Slackware 1131 Published by

The first release candidate for Slackware Linux 14.2 is available



Good hello, let's call this Slackware 14.2 release candidate 1. We still have a bit of work to do before this is fully ready to go, but we're done doing every little upgrade that comes along. Well, mostly. Have a great day, and beannachtai na Feile Padraig oraibh!

a/kernel-generic-4.4.6-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.6-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.6-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.6-x86-1.txz: Upgraded.
d/perl-5.22.1-x86_64-1.txz: Upgraded.
Also upgraded to DBD-mysql-4.033, URI-1.71, and XML-Simple-2.22.
k/kernel-source-4.4.6-noarch-1.txz: Upgraded.
l/M2Crypto-0.23.0-x86_64-1.txz: Upgraded.
n/crda-3.18-x86_64-3.txz: Rebuilt.
Upgraded to wireless-regdb-2016.02.08. Thanks to USUARIONUEVO.
n/nmap-7.10-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-45.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
extra/tigervnc/tigervnc-1.6.0-x86_64-2.txz: Rebuilt.
Rebuilt for xorg-server-1.18.2.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/source/linux-4.5-configs/*: Added.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Mar 15 23:53:18 UTC 2016
a/glibc-zoneinfo-2016b-noarch-1.txz: Upgraded.
a/procps-ng-3.3.11-x86_64-1.txz: Upgraded.
d/git-2.7.3-x86_64-1.txz: Upgraded.
Fixed buffer overflows allowing server and client side remote code
execution in all git versions before 2.7.1.
For more information, see:
http://seclists.org/oss-sec/2016/q1/645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324
(* Security fix *)
kde/kdelibs-4.14.18-x86_64-1.txz: Upgraded.
l/seamonkey-solibs-2.40-x86_64-1.txz: Upgraded.
n/ethtool-4.5-x86_64-1.txz: Upgraded.
xap/gnuplot-5.0.3-x86_64-1.txz: Upgraded.
xap/seamonkey-2.40-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.seamonkey-project.org/releases/seamonkey2.40
(* Security fix *)
xfce/xfce4-clipman-plugin-1.2.6-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Mar 14 02:18:20 UTC 2016
a/grep-2.24-x86_64-1.txz: Upgraded.
ap/sudo-1.8.15-x86_64-1.txz: Upgraded.
New options: --with-insults --with-all-insults --with-pc-insults.
Sorry about this, I know it's a bit silly. ;-)
Thanks to chytraeus for the suggestion.
x/videoproto-2.3.3-noarch-1.txz: Upgraded.
x/xorg-server-1.18.2-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.18.2-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.18.2-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.18.2-x86_64-1.txz: Upgraded.
xap/MPlayer-1.2_20160125-x86_64-2.txz: Rebuilt.
Rebuilt against ffmpeg-2.8.6.
Force lavf for flac because the native demuxer can't handle embedded album
art. As a bonus (or a regression) you'll also get album art if it exists.
xap/xine-lib-1.2.6-x86_64-8.txz: Rebuilt.
Rebuilt against ffmpeg-2.8.6.
+--------------------------+
Thu Mar 10 23:43:47 UTC 2016
a/kernel-firmware-20160310git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.5-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.5-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.5-x86_64-1.txz: Upgraded.
ap/vim-7.4.1530-x86_64-1.txz: Upgraded.
When building vim, we now fetch a prepatched archive from github rather than
applying hundreds or thousands of patches to the original sources. As a side
benefit, all you need to do in order to build the latest version of vim is
remove the existing tarball and run the SlackBuild again. It will scrape the
vim page at github for the latest version number and then fetch that version.
Thanks to USUARIONUEVO for posting a URL that got me thinking about it.
d/git-2.7.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.5-x86-1.txz: Upgraded.
k/kernel-source-4.4.5-noarch-1.txz: Upgraded.
l/gtk+3-3.18.9-x86_64-1.txz: Upgraded.
n/openssh-7.2p2-x86_64-1.txz: Upgraded.
This release fixes a security bug:
sshd(8): sanitise X11 authentication credentials to avoid xauth
command injection when X11Forwarding is enabled.
For more information, see:
http://www.openssh.com/txt/x11fwd.adv
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
(* Security fix *)
xap/vim-gvim-7.4.1530-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Use "mkfs.brtfs -f" in SeTpartitions. Thanks to Didier Spaier.
