Fri Oct 18 02:41:09 UTC 2013
patches/packages/libtiff-3.9.7-i486-1_slack12.1.tgz: Upgraded.
Patched overflows, crashes, and out of bounds writes.
Thanks to mancha for the backported patches.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244
(* Security fix *)
+--------------------------+
Mon Oct 14 22:09:17 UTC 2013
patches/packages/gnupg-1.4.15-i486-1_slack12.1.tgz: Upgraded.
Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
Protect against rogue keyservers sending secret keys.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
(* Security fix *)
patches/packages/gnutls-2.8.4-i486-2_slack12.1.tgz: Rebuilt.
[Updated to the correct version to fix fetching the "latest" from gnu.org]
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
Other minor security issues are patched as well.
Thanks to mancha for backporting these patches.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116
(* Security fix *)
patches/packages/xorg-server-1.4.2-i486-3_slack12.1.tgz: Rebuilt.
Patched a use-after-free bug that can cause an X server crash or
memory corruption.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396
(* Security fix *)
patches/packages/xorg-server-xnest-1.4.2-i486-3_slack12.1.tgz: Rebuilt.
patches/packages/xorg-server-xvfb-1.4.2-i486-3_slack12.1.tgz: Rebuilt.
+--------------------------+
Sun Sep 29 02:39:29 UTC 2013
patches/packages/lm_sensors-2.10.8-i486-1_slack12.1.tgz: Upgraded.
This update fixes issues with sensors-detect that may cause serious trouble
on recent hardware (most notably laptops.) The symptoms are that the
display starts misbehaving (wrong resolution or wrong gamma factor.)
The risk is mitigated in this package by changing the default behavior of
sensors-detect to no longer touch EDID EEPROMs and then to no longer probe
graphics adapters at all unless the user asks for it.
+--------------------------+
Fri Aug 30 06:26:06 UTC 2013
####################################################################
# NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS #
# #
# Effective December 9, 2013, security patches will no longer be #
# provided for the following versions of Slackware (which will all #
# be more than 5 years old at that time): #
# Slackware 12.1, Slackware 12.2. #
# If you are still running these versions you should consider #
# migrating to a newer version (preferably as recent as possible). #
# Alternately, you may make arrangements to handle your own #
# security patches. If for some reason you are unable to upgrade #
# or handle your own security patches, limited security support #
# may be available for a fee. Inquire at security@slackware.com. #
####################################################################
+--------------------------+
Fri Aug 23 20:18:50 UTC 2013
patches/packages/xpdf-3.03-i486-2_slack12.1.tgz: Rebuilt.
Due to a bug in the libXt headers, the previous package build silently
omitted the main xpdf binary. This has now been fixed.
+--------------------------+
Wed Aug 21 06:11:23 UTC 2013
patches/packages/hplip-2.8.4-i486-2_slack12.1.tgz: Rebuilt.
This update fixes a stack-based buffer overflow in the hpmud_get_pml
function that can allow remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted SNMP response
with a large length value.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4267
(* Security fix *)
patches/packages/xpdf-3.03-i486-1_slack12.1.tgz: Upgraded.
Sanitize error messages to remove escape sequences that could be used to
exploit vulnerable terminal emulators.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142
Thanks to mancha.
(* Security fix *)
+--------------------------+
Tue Aug 6 05:23:34 UTC 2013
patches/packages/bind-9.8.5_P2-i486-1_slack12.1.tgz: Upgraded.
This update fixes a security issue where a specially crafted query can cause
BIND to terminate abnormally, resulting in a denial of service.
For more information, see:
https://kb.isc.org/article/AA-01015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854
(* Security fix *)
patches/packages/httpd-2.2.25-i486-1_slack12.1.tgz: Upgraded.
This update addresses two security issues:
* SECURITY: CVE-2013-1862 (cve.mitre.org) mod_rewrite: Ensure that client
data written to the RewriteLog is escaped to prevent terminal escape
sequences from entering the log file.
* SECURITY: CVE-2013-1896 (cve.mitre.org) mod_dav: Sending a MERGE request
against a URI handled by mod_dav_svn with the source href (sent as part of
the request body as XML) pointing to a URI that is not configured for DAV
will trigger a segfault.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
(* Security fix *)
+--------------------------+
Sat Aug 3 20:36:53 UTC 2013
patches/packages/gnupg-1.4.14-i486-1_slack12.1.tgz: Upgraded.
Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA
secret keys.
For more information, see:
http://eprint.iacr.org/2013/448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242
(* Security fix *)
patches/packages/libgcrypt-1.5.3-i486-1_slack12.1.tgz: Upgraded.
Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA
secret keys.
For more information, see:
http://eprint.iacr.org/2013/448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242
(* Security fix *)
patches/packages/libgpg-error-1.11-i486-1_slack12.1.tgz: Upgraded.
This package upgrade was needed by the new version of libgcrypt.
+--------------------------+
Tue Jul 16 21:18:56 UTC 2013
patches/packages/php-5.3.27-i486-1_slack12.1.tgz: Upgraded.
This update fixes an issue where XML in PHP does not properly consider
parsing depth, which allows remote attackers to cause a denial of service
(heap memory corruption) or possibly have unspecified other impact via a
crafted document that is processed by the xml_parse_into_struct function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113
(* Security fix *)
+--------------------------+
Sun Jun 23 21:00:00 UTC 2013
patches/packages/curl-7.16.2-i486-4_slack12.1.tgz: Rebuilt.
This fixes a minor security issue where a decode buffer boundary flaw in
libcurl could lead to heap corruption.
For more information, see:
http://curl.haxx.se/docs/adv_20130622.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
(* Security fix *)
+--------------------------+
Mon Jun 10 21:51:54 UTC 2013
patches/packages/php-5.3.26-i486-1_slack12.1.tgz: Upgraded.
This is a bugfix release. It also fixes a security issue -- a heap-based
overflow in the quoted_printable_encode() function, which could be used by
a remote attacker to crash PHP or execute code as the 'apache' user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110
(* Security fix *)
+--------------------------+
Wed Mar 27 06:09:29 UTC 2013
patches/packages/bind-9.8.4_P2-i486-1_slack12.1.tgz: Upgraded.
This update fixes a critical defect in BIND 9 that allows an attacker
to cause excessive memory consumption in named or other programs linked
to libdns.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266
https://kb.isc.org/article/AA-00871
(* Security fix *)
patches/packages/dhcp-4.2.5_P1-i486-1_slack12.1.tgz: Upgraded.
This update replaces the included BIND 9 code that the DHCP programs
link against. Those contained a defect that could possibly lead to
excessive memory consumption and a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266
(* Security fix *)
+--------------------------+
Sat Mar 23 20:22:12 UTC 2013
patches/packages/php-5.3.23-i486-1_slack12.1.tgz: Upgraded.
This release fixes two security issues in SOAP:
Added check that soap.wsdl_cache_dir conforms to open_basedir.
Disabled external entities loading.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1643
(* Security fix *)
+--------------------------+
Tue Mar 12 06:59:27 UTC 2013
patches/packages/glibc-zoneinfo-2013b-noarch-1_slack12.1.tgz: Upgraded.
This package provides the latest timezone updates.
+--------------------------+
Thu Mar 7 00:16:35 UTC 2013
patches/packages/sudo-1.7.10p7-i486-1_slack12.1.tgz: Upgraded.
This update fixes security issues that could allow a user to run commands
without authenticating after the password timeout has already expired.
Note that the vulnerability did not permit a user to run commands other
than those allowed by the sudoers policy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776
(* Security fix *)
+--------------------------+
Sun Mar 3 22:10:56 UTC 2013
patches/packages/httpd-2.2.24-i486-1_slack12.1.tgz: Upgraded.
This update provides bugfixes and enhancements.
Two security issues are fixed:
* Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
[Jim Jagielski, Stefan Fritsch, Niels Heinen <heinenn google com>]
* XSS in mod_proxy_balancer manager interface. [Jim Jagielski,
Niels Heinen <heinenn google com>]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
(* Security fix *)
+--------------------------+
Sat Feb 9 21:45:56 UTC 2013
patches/packages/openssl-0.9.8y-i486-1_slack12.1.tgz: Upgraded.
Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
This addresses the flaw in CBC record processing discovered by
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
at: http://www.isg.rhul.ac.uk/tls/
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
Emilia Käsper for the initial patch.
(CVE-2013-0169)
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
Return an error when checking OCSP signatures when key is NULL.
This fixes a DoS attack. (CVE-2013-0166)
[Steve Henson]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
(* Security fix *)
patches/packages/openssl-solibs-0.9.8y-i486-1_slack12.1.tgz: Upgraded.
(* Security fix *)
+--------------------------+
Tue Jan 22 23:40:16 UTC 2013
patches/packages/mysql-5.0.96-i486-1_slack12.1.tgz: Upgraded.
Upgraded to the latest upstream version to fix security issues and provide
other bug fixes and improvements. Note that some of the changes may
possibly introduce incompatibilities with the previous package.
(* Security fix *)
+--------------------------+
Wed Jan 16 02:54:52 UTC 2013
patches/packages/freetype-2.4.11-i486-1_slack12.1.tgz: Upgraded.
This release fixes several security bugs that could cause freetype to
crash or run programs upon opening a specially crafted file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670
(* Security fix *)
+--------------------------+
Fri Dec 7 01:41:59 UTC 2012
patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz: Upgraded.
IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to
9.8.4_P1 since the 9.7 series is no longer supported. It is
possible that some changes may be required to your local
configuration.
This release addresses some denial-of-service and other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868
(* Security fix *)
patches/packages/libxml2-2.6.32-i486-3_slack12.1.tgz: Rebuilt.
Patched a heap-based buffer underflow in the xmlParseAttValueComplex
function in parser.c in libxml2 2.9.0 and earlier that could allow a
remote attacker to cause a denial of service or possibly execute
arbitrary code via crafted entities in an XML document.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
(* Security fix *)
+--------------------------+
Thu Oct 11 01:14:57 UTC 2012
patches/packages/bind-9.7.6_P4-i486-1_slack12.1.tgz: Upgraded.
This update fixes a security issue where a certain combination of records
in the RBT could cause named to hang while populating the additional
section of a response. [RT #31090]
(* Security fix *)
+--------------------------+
Wed Sep 19 23:52:16 UTC 2012
patches/packages/patch-2.7-i486-2_slack12.1.tgz: Upgraded.
Applied two upstream git commits to fix bugs which could cause target
files to be removed or truncated. Thanks to Qun-Ying.
+--------------------------+
Fri Sep 14 20:29:40 UTC 2012
patches/packages/dhcp-4.1_ESV_R7-i486-1_slack12.1.tgz: Upgraded.
An issue with the use of lease times was found and fixed. Making certain
changes to the end time of an IPv6 lease could cause the server to abort.
Thanks to Glen Eustace of Massey University, New Zealand for finding this
issue. [ISC-Bugs #30281]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
(* Security fix *)
patches/packages/php-5.3.17-i486-1_slack12.1.tgz: Upgraded.
This is a bugfix release.
+--------------------------+
Fri Sep 14 02:16:53 UTC 2012
patches/packages/bind-9.7.6_P3-i486-1_slack12.1.tgz: Upgraded.
This update fixes a security issue where named could crash on a specially
crafted record. [RT #30416]
(* Security fix *)
patches/packages/patch-2.7-i486-1_slack12.1.tgz: Upgraded.
This version of patch ignores destination filenames that are absolute or
that contain a component of "..", unless such a filename is provided as
an argument.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651
(* Security fix *)
+--------------------------+
Thu Aug 30 23:35:53 UTC 2012
patches/packages/slocate-3.1-i486-2_slack12.1.tgz: Rebuilt.
Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Thanks to Mancha+.
Patched to fix information leak of filenames in protected directories.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227
(* Security fix *)
+--------------------------+
Fri Aug 24 20:08:37 UTC 2012
patches/packages/php-5.3.16-i486-1_slack12.1.tgz: Upgraded.
This is a bugfix release.
patches/packages/dhcp-4.1_ESV_R6-i486-1_slack12.1.tgz: Upgraded.
This fixes memory leaks, denial of service vulnerabilities, and
disallows packets with zero length client ids (not valid according to
RFC 2132 section 9.14).
For more information, see:
https://kb.isc.org/article/AA-00736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954
(* Security fix *)
+--------------------------+
Thu Aug 16 04:01:31 UTC 2012
patches/packages/t1lib-5.1.2-i486-1_slack12.1.tgz: Upgraded.
Patched various overflows, crashes, and pointer bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554
(* Security fix *)
+--------------------------+
Fri Jul 27 17:15:24 UTC 2012
patches/packages/bind-9.7.6_P2-i486-1_slack12.1.tgz: Upgraded.
Prevents a named assert (crash) when validating caused by using
"Bad cache" data before it has been initialized. [RT #30025]
ISC_QUEUE handling for recursive clients was updated to address a
race condition that could cause a memory leak. This rarely occurred
with UDP clients, but could be a significant problem for a server
handling a steady rate of TCP queries. [RT #29539 & #30233]
Under heavy incoming TCP query loads named could experience a
memory leak which could lead to significant reductions in query
response or cause the server to be terminated on systems with
"out of memory" killers. [RT #29539]
A condition has been corrected where improper handling of zero-length
RDATA could cause undesirable behavior, including termination of
the named process. [RT #29644]
(* Security fix *)
+--------------------------+
Wed Jul 25 02:02:40 UTC 2012
patches/packages/libpng-1.2.50-i486-1_slack12.1.tgz: Upgraded.
Fixed incorrect type (int copy should be png_size_t copy) in png_inflate()
(fixes CVE-2011-3045).
Revised png_set_text_2() to avoid potential memory corruption (fixes
CVE-2011-3048).
Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386
(* Security fix *)
+--------------------------+
Sun Jul 22 19:45:25 UTC 2012
patches/packages/php-5.3.15-i486-1_slack12.1.tgz: Upgraded.
Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
(Thanks to Jason Powell, Stas)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2688
(* Security fix *)
+--------------------------+
Wed Jul 18 05:35:26 UTC 2012
patches/packages/libexif-0.6.21-i486-1_slack12.1.tgz: Upgraded.
This update fixes a number of remotely exploitable issues in libexif
with effects ranging from information leakage to potential remote
code execution.
For more information, see:
http://sourceforge.net/mailarchive/message.php?msg_id=29534027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845
(* Security fix *)
+--------------------------+
Fri Jul 13 23:14:15 UTC 2012
patches/packages/php-5.3.14-i486-1_slack12.1.tgz: Upgraded.
This release fixes a weakness in the DES implementation of crypt
and a heap overflow issue in the phar extension.
(* Security fix *)
+--------------------------+
Mon Jun 25 02:32:37 UTC 2012
patches/packages/freetype-2.4.10-i486-1_slack12.1.tgz: Upgraded.
Since freetype-2.4.8 many fixes were made to better handle invalid fonts.
Many of them are vulnerabilities (see CVE-2012-1126 up to CVE-2012-1144
and SA48320) so all users should upgrade.
(* Security fix *)
+--------------------------+
Thu Jun 14 05:02:39 UTC 2012
patches/packages/bind-9.7.6_P1-i486-1_slack12.1.tgz: Upgraded.
This release fixes an issue that could crash BIND, leading to a denial of
service. It also fixes the so-called "ghost names attack" whereby a
remote attacker may trigger continued resolvability of revoked domain names.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
IMPORTANT NOTE: This is a upgraded version of BIND, _not_ a patched one.
It is likely to be more strict about the correctness of configuration files.
Care should be taken about deploying this upgrade on production servers to
avoid an unintended interruption of service.
(* Security fix *)
+--------------------------+
Wed May 23 00:14:52 UTC 2012
patches/packages/libxml2-2.6.32-i486-2_slack12.1.tgz: Upgraded.
Patched an off-by-one error in XPointer that could lead to a crash or
possibly the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102
(* Security fix *)
+--------------------------+
Sat May 19 19:03:37 UTC 2012
patches/packages/openssl-0.9.8x-i486-1_slack12.1.tgz: Upgraded.
This is a very minor security fix:
o Fix DTLS record length checking bug CVE-2012-2333
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
(* Security fix *)
patches/packages/openssl-solibs-0.9.8x-i486-1_slack12.1.tgz: Upgraded.
This is a very minor security fix:
o Fix DTLS record length checking bug CVE-2012-2333
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
(* Security fix *)
+--------------------------+
Tue May 8 21:21:10 UTC 2012
patches/packages/php-5.3.13-i486-1_slack12.1.tgz: Upgraded.
This release completes a fix for a vulnerability in CGI-based setups.
Note: mod_php and php-fpm are not vulnerable to this attack.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311
(* Security fix *)
+--------------------------+
Fri Apr 27 01:07:23 UTC 2012
patches/packages/openssl-0.9.8w-i486-1_slack12.1.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
patches/packages/openssl-solibs-0.9.8w-i486-1_slack12.1.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
+--------------------------+
Mon Apr 23 18:18:31 UTC 2012
patches/packages/openssl-0.9.8v-i486-1_slack12.1.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
patches/packages/openssl-solibs-0.9.8v-i486-1_slack12.1.tgz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
+--------------------------+
Wed Apr 11 17:16:32 UTC 2012
patches/packages/samba-3.0.37-i486-5_slack12.1.tgz: Rebuilt.
This is a security release in order to address a vulnerability that allows
remote code execution as the "root" user. All sites running a Samba
server should update to the new Samba package and restart Samba.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
(* Security fix *)
+--------------------------+
Sat Apr 7 21:48:42 UTC 2012
patches/packages/libtiff-3.8.2-i486-6_slack12.1.tgz: Rebuilt.
Patched overflows that could lead to arbitrary code execution when parsing
a malformed image file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173
(* Security fix *)
+--------------------------+
Wed Feb 22 18:14:58 UTC 2012
patches/packages/libpng-1.2.47-i486-1_slack12.1.tgz: Upgraded.
All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57,
respectively, fail to correctly validate a heap allocation in
png_decompress_chunk(), which can lead to a buffer-overrun and the
possibility of execution of hostile code on 32-bit systems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
(* Security fix *)
+--------------------------+
Wed Feb 8 01:21:42 UTC 2012
patches/packages/apr-util-1.4.1-i486-1_slack12.1.tgz: Upgraded.
Version bump for httpd upgrade.
patches/packages/httpd-2.2.22-i486-1_slack12.1.tgz: Upgraded.
*) SECURITY: CVE-2011-3368 (cve.mitre.org)
Reject requests where the request-URI does not match the HTTP
specification, preventing unexpected expansion of target URLs in
some reverse proxy configurations. [Joe Orton]
*) SECURITY: CVE-2011-3607 (cve.mitre.org)
Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
is enabled, could allow local users to gain privileges via a .htaccess
file. [Stefan Fritsch, Greg Ames]
*) SECURITY: CVE-2011-4317 (cve.mitre.org)
Resolve additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations.
[Joe Orton]
*) SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. PR 52256.
[Rainer Canavan <rainer-apache 7val com>]
*) SECURITY: CVE-2012-0031 (cve.mitre.org)
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate
cleanly. [Joe Orton]
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
(* Security fix *)
patches/packages/php-5.3.10-i486-1_slack12.1.tgz: Upgraded.
Fixed arbitrary remote code execution vulnerability reported by Stefan
Esser, CVE-2012-0830. (Stas, Dmitry)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
(* Security fix *)
patches/packages/proftpd-1.3.4a-i486-1_slack12.1.tgz: Upgraded.
This update fixes a use-after-free() memory corruption error,
and possibly other unspecified issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130
(* Security fix *)
patches/packages/vsftpd-2.3.5-i486-1_slack12.1.tgz: Upgraded.
Minor version bump, this also works around a hard to trigger heap overflow
in glibc (glibc zoneinfo caching vuln). For there to be any possibility
to trigger the glibc bug within vsftpd, the non-default option
"chroot_local_user" must be set in /etc/vsftpd.conf.
Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-)
Nevertheless:
(* Security fix *)
+--------------------------+
Wed Feb 1 23:14:56 UTC 2012
patches/packages/freetype-2.4.8-i486-1_slack12.1.tgz: Upgraded.
Some vulnerabilities in handling CID-keyed PostScript fonts have
been fixed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
(* Security fix *)
patches/packages/openssl-0.9.8t-i486-1_slack12.1.tgz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
patches/packages/openssl-solibs-0.9.8t-i486-1_slack12.1.tgz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
+--------------------------+
Thu Nov 17 02:09:25 UTC 2011
patches/packages/bind-9.4_ESV_R5_P1-i486-1_slack12.1.tgz: Upgraded.
--- 9.4-ESV-R5-P1 released ---
3218. [security] Cache lookup could return RRSIG data associated with
nonexistent records, leading to an assertion
failure. [RT #26590]
(* Security fix *)
+--------------------------+
Fri Nov 11 18:58:21 UTC 2011
Good 11-11-11, everyone! Enjoy some fresh time. :)
patches/packages/glibc-zoneinfo-2011i_2011n-noarch-1.tgz: Upgraded.
New upstream homepage: http://www.iana.org/time-zones
+--------------------------+
Tue Oct 11 07:50:04 UTC 2011
patches/packages/httpd-2.2.21-i486-1_slack12.1.tgz: Upgraded.
Respond with HTTP_NOT_IMPLEMENTED when the method is not
recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348
Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
PR 51748. [<lowprio20 gmail.com>]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
(* Security fix *)
+--------------------------+
Sun Sep 4 02:17:37 UTC 2011
patches/packages/httpd-2.2.20-i486-1_slack12.1.tgz: Upgraded.
SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
(* Security fix *)
+--------------------------+
Thu Aug 25 09:10:45 UTC 2011
patches/packages/php-5.3.8-i486-1_slack12.1.tgz: Upgraded.
Security fixes vs. 5.3.6 (5.3.7 was not usable):
Updated crypt_blowfish to 1.2. (CVE-2011-2483)
Fixed crash in error_log(). Reported by Mateusz Kocielski
Fixed buffer overflow on overlog salt in crypt().
Fixed bug #54939 (File path injection vulnerability in RFC1867
File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
For those upgrading from PHP 5.2.x, be aware that quite a bit has
changed, and it will very likely not 'drop in', but PHP 5.2.x is not
supported by php.net any longer, so there wasn't a lot of choice
in the matter. We're not able to support a security fork of
PHP 5.2.x here either, so you'll have to just bite the bullet on
this. You'll be better off in the long run. :)
(* Security fix *)
+--------------------------+
Fri Aug 12 23:20:00 UTC 2011
patches/packages/bind-9.4_ESV_R5-i486-1_slack12.1.tgz: Upgraded.
This BIND update addresses a couple of security issues:
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
+--------------------------+
Fri Jul 29 18:22:40 UTC 2011
patches/packages/libpng-1.2.46-i486-1_slack12.1.tgz: Upgraded.
Fixed uninitialized memory read in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
(* Security fix *)
+--------------------------+
Mon Jun 20 00:49:34 UTC 2011
patches/packages/fetchmail-6.3.20-i486-1_slack12.1.tgz: Upgraded.
This release fixes a denial of service in STARTTLS protocol phases.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
(* Security fix *)
+--------------------------+
Fri May 27 22:56:00 UTC 2011
patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz: Upgraded.
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won't validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *)
+--------------------------+
Wed May 25 20:03:16 UTC 2011
patches/packages/apr-1.4.5-i486-1_slack12.1.tgz: Upgraded.
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *)
patches/packages/apr-util-1.3.12-i486-1_slack12.1.tgz: Upgraded.
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init().
patches/packages/httpd-2.2.19-i486-1_slack12.1.tgz: Upgraded.
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.
+--------------------------+
Fri May 13 20:30:07 UTC 2011
patches/packages/apr-1.4.4-i486-1_slack12.1.tgz: Upgraded.
This fixes a possible denial of service due to an unconstrained, recursive
invocation of apr_fnmatch(). This function has been reimplemented using a
non-recursive algorithm. Thanks to William Rowe.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
(* Security fix *)
patches/packages/apr-util-1.3.11-i486-1_slack12.1.tgz: Upgraded.
patches/packages/httpd-2.2.18-i486-1_slack12.1.tgz: Upgraded.
This is a bug fix release, but since the upgrades to apr/apr-util require at
least an httpd recompile we opted to upgrade to the newest httpd.
+--------------------------+
Thu Apr 21 03:13:14 UTC 2011
patches/packages/rdesktop-1.6.0-i486-2_slack12.1.tgz: Rebuilt.
Patched a traversal vulnerability (disallow /.. requests).
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595
(* Security fix *)
+--------------------------+
Mon Apr 18 19:59:50 UTC 2011
patches/packages/acl-2.2.50-i486-1_slack12.1.tgz: Upgraded.
Fix the --physical option in setfacl and getfacl to prevent symlink attacks.
Thanks to Martijn Dekker for the notification.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411
(* Security fix *)
+--------------------------+
Fri Apr 8 06:58:48 UTC 2011
patches/packages/libtiff-3.8.2-i486-5_slack12.1.tgz: Rebuilt.
Patched overflows that could lead to arbitrary code execution when parsing
a malformed image file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
(* Security fix *)
+--------------------------+
Thu Apr 7 04:07:29 UTC 2011
patches/packages/dhcp-3.1_ESV_R1-i486-1_slack12.1.tgz: Upgraded.
In dhclient, check the data for some string options for reasonableness
before passing it along to the script that interfaces with the OS.
This prevents some possible attacks by a hostile DHCP server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
(* Security fix *)
+--------------------------+
Wed Apr 6 06:32:00 UTC 2011
patches/packages/xrdb-1.0.9-i486-1_slack12.1.tgz: Upgraded.
This fixes a security issue where improperly sanitized input could lead to
privilege escalation or arbitrary command execution as root.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465
(* Security fix *)
+--------------------------+
Tue Apr 5 05:10:33 UTC 2011
patches/packages/proftpd-1.3.3e-i486-1_slack12.1.tgz: Upgraded.
Fixes CVE-2011-1137 (badly formed SSH messages cause DoS).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137
(* Security fix *)
+--------------------------+
Fri Mar 11 20:10:16 UTC 2011
patches/packages/pidgin-2.7.11-i486-1_slack12.1.tgz: Upgraded.
Fixed denials of service caused by NULL pointer dereferences due to
improper handling of malformed YMSG packets.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091
(* Security fix *)
+--------------------------+
Fri Mar 11 06:34:03 UTC 2011
patches/packages/subversion-1.5.9-i486-1_slack12.1.tgz: Upgraded.
Fixed a remotely triggerable NULL-pointer dereference in mod_dav_svn.
For more information, see:
http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715
(* Security fix *)
+--------------------------+
Mon Feb 28 22:19:08 UTC 2011
patches/packages/samba-3.0.37-i486-4_slack12.1.tgz: Rebuilt.
Fix memory corruption denial of service issue.
For more information, see:
http://www.samba.org/samba/security/CVE-2011-0719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719
(* Security fix *)
+--------------------------+
Fri Feb 25 01:10:49 UTC 2011
patches/packages/pidgin-2.7.10-i486-1_slack12.1.tgz: Upgraded.
Fixed potential information disclosure issue in libpurple.
(* Security fix *)
+--------------------------+
Thu Feb 10 21:19:38 UTC 2011
patches/packages/apr-1.3.12-i486-1_slack12.1.tgz: Upgraded.
patches/packages/apr-util-1.3.10-i486-1_slack12.1.tgz: Upgraded.
Fixes a memory leak and DoS in apr_brigade_split_line().
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
(* Security fix *)
patches/packages/expat-2.0.1-i486-2_slack12.1.tgz: Upgraded.
Fixed various crash and hang bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
(* Security fix *)
patches/packages/httpd-2.2.17-i486-1_slack12.1.tgz: Upgraded.
This fixes some denial of service bugs in the bundled libraries.
On Slackware we do not use the bundled expat or apr-util, so the
issues are also fixed in those external libraries.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
(* Security fix *)
patches/packages/openssl-0.9.8r-i486-1_slack12.1.tgz: Upgraded.
This OpenSSL update fixes an "OCSP stapling vulnerability".
For more information, see the included CHANGES and NEWS files, and:
http://www.openssl.org/news/secadv_20110208.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014
(* Security fix *)
Patched certwatch to work with recent versions of "file".
Thanks to Ulrich Schäfer and Jan Rafaj.
patches/packages/openssl-solibs-0.9.8r-i486-1_slack12.1.tgz: Upgraded.
