Topologilinux 7.0.1 released please upgrade 
to that version to get latest patches.

+-------------------------+
Wed Nov 12 21:01:11 CDT 2008
xfce-4.4.3-i486-1.tgz
  Upgraded to latest Xfce
+-------------------------+
Fri Sep 26 22:38:32 CDT 2008
mozilla-thunderbird-2.0.0.17-i686-1.tgz:
  Upgraded to thunderbird-2.0.0.17.
  This upgrade fixes some more security bugs.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
  (* Security fix *)
+--------------------------+
Thu Sep 25 23:24:07 CDT 2008
mozilla-firefox-2.0.0.17-i686-1.tgz:
  Upgraded to firefox-2.0.0.17.
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
  (* Security fix *)
seamonkey-1.1.12-i486-1_slack12.1.tgz:
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
  (* Security fix *)
+--------------------------+
Wed Sep 17 02:28:20 CDT 2008
bind-9.4.2_P2-i486-1.tgz:
  Upgraded to bind-9.4.2-P2.
  This version has performance gains over bind-9.4.2-P1.
+--------------------------+
Mon Sep  1 21:56:29 CDT 2008
openoffice/*
	   *
  Updated to OpenOffice 2.4.1 with languagepack
+--------------------------+
Mon Sep  1 21:56:29 CDT 2008
patches/packages/samba-3.0.32-i486-1_slack12.1.tgz:
  Upgraded to samba-3.0.32.  This is a bugfix release.  See the WHATSNEW.txt
  file in the Samba docs for details on what has changed.
+--------------------------+
Thu Aug 28 22:48:16 CDT 2008
patches/packages/amarok-1.4.10-i486-1_slack12.1.tgz:
  Upgraded to amarok-1.4.10.  This fixes a security issue in the Magnatune
  online music library support which could be used by malicious local users to
  overwrite system files.  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
  (* Security fix *)
+--------------------------+
Sun Aug 24 12:00:00 CDT 2008
gnome/*
      *
  Updated all gnome packages to latest Gnome 2.22.3
+--------------------------+
Wed Aug  6 13:41:22 CDT 2008
kdenetwork-3.5.9-i486-3.tgz:
  Recompiled to fix an issue with connecting to MSN with kopete since
  the OpenSSL package was updated.  Thanks to Jim Diamond for the bug
  report and testing a recompiled package.
  If Slackware 11.0 and/or 12.0 are similarly affected, let me know and
  I'll get some updates out.
+--------------------------+
Mon Aug  4 14:03:01 CDT 2008
pan-0.133-i486-1.tgz:  Upgraded to pan-0.133.
  This update fixes a buffer overflow in pan-0.128 through pan-0.132 when
  processing .nzb files.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363
  (* Security fix *)
python-2.5.2-i486-2.tgz:
  Patched various overflows and other security problems.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144
  (* Security fix *)
+--------------------------+
Tue Jul 29 13:32:21 CDT 2008
proftpd-1.3.1-i486-2.tgz:
  Recompiled against new OpenSSL, since this evidently checks the OpenSSL
  version and will only run against the libraries it was compiled against.
  A small patch was also added due to changes in the system includes.
  Thanks to Martin Schmitz for the info and a pointer to the patch.
+--------------------------+
Mon Jul 28 22:05:06 CDT 2008
fetchmail-6.3.8-i486-3.tgz:
  Patched to fix a possible denial of service when "-v -v" options are used.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
  (* Security fix *)
httpd-2.2.9-i486-1.tgz:
  Upgraded to httpd-2.2.9.
  This release fixes flaws which could allow XSS attacks.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
  (* Security fix *)
libxslt-1.1.24-i486-1.tgz:
  Upgraded to libxslt-1.1.24.
  A buffer overflow when processing XSL stylesheets could result in the
  execution of arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
  (* Security fix *)
links-2.1-i486-1.tgz:
  Upgraded to links-2.1.
  Unspecified vulnerability in Links before 2.1, when "only proxies" is
  enabled, has unknown impact and attack vectors related to providing
  "URLs to external programs."
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
  (* Security fix *)
mozilla-thunderbird-2.0.0.16-i686-1.tgz:
  Upgraded to thunderbird-2.0.0.16.
