Here are the slackware-current changelog updates:
Wed May 7 16:13:31 CDT 2008
Upgraded to PHP 5.2.6.
This version of PHP contains many fixes and enhancements. Some of the fixes
are security related, and the PHP release announcement provides this list:
* Fixed possible stack buffer overflow in the FastCGI SAPI identified by
* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
* Properly address incomplete multibyte chars inside escapeshellcmd()
identified by Stefan Esser.
* Upgraded bundled PCRE to version 7.6
When last checked, CVE-2008-0599 was not yet open. However, additional
information should become available at this URL:
The list reproduced above, as well as additional information about other
fixes in PHP 5.2.6 may be found in the PHP release announcement here:
Upgraded to thunderbird-22.214.171.124.
This upgrade fixes some more security bugs.
For more information, see:
(* Security fix *)