ChangeLog for: 2010-12-24 01:53:19

a/acpid-2.0.7-x86_64-1.txz:  Upgraded.
a/dbus-1.4.1-x86_64-1.txz:  Upgraded.
a/lvm2-2.02.79-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.6-x86_64-2.txz:  Rebuilt.
  Properly handle module options.  Thanks to crocket.
l/freetype-2.4.4-x86_64-1.txz:  Upgraded.
n/bluez-4.81-x86_64-1.txz:  Upgraded.
n/php-5.3.4-x86_64-1.txz:  Upgraded.
  This fixes many bugs, including some security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2950
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3710
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4409
  (* Security fix *)
n/proftpd-1.3.3d-x86_64-1.txz:  Upgraded.
  This update fixes an unbounded copy operation in sql_prepare_where() that
  could be exploited to execute arbitrary code.  However, this only affects
  servers that use the sql_mod module (which Slackware does not ship), and
  in addition the ability to exploit this depends on an SQL injection bug
  that was already fixed in proftpd-1.3.2rc2 (this according to upstream).
  So in theory, this fix should only be of academic interest.
  But in practice, better safe than sorry.
  (* Security fix *)