The following updates has been released for Slackware Linux:
gnupg (SSA:2016-236-01)
libgcrypt (SSA:2016-236-02)
Linux kernel (SSA:2016-236-03)
gnupg (SSA:2016-236-01)
libgcrypt (SSA:2016-236-02)
Linux kernel (SSA:2016-236-03)
gnupg (SSA:2016-236-01)
New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/gnupg-1.4.21-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/gnupg-1.4.21-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/gnupg-1.4.21-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/gnupg-1.4.21-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/gnupg-1.4.21-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/gnupg-1.4.21-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnupg-1.4.21-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnupg-1.4.21-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnupg-1.4.21-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnupg-1.4.21-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gnupg-1.4.21-x86_64-1_slack14.2.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnupg-1.4.21-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnupg-1.4.21-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.0 package:
ad17f87851028e4d5cb29676a6fea7f6 gnupg-1.4.21-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
650dde6cc6bcdc6c13da90e6d5ac5f5a gnupg-1.4.21-x86_64-1_slack13.0.txz
Slackware 13.1 package:
cb0755d93986a8df059ff531236f5adc gnupg-1.4.21-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
8459f1510a4fe319a42e6f87d7a05600 gnupg-1.4.21-x86_64-1_slack13.1.txz
Slackware 13.37 package:
ad785789eb17bd355ac9befa05c03905 gnupg-1.4.21-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
acc63f9119344496925efd85a911f38c gnupg-1.4.21-x86_64-1_slack13.37.txz
Slackware 14.0 package:
e7820ceca9a28c2c56929fd464384417 gnupg-1.4.21-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
765c22a321312e0b6a02ed4218e1d2b5 gnupg-1.4.21-x86_64-1_slack14.0.txz
Slackware 14.1 package:
1c0220324a41709919f77c942e7e8b17 gnupg-1.4.21-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
b08ee4540ec6552176c322c36c5da3e9 gnupg-1.4.21-x86_64-1_slack14.1.txz
Slackware 14.2 package:
5bdc1c890fd2f1bdb63bbd9e47ff5d4f gnupg-1.4.21-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
7088d02a89172c997b799d34f9b84f7c gnupg-1.4.21-x86_64-1_slack14.2.txz
Slackware -current package:
2808c06200971813a071efae1fb5f03a n/gnupg-1.4.21-i586-1.txz
Slackware x86_64 -current package:
db3de668806143ab7a3b05b3af16a91e n/gnupg-1.4.21-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg gnupg-1.4.21-i586-1_slack14.2.txz
libgcrypt (SSA:2016-236-02)
New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, 14.2, and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/libgcrypt-1.7.3-i586-1_slack14.2.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/libgcrypt-1.5.6-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/libgcrypt-1.5.6-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/libgcrypt-1.5.6-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libgcrypt-1.5.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libgcrypt-1.5.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libgcrypt-1.5.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libgcrypt-1.5.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/libgcrypt-1.7.3-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/libgcrypt-1.7.3-x86_64-1_slack14.2.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/libgcrypt-1.7.3-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/libgcrypt-1.7.3-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.0 package:
746744e7851ec64143ca9f11d5120916 libgcrypt-1.5.6-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
dc471573d1de585f6b32dbf44c9171ad libgcrypt-1.5.6-x86_64-1_slack13.0.txz
Slackware 13.1 package:
ec165ecd16ab861b1bb8b85ac22eda24 libgcrypt-1.5.6-i486-1_slack13.1.txz
Slackware x86_64 13.1 package:
22c6a54adafdd6910308f4b8a986739c libgcrypt-1.5.6-x86_64-1_slack13.1.txz
Slackware 13.37 package:
c8cb4bf4670f7a2027beb3cac7e42d12 libgcrypt-1.5.6-i486-1_slack13.37.txz
Slackware x86_64 13.37 package:
5871b9e016439689a793f079c44abfde libgcrypt-1.5.6-x86_64-1_slack13.37.txz
Slackware 14.0 package:
5eeaa749b2a610140b6f1f10f0d5229d libgcrypt-1.5.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
836394a52faaf7d29d0622b0cff79464 libgcrypt-1.5.6-x86_64-1_slack14.0.txz
Slackware 14.1 package:
57412d10a69f5adbe9c73ff27339fd77 libgcrypt-1.5.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
eab31a839b016bb8cc988a32c0eca984 libgcrypt-1.5.6-x86_64-1_slack14.1.txz
Slackware 14.2 package:
48d41635054a9b27ae35fa64dbb5ae9a libgcrypt-1.7.3-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
d056790a1a39ee8ba7bd2fdc93b0409a libgcrypt-1.7.3-x86_64-1_slack14.2.txz
Slackware -current package:
40066b89b5950e4198fbed0eab7eb42e n/libgcrypt-1.7.3-i586-1.txz
Slackware x86_64 -current package:
7b0c774415b931d2d47a90e45b5f9bbf n/libgcrypt-1.7.3-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg libgcrypt-1.7.3-i586-1_slack14.2.txz
Linux kernel (SSA:2016-236-03)
New Linux kernel packages are available for Slackware 14.2 and -current to
fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.19/*: Upgraded.
