Sun Aug  9 00:29:51 EDT 2009
patches/packages/bind-9.4.3_P3-s390-1_slack10.0.tgz:  Upgraded.
  This BIND update fixes a security problem where a specially crafted
  dynamic update message packet will cause named to exit resulting in
  a denial of service.
  An active remote exploit is in wide circulation at this time.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
    https://www.isc.org/node/479
  (* Security fix *)
patches/packages/dhcp-3.1.2p1-s390-1_slack10.0.tgz:  Upgraded.
  A stack overflow vulnerability was fixed in dhclient that could allow
  remote attackers to execute arbitrary commands as root on the system,
  or simply terminate the client, by providing an over-long subnet-mask
  option.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
  (* Security fix *)
patches/packages/fetchmail-6.3.11-s390-1_slack10.0.tgz:  Upgraded.
  This update fixes an SSL NUL prefix impersonation attack through NULs in a
  part of a X.509 certificate's CommonName and subjectAltName fields.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
  (* Security fix *)
patches/packages/samba-3.0.36-s390-1_slack10.0.tgz:  Upgraded.
  This is a bugfix release.

+--------------------------+
Sat Jun 27 15:58:28 EDT 2009
patches/packages/samba-3.0.35-s390-1_slack10.0.tgz:
  This upgrade fixes the following security issue:
  o CVE-2009-1888:
    In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
    data value can potentially affect access control when "dos filemode"
    is set to "yes".
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
  (* Security fix *)
patches/packages/libpng-1.2.37-s390-1_slack10.0.tgz:  Upgraded.
  This update fixes a possible security issue.  Jeff Phillips discovered an
  uninitialized-memory-read bug affecting interlaced images that may have
  security implications.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
  (* Security fix *)

+--------------------------+
Sun Jun  7 18:07:00 EDT 2009
patches/packages/ntp-4.2.2p3-s390-1_slack10.0.tgz:
  Patched a stack-based buffer overflow in the cookedprint function in
  ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code
  execution by a malicious remote NTP server.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
  (* Security fix *)

+--------------------------+
Fri May 29 15:29:47 EDT 2009
patches/packages/xpdf-3.02pl3-s390-1_slack10.0.tgz:
  Upgraded to xpdf-3.02pl3.
  This update fixes several overflows that may result in crashes or the
  execution of arbitrary code as the xpdf user.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
(* Security fix *)

+--------------------------+
Tue Apr 28 15:28:06 EDT 2009
patches/packages/lcms-1.18-s390-1_slack10.0.tgz:  Upgraded to lcms-1.18.
  This update fixes security issues discovered in LittleCMS by Chris Evans.
  These flaws could cause program crashes (denial of service) or the execution
  of arbitrary code as the user of the lcms-linked program.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
  (* Security fix *)

+--------------------------+
Mon Mar 23 05:07:51 EDT 2009
patches/packages/apache-1.3.41-s390-1_slack10.0.tgz:
  Upgraded to apache-1.3.41, the last regular release of the
  Apache 1.3.x series, and a security bugfix-only release.
  For more information about the security issues fixed, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
  (* Security fix *)
patches/packages/bind-9.3.6_P1-s390-1_slack10.0.tgz:
  Upgraded to bind-9.3.6-P1.
  Fixed checking on return values from OpenSSL's EVP_VerifyFinal and
  DSA_do_verify functions to prevent spoofing answers returned from zones using
  the DNSKEY algorithms DSA and NSEC3DSA.
  For more information, see:
    https://www.isc.org/node/373
    http://www.ocert.org/advisories/ocert-2008-016.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
  (* Security fix *)
patches/packages/bzip2-1.0.5-s390-1_slack10.0.tgz:  Upgraded to bzip2-1.0.5.
  Previous versions of bzip2 contained a buffer overread error that could cause
  applications linked to libbz2 to crash, resulting in a denial of service.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
  (* Security fix *)
patches/packages/cups-1.1.21-s390-2_slack10.0.tgz:
  Patched cups-1.1.21.
  Errors in ipp.c may allow a remote attacker to crash CUPS resulting
  in a denial of service.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
  (* Security fix *)
patches/packages/curl-7.12.2-s390-3_slack10.0.tgz:
  Patched curl-7.12.2.
  This fixes a security issue where automatic redirection could be made to
  follow file:// URLs, reading or writing a local instead of remote file.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
  (* Security fix *)
patches/packages/dnsmasq-2.45-s390-1_slack10.0.tgz:
  Upgraded to dnsmasq-2.45.
  It was discovered that earlier versions of dnsmasq have DNS cache
  weaknesses that are similar to the ones recently discovered in BIND.
  This new release minimizes the risk of cache poisoning.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
  (* Security fix *)
patches/packages/fetchmail-6.3.8-s390-1_slack10.0.tgz:
  Patched to fix a possible denial of service when "-v -v" options are used.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
  (* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-11_slack10.0.tgz:
  Upgraded to tzdata2008h for the latest world timezone changes.
patches/packages/libpng-1.2.35-s390-1_slack10.0.tgz:
  Upgraded to libpng-1.2.35.
  This fixes multiple memory-corruption vulnerabilities due to a failure to
  properly initialize data structures.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
    ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt
  (* Security fix *)
patches/packages/libxml2-2.6.32-s390-1_slack10.0.tgz:
  Upgraded to libxml2-2.6.32 and patched.
  This fixes vulnerabilities including denial of service, or possibly the
  execution of arbitrary code as the user running a libxml2 linked application
  if untrusted XML content is parsed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
  (* Security fix *)
patches/packages/m4-1.4.11-s390-1_slack10.0.tgz:  Upgraded to m4-1.4.11.
  In addition to bugfixes and enhancements, this version of m4 also fixes two
  issues with possible security implications.  A minor security fix with the
  use of "maketemp" and "mkstemp" -- these are now quoted to prevent the
  (rather unlikely) possibility that an unquoted string could match an
  existing macro causing operations to be done on the wrong file.  Also,
  a problem with the '-F' option (introduced with version 1.4) could cause a
  core dump or possibly (with certain file names) the execution of arbitrary
  code.  For more information on these issues, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
  (* Security fix *)
patches/packages/mod_ssl-2.8.31_1.3.41-s390-1_slack10.0.tgz:
  Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41.
patches/packages/ntp-4.2.4p6-s390-1_slack10.0.tgz:
  [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value.
  For more information, see:
    https://lists.ntp.org/pipermail/announce/2009-January/000055.html
    http://www.ocert.org/advisories/ocert-2008-016.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
  (* Security fix *)
patches/packages/openssh-5.0p1-s390-1_slack10.0.tgz:
  Upgraded to openssh-5.0p1.
  This version fixes a security issue where local users could hijack forwarded
  X connections.  Upgrading to the new package is highly recommended.
  For more information on this security issue, please see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
  (* Security fix *)
patches/packages/rsync-2.6.9-s390-1_slack10.0.tgz:
  Patched some security bugs.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
    http://lists.samba.org/archive/rsync-announce/2007/000050.html
  (* Security fix *)
patches/packages/samba-3.0.33-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.33.
  This package fixes an important barrier against rogue clients reading from
  uninitialized memory (though no proof-of-concept is known to exist).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
  (* Security fix *)
patches/packages/xine-lib-1.1.11.1-s390-3_slack10.0.tgz:
  Recompiled, with --without-speex (we didn't ship the speex library in
  Slackware anyway, but for reference this issue would be CVE-2008-1686),
  and with --disable-nosefart (the recently reported as insecurely
  demuxed NSF format).  As before in -2, this package fixes the two
  regressions mentioned in the release notes for xine-lib-1.1.12:
    http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
  (* Security fix *)
patches/packages/xpdf-3.02pl2-s390-1_slack10.0.tgz:
  Upgraded to xpdf-3.02pl2.
  The pl2 patch fixes a crash in xpdf.
  Some theorize that this could be used to execute arbitrary code if an
  untrusted PDF file is opened, but no real-world examples are known (yet).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
  (* Security fix *)

+--------------------------+
Mon Sep 24 00:36:56 EDT 2007
patches/packages/bind-9.2.8_P1-s390-1_slack10.0.tgz:
  Upgraded to bind-9.2.8_P1 to fix a security issue.
  The query IDs in BIND9 prior to BIND 9.2.8-P1 are cryptographically weak.
  For more information on this issue, see:
    http://www.isc.org/index.pl?/sw/bind/bind-security.php
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
  (* Security fix *)
patches/packages/openssh-4.7p1-s390-1_slack10.0.tgz:
  Upgraded to openssh-4.7p1.
  From the OpenSSH release notes:
  "Security bugs resolved in this release:  Prevent ssh(1) from using a
  trusted X11 cookie if creation of an untrusted cookie fails; found and
  fixed by Jan Pechanec."
  While it's fair to say that we here at Slackware don't see how this could
  be leveraged to compromise a system, a) the OpenSSH people (who presumably
  understand the code better) characterize this as a security bug, b) it has
  been assigned a CVE entry, and c) OpenSSH is one of the most commonly used
  network daemons.  Better safe than sorry.
  More information should appear here eventually:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
  (* Security fix *)
patches/packages/samba-3.0.26a-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.26a.
  This fixes a security issue in all Samba 3.0.25 versions:
  "Incorrect primary group assignment for domain users using the rfc2307
   or sfu winbind nss info plugin."
  For more information, see:
    http://www.samba.org/samba/security/CVE-2007-4138.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
  (* Security fix *)
patches/packages/tcpdump-3.9.7-s390-1_slack10.0.tgz:
  Upgraded to libpcap-0.9.7, tcpdump-3.9.7.
  This new version fixes an integer overflow in the BGP dissector which
  could possibly allow remote attackers to crash tcpdump or to execute
  arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
  (* Security fix *)
patches/packages/xpdf-3.02pl1-s390-1_slack10.0.tgz:
  Upgraded to xpdf-3.02pl1.  This fixes an integer overflow that could possibly
  be leveraged to run arbitrary code if a malicious PDF file is processed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
  (* Security fix *)

