-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 cyrus-sasl (SSA:2009-134-01) New cyrus-sasl packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. A buffer overflow in the sasl_encode64() fu...
New cyrus-sasl packages are available for Slackware 10.2, 11.0, 12.0, 12.1,
12.2, and -current to fix a security issue. A buffer overflow in the
sasl_encode64() function could lead to a denial of service or possible
execution of arbitrary code.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
Here are the details from the Slackware 12.2 ChangeLog:
+--------------------------+
patches/packages/cyrus-sasl-2.1.23-i486-1_slack12.2.tgz:
Upgraded to cyrus-sasl-2.1.23.
This fixes a buffer overflow in the sasl_encode64() function that could lead
to crashes or the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 (* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Cleopatra: a Queen's Destiny available for Mac OS X
Index