-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[sflack-security] libexif (SFSA:2007-164-01)
New libexif packages are available for Sflack 11.0, and -current to
fix a crash and potential security issue.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
l/libexif-0.6.16-x86_64-1_sflack11.0.tgz: Upgraded to libexif-0.6.16.
An integer overflow in libexif can crash applications that use the library
on malformed images. The upstream advisory indicates that this flaw could
also be used to execute arbitrary code in the context of the user, but no
exploit is known (by us) to exist among iDefense's researchers or in the
wild. But, as a crash bug and heap overflow one must suppose that the
possibility exists.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/libexif-0.6.16-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/l/libexif-0.6.16-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
117467bb62d05832a7a4781a24246b4a libexif-0.6.16-x86_64-1_sflack11.0.tgz
Sflack -current package:
6740da65122e2d71fd07199d7b10532b libexif-0.6.16-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg libexif-0.6.16-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGcTKYw79R6/xskD8RAt3sAKCbEVmGn+R9U4QWoQb9jmAQTwOQDwCgj2F1
WwJiHuevLUxYMS/Aeq3rIKI=
=GVYi
-----END PGP SIGNATURE-----
Autore: Vincenzo Ingrosso
[sflack-security] firefox-seamonkey (SFSA:2007-152-02)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[sflack-security] firefox-seamonkey (SFSA:2007-152-02)
New mozilla-firefox and seamonkey packages are available for Sflack
11.0, and -current to fix security issues.
More details about this issue may be found at these links:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox2-2.0.0.4-x86_64-1_sflack11.0.tgz:
Upgraded to firefox-2.0.0.4.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
patches/packages/seamonkey-1.1.2-x86_64-1_sflack11.0.tgz:
Upgraded to seamonkey-1.1.2.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated packages for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/mozilla-firefox2-2.0.0.4-x86_64-1_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/seamonkey-1.1.2-x86_64-1_sflack11.0.tgz
Updated packages for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/xap/mozilla-firefox-2.0.0.4-x86_64-1.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/xap/seamonkey-1.1.2-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 packages:
9f4ec6c31b3f9d8473fd74e6813ebcdb mozilla-firefox2-2.0.0.4-x86_64-1_sflack11.0.tgz
81e1d4dadb8d9724bcde46488ff9ae18 seamonkey-1.1.2-x86_64-1_sflack11.0.tgz
Sflack -current packages:
453dbe15f298320f8a8bc59a8651456f mozilla-firefox-2.0.0.4-x86_64-1.tgz
d77957d3e3b2a3ca5003fad5037f9c01 seamonkey-1.1.2-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg mozilla-firefox2-2.0.0.4-x86_64-1_sflack11.0.tgz seamonkey-1.1.2-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGYtN/w79R6/xskD8RAnIbAJ9NdsrWEM/VBsmNFX+Hh3wMagGL6wCg7ruf
GiE5jj4b0y/DyhY4sgqO9AM=
=0Ul9
-----END PGP SIGNATURE-----
[sflack-security] php (SFSA:2007-152-01)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[sflack-security] php (SFSA:2007-152-01)
New php packages are available for Sflack 11.0, and -current to
fix security issues.
More details about the issues affecting Sflack's PHP may be found in
the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
One CVE-issued vulnerability (CVE-2007-1887) does not affect Sflack as
we do not ship an unbundled sqlite2 library.
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/php-5.2.3-x86_64-1_sflack11.0.tgz:
Upgraded to php-5.2.3.
Here's some basic information about the release from php.net:
"This release continues to improve the security and the stability of the
5.X branch as well as addressing two regressions introduced by the
previous 5.2 releases. These regressions relate to the timeout handling
over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in
certain conditions. All users are encouraged to upgrade to this release."
For more complete information, see:
http://www.php.net/releases/5_2_3.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/php-5.2.3-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/n/php-5.2.3-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
f10ce6b7c0aab99dd2a1fb07dc97d6b9 php-5.2.3-x86_64-1_slack11.0.tgz
Sflack -current package:
725ab8a585540033d5299cfb042be2ea php-5.2.3-x86_64-1.tgz
Installation instructions:
+------------------------+
First, stop apache:
# apachectl stop
Next, upgrade to the new PHP package:
# upgradepkg php-5.2.3-x86_64-1_sflack11.0.tgz
Finally, restart apache:
# apachectl start (or: apachectl startssl)
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGYs3cw79R6/xskD8RAmwoAJ44N8yma9b3pNN+G+tD88JhxapWjACg4U23
GwBGX52l82+2uFvc35WCT+4=
=GLEI
-----END PGP SIGNATURE-----
[sflack-security] libpng (SFSA:2007-136-01)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[sflack-security] libpng (SFSA:2007-136-01)
New libpng packages are available for Sflack 11.0,
and -current to fix a security issue.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/libpng-1.2.18-x86_64-1_sflack11.0.tgz:
Upgraded to libpng-1.2.18.
