ChangeLog for: 2010-03-08 21:49:02

ap/cupsddk-1.2.3-x86_64-2.txz:  Removed.
  The CUPS Driver Development Kit (DDK) is part of the main CUPS package now.
ap/hplip-3.10.2-x86_64-1.txz:  Upgraded.
n/httpd-2.2.15-x86_64-1.txz:  Upgraded.
  This update addresses a few security issues.
  mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
    by rejecting any client-initiated renegotiations.
  mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
    when request headers indicate a request body is incoming; not a case of
    HTTP_INTERNAL_SERVER_ERROR.
  mod_isapi: Do not unload an isapi .dll module until the request processing
    is completed, avoiding orphaned callback pointers.
    [This is the most serious flaw, but does not affect Linux systems]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
  (* Security fix *)
n/openssh-5.4p1-x86_64-1.txz:  Upgraded.