+--------------------------+
Thu Mar 10 02:46:49 UTC 2016
a/cryptsetup-1.7.1-x86_64-1.txz: Upgraded.
a/grep-2.23-x86_64-1.txz: Upgraded.
ap/htop-2.0.1-x86_64-1.txz: Upgraded.
d/cmake-3.5.0-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-1.txz: Upgraded.
kde/kdelibs-4.14.17-x86_64-1.txz: Upgraded.
kdei/calligra-l10n-bs-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-ca-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-ca\@valencia-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-cs-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-da-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-de-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-el-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-en_GB-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-es-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-et-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-fi-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-fr-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-gl-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-hu-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-it-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-ja-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-kk-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-nb-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-nl-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-pl-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-pt-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-pt_BR-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-ru-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-sk-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-sv-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-tr-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-uk-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-zh_CN-2.9.11-noarch-1.txz: Upgraded.
kdei/calligra-l10n-zh_TW-2.9.11-noarch-1.txz: Upgraded.
l/mozilla-nss-3.23-x86_64-1.txz: Upgraded.
Upgraded to nss-3.23 and nspr-4.12.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/nss.html
(* Security fix *)
n/bind-9.10.3_P4-x86_64-1.txz: Upgraded.
Fixed security issues:
Duplicate EDNS COOKIE options in a response could trigger an assertion
failure. (CVE-2016-2088) [RT #41809]
Fix resolver assertion failure due to improper DNAME handling when
parsing fetch reply messages. (CVE-2016-1286) [RT #41753]
Malformed control messages can trigger assertions in named and rndc.
(CVE-2016-1285) [RT #41666]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
(* Security fix *)
n/gnupg-1.4.20-x86_64-1.txz: Upgraded.
n/lynx-2.8.8rel.2-x86_64-1.txz: Upgraded.
x/xf86-video-openchrome-git_20160309_74e95a6-x86_64-1.txz: Upgraded.
+--------------------------+
Wed Mar 9 01:36:14 UTC 2016
d/llvm-3.8.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
x/mesa-11.1.2-x86_64-2.txz: Rebuilt.
Recompiled against libLLVM-3.8.
x/xf86-video-vmware-13.1.0-x86_64-7.txz: Rebuilt.
Recompiled against libLLVM-3.8.
+--------------------------+
Tue Mar 8 20:30:19 UTC 2016
l/shared-mime-info-1.6-x86_64-1.txz: Upgraded.
n/samba-4.3.6-x86_64-1.txz: Upgraded.
This update fixes bugs, and two security issues:
Incorrect ACL get/set allowed on symlink path (CVE-2015-7560).
Out-of-bounds read in internal DNS server (CVE-2016-0771).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
(* Security fix *)
xap/mozilla-firefox-45.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Tue Mar 8 01:54:33 UTC 2016
A few more updates. Thanks to Robby Workman for prepping most of
the minor version bumps.
a/acpid-2.0.26-x86_64-1.txz: Upgraded.
a/ed-1.13-x86_64-1.txz: Upgraded.
a/hwdata-0.284-noarch-1.txz: Upgraded.
a/lvm2-2.02.145-x86_64-1.txz: Upgraded.
a/pciutils-3.4.1-x86_64-1.txz: Upgraded.
ap/cups-filters-1.8.2-x86_64-1.txz: Upgraded.
ap/diffstat-1.60-x86_64-1.txz: Upgraded.
ap/enscript-1.6.6-x86_64-1.txz: Upgraded.
ap/foomatic-filters-4.0.17-x86_64-1.txz: Removed.
The cups-filters package contains these programs.
ap/lxc-1.1.5-x86_64-3.txz: Rebuilt.
Added modified versions of a few init scripts instead of having the
lxc-slackware template try to patch them (which invariably led to the
template breaking every time any of the other files were changed).
ap/man-pages-4.04-noarch-1.txz: Upgraded.
ap/sysstat-11.2.1.1-x86_64-1.txz: Upgraded.
d/binutils-2.26-x86_64-3.txz: Rebuilt.
Rebuilt with --enable-install-libiberty, since the binutils version of
libiberty.a will be built with -fPIC where needed.
d/cscope-15.8b-x86_64-1.txz: Upgraded.
d/gcc-5.3.0-x86_64-3.txz: Rebuilt.
