ChangeLog for: 2013-02-08 04:57:05

a/elilo-3.14-x86_64-1.txz:  Added.
d/llvm-3.2-x86_64-3.txz:  Rebuilt.
  Fixed a few places where lib64 was hardcoded regardless of $ARCH.
  Thanks to Heinz Wiesinger.
l/sdl-1.2.15-x86_64-1.txz:  Upgraded.
  Upgraded to SDL-1.2.15, SDL_image-1.2.12, SDL_mixer-1.2.12,
  SDL_net-1.2.8, and SDL_ttf-2.0.11.
  Patched resizing and mouse clicking bugs.
n/curl-7.29.0-x86_64-1.txz:  Upgraded.
  When negotiating SASL DIGEST-MD5 authentication, the function
  Curl_sasl_create_digest_md5_message() uses the data provided from the
  server without doing the proper length checks and that data is then
  appended to a local fixed-size buffer on the stack.  This vulnerability
  can be exploited by someone who is in control of a server that a libcurl
  based program is accessing with POP3, SMTP or IMAP.  For applications
  that accept user provided URLs, it is also thinkable that a malicious
  user would feed an application with a URL to a server hosting code
  targeting this flaw.
  Affected versions: curl 7.26.0 to and including 7.28.1
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0249
  (* Security fix *)