A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some
libpng applications. This vulnerability has been assigned the identifiers
CVE-2007-2445 and CERT VU#684664.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/libpng-1.2.18-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/l/libpng-1.2.18-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
9fbdd2ccfd3c35a14bf4d17517190b1d libpng-1.2.18-x86_64-1_sflack11.0.tgz
Sflack -current package:
84d55b396a7e169ca5d86ba72c7b558b libpng-1.2.18-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg libpng-1.2.18-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGTAR0w79R6/xskD8RAgsKAJ9rGmwVBhrhQjWFzvLAj90XW3cCOACg7AHs
8yNUQvewOx0QRGYG6K0vkoI=
=fJww
-----END PGP SIGNATURE-----
Previous message:
[sflack-security] samba (SFSA:2007-134-01)
[sflack-security] samba (SFSA:2007-134-01)
New samba packages are available for Sflack 11.0,
and -current to fix security issues.
More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/samba-3.0.25-x86_64-1_sflack11.0.tgz:
Upgraded to samba-3.0.25.
Security Fixes included in the Samba 3.0.25 release are:
o CVE-2007-2444
Versions: Samba 3.0.23d - 3.0.25pre2
Local SID/Name translation bug can result in
user privilege elevation
o CVE-2007-2446
Versions: Samba 3.0.0 - 3.0.24
Multiple heap overflows allow remote code execution
o CVE-2007-2447
Versions: Samba 3.0.0 - 3.0.24
Unescaped user input parameters are passed as
arguments to /bin/sh allowing for remote command
execution
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.slackware.com/pub/sflack/sflack-11.0/patches/packages/samba-3.0.25-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/n/samba-3.0.25-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
351366cdc0fd0b6527fa1d3b054a2be8 samba-3.0.25-x86_64-1_sflack11.0.tgz
Sflack -current package:
208c2e51282ed2b8f3f098ba8efcefbb samba-3.0.25-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg samba-3.0.25-x86_64-1_sflack11.0.tgz
Restart samba:
# /etc/rc.d/rc.samba restart
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
[sflack-security] php (SFSA:2007-127-01)
[sflack-security] php (SFSA:2007-127-01)
New php packages are available for Sflack 11.0, and -current
to improve the stability and security of PHP. Quite a few bugs were
fixed -- please see http://www.php.net for a detailed list.
All sites that use PHP are encouraged to upgrade. Please note that
we haven't tested all PHP applications for backwards compatibility
with this new upgrade, so you should have the old package on hand
just in case.
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/php-5.2.2-x86_64-1_sflack11.0.tgz:
Upgraded to php-5.2.2.
This fixes bugs and improves security.
For more details, see:
http://www.php.net/releases/5_2_2.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated packages for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/php-5.2.2-x86_64-1_sflack11.0.tgz
Updated packages for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/n/php-5.2.2-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 packages:
f6b7f27ebc1e7ad95298b860b3ae6ab6 php-5.2.2-x86_64-1_sflack11.0.tgz
Sflack -current packages:
471ab8dab1ea61f727586051d574e13d php-5.2.2-x86_64-1.tgz
Installation instructions:
+------------------------+
First, stop apache:
# apachectl stop
Next, upgrade to the new PHP package:
# upgradepkg php-5.2.2-x86_64-1_sflack11.0.tgz
Finally, restart apache:
# apachectl start (or: apachectl startssl)
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
[sflack-security] xine-lib (SFSA:2007-109-02)
[sflack-security] xine-lib (SFSA:2007-109-02)
New xine-lib packages are available for Sflack 11.0,
and -current to fix security issues.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
Upgraded to xine-lib-1.1.6.
This fixes overflows in xine-lib in some little-used media formats in
xine-lib < 1.1.5 and other bugs in xine-lib < 1.1.6. The overflows in
xine-lib < 1.1.5 could definitely cause an application using xine-lib to
crash, and it is theorized that a malicious media file could be made to run
arbitrary code in the context of the user running the application.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Also see the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/xine-lib-1.1.6-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/xap/xine-lib-1.1.6-x86_64-2.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
f762c063da1efa8b3868304331f6f508 xine-lib-1.1.6-x86_64-1_sflack11.0.tgz
Sflack -current package:
ad3fa3c169074d83abf65d63d8dca095 xine-lib-1.1.6-x86_64-2.tgz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg xine-lib-1.1.6-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com
[sflack-security] freetype (SFSA:2007-109-01)
[sflack-security] freetype (SFSA:2007-109-01)
New x11 and/or freetype and fontconfig packages are available for
Sflack 11.0, and -current to fix security issues in freetype.