Rebuilt with --disable-install-libiberty.
d/gcc-g++-5.3.0-x86_64-3.txz: Rebuilt.
d/gcc-gfortran-5.3.0-x86_64-3.txz: Rebuilt.
d/gcc-gnat-5.3.0-x86_64-3.txz: Rebuilt.
d/gcc-go-5.3.0-x86_64-3.txz: Rebuilt.
d/gcc-java-5.3.0-x86_64-3.txz: Rebuilt.
d/gcc-objc-5.3.0-x86_64-3.txz: Rebuilt.
d/pkg-config-0.29.1-x86_64-1.txz: Upgraded.
d/python-setuptools-20.1.1-x86_64-1.txz: Upgraded.
l/LibRaw-0.17.1-x86_64-1.txz: Upgraded.
l/aspell-0.60.6.1-x86_64-1.txz: Upgraded.
l/fribidi-0.19.7-x86_64-1.txz: Upgraded.
l/fuse-2.9.5-x86_64-1.txz: Upgraded.
l/gtk+2-2.24.30-x86_64-1.txz: Upgraded.
l/gvfs-1.26.3-x86_64-1.txz: Upgraded.
l/libgsf-1.14.36-x86_64-1.txz: Upgraded.
l/libnl3-3.2.27-x86_64-1.txz: Upgraded.
l/libsecret-0.18.4-x86_64-1.txz: Upgraded.
l/libwpg-0.3.1-x86_64-1.txz: Upgraded.
l/mpfr-3.1.4-x86_64-1.txz: Upgraded.
l/pycurl-7.43.0-x86_64-1.txz: Upgraded.
l/v4l-utils-1.10.0-x86_64-1.txz: Upgraded.
n/lftp-4.6.5-x86_64-1.txz: Upgraded.
n/nettle-3.2-x86_64-1.txz: Upgraded.
n/netwatch-1.3.1_2-x86_64-1.txz: Upgraded.
n/openssh-7.2p1-x86_64-1.txz: Upgraded.
Thanks to Alan Brantley for updating the libwrap patch.
n/p11-kit-0.23.2-x86_64-1.txz: Upgraded.
n/php-5.6.19-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.19
(* Security fix *)
x/libdrm-2.4.67-x86_64-1.txz: Upgraded.
x/libva-1.6.2-x86_64-1.txz: Upgraded.
x/libva-intel-driver-1.6.2-x86_64-1.txz: Upgraded.
x/xorg-server-1.18.1-x86_64-2.txz: Rebuilt.
Applied a patch to fix crashes when making MPlayer (and some other video
players) go fullscreen after a resume. Thanks to orbea.
x/xorg-server-xephyr-1.18.1-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.18.1-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.18.1-x86_64-2.txz: Rebuilt.
xap/geeqie-1.2.1-x86_64-2.txz: Rebuilt.
Patched to fix crashes and high CPU usage when used with modern versions
of GTK+. Thanks to Jas for pointing out the patch in upstream git.
extra/bash-completion/bash-completion-2.2-noarch-1.txz: Upgraded.
+--------------------------+
Fri Mar 4 18:22:42 UTC 2016
a/kernel-generic-4.4.4-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.4-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.4-x86_64-1.txz: Upgraded.
a/lvm2-2.02.144-x86_64-1.txz: Upgraded.
a/mdadm-3.3.4-x86_64-1.txz: Upgraded.
a/upower-0.9.23-x86_64-3.txz: Rebuilt.
Added several patches from the git master branch, including one to prevent
a bluetooth mouse or keyboard from being improperly detected as a power
source. Thanks to Robby Workman.
ap/texinfo-6.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.4-x86-1.txz: Upgraded.
k/kernel-source-4.4.4-noarch-1.txz: Upgraded.
l/dbus-glib-0.106-x86_64-1.txz: Upgraded.
l/dbus-python-1.2.2-x86_64-1.txz: Upgraded.
n/conntrack-tools-1.4.3-x86_64-1.txz: Upgraded.
n/gnutls-3.4.10-x86_64-1.txz: Upgraded.
n/iproute2-4.4.0-x86_64-1.txz: Upgraded.
n/iptables-1.6.0-x86_64-1.txz: Upgraded.
n/irssi-0.8.18-x86_64-1.txz: Upgraded.
n/libnetfilter_conntrack-1.0.5-x86_64-1.txz: Upgraded.
n/libnftnl-1.0.5-x86_64-1.txz: Upgraded.
n/nftables-0.5-x86_64-1.txz: Upgraded.
n/stunnel-5.31-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Mar 3 20:05:41 UTC 2016
ap/mariadb-10.0.24-x86_64-2.txz: Rebuilt.
Recompiled with patched binutils.
d/binutils-2.26-x86_64-2.txz: Rebuilt.
