ChangeLog for: 2011-07-29 19:22:40
ap/screen-4.0.3-x86_64-3.txz: Rebuilt.
Use a larger buffer for the termtype variable to fix crashes with long
names (e.g. rxvt-unicode-256color).
Thanks to cteg.
l/libpng-1.4.8-x86_64-1.txz: Upgraded.
Upgraded to libpng-1.2.46 and libpng-1.4.8.
Fixed uninitialized memory read in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
(* Security fix *)
n/dhcpcd-5.2.12-x86_64-1.txz: Upgraded.
Sanitize the host name provided by the DHCP server to insure that it does
not contain any shell metacharacters.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996
(* Security fix *)
n/samba-3.5.10-x86_64-1.txz: Upgraded.
Fixed cross-site request forgery and cross-site scripting vulnerability
in SWAT (the Samba Web Administration Tool).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
(* Security fix *)