Sunday, October 18, 2009

Security Updates: Pidgin + GnuTLS

Two security updates has been released today which are Pidgin and GnuTLS. Special for Pidgin, it has been upgraded to 2.6.3, but without vv support, as there are no libnice and farsight2 available on -Current which are the requirements to enable vv (voice and video) support on Pidgin 2.6.3.

Along with those updates, several packages also gets recompiled and upgraded too. Here's the latest changes in -Current changelog:
Sat Oct 17 23:56:15 UTC 2009
a/hdparm-9.27-i486-1.txz: Upgraded.

ap/hplip-3.9.4b-i486-3.txz: Rebuilt.

ap/linuxdoc-tools-0.9.56-i486-6.txz: Rebuilt.
Recompiled against perl-5.10.1.

ap/mysql-5.1.39-i486-2.txz: Rebuilt.
Added --with-innodb option. This was omitted from the last package version since ./configure --help no longer lists --with-innodb or --without-innodb, but evidently the option is still supported (and needed).
Thanks to Amritpal Bath.

d/git-1.6.5-i486-1.txz: Upgraded.
Compiled against perl-5.10.1.

d/subversion-1.6.5-i486-1.txz: Upgraded.
Compiled against perl-5.10.1.

l/pilot-link-0.12.3-i486-10.txz: Rebuilt.
Recompiled against perl-5.10.1.

l/shared-mime-info-0.70-i486-1.txz: Upgraded.

n/gnutls-2.8.4-i486-1.txz: Upgraded.
This contains a correct fix for the NUL in CN/SAN SSL vulnerability.
For more information, see:
(* Security fix *)

n/irssi-0.8.14-i486-2.txz: Rebuilt.
Recompiled against perl-5.10.1.

n/net-snmp-5.5-i486-1.txz: Upgraded.

n/obexftp-0.23-i486-2.txz: Rebuilt.
Recompiled against perl-5.10.1.

n/php-5.2.11-i486-2.txz: Rebuilt.
Changed a ./configure option from --with-pdo-sqlite=shared to --with-pdo-sqlite=shared,/usr to use the system sqlite library.
Thanks to Jeff MacLoue.

n/samba-3.4.2-i486-2.txz: Rebuilt.
Fixed missing and
Thanks to oneforall.

xap/imagemagick-6.5.6_10-i486-1.txz: Upgraded.
Compiled against perl-5.10.1.

xap/pidgin-2.6.3-i486-1.txz: Upgraded.
This update fixes an issue where a remote user can cause libpurple-based clients to crash.
For more information, see:
(* Security fix *)