Sunday, March 2, 2008

Security Fix: Thunderbird

Slackware Security team has managed to update Thunderbird to to sync with the latest version that comes up from Mozilla which is considered a security fix. Along with this updates, Slackware-Current also comes up with one update, Python, and several bug fixes, like in kdegraphics, lilo, and lm_sensors. Here's the latest -Current changelog:
Sat Mar 1 16:21:49 CST 2008
d/python-2.5.2-i486-1.tgz: Upgraded to Python-2.5.2.

kde/kdegraphics-3.5.9-i486-3.tgz: Patched with a fix for kdvi.

Upgraded to thunderbird-
This update fixes the following security related issues:
MFSA 2008-12: Heap buffer overflow in external MIME bodies
MFSA 2008-05: Directory traversal via chrome: URI
MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution
MFSA 2008-01: Crashes with evidence of memory corruption (rv:
For more information, see:
These are the related CVE entries:
(* Security fix *)

Sat Mar 1 12:59:58 CST 2008
a/lilo-22.8-i486-8.tgz: Fixed a bug using append= in the expert menu.
Thanks to Eric Hameleers for pointing it out.

ap/lm_sensors-2.10.5-i486-2.tgz: Fixed incorrect install path.