+--------------------------+
Sun May 27 15:00:40 EDT 2007
patches/packages/libpng-1.2.18-s390-1_slack10.0.tgz:
  Upgraded to libpng-1.2.18.
  A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some
  libpng applications.  This vulnerability has been assigned the identifiers
  CVE-2007-2445 and CERT VU#684664.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
  (* Security fix *)
patches/packages/samba-3.0.25a-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.25a.  This fixes some major (non-security) bugs in
  samba-3.0.25.  See the WHATSNEW.txt for details.
patches/packages/xine-lib-1.1.6-s390-1_slack10.0.tgz:
  Upgraded to xine-lib-1.1.6.
  This fixes overflows in xine-lib in some little-used media formats in
  xine-lib < 1.1.5 and other bugs in xine-lib < 1.1.6.  The overflows in
  xine-lib < 1.1.5 could definitely cause an application using xine-lib to
  crash, and it is theorized that a malicious media file could be made to run
  arbitrary code in the context of the user running the application.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
  (* Security fix *)

+--------------------------+
Wed May 16 13:36:34 EDT 2007
patches/packages/samba-3.0.25-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.25.
  Security Fixes included in the Samba 3.0.25 release are:
  o CVE-2007-2444
        Versions: Samba 3.0.23d - 3.0.25pre2
        Local SID/Name translation bug can result in
        user privilege elevation
  o CVE-2007-2446
        Versions: Samba 3.0.0 - 3.0.24
        Multiple heap overflows allow remote code execution
  o CVE-2007-2447
        Versions: Samba 3.0.0 - 3.0.24
        Unescaped user input parameters are passed as
        arguments to /bin/sh allowing for remote command
        execution
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
  (* Security fix *)

+--------------------------+
Wed Apr  4 13:33:38 EDT 2007
patches/packages/file-4.20-s390-1_slack10.0.tgz:
  Upgraded to file-4.20.
  This fixes a heap overflow that could allow code to be executed as the
  user running file (note that there are many scenarios where file might be
  used automatically, such as in virus scanners or spam filters).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
  (* Security fix *)

+--------------------------+
Tue Apr  3 20:30:03 EDT 2007
patches/packages/bind-9.2.8-s390-1_slack10.0.tgz:
  Upgraded to bind-9.2.8.  This update fixes two denial of service
  vulnerabilities where an attacker could crash the name server with
  specially crafted malformed data.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
  (* Security fix *)
patches/packages/fetchmail-6.3.6-s390-1_slack10.0.tgz:
  Upgraded to fetchmail-6.3.6.  This fixes two security issues.  First, a bug
  introduced in fetchmail-6.3.5 could cause fetchmail to crash.  However,
  no stable version of Slackware ever shipped fetchmail-6.3.5.  Second, a long
  standing bug (reported by Isaac Wilcox) could cause fetchmail to send a
  password in clear text or omit using TLS even when configured otherwise.
  All fetchmail users are encouraged to consider using getmail, or to upgrade
  to the new fetchmail packages.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
  (* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-7_slack10.0.tgz:
  Updated with tzdata2007b for impending Daylight Savings Time
  changes in the US.
patches/packages/gnupg-1.4.7-s390-1_slack10.0.tgz:  Upgraded to gnupg-1.4.7.
  This fixes a security problem that can occur when GnuPG is used incorrectly.
  Newer versions attempt to prevent such misuse.
  For more information, see:
    http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
  (* Security fix *)
patches/packages/samba-3.0.24-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.24.  From the WHATSNEW.txt file:
    "Important issues addressed in 3.0.24 include:
     o Fixes for the following security advisories:
       - CVE-2007-0452 (Potential Denial of Service bug in smbd)
       - CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
         NSS library on Solaris)
       - CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)"
  Samba is Slackware is vulnerable to the first issue, which can cause smbd
  to enter into an infinite loop, disrupting Samba services.  Linux is not
  vulnerable to the second issue, and Slackware does not ship the afsacl.so
  VFS plugin (but it's something to be aware of if you build Samba with
  custom options).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
  (* Security fix *)

+--------------------------+
Thu Mar 15 01:48:14 EDT 2007
patches/packages/bind-9.2.8-s390-1_slack10.0.tgz:
  Upgraded to bind-9.2.8.  This update fixes two denial of service
  vulnerabilities where an attacker could crash the name server with
  specially crafted malformed data.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
  (* Security fix *)
patches/packages/fetchmail-6.3.6-s390-1_slack10.0.tgz:
  Upgraded to fetchmail-6.3.6.  This fixes two security issues.  First, a bug
  introduced in fetchmail-6.3.5 could cause fetchmail to crash.  However,
  no stable version of Slackware ever shipped fetchmail-6.3.5.  Second, a long
  standing bug (reported by Isaac Wilcox) could cause fetchmail to send a
  password in clear text or omit using TLS even when configured otherwise.
  All fetchmail users are encouraged to consider using getmail, or to upgrade
  to the new fetchmail packages.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
  (* Security fix *)
patches/packages/glibc-zoneinfo-2.3.2-noarch-7_slack10.0.tgz:
  Updated with tzdata2007b for impending Daylight Savings Time
  changes in the US.
patches/packages/gnupg-1.4.7-s390-1_slack10.0.tgz:  Upgraded to gnupg-1.4.7.
  This fixes a security problem that can occur when GnuPG is used incorrectly.
  Newer versions attempt to prevent such misuse.
  For more information, see:
    http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
  (* Security fix *)
patches/packages/samba-3.0.24-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.24.  From the WHATSNEW.txt file:
    "Important issues addressed in 3.0.24 include:
     o Fixes for the following security advisories:
       - CVE-2007-0452 (Potential Denial of Service bug in smbd)
       - CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
         NSS library on Solaris)
       - CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)"
  Samba is Slackware is vulnerable to the first issue, which can cause smbd
  to enter into an infinite loop, disrupting Samba services.  Linux is not
  vulnerable to the second issue, and Slackware does not ship the afsacl.so
  VFS plugin (but it's something to be aware of if you build Samba with
  custom options).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
  (* Security fix *)

+--------------------------+
Sun Jan 14 22:30:33 EST 2007
patches/packages/gnupg-1.4.6-s390-1_slack10.0.tgz:
  Upgraded to gnupg-1.4.6.  This release fixes a severe and exploitable
  bug in earlier versions of gnupg.  All gnupg users should update to the
  new packages as soon as possible.  For details, see the information
  concerning CVE-2006-6235 posted on lists.gnupg.org:
    http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
  This update also addresses a more minor security issue possibly
  exploitable when GnuPG is used in interactive mode.  For more information
  about that issue, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
  (* Security fix *)
patches/packages/libpng-1.2.14-s390-1_slack10.0.tgz:
  Upgraded to libpng-1.2.14.  This fixes a bug where a specially crafted PNG
  file could crash applications that use libpng.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
  (* Security fix *)
patches/packages/proftpd-1.3.0a-s390-1_slack10.0.tgz:
  Upgraded to proftpd-1.3.0a plus an additional security patch.  Several
  security issues were found in proftpd that could lead to the execution of
  arbitrary code by a remote attacker, including one in mod_tls that does
  not require the attacker to be authenticated first.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
  (* Security fix *)
patches/packages/tar-1.16-s390-1_slack10.0.tgz:
  Upgraded to tar-1.16.
  This fixes an issue where files may be extracted outside of the current
  directory, possibly allowing a malicious tar archive, when extracted, to
  overwrite any of the user's files (in the case of root, any file on the
  system).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
  (* Security fix *)
patches/packages/xine-lib-1.1.3-s390-1_slack10.0.tgz:
  Upgraded to xine-lib-1.1.3 which fixes possible security problems
  such as a heap overflow in libmms and a buffer overflow in the
  Real Media input plugin.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200
  (* Security fix *)

+--------------------------+
Tue Nov 14 23:39:49 EST 2006
patches/packages/bind-9.2.6_P2-s390-1_slack10.0.tgz:
  Upgraded to bind-9.2.6-P2.  This fixes some security issues related to
  previous fixes in OpenSSL.  The minimum OpenSSL version was raised to
  OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws
  in older versions (these patches were already issued for Slackware).  If you
  have not upgraded yet, get those as well to prevent a potentially exploitable
  security problem in named.  In addition, the default RSA exponent was changed
  from 3 to 65537.  RSA keys using exponent 3 (which was previously BIND's
  default) will need to be regenerated to protect against the forging
  of RRSIGs.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
  (* Security fix *)

+--------------------------+
Sat Nov  4 21:52:29 EST 2006
patches/packages/screen-4.0.3-s390-1_slack10.0.tgz:  Upgraded to screen-4.0.3.
  This addresses an issue with the way screen handles UTF-8 character encoding
  that could allow screen to be crashed (or possibly code to be executed in the
  context of the screen user) if a specially crafted sequence of pseudo-UTF-8
  characters are displayed withing a screen session.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573
  (* Security fix *)
patches/packages/qt-3.3.3-s390-2_slack10.0.tgz:  Patched.
  This fixes an issue with Qt's handling of pixmap images that causes Qt linked
  applications to crash if a specially crafted malicious image is loaded.
  Inspection of the code in question makes it seem unlikely that this could
  lead to more serious implications (such as arbitrary code execution), but it
  is recommended that users upgrade to the new Qt package.
  For more information, see:
    http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
  (* Security fix *)