(* Security fix *)
patches/packages/sudo-1.7.4p6-i486-1_slack12.1.tgz: Upgraded.
Fix Runas group password checking.
For more information, see the included CHANGES and NEWS files, and:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0010
(* Security fix *)
+--------------------------+
Mon Jan 10 20:03:00 UTC 2011
patches/packages/php-5.2.17-i486-1_slack12.1.tgz: Upgraded.
This update fixes an infinite loop with conversions from string to
double that may result in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645
(* Security fix *)
+--------------------------+
Mon Dec 27 18:47:35 UTC 2010
patches/packages/pidgin-2.7.9-i486-1_slack12.1.tgz: Upgraded.
Fixed denial-of-service flaw in the MSN protocol.
(* Security fix *)
+--------------------------+
Sat Dec 25 03:52:39 UTC 2010
patches/packages/php-5.2.16-i486-2_slack12.1.tgz: Rebuilt.
This update fixes a wrong (/usr/lib64/) path in the sample php.ini files.
Thanks to Steven Masta.
+--------------------------+
Fri Dec 24 00:53:19 UTC 2010
patches/packages/php-5.2.16-i486-1_slack12.1.tgz: Upgraded.
This fixes many bugs, including some security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150
(* Security fix *)
patches/packages/proftpd-1.3.3d-i486-1_slack12.1.tgz: Upgraded.
This update fixes an unbounded copy operation in sql_prepare_where() that
could be exploited to execute arbitrary code. However, this only affects
servers that use the sql_mod module (which Slackware does not ship), and
in addition the ability to exploit this depends on an SQL injection bug
that was already fixed in proftpd-1.3.2rc2 (this according to upstream).
So in theory, this fix should only be of academic interest.
But in practice, better safe than sorry.
(* Security fix *)
+--------------------------+
Thu Dec 16 18:57:05 UTC 2010
patches/packages/bind-9.4_ESV_R4-i486-1_slack12.1.tgz: Upgraded.
This update fixes some security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615
(* Security fix *)
+--------------------------+
Tue Dec 7 05:01:53 UTC 2010
patches/packages/openssl-0.9.8q-i486-1_slack12.1.tgz: Upgraded.
This OpenSSL update contains some security related bugfixes.
For more information, see the included CHANGES and NEWS files, and:
http://www.openssl.org/news/secadv_20101202.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252
(* Security fix *)
patches/packages/openssl-solibs-0.9.8q-i486-1_slack12.1.tgz: Upgraded.
(* Security fix *)
+--------------------------+
Tue Nov 30 23:12:00 UTC 2010
patches/packages/pidgin-2.7.7-i486-1_slack12.1.tgz: Upgraded.
This update fixes connection issues for AIM and MSN.
+--------------------------+
Mon Nov 29 22:00:24 UTC 2010
patches/packages/cups-1.3.11-i486-1_slack12.1.tgz: Upgraded.
Fixed memory corruption bugs that could lead to a denial of service
or possibly execution of arbitrary code through a crafted IPP request.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941
(* Security fix *)
+--------------------------+
Mon Nov 22 04:11:40 UTC 2010
patches/packages/openssl-0.9.8p-i486-1_slack12.1.tgz: Rebuilt.
This OpenSSL update contains some security related bugfixes.
For more information, see the included CHANGES and NEWS files, and:
http://www.openssl.org/news/secadv_20101116.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864
(* Security fix *)
patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.1.tgz: Rebuilt.
(* Security fix *)
+--------------------------+
Sat Nov 20 21:20:27 UTC 2010
patches/packages/xpdf-3.02pl5-i486-1_slack12.1.tgz: Upgraded.
This update fixes security issues that could lead to an
application crash, or execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704
(* Security fix *)
patches/packages/poppler-0.6.4-i486-3_slack12.1.tgz: Rebuilt.
This updated package includes patches based on xpdf 3.02pl5.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704
(* Security fix *)
+--------------------------+
Mon Nov 1 23:21:39 UTC 2010
patches/packages/pidgin-2.7.5-i486-1_slack12.1.tgz: Upgraded.
This update addresses some denial of service bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711
(* Security fix *)
patches/packages/proftpd-1.3.3c-i486-1_slack12.1.tgz: Upgraded.
Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925), which can
allow remote execution of arbitrary code as the user running the
ProFTPD daemon. Thanks to TippingPoint and the Zero Day Initiative (ZDI).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867
(* Security fix *)
+--------------------------+
Thu Oct 28 22:13:53 UTC 2010
patches/packages/glibc-2.7-i486-12_slack12.1.tgz: Rebuilt.
Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs
during setuid loads." This security issue allows a local attacker to
gain root by specifying an unsafe DSO in the library search path to be
used with a setuid binary in LD_AUDIT mode.
Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
http://seclists.org/fulldisclosure/2010/Oct/344
(* Security fix *)
patches/packages/glibc-i18n-2.7-noarch-12_slack12.1.tgz: Rebuilt.
patches/packages/glibc-profile-2.7-i486-12_slack12.1.tgz: Rebuilt.
patches/packages/glibc-solibs-2.7-i486-12_slack12.1.tgz: Upgraded.
(* Security fix *)
patches/packages/glibc-zoneinfo-2.7-noarch-12_slack12.0.tgz: Upgraded.
Rebuilt to tzcode2010n and tzdata2010n.
+--------------------------+
Wed Oct 20 21:54:05 UTC 2010
patches/packages/glibc-2.7-i486-11_slack12.1.tgz: Rebuilt.
Patched "dynamic linker expands $ORIGIN in setuid library search path".
This security issue allows a local attacker to gain root if they can create
a hard link to a setuid root binary. Thanks to Tavis Ormandy.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://seclists.org/fulldisclosure/2010/Oct/257
(* Security fix *)
patches/packages/glibc-i18n-2.7-noarch-11_slack12.1.tgz: Rebuilt.
patches/packages/glibc-profile-2.7-i486-11_slack12.1.tgz: Rebuilt.
patches/packages/glibc-solibs-2.7-i486-11_slack12.1.tgz: Rebuilt.
patches/packages/glibc-zoneinfo-2.7-noarch-11_slack12.1.tgz: Rebuilt.
+--------------------------+
Mon Sep 20 18:39:57 UTC 2010
patches/packages/bzip2-1.0.6-i486-1_slack12.1.tgz: Upgraded.
This update fixes an integer overflow that could allow a specially
crafted bzip2 archive to cause a crash (denial of service), or execute
arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
(* Security fix *)
+--------------------------+
Wed Sep 15 18:51:21 UTC 2010
patches/packages/sudo-1.7.4p4-i486-3_slack12.1.tgz: Rebuilt.
Hi folks, since the patches for old systems (8.1 - 10.2) were briefly
available containing a /var/lib with incorrect permissions, I'm issuing
these again just to be 100% sure that no systems out there will be left
with problems due to that. This should do it (third time's the charm).
+--------------------------+
Wed Sep 15 05:58:55 UTC 2010
patches/packages/sudo-1.7.4p4-i486-2_slack12.1.tgz: Rebuilt.
The last sudo packages accidentally changed the permissions on /var from
755 to 700. This build restores the proper permissions.
Thanks to Petri Kaukasoina for pointing this out.
+--------------------------+
Wed Sep 15 00:41:13 UTC 2010
patches/packages/samba-3.0.37-i486-3_slack12.1.tgz: Upgraded.
This upgrade fixes a buffer overflow in the sid_parse() function.
For more information, see:
http://www.samba.org/samba/security/CVE-2010-3069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069
(* Security fix *)
patches/packages/sudo-1.7.4p4-i486-1_slack12.1.tgz: Upgraded.
This fixes a flaw that could lead to privilege escalation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956
(* Security fix *)
+--------------------------+
Fri Aug 27 00:23:17 UTC 2010
patches/packages/gnupg2-2.0.9-i486-2_slack12.1.tgz: Rebuilt.
Patched to fix "Realloc Bug with X.509 certificates in GnuPG".
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547
(* Security fix *)
patches/packages/httpd-2.2.16-i486-1_slack12.1.tgz: Upgraded.
Fix Handling of requests without a path segment.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
(* Security fix *)
patches/packages/php-5.2.14-i486-1_slack12.1.tgz: Upgraded.
Fixed several security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225
http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html
http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html
(* Security fix *)
patches/packages/pidgin-2.7.3-i486-1_slack12.1.tgz: Upgraded.
This fixes a crash due to malformed X-Status messages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528
(* Security fix *)
patches/packages/xorg-server-1.4.2-i486-2_slack12.1.tgz: Rebuilt.
Patched to prevent overwriting stack memory and bypassing security mechanisms
on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240
(* Security fix *)
patches/packages/xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz: Rebuilt.
patches/packages/xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz: Rebuilt.
+--------------------------+
Wed Jun 30 04:51:49 UTC 2010
patches/packages/libtiff-3.8.2-i486-4_slack12.1.tgz: Rebuilt.
This fixes image structure handling bugs that could lead to crashes or
execution of arbitrary code if a specially-crafted TIFF image is loaded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
(* Security fix *)
patches/packages/libpng-1.2.44-i486-1_slack12.1.tgz: Upgraded.
This fixes out-of-bounds memory write bugs that could lead to crashes
or the execution of arbitrary code, and a memory leak bug which could
lead to application crashes.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
(* Security fix *)
+--------------------------+
Fri Jun 25 05:28:02 UTC 2010
patches/packages/bind-9.4.3_P5-i486-1_slack12.1.tgz: Upgraded.
This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
and checking is disabled (CD).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
(* Security fix *)
+--------------------------+
Fri Jun 18 18:09:28 UTC 2010
patches/packages/samba-3.0.37-i486-2_slack12.1.tgz: Rebuilt.
Patched a buffer overflow in smbd that allows remote attackers to cause
a denial of service (memory corruption and daemon crash) or possibly
execute arbitrary code via a crafted field in a packet.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063
(* Security fix *)
+--------------------------+
Tue May 18 18:30:53 UTC 2010
patches/packages/pidgin-2.7.0-i486-1_slack12.1.tgz: Upgraded.
Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1.
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in
libpurple in Pidgin before 2.7.0 allows remote attackers to cause
a denial of service (application crash) via a custom emoticon in a
malformed SLP message.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624
(* Security fix *)
+--------------------------+
Sun May 16 20:01:28 UTC 2010
patches/packages/fetchmail-6.3.17-i486-1_slack12.1.tgz: Upgraded.
A crafted header or POP3 UIDL list could cause a memory leak and crash
leading to a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167
(* Security fix *)
+--------------------------+
Thu Apr 22 19:13:54 UTC 2010
patches/packages/irssi-0.8.15-i486-1_slack12.1.tgz: Upgraded.
From the NEWS file:
- Check if an SSL certificate matches the hostname of the server we are
connecting to.
- Fix crash when checking for fuzzy nick match when not on the channel.
Reported by Aurelien Delaitre (SATE 2009).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156
(* Security fix *)
+--------------------------+
Tue Apr 20 14:45:24 UTC 2010
patches/packages/sudo-1.7.2p6-i486-1_slack12.1.tgz: Upgraded.
This update fixes security issues that may give a user with permission
to run sudoedit the ability to run arbitrary commands.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163
http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html
http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html
(* Security fix *)
+--------------------------+
Mon Apr 5 03:06:19 UTC 2010
patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz: Upgraded.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Wed Mar 31 05:05:47 UTC 2010
patches/packages/openssl-0.9.8n-i486-1_slack12.1.tgz: Upgraded.
This OpenSSL update contains some security related bugfixes.
For more information, see the included CHANGES and NEWS files, and:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740
(* Security fix *)
patches/packages/openssl-solibs-0.9.8n-i486-1_slack12.1.tgz: Upgraded.
patches/packages/proftpd-1.3.3-i486-2_slack12.1.tgz: Rebuilt.
patches/packages/seamonkey-1.1.19-i486-1_slack12.1.tgz: Upgraded.
Upgraded to seamonkey-1.1.19.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Wed Mar 10 22:38:18 UTC 2010
patches/packages/pidgin-2.6.6-i486-1_slack12.1.tgz: Upgraded.
This fixes a few denial-of-service flaws as well as other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423
(* Security fix *)
+--------------------------+
Tue Mar 9 21:31:21 UTC 2010
patches/packages/openssl-0.9.8m-i486-2_slack12.1.tgz: Rebuilt.
patches/packages/openssl-solibs-0.9.8m-i486-2_slack12.1.tgz: Rebuilt.
The OpenSSL package has been patched and recompiled to revert a change that
broke decrypting some files encrypted with previous versions of OpenSSL.
This same fix appears in the latest upstream snapshots.
+--------------------------+
Mon Mar 8 20:49:02 UTC 2010
patches/packages/httpd-2.2.15-i486-1_slack12.1.tgz: Upgraded.
This update addresses a few security issues.
mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
by rejecting any client-initiated renegotiations.
mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent
when request headers indicate a request body is incoming; not a case of
HTTP_INTERNAL_SERVER_ERROR.
mod_isapi: Do not unload an isapi .dll module until the request processing
is completed, avoiding orphaned callback pointers.
[This is the most serious flaw, but does not affect Linux systems]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
(* Security fix *)
+--------------------------+
Mon Mar 1 05:02:21 UTC 2010
patches/packages/openssl-0.9.8m-i486-1_slack12.1.tgz: Upgraded.
This OpenSSL update contains some security related bugfixes.
For more information, see the included CHANGES and NEWS files, and:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355
(* Security fix *)
patches/packages/openssl-solibs-0.9.8m-i486-1_slack12.1.tgz: Upgraded.
patches/packages/proftpd-1.3.3-i486-1_slack12.1.tgz: Upgraded.
+--------------------------+
Sun Jan 24 20:22:46 UTC 2010
patches/packages/httpd-2.2.14-i486-1_slack12.1.tgz: Upgraded.
This fixes a couple of security bugs when using mod_proxy_ftp.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
(* Security fix *)
patches/packages/php-5.2.12-i486-1_slack12.1.tgz: Upgraded.
This fixes many bugs, including a few security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143
(* Security fix *)
patches/packages/pidgin-2.6.5-i486-1_slack12.1.tgz : Upgraded.
This fixes a directory traversal vulnerability in Pidgin's MSN protocol
handling that may allow attackers to download arbitrary files.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013
(* Security fix *)
+--------------------------+
Sat Dec 12 04:51:11 UTC 2009
patches/packages/gimp-2.4.7-i486-1_slack12.1.tgz: Upgraded.
This fixes integer overflows in the image handling plugins that could
lead to the execution of arbitrary code or an application crash if a
malicious image is loaded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570
(* Security fix *)
+--------------------------+
Thu Dec 10 00:12:58 UTC 2009
patches/packages/ntp-4.2.4p8-i486-1_slack12.1.tgz: Upgraded.
Prevent a denial-of-service attack involving spoofed mode 7 packets.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
(* Security fix *)
+--------------------------+
Wed Dec 2 20:51:55 UTC 2009
patches/packages/bind-9.4.3_P4-i486-1_slack12.1.tgz: Upgraded.
BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a
potential cache poisoning vulnerability, in which data in the additional
section of a response could be cached without proper DNSSEC validation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://www.kb.cert.org/vuls/id/418861
(* Security fix *)
+--------------------------+
Mon Nov 16 18:56:26 UTC 2009
patches/packages/openssl-0.9.8h-i486-4_slack12.1.tgz: Rebuilt.
Patched to disable SSL renegotiation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
(* Security fix *)
patches/packages/openssl-solibs-0.9.8h-i486-4_slack12.1.tgz: Rebuilt.
Patched to disable SSL renegotiation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
(* Security fix *)
+--------------------------+
Wed Oct 28 22:50:35 UTC 2009
patches/packages/poppler-0.6.4-i486-2_slack12.1.tgz: Rebuilt.
This updated package includes patches based on xpdf 3.02pl4.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
(* Security fix *)
patches/packages/xpdf-3.02pl4-i486-1_slack12.1.tgz: Upgraded.
This update fixes several security issues that could lead to an
application crash, or execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
(* Security fix *)
+--------------------------+
Sat Oct 17 23:56:15 UTC 2009
patches/packages/gnutls-2.8.4-i486-1_slack12.1.tgz:
This contains a correct fix for the NUL in CN/SAN SSL vulnerability.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730
(* Security fix *)
patches/packages/pidgin-2.6.3-i486-1_slack12.1.tgz:
This update fixes an issue where a remote user can cause libpurple-based
clients to crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615
(* Security fix *)
+--------------------------+
Sat Oct 3 18:19:00 CDT 2009
patches/packages/php-5.2.11-i486-1_slack12.1.tgz:
This release fixes some possible security issues, all of which have
"unknown impact and attack vectors".
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
(* Security fix *)
patches/packages/samba-3.0.37-i486-1_slack12.1.tgz:
This update fixes the following security issues.
A misconfigured /etc/passwd with no defined home directory could allow
security restrictions to be bypassed.
mount.cifs could allow a local user to read the first line of an arbitrary
file if installed setuid. (On Slackware, it was not installed setuid)
Specially crafted SMB requests could cause a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
(* Security fix *)
+--------------------------+
Mon Sep 7 20:57:44 CDT 2009
patches/packages/seamonkey-1.1.18-i486-1_slack12.1.tgz: Upgraded.
Upgraded to seamonkey-1.1.18.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Thu Aug 20 22:12:00 CDT 2009
patches/packages/mozilla-thunderbird-2.0.0.23-i686-1.tgz:
This upgrade fixes a security bug.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Wed Aug 19 16:01:42 CDT 2009
patches/packages/pidgin-2.5.9-i486-1_slack12.1.tgz:
This update fixes a bug in Pidgin's MSN protocol implementation can allow
a remote attacker to send a malicious MSN message to a Pidgin user, which
will possibly cause arbitrary code to be executed as that user.
This issue was discovered by Federico Muttis of Core Security Technologies.
For more information, see:
http://www.coresecurity.com/content/libpurple-arbitrary-write
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
(* Security fix *)
+--------------------------+
Tue Aug 18 14:35:23 CDT 2009
patches/packages/kernel-mmap_min_addr-4096-noarch-1.tgz:
This package adds an init script to edit /etc/sysctl.conf, adding
this config option:
vm.mmap_min_addr = 4096
This will configure the kernel to disallow mmap() to userspace of any
page lower than 4096, preventing privilege escalation by CVE-2009-2692.
This is a hot fix package and will take effect immediately upon
installation on any system running a kernel that supports configurable
/proc/sys/vm/mmap_min_addr (kernel 2.6.23 or newer).
(* Security fix *)
+--------------------------+
Fri Aug 14 13:42:26 CDT 2009
patches/packages/curl-7.16.2-i486-3_slack12.1.tgz:
This update fixes a security issue where a zero byte embedded in an SSL
or TLS certificate could fool cURL into validating the security of a
connection to a system that the certificate was not issued for. It has
been reported that at least one Certificate Authority allowed such
certificates to be issued.
For more information, see:
http://curl.haxx.se/docs/security.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417
(* Security fix *)
+--------------------------+
Mon Aug 10 14:42:54 CDT 2009
patches/packages/httpd-2.2.13-i486-1_slack12.1.tgz: Upgraded.
This is a bugfix release. It also upgrades the internal versions of apr and
apr-util to address CVE-2009-2412, but Slackware uses the system versions of
these libraries which have already been upgraded.
+--------------------------+
Fri Aug 7 14:25:03 CDT 2009
patches/packages/samba-3.0.36-i486-1_slack12.1.tgz: Upgraded.
This is a bugfix release.
+--------------------------+
Fri Aug 7 01:26:38 CDT 2009
patches/packages/apr-1.3.8-i486-1_slack12.1.tgz: Upgraded.
Fix overflow in pools and rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
(* Security fix *)
patches/packages/apr-util-1.3.9-i486-1_slack12.1.tgz: Upgraded.
Fix overflow in rmm, where size alignment was taking place.
[Matt Lewis <mattlewis@google.com>, Sander Striker]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
(* Security fix *)
patches/packages/httpd-2.2.12-i486-2_slack12.1.tgz: Rebuilt.
Recompiled against the new apr and apr-util. This allows external modules
to be built without having to edit the new apr/apr-util version numbers into
the httpd config files.
patches/packages/subversion-1.5.7-i486-1_slack12.1.tgz: Upgraded.
Fixed heap overflow vulnerability on server and client.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411
http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
(* Security fix *)
+--------------------------+
Thu Aug 6 00:48:30 CDT 2009
patches/packages/fetchmail-6.3.11-i486-1_slack12.1.tgz: Upgraded.
This update fixes an SSL NUL prefix impersonation attack through NULs in a
part of a X.509 certificate's CommonName and subjectAltName fields.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
(* Security fix *)
+--------------------------+
Sun Aug 2 16:25:44 CDT 2009
patches/packages/httpd-2.2.12-i486-1_slack12.1.tgz: Upgraded.
This update fixes some security issues (from the CHANGES file):
*) SECURITY: CVE-2009-1891 (cve.mitre.org)
Fix a potential Denial-of-Service attack against mod_deflate or other
modules, by forcing the server to consume CPU time in compressing a
large file after a client disconnects. PR 39605.
[Joe Orton, Ruediger Pluem]
*) SECURITY: CVE-2009-1195 (cve.mitre.org)
Prevent the "Includes" Option from being enabled in an .htaccess
file if the AllowOverride restrictions do not permit it.
[Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton,
Ruediger Pluem, Jeff Trawick]
*) SECURITY: CVE-2009-1890 (cve.mitre.org)
Fix a potential Denial-of-Service attack against mod_proxy in a
reverse proxy configuration, where a remote attacker can force a
proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
*) SECURITY: CVE-2009-1191 (cve.mitre.org)
mod_proxy_ajp: Avoid delivering content from a previous request which
failed to send a request body. PR 46949 [Ruediger Pluem]
*) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org)
The bundled copy of the APR-util library has been updated, fixing three
different security issues which may affect particular configurations
and third-party modules.
These last three CVEs were addressed in Slackware previously with an
update to new system apr and apr-util packages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
(* Security fix *)
+--------------------------+
Wed Jul 29 23:10:01 CDT 2009
patches/packages/bind-9.4.3_P3-i486-1_slack12.1.tgz: Upgraded.
This BIND update fixes a security problem where a specially crafted
dynamic update message packet will cause named to exit resulting in
a denial of service.
An active remote exploit is in wide circulation at this time.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
https://www.isc.org/node/479
(* Security fix *)
+--------------------------+
Tue Jul 14 18:07:41 CDT 2009
patches/packages/dhcp-3.1.2p1-i486-1_slack12.1.tgz: Upgraded.
A stack overflow vulnerability was fixed in dhclient that could allow
remote attackers to execute arbitrary commands as root on the system,
or simply terminate the client, by providing an over-long subnet-mask
option.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
(* Security fix *)
+--------------------------+
Sat Jul 11 18:29:58 CDT 2009
patches/packages/php-5.2.10-i486-2_slack12.1.tgz:
Rebuilt. Installed the pear.php.net.reg and pecl.php.net.reg files from
php-5.2.9, since the ones installed by php-5.2.10 are broken.
Thanks to Mike Peachey for the bug report.
+--------------------------+
Wed Jul 1 14:37:43 CDT 2009
patches/packages/httpd-2.2.11-i486-1_slack12.1.tgz: Upgraded.
This needed a recompile against the new apr package to fix building
new modules, and an upgrade to the latest stable version (as long as
we're under the hood) seemed like it would also be a good idea.
patches/packages/php-5.2.10-i486-1_slack12.1.tgz: Upgraded.
+--------------------------+
Tue Jun 30 00:40:40 CDT 2009
patches/packages/ghostscript-8.62-i486-6_slack12.1.tgz: Rebuilt.
Patched various problems with ghostscript that could lead to a denial
of service or the execution of arbitrary code when processing a malicious
or malformed file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792
(* Security fix *)
+--------------------------+
Sat Jun 27 18:54:07 CDT 2009
patches/packages/mozilla-thunderbird-2.0.0.22-i686-1.tgz:
Upgraded to thunderbird-2.0.0.22.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Fri Jun 26 22:05:35 CDT 2009
patches/packages/samba-3.0.35-i486-1_slack12.1.tgz:
This upgrade fixes the following security issue:
o CVE-2009-1888:
In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
data value can potentially affect access control when "dos filemode"
is set to "yes".
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
(* Security fix *)
+--------------------------+
Wed Jun 24 19:46:28 CDT 2009
patches/packages/seamonkey-1.1.17-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.17.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Fri Jun 19 18:22:20 CDT 2009
patches/packages/libpng-1.2.37-i486-1_slack12.1.tgz: Upgraded.
This update fixes a possible security issue. Jeff Phillips discovered an
uninitialized-memory-read bug affecting interlaced images that may have
security implications.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
(* Security fix *)
patches/packages/ruby-1.8.6_p369-i486-1_slack12.1.tgz: Upgraded.
This fixes a denial of service issue caused by the BigDecimal method
handling large input values improperly that may allow attackers to
crash the interpreter. The issue affects most Rails applications.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904
(* Security fix *)
+--------------------------+
Mon Jun 15 22:14:45 CDT 2009
patches/packages/apr-1.3.5-i486-1_slack12.1.tgz: Upgraded.
patches/packages/apr-util-1.3.7-i486-1_slack12.1.tgz: Upgraded.
Fix underflow in apr_strmatch_precompile.
Fix a denial of service attack against the apr_xml_* interface
using the "billion laughs" entity expansion technique.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
(* Security fix *)
+--------------------------+
Wed Jun 3 18:13:16 CDT 2009
patches/packages/ntp-4.2.4p7-i486-1_slack12.1.tgz:
Upgraded to ntp-4.2.4p7.
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq
in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious
remote NTP server.
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in
ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code.
This does not affect the Slackware ntpd as it does not link with openssl.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252
(* Security fix *)
+--------------------------+
Tue May 26 16:49:34 CDT 2009
patches/packages/pidgin-2.5.6-i486-1_slack12.1.tgz: Upgraded to pidgin-2.5.6.
This version fixes security issues that could lead to a denial of service or
the execution of arbitrary code as the user running Pidgin.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376
(* Security fix *)
+--------------------------+
Thu May 14 18:09:26 CDT 2009
patches/packages/cyrus-sasl-2.1.23-i486-1_slack12.1.tgz:
Upgraded to cyrus-sasl-2.1.23.
This fixes a buffer overflow in the sasl_encode64() function that could lead
to crashes or the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688
(* Security fix *)
+--------------------------+
Sat May 9 18:03:41 CDT 2009
patches/packages/xpdf-3.02pl3-i486-1_slack12.1.tgz:
Upgraded to xpdf-3.02pl3.
This update fixes several overflows that may result in crashes or the
execution of arbitrary code as the xpdf user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
(* Security fix *)
+--------------------------+
Tue May 5 15:21:52 CDT 2009
patches/packages/gnutls-2.6.2-i486-2_slack12.1.tgz
Patched the following security issues:
- Corrected double free on signature verification failure.
Reported by Miroslav Kratochvil <exa.exa@gmail.com>.
- Noticed when investigating the previous GNUTLS-SA-2009-1 problem.
All DSA keys generated using GnuTLS 2.6.x are corrupt.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416
(* Security fix *)
+--------------------------+
Thu Apr 30 20:56:17 CDT 2009
patches/packages/ruby-1.8.6_p368-i486-1_slack12.1.tgz:
Upgraded to ruby-1.8.6-p368.
This update fixes a DoS in REXML.
For details, see:
http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
(* Security fix *)
+--------------------------+
Sun Apr 26 15:20:57 CDT 2009
patches/packages/cups-1.3.10-i486-1_slack12.1.tgz:
Upgraded to cups-1.3.10.
This fixes several security issues, including an integer overflow in the TIFF
decoder, a failure to properly verify the Host HTTP header, and several
problems with PDF handling (the new CUPS uses a wrapper rather than embedded
code taken from xpdf). These issues could result in a denial of service or
the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
(* Security fix *)
+--------------------------+
Mon Apr 20 23:29:57 CDT 2009
patches/packages/udev-118-i486-4_slack12.1.tgz:
This package has been patched to fix a local root hole
and a denial of service issue.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
(* Security fix *)
+--------------------------+
Mon Apr 13 16:22:12 CDT 2009
patches/packages/seamonkey-1.1.16-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.16.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Tue Apr 7 16:59:49 CDT 2009
patches/packages/openssl-0.9.8h-i486-3_slack12.1.tgz: Patched (see below).
patches/packages/openssl-solibs-0.9.8h-i486-3_slack12.1.tgz:
Patched to fix possible crashes as well as a (fairly unlikely) case
where an invalid signature might verify as valid.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
(* Security fix *)
patches/packages/php-5.2.9-i486-1_slack12.1.tgz: Upgraded to php-5.2.9.