A flaw was found in the implementation of the Linux kernels handling of
networking challenge ack where an attacker is able to determine the shared
counter. This may allow an attacker located on different subnet to inject
or take over a TCP connection between a server and client without having to
be a traditional Man In the Middle (MITM) style attack.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5389
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated packages for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-firmware-20160823git-noarch-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-generic-4.4.19-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-generic-smp-4.4.19_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-headers-4.4.19_smp-x86-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-huge-4.4.19-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-huge-smp-4.4.19_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-modules-4.4.19-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-modules-smp-4.4.19_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.19/kernel-source-4.4.19_smp-noarch-1_slack14.2.txz
Updated packages for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-firmware-20160823git-noarch-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-generic-4.4.19-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-headers-4.4.19-x86-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-huge-4.4.19-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-modules-4.4.19-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.19/kernel-source-4.4.19-noarch-1_slack14.2.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-firmware-20160823git-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.4.19-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.4.19_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.4.19-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.4.19_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.4.19-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.4.19_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.4.19_smp-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.4.19_smp-noarch-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-firmware-20160823git-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.4.19-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.4.19-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.4.19-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.4.19-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.4.19-noarch-1.txz
MD5 signatures:
+-------------+
Slackware 14.2 packages:
2c825a510bed80122f194b1d01af3fa0 kernel-firmware-20160823git-noarch-1_slack14.2.txz
cd6769504fa3d442c5a86b80e9d6a8f8 kernel-generic-4.4.19-i586-1_slack14.2.txz
19bdd53257f0266f044422acc0d27256 kernel-generic-smp-4.4.19_smp-i686-1_slack14.2.txz
a1dcff2c2ea9742684d212525bb3f0e0 kernel-headers-4.4.19_smp-x86-1_slack14.2.txz
f14e40ab6d30319c3568a431a6c5f34a kernel-huge-4.4.19-i586-1_slack14.2.txz
9e0c4fb01970b56609643abbdc0f570f kernel-huge-smp-4.4.19_smp-i686-1_slack14.2.txz
a5a9c9857876d1d3956e593d0c579218 kernel-modules-4.4.19-i586-1_slack14.2.txz
e65fdec2123d847d5be8fb0232b281c3 kernel-modules-smp-4.4.19_smp-i686-1_slack14.2.txz
4c605389c82b97a33d2559e5df2bebf2 kernel-source-4.4.19_smp-noarch-1_slack14.2.txz
Slackware x86_64 14.2 packages:
2c825a510bed80122f194b1d01af3fa0 kernel-firmware-20160823git-noarch-1_slack14.2.txz
40a410f5a628051bb1cc50ae88fd591d kernel-generic-4.4.19-x86_64-1_slack14.2.txz
91adc5fedd7aaf334de7665a735788cd kernel-headers-4.4.19-x86-1_slack14.2.txz
b772650ff79a6d357256e7a9aecd0a23 kernel-huge-4.4.19-x86_64-1_slack14.2.txz
149c712cccd49fa92ad06e33ce7c263a kernel-modules-4.4.19-x86_64-1_slack14.2.txz
cced4f9d6dbc5ef072c7ed557d8509a9 kernel-source-4.4.19-noarch-1_slack14.2.txz
Slackware -current packages:
2c825a510bed80122f194b1d01af3fa0 a/kernel-firmware-20160823git-noarch-1.txz
9083f53ce484767fd7c8cdbb40a2713f a/kernel-generic-4.4.19-i586-1.txz
2cd4d4ccabda7abc53ce25a10c37ccdb a/kernel-generic-smp-4.4.19_smp-i686-1.txz
9a1c7e393c5a5ff4e58613dc9a1db18c a/kernel-huge-4.4.19-i586-1.txz
bbc0d94f8d1e4403eaeb534c3edfacb8 a/kernel-huge-smp-4.4.19_smp-i686-1.txz
fd2c5fdc2e94e8be34c062592586f33e a/kernel-modules-4.4.19-i586-1.txz
6592497f616bb62fda7ce7cdb2f2f1f3 a/kernel-modules-smp-4.4.19_smp-i686-1.txz
04b40c091f4146347cfd3310be7b7f2e d/kernel-headers-4.4.19_smp-x86-1.txz
1cf357ecc4349463a0bdb6afc77e2eb4 k/kernel-source-4.4.19_smp-noarch-1.txz
Slackware x86_64 -current packages:
2c825a510bed80122f194b1d01af3fa0 a/kernel-firmware-20160823git-noarch-1.txz
b9883b33ee3706ac04646d5249763861 a/kernel-generic-4.4.19-x86_64-1.txz
d1b8e708f13f4a8eded5b0580f78472e a/kernel-huge-4.4.19-x86_64-1.txz
0edd8593e606554fd8ec65a4e167c0ca a/kernel-modules-4.4.19-x86_64-1.txz
5aa03b03d2163ca142eaf9eb1500dbbb d/kernel-headers-4.4.19-x86-1.txz
1e4b6ea7e5936f22671f5f8283ce513c k/kernel-source-4.4.19-noarch-1.txz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg kernel-*.txz
If you are using an initrd, you'll need to rebuild it.
For a 32-bit SMP machine, use this command:
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.19-smp | bash
For a 64-bit machine, or a 32-bit uniprocessor machine, use this command:
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.19 | bash
Please note that "uniprocessor" has to do with the kernel you are running,
not with the CPU. Most systems should run the SMP kernel (if they can)
regardless of the number of cores the CPU has. If you aren't sure which
kernel you are running, run "uname -a". If you see SMP there, you are
running the SMP kernel and should use the 4.4.19-smp version when running
mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit
systems should always use 4.4.19 as the version.
If you are using lilo or elilo to boot the machine, you'll need to ensure
that the machine is properly prepared before rebooting.
If using LILO:
By default, lilo.conf contains an image= line that references a symlink
that always points to the correct kernel. No editing should be required
unless your machine uses a custom lilo.conf. If that is the case, be sure
that the image= line references the correct kernel file. Either way,
you'll need to run "lilo" as root to reinstall the boot loader.
If using elilo:
Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish
to use, and then run eliloconfig to update the EFI System Partition.