+--------------------------+
Sat Sep 30 00:02:44 EDT 2006
patches/packages/openssl-0.9.7l-s390-1_slack10.0.tgz:
  Upgraded to shared libraries from openssl-0.9.7l.
  See openssl package update below.
  (* Security fix *)
patches/packages/openssh-4.4p1-s390-1_slack10.0.tgz:
  Upgraded to openssh-4.4p1.
  This fixes a few security related issues.  From the release notes found at
  http://www.openssh.com/txt/release-4.4:
    * Fix a pre-authentication denial of service found by Tavis Ormandy,
      that would cause sshd(8) to spin until the login grace time
      expired.
    * Fix an unsafe signal hander reported by Mark Dowd. The signal
      handler was vulnerable to a race condition that could be exploited
      to perform a pre-authentication denial of service. On portable
      OpenSSH, this vulnerability could theoretically lead to
      pre-authentication remote code execution if GSSAPI authentication
      is enabled, but the likelihood of successful exploitation appears
      remote.
    * On portable OpenSSH, fix a GSSAPI authentication abort that could
      be used to determine the validity of usernames on some platforms.
  Links to the CVE entries will be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
    After this upgrade, make sure the permissions on /etc/rc.d/rc.sshd are set
  the way you want them.  Future upgrades will respect the existing permissions
  settings.  Thanks to Manuel Reimer for pointing out that upgrading openssh
  would enable a previously disabled sshd daemon.
    Do better checking of passwd, shadow, and group to avoid adding
    redundant entries to these files.  Thanks to Menno Duursma.
  (* Security fix *)
patches/packages/openssl-0.9.7l-s390-1_slack10.0.tgz:
  Upgraded to openssl-0.9.7l.
  This fixes a few security related issues:
      During the parsing of certain invalid ASN.1 structures an error
    condition is mishandled.  This can result in an infinite loop which
    consumes system memory (CVE-2006-2937).  (This issue did not affect
    OpenSSL versions prior to 0.9.7)
    Thanks to Dr S. N. Henson of Open Network Security and NISCC.
      Certain types of public key can take disproportionate amounts of
    time to process. This could be used by an attacker in a denial of
    service attack (CVE-2006-2940).
    Thanks to Dr S. N. Henson of Open Network Security and NISCC.
      A buffer overflow was discovered in the SSL_get_shared_ciphers()
    utility function.  An attacker could send a list of ciphers to an
    application that uses this function and overrun a buffer.
    (CVE-2006-3738)
    Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
      A flaw in the SSLv2 client code was discovered. When a client
    application used OpenSSL to create an SSLv2 connection to a malicious
    server, that server could cause the client to crash (CVE-2006-4343).
    Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
  Links to the CVE entries will be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
  (* Security fix *)

+--------------------------+
Sat Sep 23 20:53:36 EDT 2006
patches/packages/gzip-1.3.5-s390-1_slack10.0.tgz:
  Upgraded to gzip-1.3.5, and fixed a variety of bugs.
  Some of the bugs have possible security implications if gzip or its tools are
  fed a carefully constructed malicious archive.  Most of these issues were
  recently discovered by Tavis Ormandy and the Google Security Team.  Thanks
  to them, and also to the ALT and Owl developers for cleaning up the patch.
  For further details about the issues fixed, please see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
  (* Security fix *)
patches/packages/openssl-0.9.7d-s390-3_slack10.0.tgz:  Patched an issue where
  it is possible to forge certain kinds of RSA signatures.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
patches/packages/openssl-solibs-0.9.7d-s390-3_slack10.0.tgz:  Patched an issue
  where it is possible to forge certain kinds of RSA signatures.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
  (* Security fix *)

+--------------------------+
Sat Sep 16 14:03:04 EDT 2006
patches/packages/libtiff-3.7.0-s390-1.tgz: Removed, since this was an older
  version than libtiff-3.8.2-s390-1_slack10.0.tgz

+--------------------------+
Sat Sep  9 21:32:02 EDT 2006
patches/packages/bind-9.2.6_P1-s390-1_slack10.0.tgz
  Upgraded to bind-9.2.6_P1.
  This update addresses a denial of service vulnerability.
  BIND's CHANGES file says this:
    2066.   [security]      Handle SIG queries gracefully. [RT #16300]
  The best discussion I've found is in FreeBSD's advisory, so here's a link:
    http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc
  Also, fixed some missing man pages.  (noticed by Xavier Thomassin -- thanks)
  (* Security fix *)
patches/packages/bootshell-1.3-s390-2.tgz:
  Rebuilt bootshell as static, not dynamic.  If your /usr file
  system isn't available, you still want to be able to log in
  to your system so you can fix it.  ;)

+--------------------------+
Sun Aug 27 14:04:47 EDT 2006
patches/packages/gnupg-1.4.5-s390-1_slack10.0.tgz:
  Upgraded to gnupg-1.4.5.
  From the gnupg-1.4.5 NEWS file:
    * Fixed 2 more possible memory allocation attacks.  They are
    similar to the problem we fixed with 1.4.4.  This bug can easily
    be be exploited for a DoS; remote code execution is not entirely
    impossible.
(* Security fix *)
patches/packages/libtiff-3.8.2-s390-1_slack10.0.tgz:
  Patched vulnerabilities in libtiff which were found by Tavis Ormandy of
  the Google Security Team.  These issues could be used to crash programs
  linked to libtiff or possibly to execute code as the program's user.
  A low risk command-line overflow in tiffsplit was also patched.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
  (* Security fix *)

+--------------------------+
Sun Aug  6 17:47:25 EDT 2006
slackware/n/iproute2-2.6.7-ss040608-s390-1.tgz: Built iproute2.  Not sure
  why this was never done before.

+--------------------------+
Sat Jul 29 17:46:17 EDT 2006
patches/packages/apache-1.3.37-s390-1_slack10.0.tgz:
  Upgraded to apache-1.3.37.
  From the announcement on httpd.apache.org:
    This version of Apache is security fix release only.  An off-by-one flaw
    exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3
    since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
  The Slackware Security Team feels that the vast majority of installations
  will not be configured in a vulnerable way but still suggests upgrading to
  the new apache and mod_ssl packages for maximum security.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
  And see Apache's announcement here:
    http://www.apache.org/dist/httpd/Announcement1.3.html
  (* Security fix *)
patches/packages/mod_ssl-2.8.28_1.3.37-s390-1_slack10.0.tgz:
  Upgraded to mod_ssl-2.8.28-1.3.37.
patches/packages/mutt-1.4.2.2i-s390-1_slack10.0.tgz:
  Upgraded to mutt-1.4.2.2i.
  This release fixes CVE-2006-3242, a buffer overflow that could be triggered
  by a malicious IMAP server.
  [Connecting to malicious IMAP servers must be common, right? -- Ed.]
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
  (* Security fix *)
patches/packages/samba-3.0.23-s390-2_slack10.0.tgz:
  Patched a problem in nsswitch/wins.c that caused crashes in the wins
  and/or winbind libraries.
  Thanks to Mikhail Kshevetskiy for pointing out the issue and offering
  a reference to the patch in Samba's source repository.
  Also, this version of Samba evidently created a new dependency on libdm.so
  (found in the xfsprogs package in non -current Slackware versions).  This
  additional dependency was not intentional, and has been corrected.
patches/packages/tcpip-0.17-s390-29c_slack10.0.tgz:
  Repatched the telnet client with the official OpenBSD patch that had
  already replaced the original security fix in Slackware 9.1, 10.2 and
  -current.  Thanks to Dragan Simic for reporting the issue, and my
  apologies for taking so long to address the insufficiencies of the
  original patch in Slackware 10.0 and 10.1.

+--------------------------+
Sun Jul 16 17:07:16 EDT 2006
patches/packages/samba-3.0.23-s390-1_slack10.0.tgz:
  Upgraded to samba-3.0.23.
  This fixes a minor memory exhaustion DoS in smbd.
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
  (* Security fix *)

+--------------------------+
Sun Jul  2 19:34:29 EDT 2006
patches/packages/arts-1.2.3-s390-2_slack10.0.tgz:
  Patched to fix a possible exploit if artswrapper is setuid root (which,
  by default, it is not) and the system is running a 2.6 kernel.
  Systems running 2.4 kernels are not affected.
  The official KDE security advisory may be found here:
    http://www.kde.org/info/security/advisory-20060614-2.txt
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
  (* Security fix *)
patches/packages/gnupg-1.4.4-s390-1_slack10.0.tgz:
  This version fixes a memory allocation issue that could allow an attacker to
  crash GnuPG creating a denial-of-service.
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
patches/packages/kdebase-3.2.3-s390-4_slack10.0.tgz:
  Patched a problem with kdm where it could be abused to read any file
  on the system.
  The official KDE security advisory may be found here:
    http://www.kde.org/info/security/advisory-20060614-1.txt
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449
  (* Security fix *)
patches/packages/samba-3.0.9-s390-2.tgz: Fixed a problem with the prototype
  that was causing /usr/lib/libsmbclient.so to not be included.

+--------------------------+
Thu Jun 15 13:46:39 EDT 2006
patches/packages/sendmail-8.13.7-s390-1_slack10.0.tgz:
  Upgraded to sendmail-8.13.7.
  Fixes a potential denial of service problem caused by excessive recursion
  leading to stack exhaustion when attempting delivery of a malformed MIME
  message.  This crashes sendmail's queue processing daemon, which in turn
  can lead to two problems:  depending on the settings, these crashed
  processes may create coredumps which could fill a drive partition; and
  such a malformed message in the queue will cause queue processing to
  cease when the message is reached, causing messages that are later in
  the queue to not be processed.
  Sendmail's complete advisory may be found here:
    http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
  Sendmail has also provided an FAQ about this issue:
    http://www.sendmail.com/security/advisories/SA-200605-01/faq.shtml
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
  (* Security fix *)
patches/packages/sendmail-cf-8.13.7-noarch-1_slack10.0.tgz:
  Upgraded to sendmail-8.13.7 configs.

