Skip to main content

Security Updates: Firefox and Apr-Util

Just less than three hours from my previous posting, the security update for Firefox has been released along with apr-util and also other packages as well. The aaa-base package has been bumped to 13.0. New package which has been added in x86_64 (tightvnc) has also makes its way on i386 arch. Way to go Slackware 13.0 cool

Here's the latest -Current changelog:
Tue Jun 16 17:50:30 CDT 2009
a/aaa_base-13.0-noarch-1.txz: Rebuilt. Updated slackware-version.

a/e2fsprogs-1.41.6-i486-1.txz: Upgraded.

a/ed-1.3-i486-1.txz: Upgraded.

a/file-5.03-i486-1.txz: Upgraded.

a/findutils-4.4.2-i486-1.txz: Upgraded.

a/jfsutils-1.1.14-i486-1.txz: Upgraded.

a/ntfs-3g-2009.4.4-i486-1.txz: Upgraded.

a/usbutils-0.82-i486-1.txz: Upgraded.

a/xfsprogs-3.0.1-i486-1.txz: Upgraded.

ap/dmapi-2.2.10-i486-1.txz: Upgraded.

ap/man-pages-3.21-noarch-1.txz: Upgraded.

ap/sqlite-3.6.14.2-i486-1.txz: Upgraded.

ap/xfsdump-3.0.1-i486-1.txz: Upgraded.

d/git-1.6.3.2-i486-1.txz: Upgraded.

d/m4-1.4.13-i486-1.txz: Upgraded.

d/subversion-1.6.2-i486-1.txz: Upgraded. Thanks to Robby Workman and Vincent Batts for work done on enabling the bindings for Python, perl, and Ruby.

kde/kdelibs-4.2.4-i486-2.txz: Rebuilt. Patched popupapplet.cpp to fix plasmaboard, a virtual keyboard for plasma.

l/apr-1.3.5-i486-1.txz: Upgraded.

l/apr-util-1.3.7-i486-1.txz: Upgraded.
Fix underflow in apr_strmatch_precompile.
Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
(* Security fix *)

l/neon-0.28.4-i486-1.txz: Upgraded.

l/sdl-1.2.13-i486-4.txz: Upgraded. Use SDL_image-1.2.7, and compile SDL without esd, as linking to esd breaks audio within VirtualBox. Thanks to Luigi Trovato for the bug report. Also, compile without arts support.

l/seamonkey-solibs-1.1.16-i486-2.txz: Added. This is a subset of the shared libraries from the seamonkey package used for runtime support of programs (such as rpm) on machines without X, or applications for X.

n/bluez-utils-3.36-i486-6.txz: Rebuilt. Edited rc.bluetooth to start hidd before any other bluetooth service. This avoids an address conflict that can cause devices to fail to reconnect if the connection is lost.
Thanks to Heinz Wiesinger.

n/iptables-1.4.3.2-i486-1.txz: Upgraded.

n/iw-0.9.14-i486-1.txz: Upgraded.

n/lftp-3.7.14-i486-1.txz: Upgraded.

xap/mozilla-firefox-3.0.11-i686-1.txz:
Upgraded to firefox-3.0.11.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
(* Security fix *)

xap/seamonkey-1.1.16-i486-2.txz: Rebuilt.

xap/xfce4-power-manager-0.6.6-i486-1.txz: Upgraded.

xap/xine-lib-1.1.16.3-i686-6.txz: Rebuilt. Use i686 arch, not i486.

extra/tightvnc/tightvnc-1.3.10-i486-1.txz: Added.

Popular posts from this blog

Running Rsync Via Proxy

One way to get the latest Slackware updates is by running rsync to syncronize your local repository and the main repository that hold the Slackware packages. Eric Hameleers has provided a great script called rsync_current.sh and how i modified this tool has been discussed on my previous post. In general, it works, except for one problem, when your computer is connecting to the Internet through a proxy.

My workstation at my office is connected to the Internet through a proxy, so i can't use normal rsync to work normally. I browsed the web and i found this site which tells us about how we should modify our squid configuration to allow rsync connection from any computer from our local networks. I asked my sysadmin to try this script. He agreed and he updated the squid configuration on the proxy.

Next, i need to update my environment variable RSYNC_PROXY to the host of the proxy and also the port. Let's say you are running a proxy on 192.168.1.1 and port 8080, then you need to run …

NVidia Legacy Unix Driver Update

NVidia has released an updated legacy drivers to support X.Org 1.19 with ABI 23. It has been mentioned in the UNIX drivers, but you can directly find the drivers from the links below:
NVidia 304.134 (x86x86_64)NVidia 340.101 (x86, x86_64) I have tested the 304.134 driver and it's working great here. I can finally remove x from my /etc/slackpkg/blacklist file since it's a showstopper for me.
Aside from legacy driver, NVidia has also released their latest driver 375.26 (x86, x86_64), which brings support for newer cards and also many new features (including X.Org 1.19 with ABI 23 support). 

Security Update: firefox, irssi, pidgin

Three security updates were released for today:
firefox: Upgraded to 45.4.0esr for 14.1 and 14.2 and 49.0 for currentirssi: Upgraded to 0.8.20pidgin: Upgraded to 2.10.11, 2.10.12, and 2.11.0 for all stable Slackware releases depending on their support Some minor update in current:
mkinitrd: Add dmsetup supportemacs: Upgraded to 25.1qt: Fix multilib issue network-scripts: Fix minor issue