Recent Features
| |||||||||||||||||||
Slackware alert SSA:2009-098-02 (php)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] php (SSA:2009-098-02) New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/php-5.2.9-i486-1_slack12.2.tgz: Upgraded to php-5.2.9. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/extr... Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patc... Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patc... Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patc... Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/s... MD5 signatures: +-------------+ Slackware 11.0 package: 0f37384585ba9b364f1fcf3260ed934a php-5.2.9-i486-1_slack11.0.tgz Slackware 12.0 package: b959206d13d76f58ef92489f569b7ff8 php-5.2.9-i486-1_slack12.0.tgz Slackware 12.1 package: bab5d4abc502a0a5dc1831943a5fd1a7 php-5.2.9-i486-1_slack12.1.tgz Slackware 12.2 package: e3c82331a09e0edb6be009e57b2569c9 php-5.2.9-i486-1_slack12.2.tgz Slackware -current package: af4de16b609b4e797dd0fc0a9f4c84d8 php-5.2.9-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg php-5.2.9-i486-1_slack12.2.tgz Then, restart the web server. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkncPn8ACgkQakRjwEAQIjN5ygCfSg28wC1Amj3xkS6zH92w7CHV rNMAoI0yld07taufyf/35u0TwJQn4fz8 =qm+L -----END PGP SIGNATURE----- (Log in to post comments)
|
|||||||||||||||||||