+--------------------------+
Sat Jun 10 14:22:53 EDT 2006
patches/packages/apache-1.3.35-s390-2_slack10.0.tgz:
  Patched to fix totally broken Include behavior.
  Thanks to Francesco Gringoli for reporting this bug.
  Upgraded to apache-1.3.35.
  From the official announcement:
    Of particular note is that 1.3.35 addresses and fixes 1 potential
    security issue: CVE-2005-3352 (cve.mitre.org)
       mod_imap: Escape untrusted referer header before outputting in HTML
       to avoid potential cross-site scripting.  Change also made to
       ap_escape_html so we escape quotes.  Reported by JPCERT
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
  (* Security fix *)
patches/packages/mod_ssl-2.8.26_1.3.35-s390-1_slack10.0.tgz:
  Upgraded to mod_ssl-2.8.26-1.3.35.
  This is an updated version designed for Apache 1.3.35.
patches/packages/mozilla-1.7.13-s390-1.tgz:  Upgraded to mozilla-1.7.13.
  This upgrade fixes several possible security bugs.
  For more information, see:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla
  This release marks the end-of-life of the Mozilla 1.7.x series:
    http://developer.mozilla.org/devnews/index.php/2006/04/12/sunset-announcement-for-fxtb-10x-and-mozilla-suite-17x/
  Mozilla Corporation is recommending that users think about
  migrating to Firefox and Thunderbird.
  (* Security fix *)
patches/packages/mozilla-plugins-1.7.13-noarch-1.tgz:
  Updated for mozilla-1.7.13.
patches/packages/mysql-4.0.27-s390-1_slack10.0.tgz:
  Upgraded to mysql-4.0.27.
  This fixes some minor security issues with possible information leakage.
  Note that the information leakage bugs require that the attacker have
  access to an account on the database.  Also note that by default,
  Slackware's rc.mysqld script does *not* allow access to the database
  through the outside network (it uses the --skip-networking option).
  If you've enabled network access to MySQL, it is a good idea to filter
  the port (3306) to prevent access from unauthorized machines.
  For more details, see the MySQL 4.0.27 release announcement here:
    http://lists.mysql.com/announce/359
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
  (* Security fix *)

+--------------------------+
Sun Apr  2 20:29:00 EST 2006
patches/packages/fetchmail-6.3.2-s390-1.tgz:  Upgraded to fetchmail-6.3.2.
  Presumably this replaces all the known security problems with
  a batch of new unknown ones.  (fetchmail is improving, really ;-)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4348
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0321
  (* Security fix *)
patches/packages/gnupg-1.4.2.2-s390-1.tgz:  Upgraded to gnupg-1.4.2.2.
  There have been two security related issues reported recently with GnuPG.
  From the GnuPG 1.4.2.1 and 1.4.2.2 NEWS files:
    Noteworthy changes in version 1.4.2.2 (2006-03-08)
    * Files containing several signed messages are not allowed any
      longer as there is no clean way to report the status of such
      files back to the caller.  To partly revert to the old behaviour
      the new option --allow-multisig-verification may be used.
   Noteworthy changes in version 1.4.2.1 (2006-02-14)
    * Security fix for a verification weakness in gpgv.  Some input
      could lead to gpgv exiting with 0 even if the detached signature
      file did not carry any signature.  This is not as fatal as it
      might seem because the suggestion as always been not to rely on
      th exit code but to parse the --status-fd messages.  However it
      is likely that gpgv is used in that simplified way and thus we
      do this release.  Same problem with "gpg --verify" but nobody
      should have used this for signature verification without
      checking the status codes anyway.  Thanks to the taviso from
      Gentoo for reporting this problem.
  (* Security fix *)
patches/packages/kdegraphics-3.2.3-s390-2.tgz:  Patched integer and
  heap overflows in kpdf to fix possible security bugs with malformed
  PDF files.
  For more information, see:
    http://www.kde.org/info/security/advisory-20051207-2.txt
    http://www.kde.org/info/security/advisory-20060202-1.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301
  (* Security fix *)
patches/packages/kdelibs-3.2.3-s390-3.tgz:  Patched a heap overflow
  vulnerability in kjs, the JavaScript interpreter engine used by
  Konqueror and other parts of KDE.
  For more information, see:
    http://www.kde.org/info/security/advisory-20060119-1.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0019
  (* Security fix *)
patches/packages/openssh-4.3p1-s390-1.tgz:  Upgraded to openssh-4.3p1.
  This fixes a security issue when using scp to copy files that could
  cause commands embedded in filenames to be executed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
  (* Security fix *)
patches/packages/sendmail-8.13.6-s390-1.tgz:  Upgraded to sendmail-8.13.6.
  This new version of sendmail contains a fix for a security problem
  discovered by Mark Dowd of ISS X-Force.  From sendmail's advisory:
    Sendmail was notified by security researchers at ISS that, under some
    specific timing conditions, this vulnerability may permit a specifically
    crafted attack to take over the sendmail MTA process, allowing remote
    attackers to execute commands and run arbitrary programs on the system
    running the MTA, affecting email delivery, or tampering with other
    programs and data on this system.  Sendmail is not aware of any public
    exploit code for this vulnerability.  This connection-oriented
    vulnerability does not occur in the normal course of sending and
    receiving email.  It is only triggered when specific conditions are
    created through SMTP connection layer commands.
  Sendmail's complete advisory may be found here:
    http://www.sendmail.com/company/advisory/index.shtml
  The CVE entry for this issue may be found here:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
  (* Security fix *)
patches/packages/sendmail-cf-8.13.6-noarch-1.tgz:
  Upgraded to sendmail-8.13.6 configuration files.
patches/packages/sudo-1.6.8p12-s390-1.tgz:  Upgraded to sudo-1.6.8p12.
  This fixes an issue where a user able to run a Python script through sudo
  may be able to gain root access.
  IMHO, running any kind of scripting language from sudo is still not safe...
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0151
  (* Security fix *)
patches/packages/xpdf-3.01-s390-3.tgz:  Recompiled with xpdf-3.01pl2.patch to
  fix integer and heap overflows in xpdf triggered by malformed PDF files.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301
  (* Security fix *)

+--------------------------+
Fri Dec 16 13:35:00 EST 2005
patches/packages/curl-7.12.2-s390-1.tgz:  Patched.  This addresses a buffer
  overflow in libcurl's NTLM function that could have possible security
  implications.
  For more details, see:
    http://curl.haxx.se/docs/security.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
  (* Security fix *)
patches/packages/elm-2.5.8-s390-1.tgz:  Upgraded to elm2.5.8.
  This fixes a buffer overflow in the parsing of the Expires header that
  could be used to execute arbitrary code as the user running Elm.
  Thanks to Ulf Harnhammar for finding the bug and reminding me to get
  out updated packages to address the issue.
  A reference to the original advisory:
    http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html
patches/packages/lynx-2.8.5rel.5-s390-1.tgz:  Upgraded to lynx-2.8.5rel.5.
  Fixes an issue where the handling of Asian characters when using lynx to
  connect to an NNTP server (is this a common use?) could result in a buffer
  overflow causing the execution of arbitrary code.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120
  (* Security fix *)
patches/packages/mod_ssl-2.8.25_1.3.34-s390-1.tgz:
  Upgraded to mod_ssl-2.8.25-1.3.34.
patches/packages/wget-1.10.2-s390-1.tgz:  Upgraded to wget-1.10.2.
  This addresses a buffer overflow in wget's NTLM handling function that could
  have possible security implications.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
  (* Security fix *)

+--------------------------+
Fri Dec 16 03:18:00 EST 2005
patches/packages/imapd-4.64-s390-1.tgz:  Upgraded to imapd-4.64.
  A buffer overflow was reported in the mail_valid_net_parse_work function.
  However, this function in the c-client library does not appear to be called
  from anywhere in imapd.  iDefense states that the issue is of LOW risk to
  sites that allow users shell access, and LOW-MODERATE risk to other servers.
  I believe it's possible that it is of NIL risk if the function is indeed
  dead code to imapd, but draw your own conclusions...
  (* Security fix *)
patches/packages/koffice-1.3.1-s390-3.tgz:  Patched.
  Fixes a buffer overflow in KWord's RTF import discovered by Chris Evans.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2971
  (* Security fix *)
patches/packages/openssl-0.9.7d-s390-2.tgz:  Patched.
  Fixed a vulnerability that could, in rare circumstances, allow an attacker
  acting as a "man in the middle" to force a client and a server to negotiate
  the SSL 2.0 protocol (which is known to be weak) even if these parties both
  support SSL 3.0 or TLS 1.0.
  For more details, see:
    http://www.openssl.org/news/secadv_20051011.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
  (* Security fix *)
patches/packages/openssl-solibs-0.9.7d-s390-2.tgz:  Patched.
  (* Security fix *)
patches/packages/pine-4.64-s390-1.tgz:  Upgraded to pine-4.64.
patches/packages/x11-6.7.0-s390-3.tgz:  Patched a pixmap overflow issue.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495
  (* Security fix *)
patches/packages/x11-xnest-6.7.0-s390-3.tgz:  Patched and rebuilt.
patches/packages/x11-xprt-6.7.0-s390-3.tgz:  Patched and rebuilt.
patches/packages/x11-xvfb-6.7.0-s390-3.tgz:  Patched and rebuilt.
patches/packages/xine-lib-1.0.3a-s390-1.tgz:  Upgraded to xine-lib-1.0.3a.
  This fixes a format string bug where an attacker, if able to upload malicious
  information to a CDDB server and then get a local user to play a certain
  audio CD, may be able to run arbitrary code on the machine as the user
  running the xine-lib linked application.
  For more information, see:
    http://xinehq.de/index.php/security/XSA-2005-1
  (* Security fix *)

