ChangeLog for: 2011-03-18 06:49:19
a/kernel-firmware-2.6.37.4-noarch-2.txz: Rebuilt.
a/kernel-generic-2.6.37.4-x86_64-2.txz: Rebuilt.
a/kernel-huge-2.6.37.4-x86_64-2.txz: Rebuilt.
a/kernel-modules-2.6.37.4-x86_64-2.txz: Rebuilt.
a/usbutils-002-x86_64-1.txz: Upgraded.
d/cmake-2.8.4-x86_64-1.txz: Upgraded.
d/kernel-headers-2.6.37.4-x86-2.txz: Rebuilt.
k/kernel-source-2.6.37.4-noarch-2.txz: Rebuilt.
Reconfigured to add Firewire and FireDTV modules.
Thanks to Gregory J. L. Tourte for pointing out that the old IEEE1394
firewire stack is gone in 2.6.37.
l/libraw1394-2.0.7-x86_64-1.txz: Upgraded.
n/php-5.3.6-x86_64-1.txz: Upgraded.
This release of PHP fixes several security issues:
Enforce security in the fastcgi protocol parsing with fpm SAPI.
Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
Fixed bug #54055 (buffer overrun with high values for precision ini setting).
Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive).
(CVE-2011-0421)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153
(* Security fix *)
x/libX11-1.4.2-x86_64-1.txz: Upgraded.
x/xf86-input-wacom-0.10.11-x86_64-1.txz: Upgraded.
x/xf86-video-ati-6.14.1-x86_64-1.txz: Upgraded.
x/xorg-server-1.9.5-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.9.5-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.9.5-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.9.5-x86_64-1.txz: Upgraded.
xap/gnuplot-4.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-4.0rc1-x86_64-1.txz: Upgraded.
It is time to push this into the main tree. It's unlikely that we'll see
significant changes prior to Firefox 4.0 final. Probably the first security
fixes for the Firefox 4.0 branch will come with Firefox 4.0.1, which is the
branch that we'll want to be tracking in Slackware 13.37's /patches. If for
some reason you want to stick with Firefox 3.6.x, it will be tracked in
Slackware 13.1's /patches for as long as they support it upstream.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
testing/source/linux-2.6.38-configs/: Added some example .config files.
usb-and-pxe-installers/usbboot.img: Rebuilt.