Applied upstream patches for several bugs, including:
PR ld/19698
* elflink.c (bfd_elf_record_link_assignment): Set versioned if
symbol version is unknown.
Which was causing MariaDB to fail to start properly for Akonadi.
d/python-2.7.11-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
Thanks to Matteo Bernardini.
l/neon-0.30.1-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
Thanks to Matteo Bernardini.
+--------------------------+
Thu Mar 3 05:41:26 UTC 2016
a/aaa_elflibs-14.2-x86_64-10.txz: Rebuilt.
a/kernel-firmware-20160302git-noarch-1.txz: Upgraded.
a/openssl-solibs-1.0.2g-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.0-noarch-30.txz: Rebuilt.
rc.M: Start D-Bus and NetworkManager right after rc.inet1.
ap/ksh93-2012_08_01-x86_64-2.txz: Rebuilt.
Removed broken locale files. Thanks to Didier Spaier.
ap/nano-2.5.3-x86_64-1.txz: Upgraded.
ap/sqlite-3.11.0-x86_64-1.txz: Upgraded.
ap/vim-7.4.1424-x86_64-1.txz: Upgraded.
d/ruby-2.2.4-x86_64-1.txz: Upgraded.
l/libssh2-1.7.0-x86_64-1.txz: Moved.
Moved from N -> L series to be consistent with libssh.
l/poppler-0.41.0-x86_64-1.txz: Upgraded.
l/qca-2.1.1-x86_64-1.txz: Upgraded.
l/qca-cyrus-sasl-2.0.0_beta3-x86_64-2.txz: Removed.
l/qca-gnupg-2.0.0_beta3-x86_64-1.txz: Removed.
l/qca-ossl-2.0.0_beta3-x86_64-3.txz: Removed.
l/qt-4.8.7-x86_64-4.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/curl-7.47.1-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/fetchmail-6.3.26-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/httpd-2.4.18-x86_64-1.txz: Upgraded.
n/links-2.12-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
n/mailx-12.5-x86_64-2.txz: Rebuilt.
Drop SSLv2 support (no longer supported by OpenSSL), and fix security issues
that could allow a local attacker to cause mailx to execute arbitrary
shell commands through the use of a specially-crafted email address.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844
(* Security fix *)
n/openssl-1.0.2g-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
Double-free in DSA code (CVE-2016-0705)
Memory leak in SRP database lookups (CVE-2016-0798)
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
Fix memory issues in BIO_*printf functions (CVE-2016-0799)
Side channel attack on modular exponentiation (CVE-2016-0702)
Note that this package drops all support for SSLv2, which breaks the ABI for
any binaries that make use of SSLv2_client_method.
For more information, see:
https://www.openssl.org/news/secadv/20160301.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702
(* Security fix *)
n/php-5.6.18-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.18
(* Security fix *)
n/samba-4.3.5-x86_64-1.txz: Upgraded.
n/stunnel-5.30-x86_64-2.txz: Rebuilt.
Allow OpenSSL to use the default key size for DH in generate-stunnel-key.sh.
Thanks to Markus Reichelt.
Recompiled to drop support for OpenSSL SSLv2.
n/wget-1.17.1-x86_64-2.txz: Rebuilt.
Recompiled to drop support for OpenSSL SSLv2.
tcl/expect-5.45-x86_64-1.txz: Upgraded.
tcl/tcl-8.6.5-x86_64-1.txz: Upgraded.
tcl/tk-8.6.5-x86_64-1.txz: Upgraded.
x/xf86-video-intel-git_20160229_d167280-x86_64-1.txz: Upgraded.
x/xrandr-1.5.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-7.4.1424-x86_64-1.txz: Upgraded.
xap/xpdf-3.04-x86_64-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
Another attempt to get /sbin/probe to reliably handle nvme partitions.
Thanks to w9cf and Grant Coady.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Another attempt to get /sbin/probe to reliably handle nvme partitions.
Thanks to w9cf and Grant Coady.
+--------------------------+
Fri Feb 26 22:54:05 UTC 2016
a/btrfs-progs-v4.4.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.4.3-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.3-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.3-x86_64-1.txz: Upgraded.
a/sdparm-1.10-x86_64-1.txz: Upgraded.
ap/mariadb-10.0.24-x86_64-1.txz: Upgraded.
d/gdb-7.11-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.3-x86-1.txz: Upgraded.
k/kernel-source-4.4.3-noarch-1.txz: Upgraded.
kde/kdepimlibs-4.14.10-x86_64-2.txz: Rebuilt.
