13 17:50:15 UTC 2011
Packages
Rebuilt
- n/php-5.3.6-arm-3.tgz
Install missing /usr/bin/php-cgi.
Thanks to Michael Langfinger for the report.
Upgraded
- d/gcc-objc-4.5.3-arm-1.tgz
Added –enable-objc-gc option to enable Objective-C garbage collection.
Thanks to Luca De Pandis. - l/apr-1.4.5-arm-1.tgz
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *) - l/apr-util-1.3.12-arm-1.tgz
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). - n/bind-9.7.3_P1-arm-1.tgz
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won't validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *) - n/httpd-2.2.19-arm-1.tgz
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.