Tuesday, February 10, 2009

Security Update: wicd

wicd package has been upgraded to fix security problems found in D-BUS configuration which can lead to local information disclosure. Along with this update, another updates come along in -Current changelog, most of it are in /testing for KDE 4 packages.

Here is the latest -Current changelog:
Mon Feb 9 16:03:32 CST 2009
ap/cdrtools-2.01.01a57-i486-1.tgz: Upgraded to cdrtools-2.01.01a57.
Also, fixed a build script error so that the utilities look for locale files in the correct directory. Thanks to Krasimir Kazakov for the bug report.
Anyone who had problems with k3b previously should upgrade this package.

extra/wicd/wicd-1.5.9-noarch-1.tgz: Upgraded to wicd-1.5.9.
This fixes a security problem with the D-Bus configuration file that allows local users to intercept D-Bus messages, possibly including wireless network credentials.
For more information, see:
(* Security fix *)

testing/packages/kde4/deps/eigen2-r922425-i486-1.tgz: Upgraded to eigen2-r922425.

testing/packages/kde4/kde/kdelibs-4.2.0-i486-2.tgz: Added bugfix patches from SVN: r917170, r918403, r918654, r918838.

testing/packages/kde4/kde/kdevelop-3.9.91-i486-1.tgz: Upgraded to kdevelop-3.9.91.

testing/packages/kde4/kde/kdevplatform-0.9.91-i486-1.tgz: Upgraded to kdevplatform-0.9.91.

testing/packages/kde4/kde/koffice- Upgraded to koffice-

testing/packages/kde4/kde-l10n/koffice-l10n-*- Upgraded to koffice- l10n packages.