Slackware64-current ChangeLog (2015-02-16)
Mon Feb 16 19:33:36 UTC 2015
Packages
Rebuilt
- a/sysvinit-scripts-2.0-noarch-18.txz
Patched the init scripts to produce nicer output from the new versions
of mount/umount. Run the GTK+/FDo registry rebuilds in the background
to speed up boot time. Optimize the search for icon cache files by only
looking in the directories they might be in, rather than all directories
under /usr/share/icons. - d/guile-2.0.11-x86_64-2.txz
Recompiled against readline-6.3.
Upgraded
- a/patch-2.7.4-x86_64-1.txz
Patch no longer follows symbolic links to input and output files. This
ensures that symbolic links created by git-style patches cannot cause
patch to write outside the working directory.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1196
(* Security fix *) - ap/sudo-1.8.12-x86_64-1.txz
This update fixes a potential security issue by only passing the TZ
environment variable it is considered safe. This prevents exploiting bugs
in glibc's TZ parser that could be used to read files that the user does
not have access to, or to cause a denial of service.
For more information, see:
http://www.sudo.ws/sudo/alerts/tz.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9680
(* Security fix *) - n/ntp-4.2.8p1-x86_64-1.txz
Changed rc.ntpd to no longer save the system time to the hardware clock.
This had been done in an effort to stop a time skew that may well have
been caused by other issues with hwclock and the kernel. If removing
this code causes any issues to return, let me know. Thanks to Xsane. - xap/seamonkey-2.32.1-x86_64-1.txz
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)