Freetype was packaged with X11 prior to Sflack version 11.0.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/freetype-2.3.4-x86_64-1_sflack11.0.tgz:
Fixed an overflow parsing BDF fonts.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Also see the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated packages for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/fontconfig-2.4.2-x86_64-1_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/freetype-2.3.4-x86_64-1_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/x11-7.1-x86_64-3_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/x11-devel-7.1-x86_64-3_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/x11-xdmx-7.1-x86_64-3_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/x11-xnest-7.1-x86_64-3_sflack11.0.tgz
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/x11-xvfb-7.1-x86_64-3_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/l/freetype-2.3.4-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 packages:
c1c5b8b10a7f751b8424902c2ea4c448 fontconfig-2.4.2-x86_64-1_sflack11.0.tgz
57685b28062b07a84b1a5f97ad3ec02d freetype-2.3.4-x86_64-1_sflack11.0.tgz
d338e3793691bfe7d54b57792412183a x11-7.1-x86_64-3_sflack11.0.tgz
52122e5f3b3e33d3d4850840d129ba77 x11-devel-7.1-x86_64-3_sflack11.0.tgz
3d315e5bbac4a2a8999d45f0876c6c88 x11-xdmx-7.1-x86_64-3_sflack11.0.tgz
20c2ad2a7b7142a0d6f3ae41bae0c68d x11-xnest-7.1-x86_64-3_sflack11.0.tgz
63175566c24bb907128e1cd230eac513 x11-xvfb-7.1-x86_64-3_sflack11.0.tgz
Sflack -current package:
e37bde7696812341354b94fef81e4b91 freetype-2.3.4-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg fontconfig-2.4.2-x86_64-1_sflack11.0.tgz
freetype-2.3.4-x86_64-1_sflack11.0.tgz x11-7.1-x86_64-3_sflack11.0.tgz
x11-devel-7.1-x86_64-3_sflack11.0.tgz
x11-xdmx-7.1-x86_64-3_sflack11.0.tgz
x11-xnest-7.1-x86_64-3_sflack11.0.tgz
x11-xvfb-7.1-x86_64-3_sflack11.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security a sflack.com
[sflack-security] qt (SFSA:2007-093-03)
[sflack-security] qt (SFSA:2007-093-03)
New qt packages are available for Sflack 11.0, and -current to
fix a security issue.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/qt-3.3.8-x86_64-1_sflack11.0.tgz:
Patched an issue where the Qt UTF 8 decoder may in some instances fail to
reject overlong sequences, possibly allowing "/../" path injection or XSS
errors.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/qt-3.3.8-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/l/qt-3.3.8-x86_64-3.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
8beb35bec98076228cfa2bae96f0bfdd qt-3.3.8-x86_64-1_sflack11.0.tgz
Sflack -current package:
17c491c24c05b854e20fc98fe2584744 qt-3.3.8-x86_64-3.tgz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg qt-3.3.8-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security a sflack.com
[sflack-security] ktorrent (SFSA:2007-093-02)
[sflack-security] ktorrent (SFSA:2007-093-02)
New ktorrent packages are available for Sflack 11.0 and -current to
fix security issues.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385
Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/ktorrent-2.1.3-x86_64-1_sflack11.0.tgz:
Upgraded to ktorrent-2.1.3.
A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may
allow remote attackers to overwrite the ktorrent user's files. A bug in
chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash
ktorrent and cause heap corruption by the use of an invalid idx value.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.
Updated package for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/ktorrent-2.1.3-x86_64-1_sflack11.0.tgz
Updated package for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/extra/ktorrent/ktorrent-2.1.3-x86_64-1.tgz
MD5 signatures:
+-------------+
Sflack 11.0 package:
19c157eb9c4e55b97e8ccd673e37d7bb ktorrent-2.1.3-x86_64-1_sflack11.0.tgz
Sflack -current package:
30a773bcff7cbf85ce0389953f75e63b ktorrent-2.1.3-x86_64-1.tgz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg ktorrent-2.1.3-x86_64-1_sflack11.0.tgz
+-----+
Sflack Linux Security Team
http://sflack.com/gpg-key
security a sflack.com