This update fixes a few security issues:
- Fixed a crash on extract in zip when files or directories entry names
contain a relative path.
- Fixed security issue in imagerotate(), background colour isn't validated
correctly with a non truecolour image. (CVE-2008-5498)
Reported by Hamid Ebadi, APA Laboratory.
- Fixed a segfault when malformed string is passed to json_decode().
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498
(* Security fix *)
patches/packages/xine-lib-1.1.16.3-i486-1_slack12.1.tgz:
Upgraded to xine-lib-1.1.16.3.
- Fix another possible int overflow in the 4XM demuxer.
(ref. TKADV2009-004, CVE-2009-0385)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385
(* Security fix *)
+--------------------------+
Fri Mar 27 20:30:48 CDT 2009
patches/packages/glib2-2.14.6-i486-5_slack12.1.tgz:
This library has been patched to fix overflows that are
possible security holes.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316
(* Security fix *)
+--------------------------+
Tue Mar 24 01:56:10 CDT 2009
patches/packages/lcms-1.18-i486-1_slack12.1.tgz: Upgraded to lcms-1.18.
This update fixes security issues discovered in LittleCMS by Chris Evans.
These flaws could cause program crashes (denial of service) or the execution
of arbitrary code as the user of the lcms-linked program.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
(* Security fix *)
patches/packages/mozilla-thunderbird-2.0.0.21-i686-1.tgz:
Upgraded to thunderbird-2.0.0.21.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
patches/packages/seamonkey-1.1.15-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.15.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Mon Mar 9 00:00:38 CDT 2009
patches/packages/curl-7.16.2-i486-2_slack12.1.tgz:
Patched curl-7.16.2.
This fixes a security issue where automatic redirection could be made to
follow file:// URLs, reading or writing a local instead of remote file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
(* Security fix *)
patches/packages/xterm-241-i486-1_slack12.1.tgz:
Upgraded to xterm-241.
This fixes a vulnerability where displaying a file containing
DECRQSS (Device Control Request Status String) sequences could
cause arbitrary commands to be executed as the user running xterm.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383
(* Security fix *)
+--------------------------+
Fri Feb 20 17:20:49 CST 2009
patches/packages/cdrtools-2.01.01a57-i486-2_slack12.1.tgz: Fixed build script
to put the charset conversion tables in /usr/lib/siconv. Hopefully this will
work correctly with k3b now. Thanks to Krasimir Kazakov for the bug report.
patches/packages/git-1.6.1.3-i486-1_slack12.1.tgz: Upgraded to git-1.6.1.3.
This fixes a vulnerability where running git-diff or git-grep on a hostile
git repository would result in the execution of arbirary code as the git user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546
(* Security fix *)
patches/packages/libpng-1.2.35-i486-1_slack12.1.tgz:
Upgraded to libpng-1.2.35.
This fixes multiple memory-corruption vulnerabilities due to a failure to
properly initialize data structures.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt
(* Security fix *)
+--------------------------+
Mon Feb 9 16:13:43 CST 2009
patches/packages/cdrtools-2.01.01a57-i486-1_slack12.1.tgz:
Upgraded to cdrtools-2.01.01a57.
Also, fixed a build script error so that the utilities look for locale files
in the correct directory. Thanks to Krasimir Kazakov for the bug report.
Anyone who had problems with k3b previously should upgrade this package.
+--------------------------+
Wed Jan 14 20:37:39 CST 2009
patches/packages/bind-9.4.3_P1-i486-1_slack12.1.tgz:
Upgraded to bind-9.4.3-P1.
Fixed checking on return values from OpenSSL's EVP_VerifyFinal and
DSA_do_verify functions to prevent spoofing answers returned from zones using
the DNSKEY algorithms DSA and NSEC3DSA.
For more information, see:
https://www.isc.org/node/373
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
(* Security fix *)
patches/packages/ntp-4.2.4p6-i486-1_slack12.1.tgz:
[Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value.
For more information, see:
https://lists.ntp.org/pipermail/announce/2009-January/000055.html
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
(* Security fix *)
patches/packages/openssl-0.9.8h-i486-2_slack12.1.tgz:
Patched to fix the return value EVP_VerifyFinal, preventing malformed
signatures from being considered good. This flaw could possibly allow a
'man in the middle' attack.
For more information, see:
http://www.openssl.org/news/secadv_20090107.txt
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
(* Security fix *)
patches/packages/openssl-solibs-0.9.8h-i486-2_slack12.1.tgz:
Patched to fix the return value EVP_VerifyFinal, preventing malformed
signatures from being considered good. This flaw could possibly allow a
'man in the middle' attack.
For more information, see:
http://www.openssl.org/news/secadv_20090107.txt
http://www.ocert.org/advisories/ocert-2008-016.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
(* Security fix *)
+--------------------------+
Wed Dec 31 11:35:43 CST 2008
patches/packages/mozilla-thunderbird-2.0.0.19-i686-1.tgz:
Upgraded to thunderbird-2.0.0.19.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Fri Dec 26 22:45:51 CST 2008
patches/packages/seamonkey-1.1.14-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.14.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Thu Dec 18 12:44:59 CST 2008
patches/packages/mozilla-firefox-2.0.0.20-i686-1.tgz:
Upgraded to firefox-2.0.0.20.
This fixes some security issues:
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
(* Security fix *)
+--------------------------+
Mon Dec 8 05:16:22 CST 2008
patches/packages/php-5.2.8-i486-1_slack12.1.tgz: Upgraded to php-5.2.8.
This is a bugfix release that reverts a change that broke magic_quotes_gpc.
+--------------------------+
Thu Dec 4 22:59:37 CST 2008
patches/packages/php-5.2.7-i486-1_slack12.1.tgz: Upgraded to php-5.2.7.
In addition to improvements and bug fixes, this new version of PHP also
addresses several security issues, including:
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660).
rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829).
Fixed extraction of zip files or directories when the entry name is a
relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt
These are the URLs to get more information:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660
http://www.sektioneins.de/advisories/SE-2008-06.txt
(* Security fix *)
+--------------------------+
Sat Nov 29 13:37:04 CST 2008
patches/packages/ruby-1.8.6_p287-i486-1_slack12.1.tgz:
Upgraded to ruby-1.8.6-p287.
This fixes several bugs in the previous Ruby update, including a security
issue where the DNS resolver did not randomize the source port and
transaction id sufficiently.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)
+--------------------------+
Fri Nov 28 16:27:52 CST 2008
patches/packages/samba-3.0.33-i486-1_slack12.1.tgz:
Upgraded to samba-3.0.33.
This package fixes an important barrier against rogue clients reading from
uninitialized memory (though no proof-of-concept is known to exist).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
(* Security fix *)
+--------------------------+
Thu Nov 20 18:14:27 CST 2008
patches/packages/mozilla-thunderbird-2.0.0.18-i686-1.tgz:
Upgraded to thunderbird-2.0.0.18.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Wed Nov 19 19:13:12 CST 2008
patches/packages/libxml2-2.6.32-i486-1_slack12.1.tgz:
Upgraded to libxml2-2.6.32 and patched.
This fixes vulnerabilities including denial of service, or possibly the
execution of arbitrary code as the user running a libxml2 linked application
if untrusted XML content is parsed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
(* Security fix *)
+--------------------------+
Sat Nov 15 19:22:43 CST 2008
patches/packages/mozilla-firefox-2.0.0.18-i686-1.tgz:
Upgraded to firefox-2.0.0.18.
This fixes some security issues:
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
(* Security fix *)
patches/packages/net-snmp-5.4.2.1-i486-1_slack12.1.tgz:
Upgraded to net-snmp-5.4.2.1.
This fixes a problem where a user with read access could cause snmpd to
crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
(* Security fix *)
patches/packages/gnutls-2.6.2-i486-1_slack12.1.tgz:
Upgraded to gnutls-2.6.2.
The security fix in gnutls-2.6.1 had a flaw in cases where the
certificate chain contained only one self-signed certificate.
This update fixes the issue.
patches/packages/seamonkey-1.1.13-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.13.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Mon Nov 10 19:24:19 CST 2008
patches/packages/gnutls-2.6.1-i486-1_slack12.1.tgz:
Upgraded to gnutls-2.6.1.
From the gnutls-2.6.1 NEWS file:
** libgnutls: Fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle
attackers (i.e., active attackers) to assume any name and trick GNU TLS
clients into trusting that name. Thanks for report and analysis from
Martin von Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
IMPORTANT NOTE: This update modifies the API and ABI for the
gnutls_pk_params_st function. Any software that uses the function will
need to be recompiled.
(* Security fix *)
patches/packages/pidgin-2.5.2-i486-1_slack12.1.tgz:
Upgraded to pidgin-2.5.2 compiled against gnutls-2.6.1.
+--------------------------+
Fri Nov 7 22:23:40 CST 2008
patches/packages/cups-1.3.9-i486-1_slack12.1.tgz: Upgraded to cups-1.3.9.
This update fixes three vulnerabilities in the SGI image format filter, the
texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three
of these could result in a denial of service, and the plotter filter issue
could possibly be used to execute code as the print spooler user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
(* Security fix *)
+--------------------------+
Mon Oct 13 13:58:21 CDT 2008
patches/packages/glibc-zoneinfo-2.7-noarch-11_slack12.1.tgz:
Upgraded to tzdata2008h for the latest world timezone changes.
+--------------------------+
Fri Sep 26 22:38:32 CDT 2008
patches/packages/mozilla-thunderbird-2.0.0.17-i686-1.tgz:
Upgraded to thunderbird-2.0.0.17.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
+--------------------------+
Thu Sep 25 23:24:07 CDT 2008
patches/packages/mozilla-firefox-2.0.0.17-i686-1.tgz:
Upgraded to firefox-2.0.0.17.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
(* Security fix *)
patches/packages/seamonkey-1.1.12-i486-1_slack12.1.tgz:
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Wed Sep 17 02:28:20 CDT 2008
patches/packages/bind-9.4.2_P2-i486-1_slack12.1.tgz:
Upgraded to bind-9.4.2-P2.
This version has performance gains over bind-9.4.2-P1.
+--------------------------+
Mon Sep 1 21:56:29 CDT 2008
patches/packages/samba-3.0.32-i486-1_slack12.1.tgz:
Upgraded to samba-3.0.32. This is a bugfix release. See the WHATSNEW.txt
file in the Samba docs for details on what has changed.
+--------------------------+
Thu Aug 28 22:48:16 CDT 2008
patches/packages/amarok-1.4.10-i486-1_slack12.1.tgz:
Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune
online music library support which could be used by malicious local users to
overwrite system files. For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
(* Security fix *)
+--------------------------+
Wed Aug 6 13:41:22 CDT 2008
patches/packages/kdenetwork-3.5.9-i486-3_slack12.1.tgz:
Recompiled to fix an issue with connecting to MSN with kopete since
the OpenSSL package was updated. Thanks to Jim Diamond for the bug
report and testing a recompiled package.
If Slackware 11.0 and/or 12.0 are similarly affected, let me know and
I'll get some updates out.
+--------------------------+
Mon Aug 4 14:03:01 CDT 2008
patches/packages/pan-0.133-i486-1_slack12.1.tgz: Upgraded to pan-0.133.
This update fixes a buffer overflow in pan-0.128 through pan-0.132 when
processing .nzb files.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363
(* Security fix *)
patches/packages/python-2.5.2-i486-2_slack12.1.tgz:
Patched various overflows and other security problems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144
(* Security fix *)
+--------------------------+
Tue Jul 29 13:32:21 CDT 2008
patches/packages/proftpd-1.3.1-i486-2_slack12.1.tgz:
Recompiled against new OpenSSL, since this evidently checks the OpenSSL
version and will only run against the libraries it was compiled against.
A small patch was also added due to changes in the system includes.
Thanks to Martin Schmitz for the info and a pointer to the patch.
+--------------------------+
Mon Jul 28 22:05:06 CDT 2008
patches/packages/fetchmail-6.3.8-i486-3_slack12.1.tgz:
Patched to fix a possible denial of service when "-v -v" options are used.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
(* Security fix *)
patches/packages/httpd-2.2.9-i486-1_slack12.1.tgz:
Upgraded to httpd-2.2.9.
This release fixes flaws which could allow XSS attacks.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
(* Security fix *)
patches/packages/libxslt-1.1.24-i486-1_slack12.1.tgz:
Upgraded to libxslt-1.1.24.
A buffer overflow when processing XSL stylesheets could result in the
execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
(* Security fix *)
patches/packages/links-2.1-i486-1_slack12.1.tgz:
Upgraded to links-2.1.
Unspecified vulnerability in Links before 2.1, when "only proxies" is
enabled, has unknown impact and attack vectors related to providing
"URLs to external programs."
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
(* Security fix *)
patches/packages/mozilla-thunderbird-2.0.0.16-i686-1.tgz:
Upgraded to thunderbird-2.0.0.16.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
(* Security fix *)
patches/packages/mtr-0.73-i486-1_slack12.1.tgz:
Upgraded to mtr-0.73.
This fixes a minor security bug where a very long hostname in the trace path
could lead to an overflow (and most likely just a crash).
(* Security fix *)
patches/packages/net-snmp-5.4.1.2-i486-1_slack12.1.tgz:
Upgraded to net-snmp-5.4.1.2.
A vulnerability was discovered where an attacked could spoof an authenticated
SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was
found that could be exploited if an application using the net-snmp perl
modules connects to a malicious server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
(* Security fix *)
patches/packages/openssh-5.1p1-i486-1_slack12.1.tgz:
Upgraded to openssh-5.1p1.
When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or
it is possible to be unable to log back into sshd!
patches/packages/openssl-0.9.8h-i486-1_slack12.1.tgz:
Upgraded to OpenSSL 0.9.8h.
The Codenomicon TLS test suite uncovered security bugs in OpenSSL.
If OpenSSL was compiled using non-default options (Slackware's package
is not), then a malicious packet could cause a crash. Also, a malformed
TLS handshake could also lead to a crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or
it is possible to be unable to log back into sshd!
(* Security fix *)
patches/packages/openssl-solibs-0.9.8h-i486-1_slack12.1.tgz:
Upgraded to OpenSSL 0.9.8h shared libraries (see above).
(* Security fix *)
patches/packages/pcre-7.7-i486-1_slack12.1.tgz:
Upgraded to pcre-7.7.
Tavis Ormandy of the Google Security Team found a buffer overflow triggered
when handling certain regular expressions. This could lead to a crash or
possible execution of code as the user of the PCRE-linked application.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
(* Security fix *)
patches/packages/vim-7.1.330-i486-1_slack12.1.tgz:
Upgraded to vim-7.1.330. This fixes several security issues related to
the automatic processing of untrusted files.
For more information, see:
http://www.rdancer.org/vulnerablevim.html
(* Security fix *)
patches/packages/vim-gvim-7.1.330-i486-1_slack12.1.tgz:
Upgraded to vim-gvim-7.1.330.
See "vim" above for details.
(* Security fix *)
+--------------------------+
Wed Jul 23 16:27:21 CDT 2008
patches/packages/dnsmasq-2.45-i486-1_slack12.1.tgz:
Upgraded to dnsmasq-2.45.
It was discovered that earlier versions of dnsmasq have DNS cache
weaknesses that are similar to the ones recently discovered in BIND.
This new release minimizes the risk of cache poisoning.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)
+--------------------------+
Wed Jul 16 19:28:56 CDT 2008
patches/packages/mozilla-firefox-2.0.0.16-i686-1.tgz:
Upgraded to firefox-2.0.0.16.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
(* Security fix *)
patches/packages/seamonkey-1.1.11-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.11.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
(* Security fix *)
+--------------------------+
Wed Jul 9 20:50:52 CDT 2008
patches/packages/bind-9.4.2_P1-i486-1_slack12.1.tgz:
Upgraded to bind-9.4.2-P1.
This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
"A weakness in the DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack."
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to DNS cache poisoning attacks.
For more information, see:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)
patches/packages/mozilla-firefox-2.0.0.15-i686-1.tgz:
Upgraded to firefox-2.0.0.15.
This release closes several possible security vulnerabilities and bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
patches/packages/pidgin-2.4.3-i486-1_slack12.1.tgz:
Upgraded to pidgin-2.4.3.
This updates pidgin to work with the changed ICQ protocol.
patches/packages/seamonkey-1.1.10-i486-1_slack12.1.tgz:
Upgraded to seamonkey-1.1.10.
This release closes several possible security vulnerabilities and bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Tue Jul 1 13:30:57 CDT 2008
patches/packages/xorg-server-1.4.2-i486-1_slack12.1.tgz:
Upgraded xorg-server to address denial of service and possible arbitrary
code execution flaws reported in xorg-server 1.4 prior to 1.4.2.
For more information about the issues patched, please refer to:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
(* Security fix *)
patches/packages/xorg-server-xnest-1.4.2-i486-1_slack12.1.tgz:
Security fixes (see CVE entries above).
(* Security fix *)
patches/packages/xorg-server-xvfb-1.4.2-i486-1_slack12.1.tgz:
Security fixes (see CVE entries above).
(* Security fix *)
+--------------------------+
Sat Jun 28 16:52:32 CDT 2008
patches/packages/gnutls-2.2.5-i486-1_slack12.1.tgz:
Upgraded to GnuTLS version 2.2.5.
This updated package fixes bugs which can lead to a denial of service
(DoS) in programs linked with GnuTLS. Thanks to Ossi Herrala and
Jukka Taimisto from the CROSS project at Codenomicon Ltd. for finding
and reporting the problems, and to Simon Josefsson and
Nikos Mavrogiannopoulos for researching the issues and developing
patches, and to Andreas Metzler for noting and reporting a problem with
one of the original patches.
For more information about the issues patched, please refer to:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
(* Security fix *)
+--------------------------+
Fri Jun 27 23:17:20 CDT 2008
patches/packages/ruby-1.8.6_p230-i486-1_slack12.1.tgz:
Upgraded to ruby-1.8.6-p230.
This fixes a number of security related bugs in Ruby which could lead to a
denial of service (DoS) condition or allow execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
(* Security fix *)
+--------------------------+
Wed May 28 19:46:22 CDT 2008
patches/packages/samba-3.0.30-i486-1_slack12.1.tgz:
Upgraded to samba-3.0.30.
This is a security release in order to address CVE-2008-1105 ("Boundary
failure when parsing SMB responses can result in a buffer overrun").
For more information on the security issue, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
(* Security fix *)
+--------------------------+
Tue May 27 22:01:10 CDT 2008
patches/packages/mkinitrd-1.3.2-i486-3.tgz: Initialize RAID earlier so that
the combination of RAID+LUKS+LVM works. Thanks to Eric Hameleers.
This one is just a bugfix for a somewhat rare combination of options. :-)
patches/packages/rdesktop-1.6.0-i486-1_slack12.1.tgz:
Upgraded to rdesktop-1.6.0.
According to the rdesktop ChangeLog, this contains a:
"* Fix for potential vulnerability against compromised/malicious servers
(reported by iDefense)"
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801
(* Security fix *)
+--------------------------+
Wed May 14 17:23:11 CDT 2008
patches/packages/slackpkg-2.70.4-noarch-1.tgz:
Upgraded to slackpkg 2.70.4-noarch-1. This fixes a bug where the "x86"
ARCH was not recognized in a package name, leading to the kernel-headers
package not getting properly upgraded. Thanks to Piter Punk! -:)
+--------------------------+
Wed May 7 16:30:09 CDT 2008
patches/packages/mozilla-thunderbird-2.0.0.14-i686-1.tgz:
Upgraded to thunderbird-2.0.0.14.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)
patches/packages/php-5.2.6-i486-1_slack12.1.tgz:
Upgraded to php-5.2.6.
This version of PHP contains many fixes and enhancements. Some of the fixes
are security related, and the PHP release announcement provides this list:
* Fixed possible stack buffer overflow in the FastCGI SAPI identified by
Andrei Nigmatulin.
* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
* Properly address incomplete multibyte chars inside escapeshellcmd()
identified by Stefan Esser.
* Upgraded bundled PCRE to version 7.6
When last checked, CVE-2008-0599 was not yet open. However, additional
information should become available at this URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
The list reproduced above, as well as additional information about other
fixes in PHP 5.2.6 may be found in the PHP release announcement here:
http://www.php.net/releases/5_2_6.php
(* Security fix *)
+--------------------------+
Thu May 1 13:36:34 CDT 2008
Slackware 12.1 is released as -stable. :-) Again, huge thanks to everybody
who pitched in and helped with bug reports, patches, testing, suggestions,
other comments, and everything else. Without this valuable input, Slackware
would be nowhere near what it is today. Special thanks to the CREW, to the
people developing and testing for slackbuilds.org (where many of Slackware's
future additions are first built and tested), and to everyone on
linuxquestions.org, various #slackware or ##slackware IRC channels, other
Slackware related web sites, and other places where the community shares their
needs and concerns with the team. On behalf of everyone here, thanks.
We think you'll enjoy this new release, and hope that you'll find it to be
much more than 0.1 better than Slackware 12.0. ;-)
Have fun! -P.
extra/slackpkg/slackpkg-2.70.3-noarch-2.tgz: Updated the version in the
slackpkg script from 2.70.2 to 2.70.3.
+--------------------------+
Wed Apr 30 20:36:48 CDT 2008
12.1 RC4. We think this should be the last one.
a/kernel-generic-2.6.24.5-i486-2.tgz: Patched to fix a security issue in
fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x
systems) could lead to a local DoS, or possibly a local root hole. We said
we wouldn't make changes now unless something was "critical" -- and it seems
we got what we wished for. ;-) This flaw will also be addressed in the
kernels for previous releases as soon as possible. The patch itself may be
found in source/k/linux-2.6.24.5-CVE-2008-1375-patch/.
For additional information (when the CVE candidate is opened), see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
All the kernel packages below should also be considered security fixes.
(* Security fix *)
a/kernel-generic-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.
a/kernel-huge-2.6.24.5-i486-2.tgz: Patched and recompiled.
a/kernel-huge-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.
a/kernel-modules-2.6.24.5-i486-2.tgz: Patched and recompiled.
a/kernel-modules-smp-2.6.24.5_smp-i686-2.tgz: Patched and recompiled.
d/kernel-headers-2.6.24.5_smp-x86-2.tgz: Rebuilt from a patched source tree.
k/kernel-source-2.6.24.5_smp-noarch-2.tgz: Patched (leaving dnotify.c.orig
for comparison and/or reverting to patch up to a newer kernel later).
l/svgalib_helper-1.9.25_2.6.24.5-i486-2.tgz: Recompiled.
extra/linux-2.6.24.5-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
extra/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to
slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:)
kernels/huge.s/*: Patched and recompiled.
kernels/hugesmp.s/*: Patched and recompiled.
kernels/speakup.s/*: Patched and recompiled.
isolinux/initrd.img: Rebuilt with newly compiled kernel modules.
usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled
kernel modules.
+--------------------------+
Mon Apr 28 23:43:55 CDT 2008
We'll call this Slackware 12.1 RC3, and freeze the tree for anything that
isn't critical. Things seem very stable, so it's probably a good idea to
save any further upgrades and additions until -current restarts.
a/cups-1.3.7-i486-2.tgz: Applied patch str2790 to fix crash bugs in the PNG
image filter. The issues are not believed to be capable of either a DoS (at
worst, it simply crashes the filter processing the current job and does not
crash the scheduler daemon, which just moves on to the next job in the print
queue), nor arbitrary code execution (data from the image is never stored in
the affected tile array). Still, it seems to be worth fixing here just in
case. The CUPS bug report may be found here:
http://www.cups.org/str.php?L2790
ap/mysql-5.0.51b-i486-1.tgz: Upgraded to mysql-5.0.51b (which appears to be
nothing more than a version bump...)
l/imlib-1.9.15-i486-3.tgz: Patched to fix rendering issues on Intel and
possibly other graphics chipsets. Thanks to Iain Paton.
l/libmtp-0.2.6.1-i486-1.tgz: Upgraded to libmtp-0.2.6.1. The udev rules are
now sed processed during build. Thanks much to Joerg Germeroth. :-)
l/libpng-1.2.27-i486-1.tgz:
Upgraded to libpng-1.2.27.
This fixes various bugs, the most important of which have to do with the
handling of unknown chunks containing zero-length data. Processing a PNG
image that contains these could cause the application using libpng to crash
(possibly resulting in a denial of service), could potentially expose the
contents of uninitialized memory, or could cause the execution of arbitrary
code as the user running libpng (though it would probably be quite difficult
to cause the execution of attacker-chosen code). We recommend upgrading the
package as soon as possible.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt
(* Security fix *)
x/xf86-input-joystick-1.3.2-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.2.
x/xf86-video-radeonhd-1.2.1-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.
x/xf86-video-vmware-10.16.1-i486-1.tgz: Upgraded to xf86-video-vmware-10.16.1.
isolinux/initrd.img: Fixed minimum RAM amount in /etc/issue, and made some
edits to other documentation within the installer.
usb-and-pxe-installers/: In usbboot.img, fixed minimum RAM amount in
/etc/issue, and made some edits to other documentation within the installer.
+--------------------------+
Sat Apr 26 16:38:32 CDT 2008
x/pixman-0.10.0-i486-4.tgz: Restored MMX optimizations, which should fix the
issues some machines were having with slow Flash playback.
Thanks very much to Zielony for getting me to take a closer look at this. :-)
+--------------------------+
Fri Apr 25 23:09:23 CDT 2008
kde/kdelibs-3.5.9-i486-4.tgz: Patched to fix a security problem.
From the KDE advisory: "If start_kdeinit is installed as setuid root, a
local user might be able to send unix signals to other processes, cause
a denial of service or even possibly execute arbitrary code."
This issue affects KDE 3.5.5 through KDE 3.5.9.
We recommend upgrading to the new kdelibs package as soon as possible.
For more information, see:
http://www.kde.org/info/security/advisory-20080426-2.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
(* Security fix *)
extra/ktorrent/ktorrent-2.2.6-i486-1.tgz: Upgraded to ktorrent-2.2.6.
isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID.
usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for
formatted swap on RAID.
+--------------------------+
Wed Apr 23 19:42:28 CDT 2008
Not quite yet, but it's getting closer.
a/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails.
l/jre-6u6-i586-3.tgz: Adjusted the installation script to fix an issue causing
broken symlinks in /. Thanks to Corrado "Conraid" Franco for the report.
n/wireless-tools-29-i486-3.tgz: Increased the sleep time after bringing up an
interface to 3 seconds, since some of the new drivers need the additional
time to fully initialize. Thanks to bstrik on LQ.
extra/jdk-6/jdk-6u6-i586-3.tgz: Adjusted the installation script to fix an
issue causing broken symlinks in /.
Thanks to Corrado "Conraid" Franco for the report.
isolinux/initrd.img: Fixed (hopefully) the last remaining "12.0" version
number (this one found in /etc/issue).
Thanks to Franck Barbenoire for spotting it.
usb-and-pxe-installers/: Fixed the "12.0" version number in usbboot.img.
