Thursday 19th February 2009
Fedora Project
Updated libpng10 to 1.0.43, addressing CVE-2009-0040 (a vulnerability in which some arrays of pointers are not initialized prior to using malloc to define the pointers; if the application runs out of memory while executing the allocation loop - which can be forced by malevolent input - libpng10 will jump to a cleanup process that attempts to free all of the pointers, including the undefined ones)
Raised Bug #486407 about logwatch warning me that my loopback-mounted ISO image filesystems are "filling up" (they are of course all at 100% but nobody's going to try writing anything else to them!)
Local Packages
Updated libpng10 to 1.0.43 as per Fedora
Updated perl-BerkeleyDB to 0.37; I had to create two new patches here, one to fix the broken POD test (missing space before >> delimiter in the POD file - CPAN RT#43435), and one to fix a regression where the tests example.t and example3.t failed in anything older than Fedora 9 due to a change of "use util;" to "use util(1);" - CPAN RT#43437
Updated perl-File-Find-Rule-Perl to 1.05