Wednesday, April 29, 2009

Security Update: Mozilla Firefox

Today, the kernel stock in -Current branch are upgraded to use 2.6.29.2. Along with these kernel updates, there is also one security update, Mozilla Firefox which is now 3.0.10. OpenSSH has been upgraded to 5.2p1 too. Here are the latest -Current changelog:
Tue Apr 28 17:00:14 CDT 2009
a/kernel-firmware-2.6.29.2-noarch-1.tgz: Upgraded to Linux 2.6.29.2 firmware.

a/kernel-generic-2.6.29.2-i486-1.tgz: Upgraded to Linux 2.6.29.2.

a/kernel-generic-smp-2.6.29.2_smp-i686-1.tgz: Upgraded to Linux 2.6.29.2.

a/kernel-huge-2.6.29.2-i486-1.tgz: Upgraded to Linux 2.6.29.2.

a/kernel-huge-smp-2.6.29.2_smp-i686-1.tgz: Upgraded to Linux 2.6.29.2.

a/kernel-modules-2.6.29.2-i486-1.tgz: Upgraded to Linux 2.6.29.2 modules.

a/kernel-modules-smp-2.6.29.2_smp-i686-1.tgz: Upgraded to Linux 2.6.29.2 modules.

a/openssl-solibs-0.9.8k-i486-2.tgz: Patched to advertise TLS extensions only with TLS. Thanks to Fred Emmott.

a/pkgtools-12.34567890-noarch-5.tgz: Fixed a bug in installpkg where a bad extension on the first package would cause subsequent package installs to fail. Thanks to Jason Detring.

d/kernel-headers-2.6.29.2_smp-x86-1.tgz: Upgraded to Linux 2.6.29.2 headers.

k/kernel-source-2.6.29.2_smp-noarch-1.tgz: Upgraded to Linux 2.6.29.2 source.

n/openssh-5.2p1-i486-1.tgz: Upgraded to openssh-5.2p1.

n/openssl-0.9.8k-i486-2.tgz: Patched to advertise TLS extensions only with TLS. Thanks to Fred Emmott.

xap/mozilla-firefox-3.0.10-i686-1.tgz: Upgraded to firefox-3.0.10.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
(* Security fix *)

extra/linux-2.6.29.2-nosmp-sdk/: Regenerated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Rebuilt with newly compiled kernel modules.

kernels/*: Rebuilt.

usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.