+--------------------------+
Mon Apr 21 16:47:32 CDT 2008
We have now reached the Slackware 12.1 RC2 milestone. :-) We're beyond
updating packages or fixing minor cosmetic bugs at this point (actually, we
had hoped to be past that with RC1, but there were still items in need of
attention). What we have here now has proven to be stable for our testers,
so unless some real showstoppers are found we'll be releasing this as Slackware
12.1-final soon.
a/glibc-solibs-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.
a/glibc-zoneinfo-2.7-noarch-10.tgz: Rebuilt.
a/kernel-generic-2.6.24.5-i486-1.tgz:
Upgraded to Linux 2.6.24.5 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.24.5_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.5 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.24.5-i486-1.tgz:
Upgraded to Linux 2.6.24.5 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.24.5_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.5 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.24.5-i486-1.tgz
Upgraded to Linux 2.6.24.5 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.24.5_smp-i686-1.tgz
Upgraded to Linux 2.6.24.5 SMP kernel modules.
a/pkgtools-12.1.0-noarch-7.tgz: Removed obsolete modem setup script (any
/dev/modem symlink would be wiped out by udev anyway).
ap/lm_sensors-2.10.6-i486-1.tgz: Upgraded to lm_sensors-2.10.6.
d/kernel-headers-2.6.24.5_smp-x86-1.tgz:
Upgraded to Linux 2.6.24.5 SMP kernel headers.
a/mkinitrd-1.3.2-i486-2.tgz: Updated the version numbers in README.initrd
and manpage.
k/kernel-source-2.6.24.5_smp-noarch-1.tgz
Upgraded to Linux 2.6.24.5 SMP kernel source package.
l/glibc-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.
l/glibc-i18n-2.7-noarch-10.tgz: Rebuilt.
l/glibc-profile-2.7-i486-10.tgz: Recompiled against Linux 2.6.24.5 headers.
l/jre-6u6-i586-2.tgz: Adjusted installation directory to avoid removing files
from kdebindings. Thanks to Kris Karas for pointing out this collision.
l/svgalib_helper-1.9.25_2.6.24.5-i486-1.tgz: Recompiled for Linux 2.6.24.5.
n/mcabber-0.9.7-i486-1.tgz: Upgraded to mcabber-0.9.7.
xap/xine-lib-1.1.11.1-i686-3.tgz: Recompiled, with --without-speex (we didn't
ship the speex library in Slackware anyway, but for reference this issue
would be CVE-2008-1686), and with --disable-nosefart (the recently reported
as insecurely demuxed NSF format).
As before in -2, this package fixes the two regressions mentioned in the
release notes for xine-lib-1.1.12:
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
Moving to xine-lib-1.1.12 right now doesn't seem prudent for RC2, as the
diff between 1.1.11.1 and 1.1.12 is many thousands of lines long.
(* Security fix *)
extra/brltty/brltty-3.9-i486-1.tgz: Upgraded to brltty-3.9.
extra/jdk-6/jdk-6u6-i586-2.tgz: Adjusted installation directory to avoid
removing files from kdebindings. Thanks to Kris Karas.
isolinux/initrd.img: Replaced kernel modules with 2.6.24.5 versions.
kernels/huge.s/*: Upgraded to huge.s 2.6.24.5 kernel.
kernels/hugesmp.s/*: Upgraded to hugesmp.s 2.6.24.5 kernel.
kernels/speakup.s/*: Upgraded to speakup.s 2.6.24.5 kernel.
usb-and-pxe-installers/: Replaced kernel modules with 2.6.24.5 versions.
Thanks to Amritpal Bath for writing a new README_RAID document explaining
how to install Slackware using various RAID levels. :-)
+--------------------------+
Thu Apr 17 16:25:55 CDT 2008
ap/mysql-5.0.51a-i486-3.tgz: Edited rc.mysql to fix a missing '=' in the
example for mysql_install_db. Thanks to Mark.
xap/mozilla-firefox-2.0.0.14-i686-1.tgz:
Upgraded to firefox-2.0.0.14.
This upgrade fixes a potential security bug.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
+--------------------------+
Wed Apr 16 16:18:22 CDT 2008
l/jre-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 6.
n/wireless-tools-29-i486-2.tgz: Make sure that HWADDR in rc.wireless is all
uppercase. Thanks to Ken L. and Masanori Kobayasi for reporting the issue.
extra/jdk-6/jdk-6u6-i586-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 6.
+--------------------------+
Wed Apr 16 02:12:25 CDT 2008
kernels/speakup.s/: Rebuilt with the latest 2008-04-16 GIT pull. Hopefully
this has a better chance of working now. I saw output (though not text)
testing the dummy driver using a null modem.
+--------------------------+
Mon Apr 14 22:23:29 CDT 2008
e/emacs-22.2-i486-1.tgz: Upgraded to GNU emacs-22.2.
x/xf86-video-radeonhd-1.2.1-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.
extra/emacspeak/emacspeak-27.0-i486-1.tgz: Upgraded to emacspeak-27.0.
+--------------------------+
Mon Apr 14 00:39:23 CDT 2008
a/smartmontools-5.38-i486-1.tgz: Upgraded to smartmontools-5.38.
d/git-1.5.5-i486-1.tgz: Upgraded to git-1.5.5.
kde/amarok-1.4.9.1-i486-1.tgz: Upgraded to amarok-1.4.9.1.
n/bind-9.4.2-i486-2.tgz: Patched rc.bind to add a short wait after starting
named, so that the startup script doesn't match "named <defunct>" with a
failing startup and too quick a check. Thanks to Luis.
Upgraded to the latest named.root file. Thanks to giovanni.
t/xfig-3.2.4-i486-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing
some minor errors. Thanks to Dario Nicodemi for the patch.
tcl/tclx-8.4-i486-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now
considered "private", this needs -I flags to compile (for now).
xap/xscreensaver-5.05-i486-1.tgz: Upgraded to xscreensaver-5.05.
+--------------------------+
Sat Apr 12 02:20:06 CDT 2008
ap/ghostscript-8.62-i486-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap
to attempt support for Simplified Chinese (though Traditional Chinese and
Korean will still require cidfmap changes and additional fonts).
Thanks to ABE Shin-ichi for providing the cidfmap that the new one is based
upon. Any errors in the new cidfmap are most likely my own...
ap/man-1.6f-i486-1.tgz: Upgraded to man-1.6f. Thanks to Robby Workman.
d/cscope-15.6-i486-1.tgz: Upgraded to cscope-15.6.
f/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411.
l/svgalib_helper-1.9.25_2.6.24.4-i486-2.tgz: Recompiled.
n/iproute2-2.6.16_060323-i486-2.tgz: Fixed hardcoded "/usr/local/lib/iptables"
path in two places within the source. Thanks to Marco Berizzi.
n/sendmail-8.14.2-i486-2.tgz: Recompiled. Fixed issues in the install script
with properly adding the smmsp user/group. Thanks to Valentin Stoykov.
When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in
sendmail-slackware-tls-sasl.mc. Thanks to Strykar.
Fixed typos at the top of example .mc files. Thanks to Bart Dumon.
Clamp down on security in the defaults some more by requiring authentication
when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations.
Thanks to Leonardo Roman.
n/sendmail-cf-8.14.2-noarch-2.tgz
x/xf86-video-radeonhd-1.2.0-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.0,
which adds support for RV620, RV635, and R680 chipsets, and 2D acceleration
for R5xx (including RS6xx) chipsets, both XAA and EXA. This driver also
enables the use of the second digital output on the RS690 chipset.
usb-and-pxe-installers/etherboot: Updated the populate_tftpboot scripts.
Thanks to Erik Jan Tromp.
+--------------------------+
Fri Apr 11 00:32:00 CDT 2008
a/cryptsetup-1.0.5-i486-4.tgz: Recompiled against static libgpg-error and
got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent
the error "Command failed: Key processing error: No hash backend found"
when creating a new cryptographic volume. Thanks to TaQ for the heads-up.
a/ed-0.9-i486-2.tgz: Fixed missing man page. Thanks to Selkfoster.
d/guile-1.8.4-i486-1.tgz: Upgraded to guile-1.8.4.
Thanks to Jean-Francois L. Blavier for the upgrade suggestion.
n/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the
/usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware.
Thanks to Stuart Winter for reporting the package build problem.
n/libgcrypt-1.4.0-i486-2.tgz: Recompiled to include the static library.
n/libgpg-error-1.6-i486-3.tgz: Recompiled to include the static library.
n/mailx-12.3-i486-1.tgz: Upgraded to mailx-12.3.
Thanks again to Jean-Francois L. Blavier.
xap/gnuplot-4.2.3-i486-1.tgz: Upgraded to gnuplot-4.2.3.
Thanks again to Jean-Francois L. Blavier.
isolinux/initrd.img: Replaced /sbin/cryptsetup.static.
usb-and-pxe-installers/: Replaced /sbin/cryptsetup.static.
+--------------------------+
Wed Apr 9 23:57:07 CDT 2008
The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option,
since some newer Intel motherboards are already using this chipset. Like
everything else, use it at your own risk. It was decided that having some
driver that was tested and found to work was better than no support at all.
Thanks to David Somero for reporting the issue.
a/kernel-generic-2.6.24.4-i486-2.tgz:
Recompiled Linux 2.6.24.4 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.24.4_smp-i686-2.tgz:
Recompiled Linux 2.6.24.4 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.24.4-i486-2.tgz:
Recompiled Linux 2.6.24.4 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.24.4_smp-i686-2.tgz:
Recompiled Linux 2.6.24.4 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.24.4-i486-2.tgz
Recompiled Linux 2.6.24.4 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.24.4_smp-i686-2.tgz
Recompiled Linux 2.6.24.4 SMP kernel modules.
d/kernel-headers-2.6.24.4_smp-x86-2.tgz:
Rebuild Linux 2.6.24.4 SMP kernel headers.
d/pkg-config-0.23-i486-2.tgz: Prevent unwanted output during package install.
d/ruby-1.8.6_p114-i486-1.tgz: Upgraded to ruby-1.8.6-p114.
k/kernel-source-2.6.24.4_smp-noarch-2.tgz
Rebuilt Linux 2.6.24.4 SMP kernel source package.
l/libaio-0.3.106-i486-1.tgz: Added libaio-0.3.106 (asynchronous I/O library).
l/glib2-2.14.6-i486-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to
/etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run
first, setting the $LANG variable which these scripts require.
Thanks to Carl Bartels.
n/dhcp-3.0.6-i486-1.tgz: Upgraded to dhcp-3.0.6.
n/lftp-3.7.0-i486-1.tgz: Upgraded to lftp-3.7.0.
n/links-2.1pre33-i486-1.tgz: Upgraded to links-2.1pre33.
n/ncftp-3.2.1-i486-1.tgz: Upgraded to ncftp-3.2.1.
n/rsync-3.0.2-i486-1.tgz: Upgraded to rsync-3.0.2.
From the NEWS file:
"BUG FIXES: - Fixed a potential buffer overflow in the xattr code."
This is the security advisory, as the issue was present in -current only.
(* Security fix *)
n/tcpdump-3.9.8-i486-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8.
x/compiz-0.7.4-i486-1.tgz: Upgraded to compiz-0.7.4.
x/pixman-0.10.0-i486-3.tgz: Fixed build script post-install. Thanks to arny.
x/scim-1.4.7-i486-6.tgz: Fixed locale example typo in profile.d scripts.
x/xf86-input-mouse-1.3.0-i486-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to
fix a copy/paste bug when switching between the virtual consoles and X.
Thanks to Daryl Bunce for reporting the problem.
extra/slackpkg/slackpkg-2.70.2-noarch-1.tgz:
Upgraded to slackpkg-2.70.2-noarch-1. Thanks to Piter Punk!
isolinux/initrd.img: Replaced kernel modules with recompiled versions.
kernels/huge.s/*: Recompiled huge.s 2.6.24.4 kernel.
kernels/hugesmp.s/*: Recompiled hugesmp.s 2.6.24.4 kernel.
kernels/speakup.s/*: Recompiled speakup.s 2.6.24.4 kernel.
Upgraded speakup to GIT pull of 2008-04-09.
Fixed a blunder on my part where I started with the wrong .config, making
installation impossible. Thanks to Stephen C. Greeley for reporting this.
usb-and-pxe-installers/: Replaced kernel modules with recompiled versions.
+--------------------------+
Tue Apr 8 00:20:39 CDT 2008
d/cmake-2.4.8-i486-1.tgz: Upgraded to cmake-2.4.8.
l/fribidi-0.10.9-i486-2.tgz: Recompiled. "left-to-right" was far too
egregious a mistake to leave in the slack-desc. Sorry about that.
Thanks to Russell Whitaker for spotting this error.
x/pixman-0.10.0-i486-2.tgz: Symlink the headers into /usr/include to
temporarily accommodate software that isn't yet using pixman.pc to get the
-I/usr/include/pixman-1/ include path.
xap/xine-lib-1.1.11.1-i686-2.tgz: Patched to fix playback failure affecting
several media formats accidentally broken in the xine-lib-1.1.11.1 release.
Thanks to Diogo Sousa for pointing me to the new release notes on xinehq.de.
+--------------------------+
Mon Apr 7 12:25:10 CDT 2008
a/aaa_elflibs-12.1.0-i486-1.tgz: Added libfuse. Updated libbz2 (which still
has the shared library name "libbz2.so.1.0.4").
a/bzip2-1.0.5-i486-1.tgz: Upgraded to bzip2-1.0.5.
Previous versions of bzip2 contained a buffer overread error that could cause
applications linked to libbz2 to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
(* Security fix *)
a/cryptsetup-1.0.5-i486-3.tgz: Make cryptsetup in /sbin and /usr/sbin both
symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if
someone installs only the A package series. Thanks to Piter Punk.
ap/cdrtools-2.01.01a38-i486-1.tgz: Upgraded to cdrtools-2.01.01a38.
ap/dvd+rw-tools-7.1-i486-1.tgz: Upgraded to dvd+rw-tools-7.1.
ap/ghostscript-8.62-i486-4.tgz: Fixed cidfmap for printing with the
wqy-zenhei.ttf font. Thanks to ABE Shin-ichi.
d/m4-1.4.11-i486-1.tgz: Upgraded to m4-1.4.11.
In addition to bugfixes and enhancements, this version of m4 also fixes two
issues with possible security implications. A minor security fix with the
use of "maketemp" and "mkstemp" -- these are now quoted to prevent the
(rather unlikely) possibility that an unquoted string could match an
existing macro causing operations to be done on the wrong file. Also,
a problem with the '-F' option (introduced with version 1.4) could cause a
core dump or possibly (with certain file names) the execution of arbitrary
code. For more information on these issues, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
(* Security fix *)
n/iptables-1.4.0-i486-1.tgz: Upgraded to iptables-1.4.0. Thanks to giovanni
for testing this version and suggesting it as a safe upgrade.
On x86, explicitly set i486 compile flags (though this is the compiler's
default anyway). Thanks to kanedaaa.
n/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated
by netconfig. Thanks to Eric Hameleers for pointing it out.
n/whois-4.7.26-i486-1.tgz: Upgraded to whois-4.7.26.
xap/xfce-4.4.2-i486-4.tgz: Fixed the build script to apply a couple of bugfix
patches correctly. Thanks to Carlos Corbacho for the bug report.
Fixed xfcalendar.desktop (orage) to only show in the Xfce menus.
Thanks to Frank Duignan for prompting me to take a closer look.
isolinux/initrd.img: Patched to fix expert mode FTP/HTTP installation, and
to allow installation from HTTP source with port number, such as:
http://somehost:8080
Thanks to Dario Nicodemi for the bug report and patches, and to
Eric Hameleers for making some adjustments to the HTTP port patch.
usb-and-pxe-installers/: Patched to fix expert mode FTP/HTTP installation,
and to allow installation from HTTP source with port number, such as:
http://somehost:8080
Thanks to Dario Nicodemi for the bug report and patches, and to
Eric Hameleers for making some adjustments to the HTTP port patch.
+--------------------------+
Fri Apr 4 22:08:08 CDT 2008
a/glibc-solibs-2.7-i486-9.tgz: Recompiled.
a/glibc-zoneinfo-2.7-noarch-9.tgz: Rebuilt.
l/glibc-2.7-i486-9.tgz: Recompiled to fix a bad sln symlink (noticed by many,
thanks).
l/glibc-i18n-2.7-noarch-9.tgz: Rebuilt.
l/glibc-profile-2.7-i486-9.tgz: Recompiled.
n/rsync-3.0.1-i486-1.tgz: Upgraded to rsync-3.0.1.
testing/packages/bash-3.2.029-i486-1.tgz: Brought up to patchlevel 029.
Last time we tried this as our main shell, it was still causing problems with
a lot of the scripts out there, but perhaps it will be tried again in the
next development cycle.
+--------------------------+
Fri Apr 4 13:47:24 CDT 2008
a/mkinitrd-1.3.2-i486-1.tgz: Patched to fix problems with previous settings
getting overwritten with a plain "mkinitrd", and added support for non-US
keyboards. Thanks to Eric Hameleers.
d/mercurial-1.0-i486-1.tgz: Upgraded to mercurial-1.0.
l/dbus-python-0.82.4-i486-1.tgz: Added dbus-python-0.82.4, which is needed
for the correct operation of hplip. Thanks to Robby Workman.
n/openssh-5.0p1-i486-1.tgz: Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded
X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
(* Security fix *)
usb-and-pxe-installers/initrd.img. Removed. Use the initrd.img from isolinux/
as the installer images had become identical. Also see Eric Hameleers'
updated README_PXE.TXT.
+--------------------------+
Thu Apr 3 01:16:15 CDT 2008
OK, we're going to call this Slackware 12.1-rc1, though there is still some
more minor work to do. Please help test! And if we're missing anything major,
please let me know at volkerdi@slackware.com. Thanks. :-)
a/aaa_elflibs-12.1.0-i486-1.tgz: Updated the initial "starter" library package
to the latest versions in -current.
a/cups-1.3.7-i486-1.tgz: Upgraded to cups-1.3.7.
This version of CUPS fixes some buffer overflows in the GIF image filter
and in cgiCompileSearch. Those running CUPS servers should upgrade.
For more information on these security issues, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
(* Security fix *)
a/cxxlibs-6.0.9-i486-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3.
a/mdadm-2.6.4-i486-1.tgz: Upgraded to mdadm-2.6.4.
a/pciutils-2.2.10-i486-1.tgz: Upgraded to pciutils-2.2.10.
a/sysvinit-2.86-i486-6.tgz: Fixed the /sbin/initscript path to match the man
pages. Thanks to Michiel Broek for the patch.
ap/hplip-2.8.4-i486-1.tgz: Upgraded to hplip-2.8.4.
ap/zsh-4.3.6-i486-1.tgz: Upgraded to zsh-4.3.6. Thanks to Haakon Riiser for
alerting me to the new release.
d/gdb-6.8-i486-1.tgz: Upgraded to gdb-6.8.
l/hal-0.5.10-i486-2.tgz: Recompiled with --enable-umount-helper, which allows
non-root users to umount hotplugged devices from the command line.
Thanks to Robby Workman for the suggestion.
l/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317.
n/bind-9.4.2-i486-1.tgz: Upgraded to bind-9.4.2.
n/wpa_supplicant-0.5.10-i486-1.tgz: Upgraded to wpa_supplicant-0.5.10.
x/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23.
Thanks to Eric Hameleers for noticing the new release (only linked from the
Chinese version of the development website :-)
x/xf86-video-amd-2.7.7.7-i486-1.tgz: Removed. (see below)
x/xf86-video-geode-2.8.0-i486-1.tgz: Upgraded to xf86-video-geode-2.8.0.
This package has been renamed from xf86-video-amd to avoid confusion with
other AMD video products.
x/xf86-video-intel-2.2.1-i486-1.tgz: Reverted to xf86-video-intel-2.2.1. We
suspected that might be needed, given the version number and development
status of the newer driver we tried, but gave it a try anyway. Probably
there will be no more driver updates at this point unless bugs are reported
that newer drivers fix.
xap/pidgin-2.4.1-i486-1.tgz: Upgraded to pidgin-2.4.1.
+--------------------------+
Tue Apr 1 02:41:32 CDT 2008
a/acl-2.2.47_1-i486-1.tgz: Upgraded to acl-2.2.47_1.
a/attr-2.4.41_1-i486-1.tgz: Upgraded to attr-2.4.41_1.
a/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell".
Thanks to Noel for the suggestion.
a/lilo-22.8-i486-12.tgz: Fixed a bug where liloconfig might not properly
determine the root directory where /boot is found.
a/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was
exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make
rescan-scsi-bus unneccessary). Thanks to Kem Prims for the bug report.
Keep /usr/share/mime's mime.cache file updated.
a/util-linux-2.12r-i486-6.tgz: Removed. See below.
a/util-linux-ng-2.13.1-i486-1.tgz: Added util-linux-ng-2.13.1, which replaces
the old util-linux package. To install, either use upgradepkg with the "%"
option, or do this: installpkg util-linux-ng-2.13.1-i486-1.tgz ;
removepkg util-linux ; installpkg util-linux-ng-2.13.1-i486-1.tgz
Thanks to Robby Workman for a lot of help with this package update.
a/xfsprogs-2.9.7_1-i486-1.tgz: Upgraded to xfsprogs-2.9.7_1.
ap/alsa-utils-1.0.15-i486-3.tgz: Don't load the mixer settings until after
the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using
sed and tr instead. Thanks to Tomas Matejicek for the patch.
ap/dmapi-2.2.8_1-i486-1.tgz: Upgraded to dmapi-2.2.8_1.
ap/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the
POSIX pthread_* man pages this time. Thanks to Rastislav Stanik.
ap/mysql-5.0.51a-i486-2.tgz: Modified /etc/rc.d/rc.mysqld's database
installation instructions to take into consideration that the mysql user no
longer has a login shell. In addition, the admin is told to consider locking
the database server down even further (if possible) by using the
mysql_secure_installation utility. Thanks again to Noel.
ap/xfsdump-2.2.48_1-i486-1.tgz: Upgraded to xfsdump-2.2.48_1.
l/libglade-2.6.2-i486-2.tgz: Rebuilt with --libdir=/usr/lib. Without this,
libglade-2.0.la incorrectly inserts '/usr/local/lib' in the .la file.
Thanks to Steve Kennedy for the bug report.
l/libgsf-1.14.8-i486-1.tgz: Upgraded to libgsf-1.14.8.
n/net-tools-1.60-i486-2.tgz: Recompiled with latest Debian patch.
n/nfs-utils-1.1.2-i486-1.tgz: Upgraded to nfs-utils-1.1.2.
n/nmap-4.60-i486-3.tgz: Fixed the build script (third time's the charm?) to
use DESTDIR and remove the one item (useless, IMHO, within a package system)
that still can't get DESTDIR right: uninstall_zenmap.
Thanks to Conraid and Mauro Ghisoni for walking me through this one. :-)
n/openssh-4.9p1-i486-1.tgz: Upgraded to openssh-4.9p1.
n/wget-1.11.1-i486-1.tgz: Upgraded to wget-1.11.1.
x/scim-1.4.7-i486-5.tgz: Fixed scim.desktop to have more information, and to
place the SCIM startup utility in the "Utilities" menu rather than having it
fall into "Lost & Found". Thanks to Hon Yuen Kwun for the initial patch.
x/xf86-video-intel-2.2.99.902-i486-1.tgz:
Upgraded to xf86-video-intel-2.2.99.902.
xap/xine-lib-1.1.11.1-i686-1.tgz: Earlier versions of xine-lib suffer from an
integer overflow which may lead to a buffer overflow that could potentially
be used to gain unauthorized access to the machine if a malicious media
file is played back. File types affected this time include .flv, .mov, .rm,
.mve, .mkv, and .cak.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
(* Security fix *)
isolinux/initrd.img: Patched to have /etc/fstab mount /dev/shm.
Updated XFS utilities.
usb-and-pxe-installers/: Patched to have /etc/fstab mount /dev/shm.
Updated XFS utilities.
+--------------------------+
Sat Mar 29 18:07:00 CDT 2008
a/glibc-solibs-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.
a/glibc-zoneinfo-2.7-noarch-8.tgz: Upgraded to tzdata2008b.
l/glibc-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.
Upgraded to tzdata2008b.
l/glibc-i18n-2.7-noarch-8.tgz: Rebuilt.
l/glibc-profile-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.
a/lilo-22.8-i486-11.tgz: Fixed reversed vt.default_utf8 kernel parameter
(0 <-> 1) in /etc/lilo.conf. Thanks to Eric Hameleers for noticing the bug.
+--------------------------+
Fri Mar 28 23:35:22 CDT 2008
a/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this
seems to be a de-facto standard directory and (for example) XFce will give
an error if it is missing and one tries to change the desktop image.
Thanks to Chess Griffin for reporting this.
Bumped version number of package, and of /etc/slackware-version.
a/etc-12.1-noarch-3.tgz: Installed root into the audio, cdrom, video, plugdev,
and floppy groups _correctly_. This was noticed by a lot of people -- sorry
for the bogus entries in there before. I don't know how I managed that.
(easily ;-)
a/lilo-22.8-i486-10.tgz: Fixed liloconfig to at least create an empty
message file in /boot if none exists.
a/sysvinit-scripts-1.2-noarch-19.tgz: Keep any icon-theme.cache files updated.
a/kernel-generic-2.6.24.4-i486-1.tgz:
Upgraded to Linux 2.6.24.4 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.24.4_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.4 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.24.4-i486-1.tgz:
Upgraded to Linux 2.6.24.4 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.24.4_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.4 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.24.4-i486-1.tgz
Upgraded to Linux 2.6.24.4 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.24.4_smp-i686-1.tgz
Upgraded to Linux 2.6.24.4 SMP kernel modules.
ap/vim-7.1.285-i486-1.tgz: Upgraded to vim-7.1.285.
d/kernel-headers-2.6.24.4_smp-x86-1.tgz:
Upgraded to Linux 2.6.24.4 SMP kernel headers.
k/kernel-source-2.6.24.4_smp-noarch-1.tgz
Upgraded to Linux 2.6.24.4 SMP kernel source.
l/svgalib_helper-1.9.25_2.6.24.4-i486-1.tgz: Recompiled for Linux 2.6.24.4.
n/gnupg-1.4.9-i486-1.tgz: Upgraded to gnupg-1.4.9.
n/gnupg2-2.0.9-i486-1.tgz: Upgraded to gnupg-2.0.9.
n/nmap-4.60-i486-2.tgz: Recompiled. Some files were missing due to an
incompletely removed previous compile. Thanks again to Mauro Ghisoni.
It may also be necessary to reinstall python after upgrading from -1.
tcl/tcl-8.4.18-i486-1.tgz: Upgraded to tcl8.4.18.
tcl/tk-8.4.18-i486-1.tgz: Upgraded to tk8.4.18.
x/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0.
Thanks to Eric Hameleers for making a fontconfig file and updating the
build script.
x/pixman-0.10.0-i486-1.tgz: Upgraded to pixman-0.10.0.
xap/mozilla-firefox-2.0.0.13-i686-1.tgz:
Upgraded to firefox-2.0.0.13.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
xap/seamonkey-1.1.9-i486-1.tgz:
Upgraded to seamonkey-1.1.9.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
xap/xine-lib-1.1.11-i686-1.tgz: Earlier versions of xine-lib suffer from an
array index bug that may have security implications if a malicious RTSP
stream is played. Playback of other media formats is not affected.
If you use RTSP, you should probably upgrade xine-lib.
For more information on the security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
(* Security fix *)
xap/vim-gvim-7.1.285-i486-1.tgz: Upgraded to vim-7.1.285. This is the GTK+
version of vim (gvim). The normal vim package is also required.
extra/grub/grub-0.97-i486-6.tgz: Restored the inode patch for ext2/3.
It looks like it was needed after all.
extra/linux-2.6.24.3-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/initrd.img: Fixed huge.s kernel installation bug.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.4.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.24.4 (SMP).
kernels/speakup.s/*: Upgraded speakup.s kernel to 2.6.24.4.
pasture/gcc-3.4.6/: Removed, since this has gone unchanged since
Slackware 12.0. I'm not sure if the one in 12.0's pasture still works,
but if it does, and you need it for something, that's where to find it.
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.4 modules.
+--------------------------+
Wed Mar 26 00:21:34 CDT 2008
a/etc-12.1-noarch-2.tgz: Add root to the groups audio, cdrom, video, plugdev,
and floppy. Root already has access to most of these devices, but it doesn't
hurt to provide an example for people who edit /etc/groups manually.
a/shadow-4.0.3-i486-15.tgz: Took plugdev out of CONSOLE_GROUPS in
/etc/login.defs, since DBUS doesn't know about group memberships added that
way. Users not actually listed in /etc/groups as part of groups such as
plugdev wouldn't be able to use those devices even at the console when
logging in through a graphical login manager such as XDM, KDM, or GDM.
Stuart Winter enhanced the command-line adduser tool. Quote from the adduser
program history: "* To facilitate use of the automatic mounting features of
HAL, allow the admin to easily add users to the default groups:
audio,cdrom,video,plugdev,floppy
The default is not to add new users to these groups. And by the way, this
script is "adduser from Slackware" not "superadduser from Gentoo" ;-)"
If you trust your users, this is the correct way to give them access to these
devices. adduser will automatically edit /etc/groups for you. If you do not
trust your users and you give them access to these groups, they may create
mischief from afar with this access, so be aware of the security implications.
a/udev-118-i486-3.tgz: Fixed two broken symbolic links in /sbin.