+--------------------------+
Thu Dec 15 03:14:00 EST 2005
patches/packages/apache-1.3.34-s390-1.tgz:  Upgraded to apache-1.3.34.
  Fixes this minor security bug:  "If a request contains both Transfer-Encoding
  and Content-Length headers, remove the Content-Length, mitigating some HTTP
  Request Splitting/Spoofing attacks."
  (* Security fix *)
patches/packages/dhcpcd-1.3.22pl4-s390-2.tgz:  Patched an issue where a
  remote attacker can cause dhcpcd to crash.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
  (* Security fix *)
patches/packages/gaim-1.5.0-s390-1.tgz:  Upgraded to gaim-1.5.0.
  This fixes some more security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370
  (* Security fix *)
patches/packages/kdebase-3.2.3-s390-3.tgz:  Patched a security bug in
  kcheckpass that could allow a local user to gain root privileges.
  For more information, see:
    http://www.kde.org/info/security/advisory-20050905-1.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494
  (* Security fix *)
patches/packages/mozilla-1.7.12-s390-1.tgz:  Upgraded to mozilla-1.7.12.
  This fixes several security issues.  For more information, see:
  http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
  (* Security fix *)
patches/packages/mozilla-plugins-1.7.12-noarch-1.tgz:  Upgraded Java(TM)
  symlink for Mozilla.
patches/packages/pcre-6.3-s390-1.tgz:  Upgraded to pcre-6.3.
  This fixes a buffer overflow that could be triggered by the processing of a
  specially crafted regular expression.  Theoretically this could be a security
  issue if regular expressions are accepted from untrusted users to be
  processed by a user with greater privileges, but this doesn't seem like a
  common scenario (or, for that matter, a good idea).  However, if you are
  using an application that links to the shared PCRE library and accepts
  outside input in such a manner, you will want to update to this new package.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
  (* Security fix *)
patches/packages/php-4.3.11-s390-3.tgz:  Relinked with the system PCRE library,
  as the builtin library has a buffer overflow that could be triggered by the
  processing of a specially crafted regular expression.
  Note that this change requires the pcre package to be installed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
  (* Security fix *)
  Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the
  insecure eval() function.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498
  (* Security fix *)
patches/packages/util-linux-2.12a-s390-2.tgz:  Patched an issue with
  umount where if the umount failed when the '-r' option was used, the
  filesystem would be remounted read-only but without any extra flags
  specified in /etc/fstab.  This could allow an ordinary user able to
  mount a floppy or CD (but with nosuid, noexec, nodev, etc in
  /etc/fstab) to run a setuid binary from removable media and gain
  root privileges.
  Reported to BugTraq by David Watson:
    http://www.securityfocus.com/archive/1/410333
  (* Security fix *)

+--------------------------+
Sun Jul 31 23:28:19 EDT 2005
patches/packages/dnsmasq-2.22-s390-1.tgz:  Upgraded to dnsmasq-2.22.
  This fixes an off-by-one overflow vulnerability may allow a DHCP
  client to create a denial of service condition.  Additional code was
  also added to detect and defeat attempts to poison the DNS cache.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877
  (* Security fix *)
patches/packages/fetchmail-6.2.5.2-s390-1.tgz:
  Upgraded to fetchmail-6.2.5.2.
  This fixes an overflow by which malicious or compromised POP3 servers
  may overflow fetchmail's stack.
  For more information, see:
    http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
  (* Security fix *)
patches/packages/gaim-1.3.1-s390-1.tgz:  Upgraded to gaim-1.3.1 and
  gaim-encryption-2.38.  This fixes a couple of remote crash bugs, so
  users of the MSN and Yahoo! chat protocols should upgrade to gaim-1.3.1.
  (* Security fix *)
patches/packages/gxine-0.4.6-s390-1.tgz:  Upgraded to gxine-0.4.6.
  This fixes a format string vulnerability that allows remote attackers to
  execute arbitrary code via a ram file with a URL whose hostname contains
  format string specifiers.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1692
  (* Security fix *)
patches/packages/infozip-5.52-s390-1.tgz:  Upgraded to unzip552.tar.gz and
  zip231.tar.gz.  These fix some buffer overruns if deep directory paths are
  packed into a Zip archive which could be a security vulnerability (for
  example, in a case of automated archiving or backups that use Zip).  However,
  it also appears that these now use certain assembly instructions that might
  not be available on older CPUs, so if you have an older machine you may wish
  to take this into account before deciding whether you should upgrade.
  (* Security fix *)
patches/packages/kdenetwork-3.2.3-s390-2.tgz:  Patched overflows in
  libgadu (used by kopete) that can cause a denial of service or
  arbitrary code execution.
  For more information, see:
    http://www.kde.org/info/security/advisory-20050721-1.txt
  (* Security fix *)
patches/packages/mozilla-1.7.10-s390-1.tgz:  Upgraded to mozilla-1.7.10.
  This fixes several security issues.  For more information, see:
  http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
  (* Security fix *)
  Fixed a folder switching bug.
  Thanks to Peter Santoro for pointing out the patch.
patches/packages/mozilla-plugins-1.7.10-noarch-1.tgz:  Upgraded Java(TM)
  symlink for Mozilla.
patches/packages/ncftp-3.1.9-s390-1.tgz:  Upgraded to ncftp-3.1.9.
  This corrects a vulnerability where a download from a hostile FTP server
  might be written to an unintended location potentially compromising system
  security or causing a denial of service.
  For more details, see:
    http://www.ncftp.com/ncftp/doc/changelog.html#3.1.5
  (* Security fix *)
patches/packages/php-4.3.11-s390-2.tgz:  Upgraded PEAR XML_RPC class.
  This new PHP package fixes a PEAR XML_RPC vulnerability.  Sites that use
  this PEAR class should upgrade to the new PHP package, or as a minimal
  fix may instead upgrade the XML_RPC PEAR class with the following command:
    pear upgrade XML_RPC
  (* Security fix *)
patches/packages/sudo-1.6.8p9-s390-1.tgz:  Upgraded to sudo-1.6.8p9.
  This new version of Sudo fixes a race condition in command pathname handling
  that could allow a user with Sudo privileges to run arbitrary commands.
  For full details, see the Sudo site:
    http://www.courtesan.com/sudo/alerts/path_race.html
  (* Security fix *)
patches/packages/tcpdump-3.9.3-s390-1.tgz:  Upgraded to libpcap-0.9.3 and
  tcpdump-3.9.3.  This fixes an issue where an invalid BGP packet can
  cause tcpdump to go into an infinate loop, effectively disabling network
  monitoring.
  (* Security fix *)
patches/packages/tcpip-0.17-s390-2.tgz:  Patched two overflows in
  the telnet client that could allow the execution of arbitrary code
  when connected to a malicious telnet server.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
  (* Security fix *)
patches/packages/xine-lib-1.0.1-s390-1.tgz:  Upgraded to xine-lib-1.0.1.
  This fixes some bugs in the MMS and Real RTSP streaming client code.
  While the odds of this vulnerability being usable to a remote attacker are
  low (but see the xine advisory), if you stream media from sites using these
  protocols (and you think the sites might be "hostile" and will try to hack
  into your xine client), then you might want to upgrade to this new version
  of xine-lib.  Probably the other fixes and enchancements in xine-lib-1.0.1
  are a better rationale to do so, though.
  For more details on the xine-lib security issues, see:
    http://xinehq.de/index.php/security/XSA-2004-8
  (* Security fix *)
patches/packages/xine-ui-0.99.3-s390-1.tgz:  Upgraded to xine-ui-0.99.3.
patches/packages/xv-3.10a-s390-2.tgz:  Upgraded to the latest XV jumbo
  patches, xv-3.10a-jumbo-fix-patch-20050410 and
  xv-3.10a-jumbo-enh-patch-20050501.  These fix a number of format string
  and other possible security issues in addition to providing many other
  bugfixes and enhancements.
  (Thanks to Greg Roelofs)
  (* Security fix *)
patches/packages/zlib-1.2.3-s390-1.tgz:  Upgraded to zlib-1.2.3.
  This fixes an additional crash not fixed by the patch to zlib-1.2.2.
  (* Security fix *)
  Patched an overflow in zlib that could cause applications using zlib
  to crash.  The overflow does not involve user supplied data, and therefore
  does not allow the execution of arbitrary code.  However, it could still
  be used by a remote attacker to create a denial of service.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
  (* Security fix *)

+--------------------------+
Sat Jul 30 14:15:00 EDT 2005
patches/packages/cvs-1.11.20-s390-1.tgz:  Upgraded to cvs-1.11.20.
  From cvshome.org:  "This version fixes many minor security issues in the
  CVS server executable including a potentially serious buffer overflow
  vulnerability with no known exploit.  We recommend this upgrade for all CVS
  servers!"
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753
  (* Security fix *)
patches/packages/python-2.3.5-s390-1.tgz:  Upgraded to python-2.3.5.
  From the python.org site:  "The Python development team has discovered a flaw
  in the SimpleXMLRPCServer library module which can give remote attackers
  access to internals of the registered object or its module or possibly other
  modules. The flaw only affects Python XML-RPC servers that use the
  register_instance() method to register an object without a _dispatch()
  method. Servers using only register_function() are not affected."
  For more details, see:
    http://python.org/security/PSF-2005-001/
  (* Security fix *)
patches/packages/python-demo-2.3.5-noarch-1.tgz:  Upgraded to python-2.3.5
  demos.
patches/packages/python-tools-2.3.5-noarch-1.tgz:  Upgraded to python-2.3.5
  tools.

