Slackware-14.2 ChangeLog (2016-04-15)
Fri Apr 15 20:37:37 UTC 2016
Finally got some fixes we were waiting for in this new kernel.
It's been almost a month since 14.2rc1 so we'll call this Slackware
14.2 release candidate 2. Almost there. Get in any last-minute
bug reports quickly.
Packages
Upgraded
- a/kernel-generic-4.4.7-i586-1.txz
- a/kernel-generic-smp-4.4.7_smp-i686-1.txz
- a/kernel-huge-4.4.7-i586-1.txz
BLK_DEV_NVME m → y - a/kernel-huge-smp-4.4.7_smp-i686-1.txz
BLK_DEV_NVME m → y - a/kernel-modules-4.4.7-i586-1.txz
- a/kernel-modules-smp-4.4.7_smp-i686-1.txz
- d/kernel-headers-4.4.7_smp-x86-1.txz
- k/kernel-source-4.4.7_smp-noarch-1.txz
- l/glibmm-2.46.4-i586-1.txz
- l/gst-plugins-base-1.6.4-i586-1.txz
- l/gst-plugins-good-1.6.4-i586-1.txz
- l/gstreamer-1.6.4-i586-1.txz
- l/gtkmm3-3.18.1-i586-1.txz
- n/gnutls-3.4.11-i586-1.txz
- n/samba-4.4.2-i586-1.txz
This update fixes the security issues known as “badlock” (or “sadlock”),
which may allow man-in-the-middle or denial-of-service attacks:
CVE-2015-5370 (Multiple errors in DCE-RPC code)
CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
CVE-2016-2112 (LDAP client and server don't enforce integrity)
CVE-2016-2113 (Missing TLS certificate validation)
CVE-2016-2114 (“server signing = mandatory” not enforced)
CVE-2016-2115 (SMB IPC traffic is not integrity protected)
CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
(* Security fix *) - x/xf86-video-intel-git_20160224_d167280-i586-1.txz
So far, this version seems to be the most stable of the ones tested.
Thanks to Andrzej Telszewski. - x/xf86-video-openchrome-0.4.0-i586-1.txz
- xap/geeqie-1.2.3-i586-1.txz
- xap/mozilla-thunderbird-45.0-i586-1.txz
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *) - extra/linux-4.4.7-nosmp-sdk/*
- kernels/*
Rebuilt
- l/alsa-lib-1.1.1-i586-2.txz
Applied upstream patch to fix error EBADFD. Thanks to e5150. - l/qca-2.1.1-i586-2.txz
Install crypto.prf in the correct directory. Thanks to David Spencer. - n/nfs-utils-1.3.3-i586-2.txz
Fix nfsd startup on kernels without IPv6 support. Thanks to Mario Preksavec. - x/xorg-server-1.18.3-i586-2.txz
Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950
to fix applying keyboard layout settings when using a keyboard/mouse combo
device such as a Logitech wireless keyboard with the unifying receiver.
Thanks to Jean-Philippe Guillemin. - x/xorg-server-xephyr-1.18.3-i586-2.txz
- x/xorg-server-xnest-1.18.3-i586-2.txz
- x/xorg-server-xvfb-1.18.3-i586-2.txz
- isolinux/initrd.img
- usb-and-pxe-installers/usbboot.img