Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-13.0 ChangeLog (2009-08-02) ====== ====== Sun Aug 2 16:25:44 CDT 2009 ====== ===== Packages ===== ==== Rebuilt. Added a symlink to isogrk4.ent ==== * [[slackware.13.0>ap/linuxdoc-tools-0.9.56-i486-5.txz]] \\ that fixes the problems that we mentioned earlier. \\ Thanks to Niels Horn for the help! ==== Upgraded ==== * [[slackware.13.0>d/git-1.6.4-i486-1.txz]] * [[slackware.13.0>n/httpd-2.2.12-i486-1.txz]] \\ This update fixes some security issues (from the CHANGES file): \\ *) SECURITY: CVE-2009-1891 (cve.mitre.org) \\ Fix a potential Denial-of-Service attack against mod_deflate or other \\ modules, by forcing the server to consume CPU time in compressing a \\ large file after a client disconnects. PR 39605. \\ [Joe Orton, Ruediger Pluem] \\ *) SECURITY: CVE-2009-1195 (cve.mitre.org) \\ Prevent the "Includes" Option from being enabled in an .htaccess \\ file if the AllowOverride restrictions do not permit it. \\ [Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton, \\ Ruediger Pluem, Jeff Trawick] \\ *) SECURITY: CVE-2009-1890 (cve.mitre.org) \\ Fix a potential Denial-of-Service attack against mod_proxy in a \\ reverse proxy configuration, where a remote attacker can force a \\ proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] \\ *) SECURITY: CVE-2009-1191 (cve.mitre.org) \\ mod_proxy_ajp: Avoid delivering content from a previous request which \\ failed to send a request body. PR 46949 [Ruediger Pluem] \\ *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) \\ The bundled copy of the APR-util library has been updated, fixing three \\ different security issues which may affect particular configurations \\ and third-party modules. \\ These last three CVEs were addressed in Slackware previously with an \\ update to new system apr and apr-util packages. \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 \\ (* Security fix *) * [[slackware.13.0>n/irssi-0.8.14-i486-1.txz]] {{tag>slackware changelog slackware-13.0 2009-08}} news/2009/08/02/slackware-13.0-changelog.txt Last modified: 6 months agoby Giuseppe Di Terlizzi Log In