Thanks to Piter Punk for fixing the script, and to Fred Emmott for noticing
the problem and letting us know.
ap/ntfsprogs-2.0.0-i486-2.tgz: Added back ntfsprogs-2.0.0, using (for now)
--disable-ntfsmount. It is still needed to manage NTFS partitions even if we
use the kernel driver or NTFS-3G to mount them.
Thanks to Matteo Nunziati for the information.
n/epic4-2.8-i486-1.tgz: Upgraded to epic4-2.8.
n/irssi-0.8.12-i486-1.tgz: Upgraded to irssi-0.8.12.
n/nmap-4.60-i486-1.tgz: Upgraded to nmap-4.60.
Zenmap still isn't working because we don't include sqlite, but a zenmap
.desktop file was added anyway, and some paths in a script were fixed.
Thanks to Mauro Ghisoni for pointing out the bad paths in Paths.py.
xap/gimp-2.4.5-i486-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK.
isolinux/initrd.img: Fixed Speakup kernel detection.
Thanks to Jude DaShiell for reporting the bug.
Added LVM swap partition detection.
Thanks to Manuel Reimer for the patch.
usb-and-pxe-installers/: Fixed Speakup kernel detection.
Thanks to Jude DaShiell for reporting the bug.
Added LVM swap partition detection.
Thanks to Manuel Reimer for the patch.
+--------------------------+
Sat Mar 22 16:26:33 CDT 2008
a/pkgtools-12.1.0-noarch-6.tgz: Fixed bogus bad gzipped file warnings.
ap/ghostscript-8.62-i486-3.tgz: Fixed default cidfmap installation.
n/mcabber-0.9.6-i486-1.tgz: Upgraded to mcabber-0.9.6.
xap/audacious-1.5.0-i486-2.tgz: Don't use opcodes that break older computers.
Thanks to Elvio Basello and Udo A. Steinberg for the bug reports.
Thanks also to Giacomo Lozito for debugging suggestions. The problem was,
of course, on my side of things. :-)
xap/audacious-plugins-1.5.0-i486-2.tgz: Recompiled.
+--------------------------+
Wed Mar 19 19:34:38 CDT 2008
Is this Slackware 12.1 RC 1 yet? It has to be close.
a/e2fsprogs-1.40.8-i486-1.tgz: Upgraded to e2fsprogs-1.40.8.
a/gpm-1.20.1-i486-5.tgz: Default item to imps2, which works well with KVM
boxes. If you use a Synaptics pad with the third party driver, you may have
to change this setting.
a/inotify-tools-3.13-i486-1.tgz: Upgraded to inotify-tools-3.13.
a/kernel-generic-2.6.24.3-i486-2.tgz: After much debate, the kernels have been
recompiled with the CONFIG_SCSI_MULTI_LUN option enabled. This was tried once
and caused problems for real SCSI systems, but that really was many years ago
and it's so handy to have this feature for multi-LUN card readers that we're
going to try enabling this again. Please report any problems.
Upgraded to Linux 2.6.24.3 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.24.3_smp-i686-2.tgz:
Recompiled with CONFIG_SCSI_MULTI_LUN.
a/kernel-huge-2.6.24.3-i486-2.tgz: Recompiled with CONFIG_SCSI_MULTI_LUN.
a/kernel-huge-smp-2.6.24.3_smp-i686-2.tgz:
Recompiled with CONFIG_SCSI_MULTI_LUN.
a/kernel-modules-2.6.24.3-i486-2.tgz: Recompiled.
a/kernel-modules-smp-2.6.24.3_smp-i686-2.tgz: Recompiled.
a/ntfs-3g-1.2310-i486-1.tgz: After getting a lot of feedback on it, we're
changing from ntfsprogs to ntfs-3g and putting it in the A series so that it
can be used as the default NTFS filesystem. All the best wishes to the
ntfsprogs project for future improvement, but nftsprogs couldn't extract and
compile the Linux kernel on an NTFS partition here, and ntfs-3g could.
It also seems to have a better community and support going right now.
Thanks to the users who wrote with their opinions to help make this decision.
a/pkgtools-12.1.0-noarch-5.tgz: Default making a USB boot stick to off.
a/sysvinit-scripts-1.2-noarch-18.tgz: Removed /etc/rc.d/rc.scanluns.
a/udev-118-i486-2.tgz: Blacklist old bcm43xx driver (b43 and b43legacy are
the recommended drivers now).
ap/alsa-utils-1.0.15-i486-2.tgz: Set reasonable volume defaults if there are
none in /etc/asound.state. Thanks to Eric Hameleers.
ap/gutenprint-5.0.2-i486-1.tgz: Upgraded to gutenprint-5.0.2.
ap/ntfsprogs-2.0.0-i486-1.tgz: Removed (for now).
d/m4-1.4.10-i486-1.tgz: Upgraded to m4-1.4.10. Thanks to Kyle Guinn for
reporting that m4-1.4.9 had a serious calculation bug.
d/pkg-config-0.23-i486-1.tgz: Upgraded to pkg-config-0.23.
k/kernel-source-2.6.24.3_smp-noarch-2.tgz: CONFIG_SCSI_MULTI_LUN is now the
default in the supplied Slackware generic .config.
kde/kdelibs-3.5.9-i486-3.tgz: Patched a problem with Kate mislocating the
cursor after a block paste. Thanks to Peter Sevens for showing me the fix.
l/atk-1.22.0-i486-1.tgz: Upgraded to atk-1.22.0.
l/dbus-1.1.20-i486-1.tgz: Upgraded to dbus-1.1.20. Thanks to Robby Workman
for helping to maintain the dbus build scripts.
l/dbus-glib-0.74-i486-2.tgz: Rebuilt.
l/dbus-qt3-0.70-i486-2.tgz: Rebuilt.
l/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0.
l/glib2-2.14.6-i486-3.tgz: Set G_BROKEN_FILENAMES=1, and if the locale is
UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the
G_BROKEN_FILENAMES setting). This should get us a little closer with UTF.
Thanks to Dave Minton for pointing out the issue to Robby Workman, who
(in turn), sent it in to me.
l/gtk+2-2.12.9-i486-1.tgz: Upgraded to gtk+-2.12.9.
l/hal-info-20080313-noarch-1.tgz: Upgraded to l/hal-info-20080313.
l/hicolor-icon-theme-0.10-noarch-3.tgz: Don't make an icon-theme.cache file
in /usr/share/icons.
l/lcms-1.17-i486-1.tgz: Upgraded to lcms-1.17.
l/libart_lgpl-2.3.20-i486-1.tgz: Upgraded to libart_lgpl-2.3.20.
l/pango-1.20.0-i486-1.tgz: Upgraded to pango-1.20.0.
l/pygtk-2.12.1-i486-2.tgz: Robby said it would help to recompile this.
l/wavpack-4.41.0-i486-1.tgz: Added wavpack-4.41.0.
This is needed for audacious WAV format support.
n/gnupg2-2.0.8-i486-1.tgz: Upgraded to gnupg2-2.0.8.
n/gnutls-2.2.2-i486-1.tgz: Upgraded to gnutls-2.2.2.
n/gpgme-1.1.6-i486-1.tgz: Upgraded to gpgme-1.1.6.
n/libassuan-1.0.4-i486-1.tgz: Upgraded to libassuan-1.0.4.
n/libksba-1.0.3-i486-1.tgz: Upgraded to libksba-1.0.3.
n/libgcrypt-1.4.0-i486-1.tgz: Upgraded to libgcrypt-1.4.0.
n/libgpg-error-1.6-i486-2.tgz: Recompiled.
n/pinentry-0.7.5-i486-1.tgz: Upgraded to pinentry-0.7.5.
n/samba-3.0.28a-i486-1.tgz: Upgraded to samba-3.0.28a.
n/wireless-tools-29-i486-1.tgz: Upgraded to wireless-tools-29.
x/libXScrnSaver-1.1.3-i486-1.tgz: Upgraded to libXScrnSaver-1.1.3.
x/libXv-1.0.4-i486-1.tgz: Upgraded to libXv-1.0.4.
x/libxkbfile-1.0.5-i486-1.tgz: Upgraded to libxkbfile-1.0.5.
x/xf86-video-amd-2.7.7.7-i486-1.tgz: Upgraded to xf86-video-amd-2.7.7.7.
x/xf86-video-apm-1.2.0-i486-1.tgz: Upgraded to xf86-video-apm-1.2.0.
x/xf86-video-ark-0.7.0-i486-1.tgz: Upgraded to xf86-video-ark-0.7.0.
x/xf86-video-ast-0.85.0-i486-1.tgz: Upgraded to xf86-video-ast-0.85.0.
x/xf86-video-chips-1.2.0-i486-1.tgz: Upgraded to xf86-video-chips-1.2.0.
x/xf86-video-cirrus-1.2.0-i486-1.tgz: Upgraded to xf86-video-cirrus-1.2.0.
x/xf86-video-dummy-0.3.0-i486-1.tgz: Upgraded to xf86-video-dummy-0.3.0.
x/xf86-video-fbdev-0.4.0-i486-1.tgz: Upgraded to xf86-video-fbdev-0.4.0.
x/xf86-video-glint-1.2.0-i486-1.tgz: Upgraded to xf86-video-glint-1.2.0.
x/xf86-video-i128-1.3.0-i486-1.tgz: Upgraded to xf86-video-i128-1.3.0.
x/xf86-video-i740-1.2.0-i486-1.tgz: Upgraded to xf86-video-i740-1.2.0.
x/xf86-video-neomagic-1.2.0-i486-1.tgz: Upgraded to xf86-video-neomagic-1.2.0.
x/xf86-video-rendition-4.2.0-i486-1.tgz:
Upgraded to xf86-video-rendition-4.2.0.
x/xf86-video-s3-0.6.0-i486-1.tgz: Upgraded to xf86-video-s3-0.6.0.
x/xf86-video-s3virge-1.10.0-i486-1.tgz: Upgraded to xf86-video-s3virge-1.10.0.
x/xf86-video-savage-2.2.0-i486-1.tgz: Upgraded to xf86-video-savage-2.2.0.
x/xf86-video-siliconmotion-1.6.0-i486-1.tgz:
Upgraded to xf86-video-siliconmotion-1.6.0.
x/xf86-video-sis-0.10.0-i486-1.tgz: Upgraded to xf86-video-sis-0.10.0.
x/xf86-video-sisusb-0.9.0-i486-1.tgz: Upgraded to xf86-video-sisusb-0.9.0.
x/xf86-video-tdfx-1.4.0-i486-1.tgz: Upgraded to xf86-video-tdfx-1.4.0.
x/xf86-video-trident-1.3.0-i486-1.tgz: Upgraded to xf86-video-trident-1.3.0.
x/xf86-video-tseng-1.2.0-i486-1.tgz: Upgraded to xf86-video-tseng-1.2.0.
x/xf86-video-v4l-0.2.0-i486-1.tgz: Upgraded to xf86-video-v4l-0.2.0.
x/xf86-video-vmware-10.16.0-i486-1.tgz: Upgraded to xf86-video-vmware-10.16.0.
x/xf86-video-voodoo-1.2.0-i486-1.tgz: Upgraded to xf86-video-voodoo-1.2.0.
xap/audacious-1.5.0-i486-1.tgz: Upgraded to audacious-1.5.0.
xap/audacious-plugins-1.5.0-i486-1.tgz: Upgraded to audacious-plugins-1.5.0.
xap/gkrellm-2.3.1-i486-2.tgz: Recompiled against gnutls-2.2.2.
xap/pidgin-2.4.0-i486-2.tgz: Recompiled against gnutls-2.2.2.
xap/xfce-4.4.2-i486-3.tgz: Patched two Thunar bugs.
xap/xpdf-3.02pl2-i486-3.tgz: Rebuilt adding an icon and .desktop file.
Thanks to Selkfoster for the .desktop file and for pointing out the icon.
extra/grub/grub-0.97-i486-5.tgz: Recompiled without the inode patch since
e2fsprogs-1.40.8 broke the GRUB we patched to work with e2fsprogs-1.40.6.
extra/linux-2.6.24.3-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
extra/parted/parted-1.8.8-i486-1.tgz: Upgraded to parted-1.8.8.
extra/slackpkg/slackpkg-2.70.1-noarch-1.tgz:
Upgraded to slackpkg-2.70.1-noarch-1. Thanks to Piter Punk.
isolinux/initrd.img: Offer ntfs-3g read-write mounts for NTFS partitions.
Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8.
kernels/hugesmp.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN.
kernels/huge.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN.
kernels/speakup.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN.
Updated to latest Speakup GIT pull.
usb-and-pxe-installers/: Offer ntfs-3g read-write mounts for NTFS partitions.
Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8.
+--------------------------+
Thu Mar 13 19:19:06 CDT 2008
a/gettext-0.17-i486-2.tgz: Compressed the man pages.
Thanks to Kris Karas for noticing.
d/gettext-tools-0.17-i486-2.tgz: Compressed the man pages.
isolinux/initrd.img: Updated dropbear version.
usb-and-pxe-installers/: Updated dropbear version.
+--------------------------+
Thu Mar 13 17:20:20 CDT 2008
l/sdl-1.2.13-i486-2.tgz: SDL_mixer looks for timidity files in
/usr/lib/timidity rather than /usr/local/lib/timidity.
Thanks to Dan Church for the bug report.
n/zd1211-firmware-1.4-fw-1.tgz: Added ZD1211 USB WLAN firmware.
x/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.24.
isolinux/initrd.img: More dropbear adjustments from Eric Hameleers.
usb-and-pxe-installers/: More dropbear adjustments from Eric Hameleers.
+--------------------------+
Tue Mar 11 19:52:11 CDT 2008
a/glibc-solibs-2.7-i486-7.tgz: Recompiled against Linux 2.6.24.3 headers.
a/glibc-zoneinfo-2.7-noarch-7.tgz: Upgraded to tzdata2008a.
a/gettext-0.17-i486-1.tgz: Upgraded to gettext-0.17.
a/sysvinit-scripts-1.2-noarch-17.tgz: Update gtk.immodules from rc.M at boot.
ap/flac-1.2.1-i486-1.tgz: Upgraded to flac-1.2.1.
ap/vorbis-tools-1.2.0-i486-1.tgz: Upgraded to vorbis-tools-1.2.0.
d/gettext-tools-0.17-i486-1.tgz: Upgraded to tools for gettext-0.17.
kde/k3b-1.0.4-i486-3.tgz: Recompiled against flac-1.2.1.
kde/kdemultimedia-3.5.9-i486-3.tgz: Recompiled against flac-1.2.1.
l/glibc-2.7-i486-7.tgz: Recompiled against Linux 2.6.24.3 headers.
l/glibc-i18n-2.7-noarch-7.tgz: Rebuilt.
l/glibc-profile-2.7-i486-7.tgz: Recompiled against Linux 2.6.24.3 headers.
l/jre-6u5-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 5.
l/libcddb-1.3.0-i486-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins)
l/libcdio-0.79-i486-1.tgz: Added libcdio-0.79. (needed by audacious-plugins)
n/ipw2100-fw-1.3-fw-1.tgz: Added ipw2100-fw-1.3.
n/ipw2200-fw-3.0-fw-1.tgz: Added ipw2200-fw-3.0.
n/rt61-firmware-1.2-fw-1.tgz: Added rt61-firmware-1.2.
n/rt71w-firmware-1.8-fw-1.tgz: Added rt71w-firmware-1.8.
x/compiz-0.7.2-i486-1.tgz: Upgraded to compiz-0.7.2.
x/font-xfree86-type1-1.0.1-noarch-1.tgz: Upgraded to font-xfree86-type1-1.0.1.
x/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3.
x/libX11-1.1.4-i486-1.tgz: Upgraded to libX11-1.1.4.
x/libXfont-1.3.2-i486-1.tgz: Upgraded to libXfont-1.3.2.
x/libXinerama-1.0.3-i486-1.tgz: Upgraded to libXinerama-1.0.3.
x/libpciaccess-0.10-i486-1.tgz: Added libpciaccess-0.10.
x/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4.
x/mkfontscale-1.0.4-i486-1.tgz: Upgraded to mkfontscale-1.0.4.
x/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4.
x/rendercheck-1.3-i486-1.tgz: Upgraded to rendercheck-1.3.
x/twm-1.0.4-i486-1.tgz: Upgraded to twm-1.0.4.
x/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6.
x/x11perf-1.5-i486-1.tgz: Upgraded to x11perf-1.5.
x/xauth-1.0.3-i486-1.tgz: Upgraded to xauth-1.0.3.
x/xcompmgr-1.1.4-i486-1.tgz: Added xcompmgr-1.1.4.
x/xdm-1.1.7-i486-1.tgz: Upgraded to xdm-1.1.7.
x/xev-1.0.3-i486-1.tgz: Upgraded to xev-1.0.3.
x/xf86-input-aiptek-1.1.1-i486-1.tgz: Upgraded to xf86-input-aiptek-1.1.1.
x/xf86-video-nv-2.1.8-i486-1.tgz: Upgraded to xf86-video-nv-2.1.8.
x/xfs-1.0.6-i486-1.tgz: Upgraded to xfs-1.0.6.
x/xinit-1.0.8-i486-1.tgz: Upgraded to xinit-1.0.8.
x/xkbcomp-1.0.4-i486-1.tgz: Upgraded to xkbcomp-1.0.4.
x/xprop-1.0.4-i486-1.tgz: Upgraded to xprop-1.0.4.
x/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12.
x/xrandr-1.2.3-i486-1.tgz: Upgraded to xrandr-1.2.3.
x/xrdb-1.0.5-i486-1.tgz: Upgraded to xrdb-1.0.5.
x/xset-1.0.4-i486-1.tgz: Upgraded to xset-1.0.4.
x/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1.
xap/audacious-plugins-1.4.5-i486-2.tgz: Recompiled against flac-1.2.1.
xap/pidgin-2.4.0-i486-1.tgz: Upgraded to pidgin-2.4.0 and
pidgin-encryption-3.0. Thanks to Eric Hameleers for updating the script.
extra/jdk-6/jdk-6u5-i586-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 5.
isolinux/initrd.img: Made some dropbear changes. Thanks, Eric.
usb-and-pxe-installers/: Made some dropbear changes. Thanks, Eric.
+--------------------------+
Sat Mar 8 02:12:43 CST 2008
a/kernel-generic-2.6.24.3-i486-1.tgz:
Upgraded to Linux 2.6.24.3 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.24.3_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.3 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.24.3-i486-1.tgz:
Upgraded to Linux 2.6.24.3 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.24.3_smp-i686-1.tgz:
Upgraded to Linux 2.6.24.3 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.24.3-i486-1.tgz
Upgraded to Linux 2.6.24.3 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.24.3_smp-i686-1.tgz
Upgraded to Linux 2.6.24.3 SMP kernel modules.
a/lilo-22.8-i486-9.tgz: If the kernel is >= 2.6.24, then ask the user if they
want to override the kernel's new default to UTF-8 on the text consoles.
Most users will not want UTF-8 yet until all applications have been fixed to
work with it. This option will not affect the use of UTF-8 locales in X.
a/pcmciautils-014-i486-4.tgz: Improved the default configuration to work with
more hardware. Thanks to Piter Punk.
a/pkgtools-12.1.0-noarch-4.tgz: Added fuse to the installer's boot-start
(setup.services) menu. Patched makepkg to test gzipped files properly.
a/sysvinit-scripts-1.2-noarch-16.tgz: Modified rc.S to start FUSE.
a/udev-118-i486-1.tgz: Upgraded to udev-118. Thanks to Piter Punk.
ap/ntfsprogs-2.0.0-i486-1.tgz: Moved from /extra. ntfsprogs now includes
full read-write support when the NFTS filesystem is mounted with ntfsmount
or -t ntfs.fuse. This feature requires the new fuse package.
d/kernel-headers-2.6.24.3_smp-x86-1.tgz:
Upgraded to Linux 2.6.24.3 SMP kernel headers.
k/kernel-source-2.6.24.3_smp-noarch-1.tgz
Upgraded to Linux 2.6.24.3 SMP kernel source.
kde/kdelibs-3.5.9-i486-3.tgz: Patched a problem with Kate mislocating the
cursor after a block paste. Thanks to Peter Sevens for showing me the fix.
l/fuse-2.7.3-i486-1.tgz: Added FUSE, a userspace filesystem interface.
Thanks to Antonio Hernández Blas for submitting the build script.
l/gtk+2-2.12.8-i486-3.tgz: Don't run gtk-query-immodules-2.0 from the
installer, because some of the libraries it needs would not yet be
on the machine. The SCIM scripts should pick this up later on.
l/hal-info-20080215-noarch-1.tgz: Upgraded to hal-info-20080215.
l/svgalib_helper-1.9.25_2.6.24.3-i486-1.tgz: Recompiled for Linux 2.6.24.3.
n/iwlwifi-3945-ucode-2.14.1.5-fw-1.tgz: Added Intel 3945 wireless firmware.
n/iwlwifi-4965-ucode-4.44.1.20-fw-1.tgz: Added Intel 4965 wireless firmware.
extra/linux-2.6.24.3-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/initrd.img: Merged new dropbear and patches from Eric Hameleers.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.24.3 (SMP).
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.3.
kernels/speakup.s/*: Upgraded speakup.s kernel to 2.6.24.3.
Note that the kernel parameters for Speakup have changed.
What was speakup_synth= is now speakup.synth=. All of the options have
changed similarly using "speakup." rather than "speakup_" as a prefix.
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.3 modules.
+--------------------------+
Thu Mar 6 03:13:15 CST 2008
a/usbutils-0.73-i486-2.tgz: Don't compress usb.ids (this breaks HAL).
Thanks to Robby Workman for the report.
l/glib2-2.14.6-i486-2.tgz: Added /etc/profile.d/ scripts so that GTK+ will
use the $LANG variable instead of forcing UTF-8. Thanks to Anton Dobkin.
n/rsync-3.0.0-i486-1.tgz: Upgraded to rsync-3.0.0.
x/libXext-1.0.4-i486-1.tgz: Upgraded to libXext-1.0.4.
x/xf86-video-mga-1.4.8-i486-1.tgz: Upgraded to xf86-video-mga-1.4.8.
extra/grub/grub-0.97-i486-4.tgz: Patched to handle the new 256 byte ext2/ext3
inode size. Thanks to Michael Wagner for the patch.
extra/ham/: Removed, since this hasn't really seen any changes in a couple of
years, and packet radio has mostly become an obscure art form (if that wasn't
what it always was ;-). Anyway, I'm hoping someone interested in packet
radio will appear to maintain these on Slackbuilds.org. Meanwhile, thanks to
Arno Verhoeven for his years of work on these packages.
+--------------------------+
Mon Mar 3 18:48:07 CST 2008
ap/ghostscript-8.62-i486-2.tgz: Fixed the gs_res.ps file for CJK. (I'd
forgotten to apply a patch...) Thanks again to ABE Shin-ichi!
+--------------------------+
Sun Mar 2 03:34:48 CST 2008
ap/ghostscript-8.62-i486-1.tgz: Upgraded to ghostscript-8.62.
This new release of GPL Ghostscript fixes a buffer overflow.
Thanks very much to ABE Shin-ichi for configuring and testing much improved
support for CJK output! :-)
For more information on the security issue, please see:
http://scary.beasts.org/security/CESA-2008-001.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411
Thanks to Chris Evans and Will Drewry of Google Security for their work
on discovering and demonstrating the overflow.
(* Security fix *)
l/gtk+2-2.12.8-i486-2.tgz: Patched to fix Flash in Konqueror.
Thanks to Guido Ascioti for the bug report and fix.
l/hicolor-icon-theme-0.10-noarch-1.tgz: Since XFce adds a few hicolor icons of
its own, make sure the hicolor icon-cache is updated at the end of the
installation. Thanks to Michael Wagner for the bug report.
l/pilot-link-0.12.3-i486-2.tgz: Fixed missing perl modules and man pages.
Thanks to Ismael Cortes for the report.
xap/xpdf-3.02pl2-i486-2.tgz: Added support for Arabic, simplified and
traditional Chinese, Hebrew, Japanese, Korean, Thai, and Turkish (in addition
to the Cyrillic, Greek, and Latin2 support that had already been included).
Thanks again to ABE Shin-ichi for configuring Japanese support, providing a
supurb example for including all the additional language support. :-)
+--------------------------+
Sat Mar 1 16:21:49 CST 2008
d/python-2.5.2-i486-1.tgz: Upgraded to Python-2.5.2.
kde/kdegraphics-3.5.9-i486-3.tgz: Patched with a fix for kdvi.
xap/mozilla-thunderbird-2.0.0.12-i686-1.tgz:
Upgraded to thunderbird-2.0.0.12.
This update fixes the following security related issues:
MFSA 2008-12: Heap buffer overflow in external MIME bodies
MFSA 2008-05: Directory traversal via chrome: URI
MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution
MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12)
For more information, see:
http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
These are the related CVE entries:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
(* Security fix *)
+--------------------------+
Sat Mar 1 12:59:58 CST 2008
a/lilo-22.8-i486-8.tgz: Fixed a bug using append= in the expert menu.
Thanks to Eric Hameleers for pointing it out.
ap/lm_sensors-2.10.5-i486-2.tgz: Fixed incorrect install path.
+--------------------------+
Fri Feb 29 14:00:57 CST 2008
a/ed-0.9-i486-1.tgz: Upgraded to ed-0.9. World's greatest line editor.
a/hdparm-8.6-i486-1.tgz: Upgraded to hdparm-8.6.
a/lilo-22.8-i486-7.tgz: Patched liloconfig to make using the boot splash
screen an expert option as well.
a/pkgtools-12.1.0-noarch-3.tgz: Have makepkg warn of two more common
mistakes -- dropping man pages in /usr/share/man, or (now) using site_perl
in a non-local package.
a/usbutils-0.73-i486-1.tgz: Upgraded to usbutils-0.73 with fresh usb.ids.
ap/cdrtools-2.01.01a37-i486-1.tgz: Upgraded to cdrtools-2.01.01a37.
ap/linuxdoc-tools-0.9.21-i486-5.tgz: Upgraded to asciidoc-8.2.5,
docbook-utils-0.6.14-13.fc9, docbook-xsl-1.73.2, docbook-xsl-doc-1.73.2,
gtk-doc-1.9, libsgmls-perl_1.03ii-32.diff, linuxdoc-tools_0.9.21-0.11,
sgml-common-0.6.3-23.fc9, and xmlto-0.0.20. Thanks to Richard Hoyle for
pointing out some missing asciidoc files under /etc/asciidoc.
ap/lm_sensors-2.10.5-i486-1.tgz: Upgraded to lm_sensors-2.10.5.
d/binutils-2.17.50.0.17-i486-1.tgz: Reverted to binutils-2.17.50.0.17 due to
many reports of ld bugs...
d/doxygen-1.5.5-i486-1.tgz: Upgraded to doxygen-1.5.5.
d/git-1.5.4.3-i486-1.tgz: Upgraded to git-1.5.4.3. Switched to vendor_perl
for the Git perl module.
d/oprofile-0.9.2-i486-5.tgz: Reverted to oprofile-0.9.2 compiled against
binutils-2.17.50.0.17.
d/perl-5.8.8-i486-6.tgz: Use vendor_perl for Slackware-added Perl modules, not
site_perl. Really, I think perl's handling of this (and other issues like
the registry-like handling of perllocal.pod) is flawed, but this is better
than nothing. IMHO, something like /usr/local/lib/perl5/site_perl/ would
fit much better with the FHS's recommendations.
Try not to clobber an existing perllocal.pod (hard to do after the fact, so
make backups if you care...)
f/linux-howtos-20080227-noarch-1.tgz: Upgraded to Linux-HOWTOs-20080227.