  This upgrade fixes some more security bugs.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
  (* Security fix *)
mtr-0.73-i486-1.tgz:
  Upgraded to mtr-0.73.
  This fixes a minor security bug where a very long hostname in the trace path
  could lead to an overflow (and most likely just a crash).
  (* Security fix *)
net-snmp-5.4.1.2-i486-1.tgz:
  Upgraded to net-snmp-5.4.1.2.
  A vulnerability was discovered where an attacked could spoof an authenticated
  SNMPv3 packet due to incorrect HMAC checking.  Also, a buffer overflow was
  found that could be exploited if an application using the net-snmp perl
  modules connects to a malicious server.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
  (* Security fix *)
openssh-5.1p1-i486-1.tgz:
  Upgraded to openssh-5.1p1.
  When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or
  it is possible to be unable to log back into sshd!
openssl-0.9.8h-i486-1.tgz:
  Upgraded to OpenSSL 0.9.8h.
  The Codenomicon TLS test suite uncovered security bugs in OpenSSL.
  If OpenSSL was compiled using non-default options (Slackware's package
  is not), then a malicious packet could cause a crash.  Also, a malformed
  TLS handshake could also lead to a crash.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
  When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or
  it is possible to be unable to log back into sshd!
  (* Security fix *)
openssl-solibs-0.9.8h-i486-1.tgz:
  Upgraded to OpenSSL 0.9.8h shared libraries (see above).
  (* Security fix *)
pcre-7.7-i486-1.tgz:
  Upgraded to pcre-7.7.
  Tavis Ormandy of the Google Security Team found a buffer overflow triggered
  when handling certain regular expressions.  This could lead to a crash or
  possible execution of code as the user of the PCRE-linked application.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
  (* Security fix *)
vim-7.1.330-i486-1.tgz:
  Upgraded to vim-7.1.330.  This fixes several security issues related to
  the automatic processing of untrusted files.
  For more information, see:
    http://www.rdancer.org/vulnerablevim.html
  (* Security fix *)
vim-gvim-7.1.330-i486-1.tgz:
  Upgraded to vim-gvim-7.1.330.
  See "vim" above for details.
  (* Security fix *)
+--------------------------+
Wed Jul 23 16:27:21 CDT 2008
dnsmasq-2.45-i486-1.tgz:
  Upgraded to dnsmasq-2.45.
  It was discovered that earlier versions of dnsmasq have DNS cache
  weaknesses that are similar to the ones recently discovered in BIND.
  This new release minimizes the risk of cache poisoning.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
  (* Security fix *)
+--------------------------+
Wed Jul 16 19:28:56 CDT 2008
mozilla-firefox-2.0.0.16-i686-1.tgz:
  Upgraded to firefox-2.0.0.16.
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
  (* Security fix *)
seamonkey-1.1.11-i486-1.tgz:
  Upgraded to seamonkey-1.1.11.
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
  (* Security fix *)
+--------------------------+
Wed Jul  9 20:50:52 CDT 2008
bind-9.4.2_P1-i486-1.tgz:
  Upgraded to bind-9.4.2-P1.
  This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
  Poisoning Issue.  This is the summary of the problem from the BIND site:
    "A weakness in the DNS protocol may enable the poisoning of caching
     recurive resolvers with spoofed data.  DNSSEC is the only full solution.
     New versions of BIND provide increased resilience to the attack."
  It is suggested that sites that run BIND upgrade to one of the new packages
  in order to reduce their exposure to DNS cache poisoning attacks.
  For more information, see:
    http://www.isc.org/sw/bind/bind-security.php
    http://www.kb.cert.org/vuls/id/800113
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
  (* Security fix *)
mozilla-firefox-2.0.0.15-i686-1.tgz:
  Upgraded to firefox-2.0.0.15.
  This release closes several possible security vulnerabilities and bugs.
  For more information, see:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
  (* Security fix *)
pidgin-2.4.3-i486-1.tgz:
  Upgraded to pidgin-2.4.3.
  This updates pidgin to work with the changed ICQ protocol.
seamonkey-1.1.10-i486-1.tgz:
  Upgraded to seamonkey-1.1.10.
  This release closes several possible security vulnerabilities and bugs.
  For more information, see:
    http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
  (* Security fix *)