+--------------------------+
Sun Apr 10 18:01:07 EDT 2005
patches/packages/php-4.3.11-s390-1.tgz:  Upgraded to php-4.3.11.
 "This is a maintenance release that in addition to over 70 non-critical bug
  fixes addresses several security issues inside the exif and fbsql extensions
  as well as the unserialize(), swf_definepoly() and getimagesize() functions."
  (* Security fix *)

+--------------------------+
Sat Apr  2 13:18:23 EST 2005
patches/packages/gaim-1.2.0-s390-1.tgz:  Upgraded to gaim-1.2.0 and
  gaim-encryption-2.36 (compiled against mozilla-1.7.6).
patches/packages/mozilla-1.7.6-s390-1.tgz:  Upgraded to mozilla-1.7.6.
  Fixes some security issues.  Please see mozilla.org for a complete list.
  (* Security fix *)
patches/packages/mozilla-plugins-1.7.6-noarch-1.tgz:  Adjusted plugin
  symlinks for Mozilla 1.7.6.

+--------------------------+
Sun Mar 13 22:44:00 EST 2005
patches/packages/kernel-source-2.4.29-s390-2.tgz: Forward-ported patches
  23 and 24 from developerWorks and rebuilt.
patches/packages/kernel-headers-2.4.29-s390-2.tgz: Rebuilt.
patches/packages/kernel-modules-2.4.29-s390-2.tgz: Rebuilt.
patches/packages/kernel-default-2.4.29-s390-2.tgz: Rebuilt.

+--------------------------+
Wed Feb 16 11:48:00 EST 2005
kernels/initrd.gz: Fixed a problem with semicolons in parmfiles not
  being parsed properly, and causing errors.

+--------------------------+
Fri Feb 11 13:20:00 EST 2005

Released Slack/390 10.0 stable.

       Thanks to everyone who did some testing on this release and
       reported the problems they encountered. Some of them weren't
       fixed, but should be before 10.1 goes GA.  Please read the
       release notes to understand what the issues are.

       If you wind up using this distribution at your site, I would
       be interested in hearing from you as to how it's working
       for you.  In particular, anything that can be improved or
       just plain fixed.

As Pat always says,  Have fun! :-)

Mark Post

+--------------------------+
Fri Feb 11 02:10:00 EST 2005
testing/packages/linux-2.6.7/kernel-generic-2.6.7-s390-1.tgz: Added a
  generic Linux 2.6.7 kernel.  Generic means that it supports almost
  everything through modules, but a lot less than usual is built in.
  For example, the only built-in filesystems are ext2 & ext3.  If you
  want something different for your root filesystem, or you need to load
  SCSI or other drivers before mounting root, then you'll need to build
  an initrd (see the new mkinitrd package).  You'll also need to add
  a line to your /etc/zipl.conf to load the initrd along with the kernel:
    initrd=/boot/initrd.gz
  This kernel package includes all the patches from IBM's developerWorks
  through linux-2.6.5-s390-12-april2004.tar.gz, forward ported to 2.6.7.
testing/packages/linux-2.6.7/kernel-headers-2.6.7-s390-1.tgz: Added kernel
  headers for Linux 2.6.7.
testing/packages/linux-2.6.7/kernel-modules-2.6.7-s390-1.tgz: Added kernel
  modules for Linux 2.6.7.
testing/packages/linux-2.6.7/kernel-source-2.6.7-s390-1.tgz: Added kernel
  source for Linux 2.6.7.

+--------------------------+
Mon Feb  7 01:38:00 EST 2005
patches/packages/x11-6.7.0-s390-2.tgz: Rebuilt
  The XPM library which is part of the XFree86/XOrg project is used by several
  GUI applications to process XPM image files, so it seemed like a good idea to
  rebuild. For more details, see:
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692
     (* Security fix *)

  Note that the name of the keyboard driver in the xorg.conf file has
       changed from "Keyboard" to "kbd". You'll need to make this change in
       order to start X.
patches/packages/x11-devel-6.7.0-s390-2.tgz: Rebuilt

+--------------------------+
Thu Jan 27 19:40:00 EST 2005
patches/packages/kernel-source-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
   (* Security fix *)
patches/packages/kernel-headers-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
   (* Security fix *)
patches/packages/kernel-default-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
   (* Security fix *)
patches/packages/kernel-modules-2.4.29-s390-1.tgz: Upgraded to Linux 2.4.29 kernel.
   (* Security fix *)

+--------------------------+
Mon Jan 24 22:00:00 EST 2005
patches/packages/a2ps-4.13b-s390-2.tgz: Rebuilt
  The GNU a2ps utility fails to properly sanitize filenames,
  which can be abused by a malicious user to execute arbitray
  commands with the privileges of the user running the vulnerable
  application. To know wheter your a2ps package is vulnerable, see
  the:
   http://www.securityfocus.com/bid/11025
   (* Security fix *)
patches/packages/imagemagick-6.1.4_5-s390-1.tgz: Upgraded to imagemagick-6.1.4_5
  Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0
  allows remote attackers to execute arbitrary code via a certain image file.
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
    (* Security fix *)
patches/packages/sudo-1.6.8p4-s390-1.tgz: Upgraded to sudo-1.6.8p4.
  This fixes a bug that may could permit malicious users with permission to run
  a shell script that uses the bash shell to run arbitrary commands. For more
  details, see:
    http://www.sudo.ws/sudo/alerts/bash_functions.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1051
  (* Security fix *)
patches/packages/samba-3.0.9-s390-1.tgz: Upgrade to samba-3.0.9.
  A possible buffer overrun in smbd could lead to code execution by a remote
  user. For more details, see:
     http://samba.cdpa.nsysu.edu.tw/samba/news/#can-2004-0882
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882
  (* Security fix *)
patches/packages/lvm-1.0.8-s390-2.tgz: Rebuilt
  A bug in lvm (1.5 through 2.1) allows local users to overwrite
  files via a symlink attack on temporary files.
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0972
    (* Security fix *)
patches/packages/imlib-1.9.15-s390-1.tgz: Upgraded to imlib-1.9.15
  Multiple heap-based buffer overflows in the imlib BMP image handler
  allow remote attackers to execute arbitrary code via a crafted BMP file.
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
    (* Security fix *)
patches/packages/libxml2-2.6.16-s390-1.tgz: Upgraded to libxml2-2.6.16
  Multiple buffer overflows may allow remote attackers to execute
  arbitrary code.  2.6.12 and 2.6.13 are affected, it's unsure if older
  versions are affected as well, you may want to upgrade to to libxml2
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989
    (* Security fix *)
patches/packages/nfs-utils-1.0.6-s390-2.tgz: Rebuilt
  Statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE
  signal, which allows remote attackers to cause a denial of service
  (server process crash) via a TCP connection that is prematurely
  terminated. More information
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1014
   (* Security fix *)
patches/packages/php-4.3.10-s390-1.tgz: Upgraded to php-4.3.10
  A theorietical vulnerability exists in older versions of libgd
  that could allow a malicious user to upload a specially crafted
  image file to exploit an integer overflow.
   (* Security fix *)

+--------------------------+
Tue Nov  9 21:31:52 EST 2004
patches/packages/apache-1.3.33-s390-1.tgz:  Upgraded to apache-1.3.33.
  This fixes one new security issue (the first issue, CAN-2004-0492, was fixed
  in apache-1.3.32).  The second bug fixed in 1.3.3 (CAN-2004-0940) allows a
  local user who can create SSI documents to become "nobody".  The amount of
  mischief they could cause as nobody seems low at first glance, but it might
  allow them to use kill or killall as nobody to try to create a DoS.
  Mention PHP's mhash dependency in httpd.conf (thanks to Jakub Jankowski).
  (* Security fix *)
patches/packages/libtiff-3.7.0-s390-1.tgz:  Upgraded to libtiff-3.7.0.
  This fixes several bugs that could lead to crashes, or could possibly allow
  arbitrary code to be executed.  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
  (* Security fix *)
patches/packages/mod_ssl-2.8.22_1.3.33-s390-1.tgz:  Upgraded to
  mod_ssl-2.8.22_1.3.33.

+--------------------------+
Thu Oct 28 22:03:51 EDT 2004
patches/packages/apache-1.3.32-s390-1.tgz:  Upgraded to apache-1.3.32.
  This addresses a heap-based buffer overflow in mod_proxy by rejecting
  responses from a remote server with a negative Content-Length.  The
  flaw could crash the Apache child process, or possibly allow code to
  be executed as the Apache user (but only if mod_proxy is actually in
  use on the server).
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
  (* Security fix *)
patches/packages/mod_ssl-2.8.21_1.3.32-s390-1.tgz:
  Upgraded to mod_ssl-2.8.21-1.3.32.
  Don't allow clients to bypass cipher requirements, possibly negotiating
  a connection that the server does not consider secure enough.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
  (* Security fix *)
patches/packages/php-4.3.9-s390-1.tgz:  Upgraded to php-4.3.9.

+--------------------------+
Sun Oct 24 00:43:25 EDT 2004
patches/packages/gaim-1.0.2-s390-1.tgz:  Upgraded to gaim-1.0.2
  and gaim-encryption-2.32.  A buffer overflow in the MSN protocol
  handler for GAIM 0.79 to 1.0.1 allows remote attackers to cause
  a denial of service (application crash) and may allow the
  execution of arbitrary code.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
  (* Security fix *)

+--------------------------+
Thu Oct 21 22:22:09 EDT 2004
a, ap, k: Updated the maketag, maketag.ez, and tagfiles to reflect the
  package names that are different for Slack/390.

