ChangeLog for: 2013-07-16 22:18:56
a/kernel-generic-3.9.10-x86_64-1.txz: Upgraded.
a/kernel-huge-3.9.10-x86_64-1.txz: Upgraded.
a/kernel-modules-3.9.10-x86_64-1.txz: Upgraded.
ap/ddrescue-1.17-x86_64-1.txz: Upgraded.
ap/mc-4.8.9-x86_64-1.txz: Upgraded.
d/kernel-headers-3.9.10-x86-1.txz: Upgraded.
k/kernel-source-3.9.10-noarch-1.txz: Upgraded.
n/cyrus-sasl-2.1.23-x86_64-5.txz: Rebuilt.
Patched for new glibc crypt(). Thanks to mancha.
n/php-5.4.17-x86_64-1.txz: Upgraded.
This update fixes an issue where XML in PHP does not properly consider
parsing depth, which allows remote attackers to cause a denial of service
(heap memory corruption) or possibly have unspecified other impact via a
crafted document that is processed by the xml_parse_into_struct function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/source/config-testing-3.10.1/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.