patches/packages/gnupg-1.4.15-i486-1_slack13.37.txz
Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
Protect against rogue keyservers sending secret keys.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
(* Security fix *)

patches/packages/gnupg2-2.0.22-i486-1_slack13.37.txz
Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
Protect against rogue keyservers sending secret keys.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
(* Security fix *)

patches/packages/libgpg-error-1.11-i486-1_slack13.37.txz
This package upgrade was needed by the new version of gnupg2.

patches/packages/gnutls-2.10.5-i486-2_slack13.37.txz
[Updated to the correct version to fix fetching the “latest” from gnu.org]
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
Other minor security issues are patched as well.
Thanks to mancha for backporting these patches.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116
(* Security fix *)

patches/packages/xorg-server-1.9.5-i486-3_slack13.37.txz
Patched a use-after-free bug that can cause an X server crash or
memory corruption.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396
(* Security fix *)

patches/packages/xorg-server-xephyr-1.9.5-i486-3_slack13.37.txz

patches/packages/xorg-server-xnest-1.9.5-i486-3_slack13.37.txz

patches/packages/xorg-server-xvfb-1.9.5-i486-3_slack13.37.txz