+--------------------------+
Wed Oct 13 14:56:33 EDT 2004
patches/packages/rsync-2.6.3-s390-1.tgz:  Upgraded to rsync-2.6.3.
  From the rsync NEWS file:
      A bug in the sanitize_path routine (which affects a non-chrooted
      rsync daemon) could allow a user to craft a pathname that would get
      transformed into an absolute path for certain options (but not for
      file-transfer names).  If you're running an rsync daemon with chroot
      disabled, *please upgrade*, ESPECIALLY if the user privs you run
      rsync under is anything above "nobody".
  Note that rsync, in daemon mode, sets the "use chroot" to true by
  default, and (in this default mode) is not vulnerable to this issue.
  I would strongly recommend against setting "use chroot" to false
  even if you've upgraded to this new package.
  (* Security fix *)

+--------------------------+
Mon Oct  4 16:27:18 EDT 2004
patches/packages/getmail-4.2.0-s390-1.tgz:  Upgraded to
  getmaii-4.2.0.  Earlier versions contained a local security flaw
  when used in an insecure fashion (surprise, running something as
  root that writes to user-controlled files or directories could
  allow the old symlink attack to clobber system files!  :-)
  From the getmail CHANGELOG:
      This vulnerability is not exploitable if the administrator does
      not deliver mail to the maildirs/mbox files of untrusted local
      users, or if getmail is configured to use an external
      unprivileged MDA.  This vulnerability is not remotely exploitable.
  Most users would not use getmail in such as way as to be vulnerable
  to this flaw, but if your site does this package closes the hole.
  I'd also recommend not using getmail like this.  Either run it as the
  user that owns the target mailbox, or deliver through an external MDA.
  (* Security fix *)
patches/packages/zlib-1.2.2-s390-1.tgz:  Upgraded to zlib-1.2.2.
  This fixes a possible DoS in earlier versions of zlib-1.2.x.
  (* Security fix *)

+--------------------------+
Sat Sep 25 00:53:44 EDT 2004
kernels/initrd.gz: Corrected the "welcome message" in /etc/issue.  Copied
  /etc/issue to /etc/issue.net to that people using telnet instead of SSH
  will see the message.  Renamed /etc/securetty to /etc/securetty.hold so
  that people using telnet won't be prompted for a password for root when
  starting the install proces.

+--------------------------+
Tue Sep 21 01:44:00 EDT 2004
patches/packages/cups-1.1.21-s390-1.tgz:  Upgraded to cups-1.1.21.
  This fixes a flaw where a remote attacker can crash the CUPS
  server causing a denial of service.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
  (* Security fix *)
patches/packages/gtk+2-2.4.10-s390-1.tgz:  Upgraded to gtk+-2.4.10.
  This fixes security issues in the image loader routines that can
  crash applications.
  (* Security fix *)
patches/packages/mozilla-1.7.3-s390-1.tgz:  Upgraded to mozilla-1.7.3.
  The Mozilla page says this fixes some "minor security holes".
  It also breaks Galeon and Epiphany, and new versions of these have
  still not appeared.  In light of this, I think it's time to remove
  these Gecko-based browsers.  The future is going to be Firefox and
  Thunderbird anyway, and I don't believe Galeon and Epiphany can be
  compiled against Firefox's libraries.
  (* Security fix *)
patches/packages/mozilla-plugins-1.7.3-noarch-1.tgz:  Changed plugin
  symlinks for Mozilla 1.7.3.
patches/packages/xine-lib-1rc6a-s390-1.tgz:  Upgraded to xine-lib-1-rc6a.
  This release fixes a few overflows that could have security implications.
  (* Security fix *)

+--------------------------+
Sun Sep 19 14:15:46 EDT 2004
extra/kernel-default-2.4.21/kernel-default-2.4.21-s390-2.tgz: Rebuilt
  the kernel from the new kernel source.
extra/kernel-headers-2.4.21/kernel-headers-2.4.21-s390-2.tgz: Rebuilt
  the kernel from the new kernel source.
extra/kernel-modules-2.4.21/kernel-modules-2.4.21-s390-2.tgz: Rebuilt
  the kernel from the new kernel source.
extra/kernel-source-2.4.21/kernel-source-2.4.21-s390-2.tgz: Applied the
  latest IBM patches from developerWorks to the kernel source .  We're
   now up to the -16 level of the "June 2003 Stream."

+--------------------------+
Sun Sep 19 01:34:06 EDT 2004
a/kernel-default-2.4.26-s390-2.tgz: Rebuilt the kernel from the new kernel
  source.
a/kernel-modules-2.4.26-s390-2.tgz: Rebuilt the kernel modules from the new
  kernel source.
d/kernel-headers-2.4.26-s390-2.tgz: Rebuilt the kernel headers from the new
  kernel source.
k/kernel-source-2.4.26-s390-2.tgz: Applied the latest IBM patches from
  developerWorks to the kernel source (forward ported from 2.4.21).  We're
  now up to the -16 level of the "June 2003 Stream."
extra/cpint-1.1.6/cpint-1.1.6_2.4.26-s390-2.tgz: Rebuilt using the new
  kernel source.

+--------------------------+
Sat Sep 18 13:52:22 EDT 2004
x/*: Finally got the x11 packages to build properly, so I followed
  Pat's direction and switched to X11R6.7.0 from X.Org.  Instead of
  moving XFree86 to unsupported, though, I moved it to /pasture for
  this version only.  I tested various X applications, and they all
  seemed to work without having to recompile.  If anyone runs into
  a case where they think a recompile will help, please let me know.
extra/kernel-default-2.4.21/kernel-default-2.4.21-s390-1.tgz: Moved to /extra
  because a number of people were installing both, instead of just one.  Since
  I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-headers-2.4.21/kernel-headers-2.4.21-s390-1.tgz: Moved to /extra
  because a number of people were installing both, instead of just one.  Since
  I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-modules-2.4.21/kernel-modules-2.4.21-s390-1.tgz: Moved to /extra
  because a number of people were installing both, instead of just one.  Since
  I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/kernel-source-2.4.21/kernel-source-2.4.21-s390-1.tgz: Moved to /extra
  because a number of people were installing both, instead of just one.  Since
  I intended 2.4.26 to be the true default, 2.4.21 is the one that got moved.
extra/source/kde: Removed the entire arts directory, since it was a duplicate
  of the one in source/kde/arts.

+--------------------------+
Tue Sep 14 13:04:28 EDT 2004
patches/packages/samba-3.0.5-s390-2.tgz:  Patched two Denial of Service
  vulnerabilities in samba-3.0.5.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808
  (* Security fix *)

+--------------------------+
Sat Sep 11 18:59:48 EDT 2004
d/gcc-3.3.4-s390-2.tgz: Recompiled with a patch that will allow 2.6
  kernel modules to be built on S/390.
patches/packages/proftpd-1.2.10-s390-1.tgz: Upgraded to proftpd-1.2.10.
extra/kde-3.2.3/kdebase-3.2.3-s390-2.tgz: Patched frame injection
  vulnerability in Konqueror.  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
  (* Security fix *)
extra/kde-3.2.3/kdelibs-3.2.3-s390-2.tgz: Patched unsafe temporary directory
  usage, cross-domain cookie injection vulnerability for certain country
  specific domains, and frame injection vulnerability in Konqueror.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746
  (* Security fix *)

+--------------------------+
Tue Sep  7 23:47:15 EDT 2004
patches/packages/glibc-2.3.2-s390-2.tgz:  Recompiled using 'strip -g' rather
  than 'strip --strip-unneeded' to avoid stripping symbols that are needed for
  debugging threads.  Thanks to those who reported this bug, especially
  Ricardo Nabinger Sanchez who sent in a sample thread program that made
  it easy to test for the problem (and confirm the fix worked).
patches/packages/glibc-solibs-2.3.2-s390-2.tgz:  Recompiled using 'strip -g'.
patches/packages/kdebase-3.2.1-s390-3.tgz: Patched frame injection
  vulnerability in Konqueror.  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
  (* Security fix *)
patches/packages/kdelibs-3.2.1-s390-2.tgz: Patched unsafe temporary directory
  usage, cross-domain cookie injection vulnerability for certain country
  specific domains, and frame injection vulnerability in Konqueror.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746
  (* Security fix *)

+--------------------------+
Fri Aug 27 16:03:02 EDT 2004
patches/packages/gaim-0.82.1-s390-1.tgz:
  Upgraded to gaim-0.82.1 and gaim-encryption-2.30.
  Fixes several security issues:
     Content-length DOS (malloc error) (no CAN ID on this one)
     MSN strncpy buffer overflow (CAN-2004-0500)
     Groupware message receive integer overflow (CAN-2004-0754)
     Smiley theme installation lack of escaping (CAN-2004-0784)
     RTF message buffer overflow, Local hostname resolution buffer overflow,
       URL decode buffer overflow (these 3 are CAN-2004-0785)
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0500
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785
  (* Security fix *)

+--------------------------+
Tue Aug 24 17:01:29 EDT 2004
patches/packages/qt-3.3.3-s390-1.tgz:  Upgraded to qt-3.3.3.
  This fixes bugs in the image loading routines which could be
  used by an attacker to run unauthorized code or create a
  denial-of-service.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0693
  (* Security fix *)

+--------------------------+
Wed Aug 11 00:09:13 EDT 2004
patches/packages/epiphany-1.2.7-s390-1.tgz:  Upgraded to epiphany-1.2.7.
  (compiled against Mozilla 1.7.2)
patches/packages/gaim-0.81-s390-1.tgz:  Upgraded to gaim-0.81.
  (compiled against Mozilla 1.7.2)
patches/packages/galeon-1.3.17-s390-1.tgz:  Upgraded to galeon-1.3.17.
  (compiled against Mozilla 1.7.2)
patches/packages/mozilla-1.7.2-s390-1.tgz:  Upgraded to Mozilla 1.7.2.  This
  fixes three security vulnerabilities.  For details, see:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2
  (* Security fix *)
patches/packages/mozilla-plugins-1.7.2-noarch-1.tgz:  Changed plugin symlinks
  for Mozilla 1.7.2.