Recompiled against libical-2.0.0.
l/gtk+3-3.18.8-x86_64-1.txz: Upgraded.
l/libical-2.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libssh-0.7.3-x86_64-1.txz: Upgraded.
Fixed weak key generation. Due to a bug in the ephemeral secret key
generation for the diffie-hellman-group1 and diffie-hellman-group14
methods, ephemeral secret keys of size 128 bits are generated, instead
of the recommended sizes of 1024 and 2048 bits, giving a practical
security of 63 bits.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
(* Security fix *)
l/sg3_utils-1.42-x86_64-1.txz: Upgraded.
n/bluez-5.37-x86_64-2.txz: Rebuilt.
Recompiled against libical-2.0.0.
n/libssh2-1.7.0-x86_64-1.txz: Upgraded.
Fixed weak key generation. During the SSHv2 handshake when libssh2 is to
get a suitable value for 'group order' in the Diffle Hellman negotiation,
it would pass in number of bytes to a function that expected number of bits.
This would result in the library generating numbers using only an 8th the
number of random bits than what were intended: 128 or 256 bits instead of
1023 or 2047. Using such drastically reduced amount of random bits for
Diffie Hellman weakended the handshake security significantly.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
(* Security fix *)
x/mesa-11.1.2-x86_64-1.txz: Upgraded.
xfce/orage-4.12.1-x86_64-3.txz: Rebuilt.
Recompiled against libical-2.0.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Feb 23 19:31:59 UTC 2016
a/glibc-solibs-2.23-x86_64-1.txz: Upgraded.
a/kernel-generic-4.4.2-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.2-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.2-x86_64-1.txz: Upgraded.
a/procps-ng-3.3.10-x86_64-5.txz: Rebuilt.
Restored FROM field in w. Thanks to Stuart Winter.
ap/cups-2.1.3-x86_64-2.txz: Rebuilt.
Corrected CXXFLAGS to fix build for older CPUs. Thanks to ecd102.
ap/mc-4.8.15-x86_64-2.txz: Rebuilt.
Patched to fix displaying man pages. Thanks to DarkVision.
d/kernel-headers-4.4.2-x86-1.txz: Upgraded.
k/kernel-source-4.4.2-noarch-1.txz: Upgraded.
Key .config changes for this kernel update:
CHECKPOINT_RESTORE n -> y
DEBUG_KERNEL n -> y
EXPERT n -> y
NR_CPUS 128 -> 256
KALLSYMS_ALL y
LIVEPATCH y
l/GConf-3.2.6-x86_64-3.txz: Rebuilt.
Patched "GConf-WARNING **: Client failed to connect to the D-BUS daemon:"
and added a couple other patches from git. Thanks to Robby Workman.
l/alsa-lib-1.1.0-x86_64-3.txz: Rebuilt.
Changed the default /etc/asound.conf.new to use a different configuration
for PulseAudio that is less likely to cause issues than the previous one,
especially on machines where the analog output is not recognized as card 0
by the BIOS. Thanks to Ryan P.C. McQuen who went above and beyond on this
bug report by convincing upstream to recommend this on their website in
order to convince me to make the change. :):
l/glibc-2.23-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
Of the security fixes, the most important and well-publicized is the
stack-based buffer overflow in libresolv that could allow specially
crafted DNS responses to seize control of execution flow in the DNS
client (CVE-2015-7547). However, due to a patch applied to Slackware's
glibc back in 2009 (don't use the gethostbyname4() lookup method as it
was causing some cheap routers to misbehave), we were not vulnerable to
that issue. The rest of the fixed security issues are less critical.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547
(* Security fix *)
l/glibc-i18n-2.23-x86_64-1.txz: Upgraded.
l/glibc-profile-2.23-x86_64-1.txz: Upgraded.
l/libproxy-0.4.12-x86_64-1.txz: Upgraded.
n/bind-9.10.3_P3-x86_64-1.txz: Upgraded.
This release fixes two possible denial-of-service issues:
render_ecs errors were mishandled when printing out a OPT record resulting
in a assertion failure. (CVE-2015-8705) [RT #41397]
Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
(* Security fix *)
n/libgcrypt-1.6.5-x86_64-1.txz: Upgraded.
Mitigate side-channel attack on ECDH with Weierstrass curves.
For more information, see:
http://www.cs.tau.ac.IL/~tromer/ecdh/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511
(* Security fix *)
n/nmap-7.01-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p6-x86_64-1.txz: Upgraded.