Recompiled all Qt things, since /usr/lib/qt-3.3.8/lib (no longer a valid path)
was turning up in .la files.
kde/amarok-1.4.8-i486-2.tgz: Recompiled.
kde/k3b-1.0.4-i486-2.tgz: Recompiled.
kde/kdeaccessibility-3.5.9-i486-2.tgz: Recompiled.
kde/kdeaddons-3.5.9-i486-2.tgz: Recompiled.
kde/kdeadmin-3.5.9-i486-2.tgz: Recompiled.
kde/kdeartwork-3.5.9-i486-2.tgz: Recompiled.
kde/kdebase-3.5.9-i486-2.tgz: Patched a bug with lm_sensors.
kde/kdebindings-3.5.9-i486-2.tgz: Recompiled. Use vendor_perl dir.
kde/kdeedu-3.5.9-i486-2.tgz: Recompiled.
kde/kdegames-3.5.9-i486-2.tgz: Recompiled.
kde/kdegraphics-3.5.9-i486-2.tgz: Recompiled.
kde/kdelibs-3.5.9-i486-2.tgz: Recompiled.
kde/kdemultimedia-3.5.9-i486-2.tgz: Recompiled.
kde/kdenetwork-3.5.9-i486-2.tgz: Recompiled.
kde/kdepim-3.5.9-i486-2.tgz: Recompiled (against new pilot-link).
kde/kdesdk-3.5.9-i486-2.tgz: Recompiled.
kde/kdetoys-3.5.9-i486-2.tgz: Recompiled.
kde/kdeutils-3.5.9-i486-2.tgz: Recompiled.
kde/kdevelop-3.5.1-i486-2.tgz: Recompiled with official bugfix patch.
kde/kdewebdev-3.5.9-i486-2.tgz: Recompiled.
kde/knemo-0.4.8-i486-2.tgz: Recompiled.
kde/koffice-1.6.3-i486-3.tgz: Recompiled.
l/arts-1.5.9-i486-2.tgz: Recompiled.
l/fribidi-0.10.9-i486-1.tgz: Upgraded to fribidi-0.10.9.
l/gmime-2.2.17-i486-1.tgz: Upgraded to gmime-2.2.17.
l/gmp-4.2.2-i486-1.tgz: Upgraded to gmp-4.2.2.
l/jre-6u4-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 4.
l/libglade-2.6.2-i486-1.tgz: Upgraded to libglade-2.6.2.
l/libgtkhtml-2.11.1-i486-1.tgz: Upgraded to libgtkhtml-2.11.1.
l/libidl-0.8.10-i486-1.tgz: Upgraded to libIDL-0.8.10.
l/libidn-1.5-i486-1.tgz: Upgraded to libidn-1.5.
l/libieee1284-0.2.11-i486-1.tgz: Upgraded to libieee1284-0.2.11.
l/libmng-1.0.10-i486-1.tgz: Upgraded to libmng-1.0.10.
l/libmcs-0.7.0-i486-1.tgz: Added libmcs-0.7.0 (replaces mcs package).
l/libpng-1.2.25-i486-1.tgz: Upgraded to libpng-1.2.25.
l/librsvg-2.22.1-i486-1.tgz: Upgraded to librsvg-2.22.1.
l/libtheora-1.0beta2-i486-1.tgz: Upgraded to libtheora-1.0beta2.
l/libwpd-0.8.14-i486-1.tgz: Upgraded to libwpd-0.8.14.
l/libxml2-2.6.31-i486-2.tgz: Moved the man pages to the right location.
Thanks to Tomas Szepe.
l/mcs-0.4.1-i486-2.tgz: Removed.
l/mpfr-2.3.1-i486-1.tgz: Upgraded to mpfr-2.3.1.
l/pango-1.19.4-i486-1.tgz: Upgraded to pango-1.19.4.
l/pcre-7.6-i486-1.tgz: Upgraded to pcre-7.6.
l/pilot-link-0.12.3-i486-1.tgz: Upgraded to pilot-link-0.12.3.
l/qca-1.0-i486-4.tgz: Recompiled.
l/qca-tls-1.0-i486-6.tgz: Recompiled.
l/qt-3.3.8b-i486-2.tgz: Recompiled against gcc-4.2.3.
l/readline-5.2-i486-3.tgz: Applied all official patches.
l/sdl-1.2.13-i486-1.tgz: Upgraded to SDL-1.2.13, SDL_image-1.2.6,
SDL_mixer-1.2.8, SDL_net-1.2.7, and SDL_ttf-2.0.9.
l/slang-2.1.3-i486-1.tgz: Upgraded to slang-2.1.3.
l/startup-notification-0.9-i486-1.tgz: Upgraded to startup-notification-0.9.
l/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme.
l/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added Tango theme extra icons.
l/vte-0.16.12-i486-1.tgz: Upgraded to vte-0.16.12.
n/dnsmasq-2.41-i486-1.tgz: Upgraded to dnsmasq-2.41.
n/iptraf-3.0.0-i486-2.tgz: Absorbed the latest Debian patch. (thanks! :-)
Also thanks to Marin Glibic for pointing it out, since it adds support
for the legacy Ralink 2500 driver.
n/net-snmp-5.4-i486-6.tgz: Recompiled to use vendor_perl.
n/obexftp-0.21-i486-2.tgz: Recompiled to use vendor_perl.
n/wget-1.11-i486-1.tgz: Upgraded to wget-1.11.
n/wpa_supplicant-0.5.9-i486-1.tgz: Upgraded to wpa_supplicant-0.5.9.
Thanks to Eric Hameleers.
x/compiz-0.7.0-i486-1.tgz: Upgraded to compiz-0.7.0.
x/luit-1.0.3-i486-1.tgz: Upgraded to luit-1.0.3.
x/scim-1.4.7-i486-4.tgz: Default profile.d scripts to executable.
x/xf86-video-trident-1.2.4-i486-1.tgz: Upgraded to xf86-video-trident-1.2.4.
x/xf86-video-intel-2.2.1-i486-1.tgz: Upgraded to xf86-video-intel-2.2.1.
x/xf86-video-ati-6.8.0-i486-1.tgz: Upgraded to xf86-video-ati-6.8.0.
xap/imagemagick-6.3.7_10-i486-1.tgz: Upgraded to ImageMagick-6.3.7-10.
Changed build script to install Perl modules under vendor_perl.
xap/sane-1.0.19-i486-2.tgz: Fixed /var/lock permissions.
xap/xfce-4.4.2-i486-2.tgz: Patched a memory leak. The recompile also seemed
to pick up new exo and pygtk features.
extra/intel-wlan-iwlwifi/*: This replaces the older ipw3945 driver and daemon
(no daemon required now). Support was also added for more chipsets, such as
the ipw4965 series.
extra/jdk-6/jdk-6u4-i586-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 4.
extra/ktorrent/ktorrent-2.2.5-i486-1.tgz: Upgraded to ktorrent-2.2.5.
+--------------------------+
Sun Feb 24 15:15:40 CST 2008
a/mkinitrd-1.3.1-i486-4.tgz: Fixed a patch glitch glitch. (My own glitch,
probably) Thanks again to Ken Milmore, Kevin F. Haggerty, and the crew
members who went over the latest mkinitrd patches with me. Hopefully it's
all good now. Otherwise, let me know...
+--------------------------+
Sun Feb 24 01:50:25 CST 2008
a/mkinitrd-1.3.1-i486-3.tgz: Fixed a patch glitch. Thanks to Robby Workman
and Eric Hameleers.
ap/hplip-2.8.2-i486-2.tgz: Fixed udev rules. Thanks to Michael Wagner.
x/m17n-lib-1.5.0-i486-1.tgz: Fixed --mandir. Thanks to Kris Karas.
x/scim-1.4.7-i486-3.tgz: Make the library links first in the install script.
isolinux/initrd.img: Made a minor cosmetic fix to the network script.
usb-and-pxe-installers/: Rebuilt.
+--------------------------+
Sat Feb 23 14:00:46 CST 2008
a/mkinitrd-1.3.1-i486-2.tgz: Make sure to copy both devices and symlinks to
/dev in the initrd. Thanks to Ken Milmore.
isolinux/initrd.img: Fixed an installer patch that caused preformatted
filesystems to be misdetected in some cases.
usb-and-pxe-installers/: Updated.
+--------------------------+
Sat Feb 23 01:30:50 CST 2008
a/kernel-generic-2.6.23.16-i486-2.tgz: Recompiled.
a/kernel-generic-smp-2.6.23.16_smp-i686-2.tgz: Recompiled.
a/kernel-huge-2.6.23.16-i486-2.tgz: Recompiled.
a/kernel-huge-smp-2.6.23.16_smp-i686-2.tgz: Recompiled.
a/kernel-modules-2.6.23.16-i486-2.tgz: Recompiled.
a/kernel-modules-smp-2.6.23.16_smp-i686-2.tgz: Recompiled.
d/binutils-2.18.50.0.4-i486-1.tgz: Upgraded to binutils-2.18.50.0.4.
d/gcc-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3.
d/gcc-g++-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3 (C++).
d/gcc-gfortran-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3 (FORTRAN).
d/gcc-gnat-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3 (Ada).
d/gcc-java-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3 (GCJ).
d/gcc-objc-4.2.3-i486-1.tgz: Upgraded to gcc-4.2.3 (Objective-C).
d/kernel-headers-2.6.23.16_smp-i386-2.tgz: Rebuilt.
d/oprofile-0.9.2-i486-6.tgz: Recompiled.
k/kernel-source-2.6.23.16_smp-noarch-2.tgz: Recompiled.
l/svgalib_helper-1.9.25_2.6.23.16-i486-2.tgz: Rebuilt.
n/bluez-hcidump-1.41-i486-1.tgz: Upgraded to bluez-hcidump-1.41.
n/bluez-libs-3.26-i486-1.tgz: Upgraded to bluez-libs-3.26.
n/bluez-utils-3.26-i486-1.tgz: Upgraded to bluez-utils-3.26.
extra/linux-2.6.23.16-nosmp-sdk/: Updated.
isolinux/initrd.img: Rebuilt.
kernels/huge.s/*: Rebuilt.
kernels/hugesmp.s/*: Rebuilt.
kernels/speakup.s/*: Rebuilt.
usb-and-pxe-installers/: Updated.
+--------------------------+
Thu Feb 21 20:15:35 CST 2008
a/cups-1.3.6-i486-1.tgz: Upgraded to cups-1.3.6.
a/lilo-22.8-i486-6.tgz: Fixed some trivial bugs that were reported by many.
Adjusted the slack.bmp's internal color values to match those written into
lilo.conf by liloconfig.
ap/foomatic-filters-3.0_20080211-i486-1.tgz:
Upgraded to foomatic-filters-3.0_20080211.
ap/hplip-2.8.2-i486-1.tgz: Upgraded to hplip-2.8.2.
d/git-1.5.4.2-i486-1.tgz: Upgraded to git-1.5.4.2.
d/perl-5.8.8-i486-5.tgz: Added XML::Simple perl module for icon-naming-utils.
l/cairo-1.4.14-i486-1.tgz: Upgraded to cairo-1.4.14.
l/desktop-file-utils-0.14-i486-1.tgz: Upgraded to desktop-file-utils-0.14.
l/gnome-icon-theme-2.20.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.20.0.
l/gtk+2-2.12.8-i486-1.tgz: Upgraded to gtk+-2.12.8.
l/hicolor-icon-theme-0.10-noarch-1.tgz: Upgraded to hicolor-icon-theme-0.10.
l/icon-naming-utils-0.8.6-i486-1.tgz: Added utilities for naming icons.
l/librsvg-2.20.0-i486-1.tgz: Upgraded to librsvg-2.20.0.
l/ncurses-5.6-i486-3.tgz: Applied all official patches.
l/taglib-1.5-i486-1.tgz: Upgraded to taglib-1.5.
l/poppler-0.6.4-i486-1.tgz: Upgraded to poppler-0.6.4.
Activated --enable-xpdf-headers option (thanks to Jonathan Woithe).
l/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0.
l/qca-tls-1.0-i486-5.tgz: Rebuilt for Qt 3.3.8b.
l/qt-3.3.8b-i486-1.tgz: Upgraded to qt-x11-free-3.3.8b.
l/shared-mime-info-0.23-i486-1.tgz: Upgraded to shared-mime-info-0.23.
x/xterm-232-i486-1.tgz: Upgraded to xterm-232.
xap/sane-1.0.19-i486-1.tgz: Upgraded sane-backends to version 1.0.19.
Merged HAL/DBUS/udev fixes from Robby Workman. Thanks for the help on
many of these other packages, too.
+--------------------------+
Wed Feb 20 17:45:37 CST 2008
a/lilo-22.8-i486-5.tgz: Added a simple splash screen (the default one had too
many colors and was making my eyes hurt ;-). Thanks to the unknown Slacker
who submitted the idea ages ago when we were dead-set against "branding".
Piter PUNK, alienBOB, and I made some additional adjustments.
a/mkinitrd-1.3.1-i486-1.tgz: Merged patches for LVM/LUKS, hibernate, and RAID.
Thanks to Eric Hameleers for the LVM/LUKS patches. Thanks to Ricardo Garcia
and Piter Punk for the hibernate patches. Thanks to Kevin F. Haggerty for
spotting a bug in there, and to Gianluca Toso for the RAID patches. Thanks
also to the many people who have offered similar solutions. :-) Fixed a
bug using -o with a relative path -- thanks to Mark.
Thanks to David Somero for noticing (some time ago...) that the man page for
mkinitrd was lacking any information on the -w option.
a/sysvinit-scripts-1.2-noarch-15.tgz: Patched /etc/rc.d/rc.S for some of
Eric's changes to LUKS handling in the initrd.
kde/k3b-1.0.4-i486-1.tgz: Upgraded to k3b-1.0.4.
kde/kdeaccessibility-3.5.9-i486-1.tgz: Upgraded to kdeaccessibility-3.5.9.
kde/kdeaddons-3.5.9-i486-1.tgz: Upgraded to kdeaddons-3.5.9.
kde/kdeadmin-3.5.9-i486-1.tgz: Upgraded to kdeadmin-3.5.9.
kde/kdeartwork-3.5.9-i486-1.tgz: Upgraded to kdeartwork-3.5.9.
kde/kdebase-3.5.9-i486-1.tgz: Upgraded to kdebase-3.5.9.
kde/kdebindings-3.5.9-i486-1.tgz: Upgraded to kdebindings-3.5.9.
kde/kdeedu-3.5.9-i486-1.tgz: Upgraded to kdeedu-3.5.9.
kde/kdegames-3.5.9-i486-1.tgz: Upgraded to kdegames-3.5.9.
kde/kdegraphics-3.5.9-i486-1.tgz: Upgraded to kdegraphics-3.5.9.
kde/kdelibs-3.5.9-i486-1.tgz: Upgraded to kdelibs-3.5.9.
kde/kdemultimedia-3.5.9-i486-1.tgz: Upgraded to kdemultimedia-3.5.9.
kde/kdenetwork-3.5.9-i486-1.tgz: Upgraded to kdenetwork-3.5.9.
kde/kdepim-3.5.9-i486-1.tgz: Upgraded to kdepim-3.5.9.
kde/kdesdk-3.5.9-i486-1.tgz: Upgraded to kdesdk-3.5.9.
kde/kdetoys-3.5.9-i486-1.tgz: Upgraded to kdetoys-3.5.9.
kde/kdeutils-3.5.9-i486-1.tgz: Upgraded to kdeutils-3.5.9.
kde/kdevelop-3.5.1-i486-1.tgz: Upgraded to kdevelop-3.5.1.
kde/kdewebdev-3.5.9-i486-1.tgz: Upgraded to kdewebdev-3.5.9.
kdei/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4.
kdei/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9.
l/arts-1.5.9-i486-1.tgz: Upgraded to arts-1.5.9.
l/libmad-0.15.1b-i486-3.tgz: A certain popular project has begun to require
"mad.pc", a pkgconfig file which has never been provided with libmad.
As much as I'd prefer not to be a lemming, sometimes doing what's right
is not the same as doing what has to be done. Probably the project's
developers didn't even know mad.pc wasn't a vanilla file. This is a good
example of why every distro should not fork every package, especially as
libmad's library/headers couldn't be in more obvious locations. Perhaps
this package doesn't see much upstream attention any more (I don't know),
but does it really _need_ a .pc file?
l/libmusicbrainz-2.1.4-i486-2.tgz: Removed.
l/libtunepimp-0.4.2-i486-3.tgz: Removed.
x/scim-1.4.7-i486-2.tgz: Don't try to use SCIM as the input method if the
package has been removed, or use scim-bridge if that package is not
installed. Remove the LANG variables and give a pointer to the lang.*
scripts. Install script bugfix.
x/scim-bridge-0.4.14-i486-2.tgz: Install script bugfix.
x/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Removed.
x/wqy-zenhei-font-ttf-0.4.23-noarch-1.tgz: Switched from Arphic to wqy-zenhei
after several votes for this font if only one is to be included as a starter
font. Thanks to Bruce Hill and Eric Hameleers for the encouragement. :-)
isolinux/initrd.img: Added network install patches from Eric Hameleers.
usb-and-pxe-installers/: Rebuilt with new patches.
+--------------------------+
Sat Feb 16 18:43:48 CST 2008
ap/mysql-5.0.51a-i486-1.tgz: Upgraded to mysql-5.0.51a.
x/anthy-9100e-i486-1.tgz: Added anthy-9100e.
x/dejavu-fonts-ttf-2.23-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.23.
x/libhangul-0.0.7-i486-1.tgz: Added libhangul-0.0.7.
x/m17n-lib-1.5.0-i486-1.tgz: Added m17n-lib-1.5.0.
x/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629.
x/scim-1.4.7-i486-1.tgz: Added scim-1.4.7.
x/scim-anthy-1.2.4-i486-1.tgz: Added scim-anthy-1.2.4.
x/scim-bridge-0.4.14-i486-1.tgz: Added scim-bridge-0.4.14.
x/scim-hangul-0.3.2-i486-1.tgz: Added scim-hangul-0.3.2.
x/scim-m17n-0.2.2-i486-1.tgz: Added scim-m17n-0.2.2.
x/scim-pinyin-0.5.91-i486-1.tgz: Added scim-pinyin-0.5.91.
x/scim-tables-0.5.7-i486-1.tgz: Added scim-tables-0.5.7.
x/sinhala_lklug-font-ttf-20060929-noarch-1.tgz:
Added sinhala_lklug-font-ttf-20060929.
x/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901.
x/ttf-arphic-uming-0.1.20060928-noarch-1.tgz:
Added ttf-arphic-uming-0.1.20060928.
Huge thanks are again due to Eric Hameleers for doing the vast majority of the
work on implementing these new input methods and fonts!
Thanks are due as well to ABE Shin-ichi for helping to test packages.
And last but not least, thanks to Bruce Hill for getting Eric started on this
project, and for helping with the testing process.
+--------------------------+
Thu Feb 14 16:11:07 CST 2008
n/httpd-2.2.8-i486-1.tgz: Upgraded to httpd-2.2.8.
This fixes security and other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
(* Security fix *)
+--------------------------+
Tue Feb 12 23:07:34 CST 2008
xap/mozilla-firefox-2.0.0.12-i686-1.tgz:
Upgraded to firefox-2.0.0.12.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
xap/seamonkey-1.1.8-i486-1.tgz:
Upgraded to seamonkey-1.1.8.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Mon Feb 11 17:47:58 CST 2008
a/kernel-generic-2.6.23.16-i486-1.tgz:
Upgraded to Linux 2.6.23.16 uniprocessor generic.s (requires initrd) kernel.
All of these kernel upgrades fix yesterday's local root exploit.
The kernel headers did not change, so a glibc rebuild is not required.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
(* Security fix *)
If you use lilo, don't forget to run it again after the upgrade.
a/kernel-generic-smp-2.6.23.16_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.16 SMP gensmp.s (requires initrd) kernel.
(* Security fix *)
a/kernel-huge-2.6.23.16-i486-1.tgz:
Upgraded to Linux 2.6.23.16 uniprocessor huge.s (full-featured) kernel.
(* Security fix *)
a/kernel-huge-smp-2.6.23.16_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.16 SMP hugesmp.s (full-featured) kernel.
(* Security fix *)
a/kernel-modules-2.6.23.16-i486-1.tgz
Upgraded to Linux 2.6.23.16 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.23.16_smp-i686-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel modules.
d/kernel-headers-2.6.23.16_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.16 SMP kernel headers.
k/kernel-source-2.6.23.16_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel source.
(* Security fix *)
l/svgalib_helper-1.9.25_2.6.23.16-i486-1.tgz: Rebuilt for 2.6.23.16 kernels.
isolinux/initrd.img: Upgraded modules to 2.6.23.16.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.16.
(* Security fix *)
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.16 (SMP).
(* Security fix *)
kernels/speakup.s: Updated speakup.s kernel to 2.6.23.16.
(* Security fix *)
extra/linux-2.6.23.16-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
(* Security fix *)
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.23.16 modules.
+--------------------------+
Mon Feb 11 01:23:09 CST 2008
a/cups-1.3.5-i486-1.tgz: Upgraded to cups-1.3.5.
a/e2fsprogs-1.40.6-i486-1.tgz: Upgraded to e2fsprogs-1.40.6.
l/glib2-2.14.6-i486-1.tgz: Upgraded to glib-2.14.6.
xap/gimp-2.4.4-i486-1.tgz: Upgraded to gimp-2.4.4.
isolinux/initrd.img: Upgraded libraries and utilities to e2fsprogs-1.40.6.
usb-and-pxe-installers/: Updated libraries and utilities to e2fsprogs-1.40.6.
Also, thanks to David Somero for checking all the slack-desc files for
conformance to our unwritten standards. :-)
+--------------------------+
Sat Feb 9 04:48:36 CST 2008
a/device-mapper-1.02.24-i486-1.tgz: Upgraded to device-mapper.1.02.24.
Thanks to Piter Punk for the help.
a/glibc-solibs-2.7-i486-6.tgz: Recompiled against 2.6.23.15. Bumped everything
to -6 since glibc-zoneinfo has been at -5 already.
a/glibc-zoneinfo-2.7-noarch-6.tgz: Rebuilt.
a/kernel-generic-2.6.23.15-i486-1.tgz:
Upgraded to Linux 2.6.23.15 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.23.15_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.15 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.23.15-i486-1.tgz:
Upgraded to Linux 2.6.23.15 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.23.15_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.15 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.23.15-i486-1.tgz
Upgraded to Linux 2.6.23.15 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.23.15_smp-i686-1.tgz
Upgraded to Linux 2.6.23.15 SMP kernel modules.
d/kernel-headers-2.6.23.15_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.15 SMP kernel headers.
k/kernel-source-2.6.23.15_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.15 SMP kernel source.
a/lvm2-2.02.33-i486-1.tgz: Upgraded to LVM2.2.02.33.
Thanks to Piter Punk for the help.
l/glibc-2.7-i486-6.tgz: Recompiled against 2.6.23.15.
l/glibc-i18n-2.7-noarch-6.tgz: Rebuilt.
l/glibc-profile-2.7-i486-6.tgz: Recompiled against 2.6.23.15.
l/svgalib_helper-1.9.25_2.6.23.15-i486-1.tgz: Rebuilt for 2.6.23.15 kernels.
xap/xine-lib-1.1.10.1-i686-1.tgz: Upgraded to xine-lib-1.1.10.1.
isolinux/initrd.img: Massive overhaul, primarily the work and initiative of
Eric Hameleers. Work above and beyond the call of duty. If we gave out
medals of honor, this would deserve one. :-)
The installer now supports network installs from not just NFS, but also
HTTP and FTP. Please be nice to our mirrors -- this feature is _intended_
for use within private networks from your own "site".
Work is also underway to fully support unattended/remote installs. The
installer has both a small ssh and sshd (dropbear). Thanks again Eric!
This is something that's been on the drawing board for many years.
isolinux/network.dsk: Upgraded to Linux 2.6.23.15 SMP/UP kernel modules.
isolinux/pcmcia.dsk: Upgraded to Linux 2.6.23.15 SMP/UP kernel modules.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.15.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.15 (SMP).
kernels/speakup.s: Updated to CVS as of 20080204T2334. A few diffs didn't
apply cleanly, so let me know if it's broken and I'll see what I can do.
Also, some hardware synths that were detected automatically with earlier
kernels and/or speakup versions may now need the serial port specified on the
kernel boot prompt like this:
speakup.s speakup_synth=dectlk speakup_ser=0
Thanks to Stephen Greeley for bug reports and testing. Hopefully my best
guess at a kernel patch to bypass Unicode for now hasn't broken everything.
extra/linux-2.6.23.15-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
+--------------------------+
Fri Feb 1 19:40:32 CST 2008
a/e2fsprogs-1.40.5-i486-1.tgz: Upgraded to e2fsprogs-1.40.5.
d/subversion-1.4.6-i486-1.tgz: Upgraded to subversion-1.4.6.
kde/kdesdk-3.5.8-i486-2.tgz: Recompiled to pick up new apr/neon/svn libs.
A couple of bugzilla-related files have now appeared in the package.
kde/kdevelop-3.5.0-i486-2.tgz: Recompiled to pick up new apr/neon/svn libs.
l/apr-1.2.12-i486-1.tgz: Upgraded to apr-1.2.12.
l/apr-util-1.2.12-i486-1.tgz: Upgraded to apr-util-1.2.12.
l/neon-0.26.4-i486-1.tgz: Upgraded to neon-0.26.4. There are newer versions,
but this is newer than what we had and allows everything to work for now.
xap/audacious-1.4.6-i486-1.tgz: Upgraded to audacious-1.4.6.
xap/audacious-plugins-1.4.5-i486-1.tgz: Upgraded to audacious-plugins-1.4.5.
Now with an upgraded neon library, this uses neon for http/https transport.
Thanks to Giacomo Lozito for the help with neon.
+--------------------------+
Thu Jan 31 21:51:05 CST 2008
ap/alsa-utils-1.0.15-i486-1.tgz: Upgraded to alsa-utils-1.0.15.
l/alsa-lib-1.0.15-i486-1.tgz: Upgraded to alsa-lib-1.0.15.
l/alsa-oss-1.0.15-i486-1.tgz: Upgraded to alsa-oss-1.0.15.
x/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias.
The install scripts will make it. Thanks to Piter Punk.
x/libXmu-1.0.4-i486-1.tgz: Upgraded to libXmu-1.0.4.
x/xf86-video-amd-2.7.7.6-i486-1.tgz: Upgraded to xf86-video-amd-2.7.7.6.
x/xf86-video-nv-2.1.7-i486-1.tgz: Upgraded to xf86-video-nv-2.1.7.
x/xinput-1.3.0-i486-1.tgz: Added xinput-1.3.0.
+--------------------------+
Wed Jan 30 19:07:35 CST 2008
d/ruby-1.8.6_p111-i486-2.tgz: Moved some comments out of the ./configure part
of the build script to fix a couple of missed options.
Thanks to Stuart Winter.
kde/amarok-1.4.8-i486-1.tgz: Upgraded to amarok-1.4.8.
l/atk-1.21.5-i486-1.tgz: Upgraded to atk-1.21.5.
l/gtk+2-2.12.7-i486-1.tgz: Upgraded to gtk+-2.12.7.
l/libmowgli-0.6.0-i486-1.tgz: Added libmowgli-0.6.0, which is needed by
Audacious.
l/libmtp-0.2.5-i486-1.tgz: Upgraded to libmtp-0.2.5.
l/libgpod-0.6.0-i486-1.tgz: Upgraded to libgpod-0.6.0 (major version bump).
l/libxml2-2.6.31-i486-1.tgz: Upgraded to libxml2-2.6.31.
l/pango-1.19.3-i486-1.tgz: Upgraded to pango-1.19.3.
xap/audacious-1.4.5-i486-1.tgz: Upgraded to audacious-1.4.5.
xap/audacious-plugins-1.4.4-i486-1.tgz: Upgraded to
audacious-plugins-1.4.4-i486-1.tgz.
xap/xine-lib-1.1.10-i686-1.tgz: Upgraded to xine-lib-1.1.10.
extra/slackpkg/slackpkg-2.70-noarch-1.tgz: Upgraded to slackpkg-2.70.
Thanks to Piter Punk.
Great thanks are also due to the KDE team, not only for their tremendous
accomplishments over the years, but for the gracious reception they gave to
the members of the Slackware team who traveled to the release event. What
a wonderful group of people! We had a great time there, learned a lot, and
will be applying that knowledge and our new contacts within KDE to provide
the best possible KDE experience for Slackware users. The next Slackware
release will contain KDE 3.5.9, but we're targeting KDE 4.1.x for the one
after that. The application end of things doesn't quite fully cover KDE3's
functionality yet, but by then it will. As I'm sure most of you know, Robby
has put up test packages of the initial KDE 4.0 release which I've tested and
found to be consistent with what to expect from a developer's preview.