+--------------------------+
Sun Aug  8 20:42:58 EDT 2004
patches/packages/sox-12.17.4-s390-2.tgz:  Patched buffer overflows
  that could allow a malicious WAV file to execute arbitrary code.
  (* Security fix *)
patches/packages/imagemagick-6.0.4_3-s390-1.tgz:  Upgraded to
  ImageMagick-6.0.4-3.  Fixes PNG security issues.
  (* Security fix *)
patches/packages/libpng-1.2.5-s390-2.tgz:  Patched possible security
  issues including buffer and integer overflows and null pointer
  references.  These issues could cause program crashes, or possibly
  allow arbitrary code embedded in a malicious PNG image to execute.
  The PNG library is widely used within the system, so all sites
  should upgrade to the new libpng package.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599
  (* Security fix *)

+--------------------------+
Thu Aug  5 17:49:06 EDT 2004
kde/kdeaccessibility-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeaddons-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeadmin-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeartwork-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdebase-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdebindings-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeedu-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdegames-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdegraphics-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdelibs-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdemultimedia-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdenetwork-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdepim-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdesdk-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdetoys-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdeutils-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/kdevelop-3.0.2-s390-2.tgz: Rebuilt using the correct version of qt
kde/koffice-1.3.1-s390-2.tgz: Rebuilt using the correct version of qt
kde/quanta-3.2.1-s390-2.tgz: Rebuilt using the correct version of qt
source/kde: Added the source packages and prototypes that corresponds to KDE 3.2.1
extra/source/kde: Moved the source that corresponds to KDE 3.2.3 to /extra/source/

+--------------------------+
Mon Jul 26 12:04:25 EDT 2004
patches/packages/mod_ssl-2.8.19_1.3.31-s390-1.tgz:
  Upgraded to mod_ssl-2.8.19-1.3.31.
  This fixes a security hole (ssl_log() related format string
  vulnerability in mod_proxy hook functions), so sites using mod_ssl
  should upgrade to the new version.  Be sure to back up your existing
  key files first.
  (* Security fix *)
patches/packages/samba-3.0.5-s390-1.tgz:  Upgraded to samba-3.0.5.
  This fixes a buffer overflow in SWAT and another in the code supporting
  the 'mangling method = hash' smb.conf option (which is not the default).
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686
  (* Security fix *)

+--------------------------+
Fri Jul 23 22:27:22 EDT 2004
kernels/initrd.gz: Modified the kernel installation script, and the
  swapfile configuration scripts.  Fixed the /bin/filesize script
  so that it now returns the file size, and not the month.

+--------------------------+
Wed Jul 21 15:06:51 EDT 2004
patches/packages/php-4.3.8-s390-1.tgz:  Upgraded to php-4.3.8.
  This release fixes two security problems in PHP (memory_limit handling and
  a problem in the strip_tags function).  Sites using PHP should upgrade.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
  (* Security fix *)

+--------------------------+
Mon Jul 12 15:52:33 EDT 2004
extra/regina/regina-3.3-s390-1.tgz: Added regina 3.3
extra/the/the-3.1-s390-1.tgz: Added THE 3.1

+--------------------------+
Fri Jul  9 12:42:18 EDT 2004
patches/packages/vim-6.3.007-s390-1.tgz:  Upgraded to patchlevel 007.
patches/packages/xvim-6.3.007-s390-1.tgz:  Upgraded to patchlevel 007.

+--------------------------+
Tue Jul 6 20:20:00 EDT 2004
a/kernel-modules-2.4.21-s390-1.tgz
patches/packages/gaim-0.79-s390-1.tgz

+--------------------------+
Tue Jul 6 02:20:00 EDT 2004
d/kernel-headers-2.4.21-s390-1.tgz
k/kernel-source-2.4.21-s390-1.tgz

+--------------------------+
Fri Jul 4 19:20:00 EDT 2004
d/doxygen-1.3.7-s390-1.tgz

+--------------------------+
Thu Jul 1 20:45:00 EDT 2004
a/shadow-4.0.3-s390-1.tgz
d/gdb-6.1.1-s390-1.tgz
gnome/epiphany-1.2.6-s390-1.tgz
gnome/epiphany-extensions-0.9.1-s390-1.tgz
gnome/gail-1.6.6-s390-1.tgz
gnome/galeon-1.3.15-s390-1.tgz:  Patched and compiled for Mozilla 1.7.
  Thanks very much to Philip Langdale for the patch (which made it possible
  to squeeze Mozilla 1.7 into this Slackware release at the last minute).
gnome/gconf-2.6.2-s390-1.tgz
gnome/gconf-editor-2.6.2-s390-1.tgz
gnome/gdm-2.6.0.3-s390-1.tgz
gnome/gnome-desktop-2.6.2-s390-1.tgz
gnome/gnome-panel-2.6.2-s390-1.tgz
gnome/gnome-session-2.6.2-s390-1.tgz
gnome/gnome-speech-0.3.3-s390-1.tgz
gnome/gnome-themes-2.6.2-s390-1.tgz
gnome/gnopernicus-0.9.5-s390-1.tgz
gnome/gpdf-0.132-s390-1.tgz
gnome/gstreamer-0.8.3-s390-1.tgz
gnome/libgtkhtml-2.6.2-s390-1.tgz
gnome/libwnck-2.6.2-s390-1.tgz
l/sdl-1.2.7-s390-1.tgz
n/iptables-1.2.10-s390-1.tgz
xap/gaim-0.78-s390-1.tgz:  Compiled against Mozilla 1.7 libraries.
  Added gaim-encryption plugin (suggested by Chris Lumens and Eric Hameleers).
xap/gnuchess-4.0.pl80-s390-1.tgz
xap/mozilla-1.7-s390-1.tgz

+--------------------------+
Thu Jul 1 02:10:00 EDT 2004
a/kernel-default-2.4.26-s390-1.tgz
a/kernel-modules-2.4.26-s390-1.tgz:  Load quota_v2 from rc.modules if
  quota options are seen in /etc/fstab.
a/mkinitrd-1.0.1-s390-1.tgz
ap/quota-3.12-s390-1.tgz
l/ncurses-5.4-s390-1.tgz
n/lftp-3.0.6-s390-1.tgz
n/nfs-utils-1.0.6-s390-1.tgz
n/pidentd-3.0.18-s390-1.tgz
n/tcpip-0.17-s390-1.tgz
n/whois-4.6.16-s390-1.tgz
n/wireless-tools-26-s390-1.tgz
xap/gkrellm-2.2.1-s390-1.tgz
extra/bash-completion/bash-completion-20040526-s390-1.tgz
extra/k3b/k3b-0.11.11-s390-1.tgz
extra/kfiresaver3d/kfiresaver3d-0.6-s390-1.tgz
extra/slacktrack/slacktrack-1.21-s390-1.tgz
pasture/pcnfsd-93.02.16-s390-1.tgz

+--------------------------+
Wed Jun 30 01:09:56 EDT 2004
a/hotplug-2004_01_05-s390-1
l/libtiff-3.6.1-s390-1
n/bitchx-1.1-s390-1
n/inetd-1.79s-s390-1
xap/gimp-2.0.2-s390-1

+--------------------------+
Tue Jun 29 02:24:20 EDT 2004
a/aaa_base-10.0.0-s390-1
a/cxxlibs-5.0.6-s390-1
a/aaa_elflibs-9.2.0-s390-1.tgz
a/udev-026-s390-1
ap/most-4.9.5-s390-1
d/gcc-3.3.4-s390-1
d/gcc-g++-3.3.4-s390-1
d/gcc-g77-3.3.4-s390-1
d/gcc-gnat-3.3.4-s390-1
d/gcc-java-3.3.4-s390-1
d/gcc-objc-3.3.4-s390-1
d/m4-1.4.1-s390-1

+--------------------------+
Mon Jun 27 02:55:00 EDT 2004
kde/kdeaddons-3.2.3-s390-1
kde/kdebindings-3.2.3-s390-1
kde/kdepim-3.2.3-s390-1
kde/koffice-1.3.1-s390-1
kde/quanta-3.2.3-s390-1
l/gtk+2-2.4.3-s390-1

+--------------------------+
Sun Jun 26 14:10:00 EDT 2004
kde/kdevelop-3.0.4-s390-1

+--------------------------+
Sat Jun 26 02:25:00 EDT 2004
kde/kdeaccessibility-3.2.3-s390-1
kde/kdeadmin-3.2.3-s390-1
kde/kdeartwork-3.2.3-s390-1
kde/kdeedu-3.2.3-s390-1
kde/kdegames-3.2.3-s390-1
kde/kdegraphics-3.2.3-s390-1
kde/kdemultimedia-3.2.3-s390-1
kde/kdenetwork-3.2.3-s390-1
kde/kdesdk-3.2.3-s390-1
kde/kdetoys-3.2.3-s390-1

+--------------------------+
Fri Jun 25 01:30:00 EDT 2004
l/arts-1.2.3-s390-1
kde/kdebase-3.2.3-s390-1
kde/kdelibs-3.2.3-s390-1
kde/kdeutils-3.2.3-s390-1
kde/qt-3.3.2-s390-1

+--------------------------+
Wed Jun 23 22:10:00 EDT 2004
a/sysvinit-2.84-s390-1
ap/cdrdao-1.1.9-s390-1
ap/vim-6.3.004-s390-1
d/cvs-1.11.17-s390-1
d/strace-4.5.4-s390-1
gnome/gcalctool-4.4.8-s390-1
gnome/gnome-icon-theme-1.2.3-noarch-1
gnome/nautilus-2.6.3-s390-1
gnome/totem-0.99.12-s390-1
l/zlib-1.2.1.1-s390-1
n/elm-2.5.7-s390-1
n/proftpd-1.2.9-s390-1
xap/imagemagick-6.0.2_7-s390-1
xap/xchat-2.0.9-s390-1
xap/xine-lib-1rc4a-s390-1
xap/xvim-6.3.004-s390-1
+--------------------------+
Caught up to Pat's upload dated Mon Jun  7 00:56:25 PDT 2004