In addition to bug fixes and enhancements, this release fixes
several low and medium severity vulnerabilities.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
(* Security fix *)
x/xf86-video-amdgpu-1.0.1-x86_64-1.txz: Upgraded.
xap/blueman-2.0.3-x86_64-2.txz: Rebuilt.
Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than
#!/usr/bin/env python.
For details, see: https://github.com/blueman-project/blueman/issues/435
Thanks to zakame and Robby Workman.
extra/tigervnc/tigervnc-1.6.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Sun Feb 14 19:40:04 UTC 2016
xap/mozilla-thunderbird-38.6.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
Thu Feb 11 21:56:21 UTC 2016
a/sysvinit-scripts-2.0-noarch-29.txz: Rebuilt.
rc.S: Avoid mounting /dev/shm twice.
Thanks to Andrzej Telszewski and GazL.
rc.6, rc.K: Match 'type nfs ' rather than 'type nfs' to avoid false hits
(and error messages) from matching nfsd pseudo-filesystems.
Thanks to Jonathan Woithe.
ap/hplip-3.16.2-x86_64-1.txz: Upgraded.
ap/htop-2.0.0-x86_64-1.txz: Upgraded.
l/freetype-2.6.3-x86_64-1.txz: Upgraded.
l/libcap-ng-0.7.7-x86_64-1.txz: Added.
This is needed by mount.cifs in order to support making it setuid so that
normal users can mount remote CIFS partitions. And it is expected that
other programs will begin to use it in preference to the older libcap.
n/cifs-utils-6.4-x86_64-2.txz: Rebuilt.
Recompiled against libcap-ng. Now mount.cifs will work for normal users
if setuid root. By default, mount.cifs remains NOT setuid root, though.
x/pixman-0.34.0-x86_64-1.txz: Upgraded.
x/xf86-video-r128-6.10.1-x86_64-1.txz: Upgraded.
x/xorg-server-1.18.1-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.18.1-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.18.1-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.18.1-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-44.0.2-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Mon Feb 8 22:08:35 UTC 2016
a/mkinitrd-1.4.8-x86_64-5.txz: Rebuilt.
Blacklisted rules.d/60-openobex.rules to prevent error messages at boot.
Thanks to Eric Hameleers.
ap/cups-2.1.3-x86_64-1.txz: Upgraded.
ap/ghostscript-9.07-x86_64-3.txz: Rebuilt.
Reverted back to ghostscript-9.07, since any newer version causes the GIMP
ps plugin to crash when attempting to import a .ps or .eps file. Whatever
is causing the problem happened between gs-9.07 and gs-9.09, and is probably
also dependent on the libraries in use and perhaps the compiler, since some
other distributions appear to be using the latest ghostscript without issues.
If anyone can figure it out, hints are welcome. Meanwhile this gets
everything working again.
d/gcc-5.3.0-x86_64-2.txz: Rebuilt.
Patched to fix internal compiler error building Wine.
Thanks to Kirill Smirnov.
d/gcc-g++-5.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gfortran-5.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gnat-5.3.0-x86_64-2.txz: Rebuilt.
d/gcc-go-5.3.0-x86_64-2.txz: Rebuilt.
d/gcc-java-5.3.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-5.3.0-x86_64-2.txz: Rebuilt.
l/libsndfile-1.0.26-x86_64-1.txz: Upgraded.
This release fixes security issues which may allow attackers to cause
a denial of service, or possibly execute arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
(* Security fix *)
l/loudmouth-1.5.2-x86_64-1.txz: Upgraded.
n/curl-7.47.1-x86_64-1.txz: Upgraded.
This update fixes a security issue where NTLM credentials are not checked
for proxy connection reuse. The effects of this flaw is that the application
could be reusing a proxy connection using the previously used credentials
and thus it could be given to or prevented access from resources that it
wasn't intended to. Thanks to Isaac Boukris.
For more information, see:
https://curl.haxx.se/docs/adv_20160127A.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755
(* Security fix *)
n/mcabber-1.0.1-x86_64-1.txz: Upgraded.
n/stunnel-5.30-x86_64-1.txz: Upgraded.
x/xf86-video-intel-git_20160208_8b8c9a3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-44.0.1-x86_64-1.txz: Upgraded.
extra/wicd/wicd-1.7.4-x86_64-1.txz: Upgraded.
  Slackware Linux 14.2 Release Candidate 1