The look of the new desktop is stunning, and the use of SVG and hardware
acceleration gives (IMHO) even something like MacOS a run for its money in
terms of appearance and user-friendliness. We look forward with great
anticipation to merging KDE4 when it is mature enough (and it's getting there
fast), and then watching it just get better and better.
Once again, _huge_ thanks to our KDE friends! Stop by here any time. :-)
+--------------------------+
Tue Jan 8 22:42:01 CST 2008
ap/nano-2.0.7-i486-1.tgz: Upgraded to nano-2.0.7.
d/mercurial-0.9.5-i486-1.tgz: Upgraded to mercurial-0.9.5.
d/ruby-1.8.6_p111-i486-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111.
l/atk-1.20.0-i486-1.tgz: Upgraded to atk-1.20.0.
l/glib2-2.14.5-i486-1.tgz: Upgraded to glib-2.14.5.
l/gtk+2-2.12.4-i486-1.tgz: Upgraded to gtk+-2.12.4.
l/libxml2-2.6.30-i486-1.tgz: Upgraded to libxml2-2.6.30.
l/libxslt-1.1.22-i486-1.tgz: Upgraded to libxslt-1.1.22.
l/pango-1.19.2-i486-1.tgz: Upgraded to pango-1.19.2.
l/pycairo-1.4.12-i486-1.tgz: Added pycairo-1.4.12.
Thanks to Eric Hameleers.
l/pygobject-2.14.1-i486-1.tgz: Added pygobject-2.14.1.
Thanks to Erik Hanson and SBo (slackbuilds.org).
l/pygtk-2.12.1-i486-1.tgz: Added pygtk-2.12.1.
Thanks to Erik Hanson, Andrew Brouwers, and SBo.
l/pyrex-0.9.6.4-i486-1.tgz: Added Pyrex-0.9.6.4.
Thanks to David Somero.
x/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE**
Upgraded to version 2.22.
x/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3.
x/xf86-video-ati-6.7.197-i486-1.tgz: Upgraded to xf86-video-ati-6.7.197.
x/xf86-video-radeonhd-1.1.0-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.1.0.
xap/seamonkey-1.1.7-i486-2.tgz: Use the system cairo to avoid a compile error.
Thanks to Eric Hameleers for helping to figure this out.
Patched a Makefile.in to avoid another compile error with the new GTK+.
Thanks to the BLFS contributors for posting the solution to this.
+--------------------------+
Mon Dec 31 18:44:01 CST 2007
a/glibc-zoneinfo-2.7-noarch-5.tgz: Some deja vu. ;-)
Upgraded to tzdata2007k. A new year should be started with the
latest timezone data, so here it is.
Happy holidays, and a happy new year to all! :-)
+--------------------------+
Sat Dec 22 17:07:12 CST 2007
l/libgsf-1.14.7-i486-1.tgz: Upgraded to libgsf-1.14.7.
+--------------------------+
Sat Dec 22 00:54:42 CST 2007
a/glibc-solibs-2.7-i486-4.tgz: Upgraded to glibc-2.7 compiled against Linux
2.6.23.12 kernel headers.
a/glibc-zoneinfo-2.7-noarch-4.tgz: Upgraded to tzdata2007j.
a/kernel-generic-2.6.23.12-i486-1.tgz:
Upgraded to Linux 2.6.23.12 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.23.12_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.12 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.23.12-i486-1.tgz:
Upgraded to Linux 2.6.23.12 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.23.12_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.12 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.23.12-i486-1.tgz
Upgraded to Linux 2.6.23.12 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.23.12_smp-i686-1.tgz
Upgraded to Linux 2.6.23.12 SMP kernel modules.
d/kernel-headers-2.6.23.12_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.12 SMP kernel headers.
k/kernel-source-2.6.23.12_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.12 SMP kernel source.
l/glibc-2.7-i486-4.tgz: Rebuilt against Linux 2.6.23.12 kernel headers.
l/glibc-i18n-2.7-noarch-4.tgz: Rebuilt.
l/glibc-profile-2.7-i486-4.tgz: Rebuilt against Linux 2.6.23.12 headers.
l/svgalib_helper-1.9.25_2.6.23.12-i486-1.tgz: Recompiled for Linux 2.6.23.12.
extra/linux-2.6.23.12-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/network.dsk, pcmcia.dsk; Upgraded to 2.6.23.12 kernel modules.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.12.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.12 (SMP).
usb-and-pxe-installers/: Updated USB and PXE installers.
+--------------------------+
Fri Dec 21 19:03:54 CST 2007
a/pkgtools-12.1.0-noarch-2.tgz: Fixed a regex bug in a grep in installpkg that
could cause packages that do not conform to the FHS (those containing single-
character top-level directories) to not be removable or upgradeable through
the pkgtools. Thanks to Johnny Morano for pointing this ancient bug out.
Made the top-line with -infobox more terse since some of the package names
have become too long to fit, and were disturbing the infobox's formatting.
isolinux/initrd.img: Upgraded to the latest installpkg.
+--------------------------+
Fri Dec 14 18:02:39 CST 2007
a/mkinitrd-1.3.0-i486-4.tgz: Fixed a bug that could cause modprobe to attempt
to load the same module more than once (due to whitespace differences in
the initramfs's load_kernel_modules script). Thanks to Piter Punk.
ap/mysql-5.0.51-i486-1.tgz:
Upgraded to mysql-5.0.51.
This release fixes several bugs, including some security issues.
However, it also includes a potentially incompatible change, so be sure
to read the release notes before upgrading. It is possible that some
databases will need to be fixed in order to work with this (and future)
releases:
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
For more information about the security issues fixed, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
(* Security fix *)
f/linux-howtos-20071214-noarch-1.tgz: Upgraded to linux-howtos-20071214.
l/hal-info-20071212-noarch-1.tgz: Upgraded to hal-info-20071212.
l/libpng-1.2.24-i486-1.tgz: Upgraded to libpng-1.2.24.
n/nmap-4.50-i486-1.tgz: Upgraded to nmap-4.50.
x/xf86-input-joystick-1.3.1-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.1.
x/xf86-video-radeonhd-1.0.0-i486-1.tgz: Added xf86-video-radeonhd-1.0.0.
x/xorg-server-1.4.0.90-i486-1.tgz: Upgraded to xorg-server-1.4.0.90.
x/xorg-server-xnest-1.4.0.90-i486-1.tgz: Upgraded to
xorg-server-xnest-1.4.0.90.
x/xorg-server-xvfb-1.4.0.90-i486-1.tgz: Upgraded to xorg-server-xvfb-1.4.0.90.
xap/imagemagick-6.3.7_4-i486-1.tgz: Upgraded to ImageMagick-6.3.7-4.
+--------------------------+
Mon Dec 10 14:07:48 CST 2007
l/vte-0.16.10-i486-1.tgz: Upgraded to vte-0.16.10.
n/proftpd-1.3.1-i486-1.tgz: Upgraded to proftpd-1.3.1.
n/samba-3.0.28-i486-1.tgz:
Upgraded to samba-3.0.28.
Samba 3.0.28 is a security release in order to address a boundary failure
in GETDC mailslot processing that can result in a buffer overrun leading
to possible code execution.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015
http://www.samba.org/samba/history/samba-3.0.28.html
http://secunia.com/secunia_research/2007-99/advisory/
(* Security fix *)
xap/gkrellm-2.3.1-i486-1.tgz: Upgraded to gkrellm-2.3.1.
xap/pidgin-2.3.1-i486-1.tgz: Upgraded to pidgin-2.3.1.
xap/xchat-2.8.4-i486-1.tgz: Upgraded to xchat-2.8.4.
extra/ktorrent/ktorrent-2.2.4-i486-1.tgz: Upgraded to ktorrent-2.2.4.
+--------------------------+
Wed Dec 5 14:57:36 CST 2007
a/kernel-huge-smp-2.6.23.9_smp-i686-3.tgz: Fixed missing JFFS2.
Thanks to Arny.
kernels/hugesmp.s/*: Fixed missing JFFS2. Thanks to Arny.
+--------------------------+
Tue Dec 4 19:03:43 CST 2007
a/hdparm-7.7-i486-1.tgz: Upgraded to hdparm-7.7.
Moved hdparm binary to /sbin (suggested by Tsomi).
a/kernel-generic-2.6.23.9-i486-2.tgz:
Rebuilt.
a/kernel-generic-smp-2.6.23.9_smp-i686-2.tgz:
Rebuilt.
a/kernel-huge-2.6.23.9-i486-2.tgz:
Rebuilt.
a/kernel-huge-smp-2.6.23.9_smp-i686-2.tgz:
Rebuilt.
a/kernel-modules-2.6.23.9-i486-2.tgz
Added JFFS2 modules.
a/kernel-modules-smp-2.6.23.9_smp-i686-2.tgz
Added JFFS2 modules.
d/kernel-headers-2.6.23.9_smp-i386-2.tgz:
Rebuilt.
k/kernel-source-2.6.23.9_smp-noarch-2.tgz: Reconfigured to include the option
for JFFS2, a journalling flash file system.
l/svgalib_helper-1.9.25_2.6.23.9-i486-2.tgz: Recompiled.
xap/gimp-2.4.2-i486-1.tgz: Upgraded to gimp-2.4.2.
extra/linux-2.6.23.9-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/network.dsk, pcmcia.dsk; Upgraded kernel modules.
kernels/huge.s/*: Upgraded huge.s kernel.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel (SMP).
usb-and-pxe-installers/: Updated USB and PXE installers.
+--------------------------+
Mon Dec 3 21:04:37 CST 2007
a/inotify-tools-3.12-i486-1.tgz: Added inotify-tools-3.12.
Thanks to Eric Hameleers for the build script.
ap/cdparanoia-III10pre0-i486-1.tgz: Upgraded to cdparanoia-III-10pre0.
ap/hplip-2.7.10-i486-2.tgz: Rebuilt with some fixes to the build script.
Thanks to Robby Workman.
kde/amarok-1.4.7-i486-2.tgz: Recompiled against libmtp-0.2.4.
l/cairo-1.4.12-i486-1.tgz: Upgraded to cairo-1.4.12.
This fixes a possible security risk when decoding PNG files that may have
been maliciously tampered with:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503
(* Security fix *)
l/libmtp-0.2.4-i486-1.tgz: Upgraded to libmtp-0.2.4.
Thanks to Piter Punk for updating the udev rules.
l/libnjb-2.2.6-i486-2.tgz: Updated udev rules. Thanks to Piter Punk.
n/bluez-hcidump-1.40-i486-1.tgz: Upgraded to bluez-hcidump-1.40.
n/bluez-libs-3.22-i486-1.tgz: Upgraded to bluez-libs-3.22.
n/bluez-utils-3.22-i486-1.tgz: Upgraded to bluez-utils-3.22.
Thanks to Piter Punk for updating the udev rules.
n/gnupg2-2.0.7-i486-1.tgz: Upgraded to gnupg2-2.0.7.
n/gnutls-2.0.4-i486-1.tgz: Upgraded to gnutls-2.0.4.
n/gpgme-1.1.5-i486-1.tgz: Upgraded to gpgme-1.1.5.
n/libassuan-1.0.3-i486-1.tgz: Upgraded to libassuan-1.0.3.
n/libgpg-error-1.6-i486-1.tgz: Upgraded to libgpg-error-1.6.
n/libksba-1.0.2-i486-1.tgz: Upgraded to libksba-1.0.2.
n/mcabber-0.9.5-i486-1.tgz: Upgraded to mcabber-0.9.5.
n/pinentry-0.7.4-i486-1.tgz: Upgraded to pinentry-0.7.4.
n/samba-3.0.27a-i486-1.tgz: Upgraded to samba-3.0.27a.
This update fixes a crash bug regression experienced by smbfs clients caused
by the fix for CVE-2007-4572.
xap/xfce-4.4.2-i486-1.tgz: Upgraded to xfce-4.4.2.
Thanks to Robby Workman for the build script.
This fixes a minor security bug in Terminal:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770
(* Security fix *)
+--------------------------+
Sat Dec 1 17:02:02 CST 2007
n/rsync-2.6.9-i486-2.tgz:
Patched some security bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
http://lists.samba.org/archive/rsync-announce/2007/000050.html
(* Security fix *)
xap/mozilla-firefox-2.0.0.11-i686-1.tgz: Upgraded to Firefox 2.0.0.11, which
fixed a bug introduced by the 2.0.0.10 update in the <canvas> feature that
affected some web pages and extensions.
+--------------------------+
Thu Nov 29 19:51:15 CST 2007
xap/seamonkey-1.1.7-i486-1.tgz:
Upgraded to seamonkey-1.1.7.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Thu Nov 29 17:38:37 CST 2007
a/mkinitrd-1.3.0-i486-3.tgz: Fixed a missing '--parents' in a cp command.
Thanks to Eric Hameleers for pointing out the bug.
+--------------------------+
Thu Nov 29 14:53:28 CST 2007
a/glibc-solibs-2.7-i486-3.tgz: Fixed incorrect version numbers in the install
script. Thanks to guru for the bug report.
a/glibc-zoneinfo-2.7-noarch-3.tgz: Rebuilt.
l/glibc-2.7-i486-3.tgz: Fixed incorrect version numbers in the install
script. Thanks to guru for the bug report.
l/glibc-i18n-2.7-noarch-3.tgz: Rebuilt.
l/glibc-profile-2.7-i486-3.tgz: Rebuilt.
+--------------------------+
Thu Nov 29 01:06:48 CST 2007
ap/cdrtools-2.01.01a36-i486-1.tgz: Upgraded to cdrtools-2.01.01a36.
+--------------------------+
Thu Nov 29 01:02:12 CST 2007
a/glibc-solibs-2.7-i486-2.tgz: Upgraded to glibc-2.7 compiled against Linux
2.6.23.9 kernel headers.
a/glibc-zoneinfo-2.7-noarch-2.tgz: Upgraded to tzdata2007i.
a/kernel-generic-2.6.23.9-i486-1.tgz:
Upgraded to Linux 2.6.23.9 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.23.9_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.9 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.23.9-i486-1.tgz:
Upgraded to Linux 2.6.23.9 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.23.9_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.9 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.23.9-i486-1.tgz
Upgraded to Linux 2.6.23.9 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.23.9_smp-i686-1.tgz
Upgraded to Linux 2.6.23.9 SMP kernel modules.
ap/ghostscript-8.61-i486-1.tgz: Upgraded to ghostscript-8.61.
This is still under the GPL -- just FYI, I do not know why the package name
changed. This package replaces gnu-ghostscript-8.60.0-i486-2.
d/kernel-headers-2.6.23.9_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.9 SMP kernel headers.
k/kernel-source-2.6.23.9_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.9 SMP kernel source.
l/gamin-0.1.9-i486-1.tgz: Upgraded to gamin-0.1.9.
l/glibc-2.7-i486-2.tgz: Upgraded to glibc-2.7, built against Linux 2.6.23.9
kernel headers.
* NOTE: Packages for -current built after this batch of packages (up to
* the datestamp above) will be linked against glibc-2.7 and _may_ not work
* on systems running earlier versions of glibc (such as Slackware 12.0
* systems running glibc-2.5).
l/glibc-i18n-2.7-noarch-2.tgz: Upgraded to glibc-2.7 locale files.
l/glibc-profile-2.7-i486-2.tgz: Upgraded to glibc-2.7 profile libs.
l/svgalib_helper-1.9.25_2.6.23.9-i486-1.tgz: Recompiled for Linux 2.6.23.9.
extra/linux-2.6.23.9-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/initrd.img: Upgraded to glibc-2.7. Added dmidecode.
isolinux/network.dsk, pcmcia.dsk; Upgraded to 2.6.23.9 kernel modules.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.9.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.9 (SMP).
usb-and-pxe-installers/: Updated USB and PXE installers.
+--------------------------+
Wed Nov 28 12:33:14 CST 2007
a/mkinitrd-1.3.0-i486-2.tgz: Edited two spots where grep was searching for /
rather than ' on / '. Thanks to Erik Jan Tromp for pointing out that this
needed a patch.
+--------------------------+
Tue Nov 27 16:08:14 CST 2007
a/mkinitrd-1.3.0-i486-1.tgz: Upgraded to mkinitrd-1.3.0.
This fixes a bug where some module options could be ignored.
Thanks to Alan Hicks for the patch.
Thanks also to Richard Hoyle for showing me how to statically link busybox
correctly when I wouldn't listen to the Makefile. ;-)
xap/mozilla-firefox-2.0.0.10-i686-1.tgz:
Upgraded to firefox-2.0.0.10.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
+--------------------------+
Wed Nov 21 00:11:24 CST 2007
a/kernel-generic-2.6.23.8-i486-1.tgz:
Upgraded to Linux 2.6.23.8 uniprocessor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.23.8_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.8 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.23.8-i486-1.tgz:
Upgraded to Linux 2.6.23.8 uniprocessor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.23.8_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.8 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.23.8-i486-1.tgz
Upgraded to Linux 2.6.23.8 uniprocessor kernel modules.
a/kernel-modules-smp-2.6.23.8_smp-i686-1.tgz
Upgraded to Linux 2.6.23.8 SMP kernel modules.
d/kernel-headers-2.6.23.8_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.8 SMP kernel headers.
k/kernel-source-2.6.23.8_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.8 SMP kernel source.
l/libpng-1.2.23-i486-1.tgz:
Upgraded to libpng-1.2.23.
Previous libpng versions may crash when loading malformed PNG files.
It is not currently known if this vulnerability can be exploited to
execute malicious code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
(* Security fix *)
l/svgalib_helper-1.9.25_2.6.23.8-i486-1.tgz: Recompiled for Linux 2.6.23.8.
extra/linux-2.6.23.8-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/network.dsk, pcmcia.dsk; upgraded to 2.6.23.8 kernel modules.
initrd.img: Upgraded to hdparm-7.6.
kernels/generic.s/*: Upgraded generic.s kernel to 2.6.23.8.
kernels/gensmp.s/*: Upgraded gensmp.s kernel to 2.6.23.8 (SMP).
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.8.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.8 (SMP).
usb-and-pxe-installers/: Updated USB and PXE installers.
+--------------------------+
Tue Nov 20 16:49:58 CST 2007
xap/mozilla-thunderbird-2.0.0.9-i686-1.tgz:
Upgraded to thunderbird-2.0.0.9.
This update fixes the following security related issues:
URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36).
Crashes with evidence of memory corruption (MFSA 2007-29).
OK, so the first one obviously does not affect us. :-) The second fix has
to do with the same JavaScript handling problem fixed before in Firefox.
JavaScript is not enabled by default in Thunderbird, and the developers
(at least in MFSA 2007-36) do not recommend turning it on.
For more information, see:
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
(* Security fix *)
+--------------------------+
Sat Nov 17 00:19:20 CST 2007
ap/cdparanoia-IIIalpha9.8-i486-3.tgz: Recompiled with SG_IO patch. This
didn't seem to make a noticable difference, but to someone it might.
x/xf86-video-intel-2.2.0-i486-1.tgz: Upgraded to xf86-video-intel-2.2.0
x/xf86-video-sis-0.9.4-i486-1.tgz: Upgraded to xf86-video-sis-0.9.4.
OK, now that that Samba fix is done, we can give you a working X server. :-)
Evidently, the HAL/D-Bus enabled X server, xf86-input-evdev, and one of HAL's
.fdi files aren't playing well together. After considering three possible
workarounds, it was decided to disable D-Bus/HAL support in the X server for
now. If you really want to play with X input hotplugging, it's easy enough to
modify the source/x/x11/configure xorg-server configure file to enable D-Bus
and HAL and run: ./x11.SlackBuild xserver xorg-server
Xdmx remains gone per X build recommendations.
x/xorg-server-1.4-i486-4.tgz: Recompiled without input hotplugging support.
x/xorg-server-xnest-1.4-i486-4.tgz: Rebuilt.
x/xorg-server-xvfb-1.4-i486-4.tgz: Rebuilt.
xap/xscreensaver-5.04-i486-1.tgz: Upgraded to xscreensaver-5.04.
+--------------------------+
Fri Nov 16 17:22:18 CST 2007
n/samba-3.0.27-i486-1.tgz:
Upgraded to samba-3.0.27.
Samba 3.0.27 is a security release in order to address a stack buffer
overflow in nmbd's logon request processing, and remote code execution in
Samba's WINS server daemon (nmbd) when processing name registration followed
name query requests.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
(* Security fix *)
+--------------------------+
Wed Nov 14 23:01:27 CST 2007
x/xf86-input-evdev-1.2.0-i486-1.tgz: Upgraded to xf86-input-evdev-1.2.0.
x/xf86-input-joystick-1.3.0-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.0.
+--------------------------+
Wed Nov 14 15:25:14 CST 2007
x/mesa-7.0.2-i486-1.tgz: Upgraded to mesa-7.0.2.
x/xf86-video-ati-6.7.196-i486-1.tgz: Upgraded to xf86-video-ati-6.7.196.
x/xf86-video-intel-2.1.99-i486-1.tgz: Upgraded to xf86-video-intel-2.1.99.
x/xorg-server-1.4-i486-3.tgz: Rebuilt against Mesa 7.0.2.
Removed support for XDMX, as the code is not maintained and interferes with
input hotplug support. Thanks to Carlos Corbacho for the help. :-)
x/xorg-server-xdmx-1.4-i486-2.tgz: Removed.
x/xorg-server-xnest-1.4-i486-3.tgz: Rebuilt.
x/xorg-server-xvfb-1.4-i486-3.tgz: Rebuilt.
+--------------------------+
Mon Nov 12 01:25:34 CST 2007
kde/kdegraphics-3.5.8-i486-2.tgz:
Patched xpdf related bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)
kde/koffice-1.6.3-i486-2.tgz:
Patched xpdf related bugs.
For more information, see:
http://www.kde.org/info/security/advisory-20071107-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)
l/pcre-7.4-i486-1.tgz: Upgraded to pcre-7.4.
l/poppler-0.6.2-i486-1.tgz: Upgraded to poppler-0.6.2.
This release fixes xpdf related bugs.
For more information, see:
http://poppler.freedesktop.org/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)
xap/xpdf-3.02pl2-i486-1.tgz: Upgraded to xpdf-3.02pl2.
The pl2 patch fixes a crash in xpdf.
Some theorize that this could be used to execute arbitrary code if an
untrusted PDF file is opened, but no real-world examples are known (yet).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
(* Security fix *)
+--------------------------+
Sat Nov 10 14:27:42 CST 2007
n/php-5.2.5-i486-1.tgz:
Upgraded to php-5.2.5.
This fixes bugs and security issues.
For more information, see:
http://www.php.net/releases/5_2_5.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887
(* Security fix *)
+--------------------------+
Fri Nov 9 16:07:43 CST 2007
ap/gnu-ghostscript-8.60.0-i486-2.tgz: ./configured with --disable-compile-inits
option, which disables a new default of compiling in various configuration
values (such as paper size) rather than reading them from the traditional
config file. Thanks to Jonathan Woithe for pointing this change out.
xap/mozilla-firefox-2.0.0.9-i686-1.tgz:
Upgraded to firefox-2.0.0.9.
This upgrade improves the stability of Firefox.
For more information, see:
http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/
xap/seamonkey-1.1.6-i486-1.tgz:
Upgraded to SeaMonkey 1.1.6.
This upgrade fixes SeaMonkey's ability to display certain types of web pages.
That's about all we could find about it here:
http://www.mozilla.org/projects/seamonkey/
+--------------------------+
Sat Nov 3 15:24:00 CDT 2007
x/libXft-2.1.12-i486-2.tgz: Recompiled to fix issues with bold font
rendering. Thanks to Bruce Hill and Eric Hameleers.
+--------------------------+
Fri Nov 2 17:37:13 CDT 2007
n/links-2.1pre31-i486-1.tgz: Upgraded to links-2.1pre31.
n/mcabber-0.9.4-i486-1.tgz: Upgraded to mcabber-0.9.4.
n/openldap-client-2.3.38-i486-1.tgz: Upgraded to openldap-client-2.3.38.
n/sendmail-8.14.2-i486-1.tgz: Upgraded to sendmail-8.14.2.
n/sendmail-cf-8.14.2-noarch-1.tgz: Upgraded to sendmail-8.14.2 config files.
x/dejavu-ttf-2.21-noarch-1.tgz: Upgraded to dejavu-ttf-2.21.
xap/gimp-2.4.1-i486-1.tgz: Upgraded to gimp-2.4.1.
xap/pan-0.132-i486-1.tgz: Upgraded to pan-0.132.
xap/pidgin-2.2.2-i486-1.tgz: Upgraded to pidgin-2.2.2.
+--------------------------+
Thu Nov 1 20:05:07 CDT 2007
a/cups-1.3.4-i486-1.tgz: Upgraded to cups-1.3.4.
An off-by-one error in ipp.c may allow a remote attacker to crash CUPS
resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
(* Security fix *)
+--------------------------+
Wed Oct 31 19:33:06 CDT 2007
a/pkgtools-12.1.0-noarch-1.tgz: Upgraded to pkgtools-12.1.0-noarch-1.
Fixed the following issues with removepkg:
Fix problem removing packages with a large number of fields. Thanks to
Niki Kovacs for noticing this, and to Piter Punk for the patch.
Use LC_ALL=C locale, which is much faster with "sort". Thanks to Tsomi.
Don't try to remove any package that starts with '-'. This is not a proper
package name (usually a typo), and results in the package database being
broken as the "package" beginning with '-' is passed along as an option to
a command later in the script. Thanks to Jef Oliver.
Patched cat_except() to allow the last Slackware package on a partition to
be removed (using ROOT=, of course). Thanks to Selkfoster for the patch,
and to everyone else who proposed solutions before. This issue really
wasn't given the highest priority before, but as long as I was here...
Fixed pkgtool to handle much larger numbers of installed packages.
Thanks to Gabriele Inghirami for the patch.
NOTE: If you upgrade to the glibc packages below, be sure you are really
wishing to test them, because reverting to the old version is not easy.
However, these packages have (so far) passed the tests done here.
testing/packages/glibc-2.7-i486-1.tgz: Added glibc-2.7.
testing/packages/glibc-i18n-2.7-noarch-1.tgz: Added glibc-i18n-2.7.
testing/packages/glibc-profile-2.7-i486-1.tgz: Added glibc-profile-2.7.
testing/packages/glibc-solibs-2.7-i486-1.tgz: Added glibc-solibs-2.7.
testing/packages/glibc-zoneinfo-2.7-noarch-1.tgz: Added glibc-zoneinfo-2.7.
+--------------------------+
Sat Oct 27 16:33:49 CDT 2007
x/xf86-video-nv-2.1.6-i486-1.tgz: Upgraded to xf86-video-nv.
x/compiz-0.6.2-i486-1.tgz: Upgraded to compiz-0.6.2.
x/pixman-0.9.6-i486-1.tgz: Upgraded to pixman-0.9.6.
x/glproto-1.4.9-noarch-1.tgz: Upgraded to glproto-1.4.9.
+--------------------------+
Wed Oct 24 22:51:37 CDT 2007
l/librsvg-2.18.2-i486-1.tgz: Upgraded to librsvg-2.18.2.
xap/gimp-2.4.0-i486-1.tgz: Upgraded to gimp-2.4.0.
xap/mozilla-firefox-2.0.0.8-i686-1.tgz:
Upgraded to firefox-2.0.0.8.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
xap/seamonkey-1.1.5-i486-1.tgz:
Upgraded to seamonkey-1.1.5.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Sat Oct 20 14:41:24 CDT 2007
ap/hplip-2.7.10-i486-1.tgz: Upgraded to hplip-2.7.10.
l/libpng-1.2.22-i486-1.tgz: Upgraded to libpng-1.2.22.
+--------------------------+
Sat Oct 20 11:13:29 CDT 2007
a/openssl-solibs-0.9.8g-i486-1.tgz: Upgraded to openssl-solibs-0.9.8g.
n/openssh-4.7p1-i486-2.tgz: Recompiled against openssl-0.9.8g.
n/openssl-0.9.8g-i486-1.tgz: Upgraded to openssl-0.9.8g.
+--------------------------+
Thu Oct 18 18:19:59 CDT 2007
x/xorg-server-1.4-i486-2.tgz: Fixed missing /etc/X11/xserver/SecurityPolicy.
Thanks to Robby Workman.
x/xorg-server-xdmx-1.4-i486-2.tgz: Recompiled.
x/xorg-server-xnest-1.4-i486-2.tgz: Recompiled.
x/xorg-server-xvfb-1.4-i486-2.tgz: Recompiled.
+--------------------------+
Wed Oct 17 14:22:06 CDT 2007
kde/kdelibs-3.5.8-i486-2.tgz: Replaced kio_http patch with the official
fix from the KDE repo. Thanks to the KDE team. :-)
These are the fixed bugs:
http://bugs.kde.org/show_bug.cgi?id=150809
http://bugs.kde.org/show_bug.cgi?id=150904
+--------------------------+
Tue Oct 16 20:49:45 CDT 2007
kde/kdebindings-3.5.8-i486-1.tgz: Upgraded to kdebindings-3.5.8, and fixed
missing package (thanks to Ricardo Garcia).
l/poppler-0.6.1-i486-1.tgz: Upgraded to poppler-0.6.1.
l/poppler-data-0.1.1-noarch-1.tgz: Upgraded to poppler-data-0.1.1, and fixed
missing package (thanks to Ricardo Garcia).
+--------------------------+
Tue Oct 16 14:51:30 CDT 2007
a/cups-1.3.3-i486-1.tgz: Upgraded to cups-1.3.3.
a/dialog-1.1_20070930-i486-1.tgz: Upgraded to dialog-1.1-20070930.
a/etc-12.1-noarch-1.tgz: Added "tape" group.
a/glibc-solibs-2.5-i486-5.tgz: Recompiled against 2.6.23.1 kernel headers.
a/glibc-zoneinfo-2.5-noarch-5.tgz: Upgraded to tzcode2007h and tzdata2007h.
a/jfsutils-1.1.12-i486-1.tgz: Upgraded to jfsutils-1.1.12.
a/kernel-generic-2.6.23.1-i486-1.tgz:
Upgraded to Linux 2.6.23.1 single processor generic.s (requires initrd) kernel.
a/kernel-generic-smp-2.6.23.1_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.1 SMP gensmp.s (requires initrd) kernel.
a/kernel-huge-2.6.23.1-i486-1.tgz:
Upgraded to Linux 2.6.23.1 single processor huge.s (full-featured) kernel.
a/kernel-huge-smp-2.6.23.1_smp-i686-1.tgz:
Upgraded to Linux 2.6.23.1 SMP hugesmp.s (full-featured) kernel.
a/kernel-modules-2.6.23.1-i486-1.tgz
Upgraded to Linux 2.6.23.1 UP single processor kernel modules.
a/kernel-modules-smp-2.6.23.1_smp-i686-1.tgz
Upgraded to Linux 2.6.23.1 SMP kernel modules.
a/module-init-tools-3.4-i486-1.tgz: Upgraded to module-init-tools-3.4.
Thanks to Robby Workman. :-)
a/mkinitrd-1.2.0-i486-1.tgz: Updated to busybox-1.7.2 and dialog-1.1-20070930.
Thanks to Piter Punk for the work on mdev device creation. :-)
a/openssl-solibs-0.9.8f-i486-1.tgz: Upgraded to openssl-0.9.8f.
This release fixes two minor security bugs unlikely to pose any threat to
most production servers. For more information, see:
http://openssl.org/news/secadv_20071012.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995
(nothing in Slackware is using this DTLS implementation)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
(this bug is in a function normally only used for logging or debugging)
(* Security fix *)
a/syslinux-3.52-i486-1.tgz: Upgraded to syslinux-3.52.
a/sysvinit-scripts-1.2-noarch-14.tgz: In rc.M, execute "mount -a" to mount any
filesystems not already mounted.
a/udev-116-i486-1.tgz: Upgraded to udev-116. Thanks to Piter Punk!
ap/espgs-8.15.4-i486-2.tgz: Removed. This is replaced by gnu-ghostscript.
ap/foomatic-filters-3.0_20070919-i486-1.tgz: Added. This is a printer filter
required to use Gutenprint or HPLIP with CUPS.
ap/gimp-print-4.2.7-i486-2.tgz: Removed. This is replaced by gutenprint.
ap/gutenprint-5.0.1-i486-2.tgz: Added gutenprint-5.0.1, which is the new
version of (and name for) gimp-print.
ap/gnu-ghostscript-8.60.0-i486-1.tgz: Added gnu-ghostscript-8.60.0.
This replaces the espgs (ESP Ghostscript) package.
ap/hplip-2.7.9-i486-1.tgz: Upgraded to hplip-2.7.9. Note that this no longer
requires daemons to be started at boot time, so any /etc/rc.d/rc.hplip
script can be removed.
ap/mysql-5.0.45-i486-1.tgz: Upgraded to mysql-5.0.45.
ap/vim-7.1.138-i486-1.tgz: Upgraded to vim-7.1.138.
d/git-1.5.3.3-i486-1.tgz: Upgraded to git-1.5.3.3.
d/kernel-headers-2.6.23.1_smp-i386-1.tgz:
Upgraded to Linux 2.6.23.1 SMP kernel headers.
k/kernel-source-2.6.23.1_smp-noarch-1.tgz
Upgraded to Linux 2.6.23.1 SMP kernel source.
kde/amarok-1.4.7-i486-1.tgz: Upgraded to amarok-1.4.7.
kde/k3b-1.0.3-i486-1.tgz: Upgraded to k3b-1.0.3.
kde/kdeaccessibility-3.5.8-i486-1.tgz: Upgraded to kdeaccessibility-3.5.8.
kde/kdeaddons-3.5.8-i486-1.tgz: Upgraded to kdeaddons-3.5.8.
kde/kdeadmin-3.5.8-i486-1.tgz: Upgraded to kdeadmin-3.5.8.
kde/kdeartwork-3.5.8-i486-1.tgz: Upgraded to kdeartwork-3.5.8.
kde/kdebase-3.5.8-i486-1.tgz: Upgraded to kdebase-3.5.8.
kde/kdeedu-3.5.8-i486-1.tgz: Upgraded to kdeedu-3.5.8.
kde/kdegames-3.5.8-i486-1.tgz: Upgraded to kdegames-3.5.8.
kde/kdegraphics-3.5.8-i486-1.tgz: Upgraded to kdegraphics-3.5.8.
kde/kdelibs-3.5.8-i486-1.tgz: Upgraded to kdelibs-3.5.8.
kde/kdemultimedia-3.5.8-i486-1.tgz: Upgraded to kdemultimedia-3.5.8.
kde/kdenetwork-3.5.8-i486-1.tgz: Upgraded to kdenetwork-3.5.8.
kde/kdepim-3.5.8-i486-1.tgz: Upgraded to kdepim-3.5.8.
kde/kdesdk-3.5.8-i486-1.tgz: Upgraded to kdesdk-3.5.8.
kde/kdetoys-3.5.8-i486-1.tgz: Upgraded to kdetoys-3.5.8.
kde/kdeutils-3.5.8-i486-1.tgz: Upgraded to kdeutils-3.5.8.
kde/kdevelop-3.5.0-i486-1.tgz: Upgraded to kdevelop-3.5.0.
kde/kdewebdev-3.5.8-i486-1.tgz: Upgraded to kdewebdev-3.5.8.
kdei/kde-i18n-*-3.5.8-noarch-1.tgz: Upgraded to kde-i18n-3.5.8.
l/dbus-glib-0.74-i486-1.tgz: Upgraded to dbus-glib-0.74.
l/freetype-2.3.5-i486-1.tgz: Upgraded to freetype-2.3.5.
l/glib2-2.12.13-i486-1.tgz: Upgraded to glib-2.12.13.
l/glibc-2.5-i486-5.tgz: Recompiled against 2.6.23.1 kernel headers.
Yes, glibc-2.6 is out, but for now we will stick with a known-working version.
l/glibc-i18n-2.5-noarch-5.tgz: Rebuilt.
l/glibc-profile-2.5-i486-5.tgz: Recompiled against 2.6.23.1 kernel headers.
l/gtk+2-2.10.14-i486-1.tgz: Upgraded to gtk+-2.10.14.
l/hal-0.5.10-i486-1.tgz: Upgraded to hal-0.5.10.
l/hal-info-20071011-noarch-1.tgz: Upgraded to hal-info-20071011.
Thanks to Robby Workman for maintaining both of these HAL packages.
l/libao-0.8.8-i486-1.tgz: Upgraded to libao-0.8.8.
l/libgpod-0.5.2-i486-1.tgz: Upgraded to libgpod-0.5.2.
l/libnjb-2.2.6-i486-1.tgz: Upgraded to libnjb-2.2.6.
l/libpng-1.2.21-i486-1.tgz: Upgraded to libpng-1.2.21.
l/libtheora-1.0beta1-i486-1.tgz: Upgraded to libtheora-1.0beta1.
l/libvorbis-1.2.0-i486-1.tgz: Upgraded to libvorbis-1.2.0.
l/libwnck-2.18.3-i486-1.tgz: Added libwnck-2.18.3.
This is needed by compiz to compile gtk-window-decorator.
l/pcre-7.3-i486-1.tgz: Upgraded to pcre-7.3.
l/poppler-0.6-i486-1.tgz: Upgraded to poppler-0.6.
l/qt-3.3.8-i486-5.tgz: Added back the library symlinks into /usr/lib,
without which kdelibs does not compile.
l/svgalib_helper-1.9.25_2.6.23.1-i486-1.tgz: Recompiled for Linux 2.6.23.1.
Thanks to Eric Hameleers for pointing me at the information needed to patch
the helper module for Linux 2.6.23+. :-)
l/vte-0.16.8-i486-1.tgz: Upgraded to vte-0.16.8.
n/httpd-2.2.6-i486-1.tgz: Upgraded to httpd-2.2.6.
n/network-scripts-12.0-noarch-5.tgz: Mount CIFS partitions.
Thanks to Lei Zhang.
n/openssh-4.7p1-i486-1.tgz: Upgraded to openssh-4.7p1.
From the OpenSSH release notes:
"Security bugs resolved in this release: Prevent ssh(1) from using a
trusted X11 cookie if creation of an untrusted cookie fails; found and
fixed by Jan Pechanec."
While it's fair to say that we here at Slackware don't see how this could
be leveraged to compromise a system, a) the OpenSSH people (who presumably
understand the code better) characterize this as a security bug, b) it has
been assigned a CVE entry, and c) OpenSSH is one of the most commonly used
network daemons. Better safe than sorry.
More information should appear here eventually:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
(* Security fix *)
n/openssl-0.9.8f-i486-1.tgz: Upgraded to openssl-0.9.8f.
This release fixes two minor security bugs unlikely to pose any threat to
most production servers. For more information, see:
http://openssl.org/news/secadv_20071012.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995
(nothing in Slackware is using this DTLS implementation)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
(this bug is in a function normally only used for logging or debugging)
(* Security fix *)
n/php-5.2.4-i486-1.tgz: Upgraded to php-5.2.4. The PHP announcement says this
version fixes over 120 bugs as well as "several low priority security bugs."
Read more about it here:
http://www.php.net/releases/5_2_4.php
(* Security fix *)
n/samba-3.0.26a-i486-1.tgz: Upgraded to samba-3.0.26a.
This fixes a security issue in all Samba 3.0.25 versions:
"Incorrect primary group assignment for domain users using the rfc2307
or sfu winbind nss info plugin."
For more information, see:
http://www.samba.org/samba/security/CVE-2007-4138.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
(* Security fix *)
n/wpa_supplicant-0.5.8-i486-1.tgz: Upgraded to wpa_supplicant-0.5.8.
tcl/expect-5.43.0-i486-2.tgz: Rebuilt against tcl-8.4.16.
tcl/tcl-8.4.16-i486-1.tgz: Upgraded to tcl-8.4.16.
tcl/tk-8.4.16-i486-1.tgz: Upgraded to tk-8.4.16.
x/dejavu-ttf-2.20-noarch-1.tgz: Upgraded to dejavu-ttf-2.20.
x/mesa-7.0.1-i486-1.tgz: Upgraded to Mesa 7.0.1.
Upgraded to X.Org 7.3:
PLEASE NOTE: There are a few known problems with this release.
Please let us know if you have solutions to any of these.
1. xf86-video-vesa was not upgraded for the X.Org 7.3 release, and
running Terminal or vte under KDE results in an X hang under KDE,
or garbage in the terminal under XFce.
2. The following modules were not upgraded in the X.Org 7.3 release
and no longer compile: mkcfm, xf86-input-acecad, xf86-input-dmc,
xf86-input-void, xf86-video-glide, xf86-video-impact, and
xf86-video-wsfb. Odds are good that due to the driver ABI change
none of these are currently working.
x/compiz-0.6.0-i486-1: Upgraded to compiz-0.6.0.
x/compositeproto-0.4-noarch-1: Upgraded to compositeproto-0.4.
x/iceauth-1.0.2-i486-1: Upgraded to iceauth-1.0.2.
x/ico-1.0.2-i486-1: Upgraded to ico-1.0.2.
x/inputproto-1.4.2.1-noarch-1: Upgraded to inputproto-1.4.2.1.
x/libICE-1.0.4-i486-1: Upgraded to libICE-1.0.4.
x/libX11-1.1.3-i486-1: Upgraded to libX11-1.1.3.
x/libXaw-1.0.4-i486-1: Upgraded to libXaw-1.0.4.
x/libXcomposite-0.4.0-i486-1: Upgraded to libXcomposite-0.4.0.
x/libXcursor-1.1.9-i486-1: Upgraded to libXcursor-1.1.9.
x/libXfont-1.3.1-i486-1: Upgraded to libXfont-1.3.1.
x/libXi-1.1.3-i486-1: Upgraded to libXi-1.1.3.
x/libXpm-3.5.7-i486-1: Upgraded to libXpm-3.5.7.
x/libXrandr-1.2.2-i486-1: Upgraded to libXrandr-1.2.2.
x/libXrender-0.9.4-i486-1: Upgraded to libXrender-0.9.4.
x/libXtst-1.0.3-i486-1: Upgraded to libXtst-1.0.3.
x/libXxf86dga-1.0.2-i486-1: Upgraded to libXxf86dga-1.0.2.
x/pixman-0.9.5-i486-1: Added pixman-0.9.5.
x/renderproto-0.9.3-noarch-1: Upgraded to renderproto-0.9.3.
x/sessreg-1.0.3-i486-1: Upgraded to sessreg-1.0.3.
x/setxkbmap-1.0.4-i486-1: Upgraded to setxkbmap-1.0.4.
x/xbacklight-1.1-i486-1: Upgraded to xbacklight-1.1.
x/xcalc-1.0.2-i486-1: Upgraded to xcalc-1.0.2.
x/xclock-1.0.3-i486-1: Upgraded to xclock-1.0.3.
x/xconsole-1.0.3-i486-1: Upgraded to xconsole-1.0.3.
x/xcursorgen-1.0.2-i486-1: Upgraded to xcursorgen-1.0.2.
x/xdm-1.1.6-i486-1: Upgraded to xdm-1.1.6.
x/xdriinfo-1.0.2-i486-1: Upgraded to xdriinfo-1.0.2.
x/xf86-input-aiptek-1.0.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-acecad-1.2.0-i486-1.tgz: Removed (not compiling).
x/xf86-input-calcomp-1.1.1-i486-1: Upgraded to xf86-input-calcomp-1.1.1.
x/xf86-input-citron-2.2.1-i486-1: Added xf86-input-citron-2.2.1.
x/xf86-input-digitaledge-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-dynapro-1.1.1-i486-1: Added xf86-input-dynapro-1.1.1.
x/xf86-input-elo2300-1.1.1-i486-1: Added xf86-input-elo2300-1.1.1.
x/xf86-input-elographics-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-evdev-1.1.5-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-fpit-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-hyperpen-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-jamstudio-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-joystick-1.2.3-i486-1: Upgraded to xf86-input-joystick-1.2.3.
x/xf86-input-keyboard-1.2.2-i486-1: Upgraded to xf86-input-keyboard-1.2.2.
x/xf86-input-magellan-1.1.1-i486-1: Upgraded to xf86-input-magellan-1.1.1.
x/xf86-input-magictouch-1.0.0.5-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-microtouch-1.1.1-i486-1: Added xf86-input-microtouch-1.1.1.
x/xf86-input-mouse-1.2.3-i486-1: Upgraded to xf86-input-mouse-1.2.3.
x/xf86-input-mutouch-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-palmax-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-penmount-1.2.1-i486-1: Added xf86-input-penmount-1.2.1.
x/xf86-input-spaceorb-1.1.1-i486-1: Upgraded to xf86-input-spaceorb-1.1.1.
x/xf86-input-summa-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-tek4957-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-ur98-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-input-vmmouse-12.4.3-i486-1: Upgraded to xf86-input-vmmouse-12.4.3.
x/xf86-input-void-1.1.0-i486-1.tgz: Removed (not compiling).
x/xf86-video-amd-2.7.7.3-i486-1: Added xf86-video-amd-2.7.7.3.
x/xf86-video-apm-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-ark-0.6.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-ast-0.81.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-ati-6.7.195-i486-1: Upgraded to xf86-video-ati-6.7.195.
x/xf86-video-chips-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-cirrus-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-cyrix-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-dummy-0.2.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-fbdev-0.3.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-glint-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-i128-1.2.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-i740-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-i810-1.7.4-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-imstt-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-intel-2.1.1-i486-1: Upgraded to xf86-video-intel-2.1.1.
x/xf86-video-mga-1.9.100-i486-1: Upgraded to xf86-video-mga-1.9.100.
x/xf86-video-neomagic-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-newport-0.2.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-nsc-2.8.3-i486-1: Upgraded to xf86-video-nsc-2.8.3.
x/xf86-video-nv-2.1.5-i486-1: Upgraded to xf86-video-nv-2.1.5.
x/xf86-video-rendition-4.1.3-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-s3-0.5.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-s3virge-1.9.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-savage-2.1.3-i486-1: Upgraded to xf86-video-savage-2.1.3.
x/xf86-video-siliconmotion-1.5.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-sis-0.9.3-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-sisusb-0.8.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-tdfx-1.3.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-tga-1.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-trident-1.2.3-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-tseng-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-v4l-0.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-vesa-1.3.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-vga-4.1.0-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-via-0.2.2-i486-2: Recompiled against xorg-server-1.4.
x/xf86-video-vmware-10.15.2-i486-1: Upgraded to xf86-video-vmware-10.15.2.
x/xf86-video-voodoo-1.1.1-i486-2: Recompiled against xorg-server-1.4.
x/xf86dgaproto-2.0.3-noarch-1: Upgraded to xf86dgaproto-2.0.3.
x/xfs-1.0.5-i486-1.tgz: Upgraded to xfs-1.0.5.
x/xgamma-1.0.2-i486-1: Upgraded to xgamma-1.0.2.
x/xhost-1.0.2-i486-1: Upgraded to xhost-1.0.2.
x/xinit-1.0.7-i486-1: Upgraded to xinit-1.0.7.
x/xmag-1.0.2-i486-1: Upgraded to xmag-1.0.2.
x/xman-1.0.3-i486-1: Upgraded to xman-1.0.3.
x/xmessage-1.0.2-i486-1: Upgraded to xmessage-1.0.2.
x/xmodmap-1.0.3-i486-1: Upgraded to xmodmap-1.0.3.
x/xorg-server-1.4-i486-1: Upgraded to xorg-server-1.4.
x/xorg-server-xdmx-1.4-i486-1: Upgraded to xorg-server-xdmx.
x/xorg-server-xnest-1.4-i486-1: Upgraded to xorg-server-xnest-1.4.
x/xorg-server-xvfb-1.4-i486-1: Upgraded to xorg-server-xvfb-1.4.
x/xprop-1.0.3-i486-1: Upgraded to xprop-1.0.3.
x/xrandr-1.2.2-i486-1: Upgraded to xrandr-1.2.2.
x/xrdb-1.0.4-i486-1: Upgraded to xrdb-1.0.4.
x/xset-1.0.3-i486-1: Upgraded to xset-1.0.3.
x/xsetroot-1.0.2-i486-1: Upgraded to xsetroot-1.0.2.
x/xtrans-1.0.4-noarch-1: Upgraded to xtrans-1.0.4.
x/xvinfo-1.0.2-i486-1: Upgraded to xvinfo-1.0.2.
x/xwininfo-1.0.3-i486-1: Upgraded to xwininfo-1.0.3.
xap/fluxbox-1.0.0-i486-1.tgz: Upgraded to fluxbox-1.0.0.
xap/imagemagick-6.3.6_0-i486-1.tgz: Upgraded to ImageMagick-6.3.6-0.
xap/mozilla-firefox-2.0.0.7-i686-1.tgz: Upgraded to mozilla-firefox-2.0.0.7.
xap/pidgin-2.2.1-i486-1.tgz: Upgraded to pidgin-2.2.1.
xap/vim-gvim-7.1.138-i486-1.tgz: Upgraded to vim-7.1.138 with GTK+ extensions.
xap/xine-lib-1.1.8-i686-1.tgz: Upgraded to xine-lib-1.1.8.
xap/xscreensaver-5.03-i486-1.tgz: Upgraded to xscreensaver-5.03.
extra/ktorrent/ktorrent-2.2.2-i486-1.tgz: Upgraded to ktorrent-2.2.2.
extra/linux-2.6.23.1-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
extra/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-i486-1.tgz: Removed.
This does not compile with Linux 2.6.23.1, and no newer version is out.
extra/xf86-video-ati-6.6.3/xf86-video-ati-6.6.3-i486-3.tgz: Removed.
If there are still problems with the ATI driver we'll have to look at them
again. There's a proposed patch around here somewhere.
isolinux/initrd.img: Removed libgpm, which may have been interfering with
serial console and Speakup installs.
Upgraded to jfsutils-1.1.12.
isolinux/network.dsk: Added 2.6.23.1 SMP and non-SMP modules.
isolinux/pcmcia.dsk: Added 2.6.23.1 SMP and non-SMP modules.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.1.
kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.23.1 (SMP).
usb-and-pxe-installers/: Updated USB and PXE installers.
testing/packages/bash-3.2.025-i486-1.tgz: Upgraded to bash-3.2.025.
+--------------------------+
Sat Sep 1 18:23:39 CDT 2007
extra/jdk-6/jdk-6u2-i586-2.tgz: Fixed a bug in the improvement to the
/etc/profile.d/ scripts where it would mess up the $MANPATH. Sorry
about that, folks. The JRE package was not affected.
BTW, any time a security upgrade package mentioned in an advisory is
"missing", it probably means a mistake like this was made. In those
cases, look for a newer package, and verify the authenticity using
"gpg --verify" and the .asc file.
+--------------------------+
Fri Aug 31 13:33:54 CDT 2007
l/jre-6u2-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 2.
This update addresses code errors which could possibly be leveraged to
compromise system security, though we know of no existing exploits.
This update consists of the official Java(TM) binaries repackaged in
Slackware's package format, and may be used on any version of Slackware
that is based on glibc.
For more information, see:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
(* Security fix *)
An additional change was made to the script that Slackware uses to
set environment variables for Java(TM). Now, after the $JAVA_HOME
variable is set, the next variable settings make use of it, rather
than hard-coding the path to $JAVA_HOME. This does not fix a bug,
but is certainly better scripting style. Thanks to Jason Byrne and
Jean-Christophe Fargette for suggesting this change.
extra/jdk-6/jdk-6u2-i586-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 2.
This update addresses code errors which could possibly be leveraged to
compromise system security, though we know of no existing exploits.
This update consists of the official Java(TM) binaries repackaged in
Slackware's package format, and may be used on any version of Slackware
that is based on glibc.
For more information, see:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
(* Security fix *)
An additional change was made to the script that Slackware uses to
set environment variables for Java(TM). Now, after the $JAVA_HOME
variable is set, the next variable settings make use of it, rather
than hard-coding the path to $JAVA_HOME. This does not fix a bug,
but is certainly better scripting style. Thanks to Jason Byrne and
Jean-Christophe Fargette for suggesting this change.
+--------------------------+
Sat Aug 18 14:20:33 CDT 2007
n/tcpdump-3.9.7-i486-1.tgz:
Upgraded to libpcap-0.9.7, tcpdump-3.9.7.
This new version fixes an integer overflow in the BGP dissector which
could possibly allow remote attackers to crash tcpdump or to execute
arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
(* Security fix *)
+--------------------------+
Fri Aug 17 17:53:53 CDT 2007
Merged the following packages from 12.0 /patches:
a/mkinitrd-1.1.3-i486-1.tgz
l/poppler-0.5.4-i486-2.tgz
l/qt-3.3.8-i486-5.tgz
n/bind-9.4.1_P1-i486-1.tgz
x/xf86-video-intel-2.1.0-i486-1.tgz
x/xf86-video-nv-2.1.2-i486-1.tgz
xap/gimp-2.2.17-i486-1.tgz
xap/mozilla-thunderbird-2.0.0.6-i686-1.tgz
xap/mozilla-firefox-2.0.0.6-i686-1.tgz
xap/seamonkey-1.1.4-i486-1.tgz
xap/xpdf-3.02pl1-i486-1.tgz
+--------------------------+
Fri Aug 10 22:39:13 CDT 2007
patches/packages/gimp-2.2.17-i486-1_slack12.0.tgz:
Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding
certain image types.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949
(* Security fix *)
patches/packages/poppler-0.5.4-i486-2_slack12.0.tgz:
Patched to fix an integer overflow in code borrowed from xpdf.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
(* Security fix *)
patches/packages/qt-3.3.8-i486-5_slack12.0.tgz:
Patched to fix several format string bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
(* Security fix *)
patches/packages/seamonkey-1.1.4-i486-1_slack12.tgz:
Upgraded to seamonkey-1.1.4.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
patches/packages/xpdf-3.02pl1-i486-1_slack12.0.tgz:
Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly
be leveraged to run arbitrary code if a malicious PDF file is processed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
(* Security fix *)
+--------------------------+
Fri Aug 3 15:43:35 CDT 2007
patches/packages/mozilla-thunderbird-2.0.0.6-i686-1.tgz:
Upgraded to thunderbird-2.0.0.6.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)
+--------------------------+
Wed Aug 1 13:52:51 CDT 2007
patches/packages/mozilla-firefox-2.0.0.6-i686-1.tgz:
Upgraded to firefox-2.0.0.6.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
+--------------------------+
Thu Jul 26 15:51:42 CDT 2007
patches/packages/bind-9.4.1_P1-i486-1_slack12.0.tgz:
Upgraded to bind-9.4.1_P1 to fix security issues.
The default access control lists allow remote attackers to make recursive
queries in BIND9 versions 9.4.0 through 9.4.1.
The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak.
For more information on these issues, see:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
(* Security fix *)
+--------------------------+
Tue Jul 24 12:40:16 CDT 2007
patches/packages/mozilla-thunderbird-2.0.0.5-i686-1.tgz:
Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine
with Firefox it is susceptible to similar vulnerabilities. This update fixes
the same issues fixed in the recent Firefox patch.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)
patches/packages/seamonkey-1.1.3-i486-1_slack12.tgz:
Upgraded to seamonkey-1.1.3. This is presumably a security update, but the
details on the net have been sparse. So far nothing has appeared at the
usual URL, but I would treat this as a security update unless it is announced
as otherwise.
For more information (if/when it appears), see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+
Thu Jul 19 12:50:36 CDT 2007
patches/packages/mkinitrd-1.1.3-i486-1.tgz: Fixed a minor bug in mkinitrd
where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied
to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were
not affected by this bug, so most people won't run into it (which is probably
why it wasn't spotted in development here).
Thanks to Eric Hameleers for the patch.
patches/packages/mozilla-firefox-2.0.0.5-i686-1.tgz:
Upgraded to firefox-2.0.0.5.
This upgrade fixes a couple of minor security bugs. Nobody here is launching
Firefox from Internet Explorer, right? :-)
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
patches/packages/xf86-video-intel-2.1.0-i486-1.tgz: Added additional chipsets.
patches/packages/xf86-video-nv-2.1.2-i486-1.tgz: Added additional chipsets.
+--------------------------+
Sun Jul 1 22:30:42 CDT 2007
Released as Slackware 12.0 with no changes since the last batch.
Big Thanks again are due to the CREW, without whom this just wouldn't be
possible to do with the level of quality that Slackware users demand.
We had a lot of help this time, and I hope it shows in project output
that you'll enjoy. Thanks for the support of the Slackware community,
because without your support I wouldn't be able to keep leading this
project (and I happen to like it a lot :-).
For more detailed information about what all has changed since Slackware
11.0, start with CHANGES_AND_HINTS.TXT, and maybe read my RELEASE_NOTES.
Have fun!