Slackware-14.2 ChangeLog (2015-12-16)
Wed Dec 16 07:03:12 UTC 2015
Packages
Rebuilt
- ap/slackpkg-2.82.0-noarch-16.txz
Bugfix for a syntax error in core-functions.sh.
Wed Dec 16 04:21:07 UTC 2015
Packages
Rebuilt
- a/aaa_elflibs-14.2-i586-8.txz
- a/sysvinit-scripts-2.0-noarch-25.txz
rc.modules: New simplfied module dep script.
NOTE: This will be installed as /etc/rc.d/rc.modules.new by default.
To use it, remove the existing rc.modules symlink and move the new
file into place.
rc.modules.local: New local module loading script.
Thanks to GazL and rworkman for helping clean out the rc.modules cruft.
rc.S: If executable, start rc.cgmanager.
rc.6: If executable, stop rc.cgmanager. - ap/slackpkg-2.82.0-noarch-15.txz
Don't blacklist aaa_elflibs. Upgrade it right after glibc-solibs.
Suggest http://mirrors.slackware.com rather than ftp (which won't redirect).
Prompt to restart the upgrade process if slackpkg is upgraded.
Thanks to Robby Workman. - d/libtool-2.4.6-i586-4.txz
Rebuilt to fix embedded GCC version number. - l/libgphoto2-2.5.9-i586-2.txz
Patched to fix Nikon CoolPix Sxxxx detection.
Thanks to Ondrej Kubecka and Marcus Meissner. - l/libnih-1.0.3-i586-2.txz
Write .pid files in /run, not /var/run. - extra/fltk/fltk-1.3.3-i586-2.txz
Patched to fix undefined reference to `Fl_XFont_On_Demand::value()'.
Build shared libraries, not static.
Thanks to Stefan Steier. - extra/tigervnc/tigervnc-1.5.0-i586-2.txz
Recompiled against shared fltk libraries. - isolinux/initrd.img
- usb-and-pxe-installers/usbboot.img
Upgraded
- a/kernel-firmware-20151215git-noarch-1.txz
- a/kernel-generic-4.1.15-i586-1.txz
- a/kernel-generic-smp-4.1.15_smp-i686-1.txz
- a/kernel-huge-4.1.15-i586-1.txz
- a/kernel-huge-smp-4.1.15_smp-i686-1.txz
- a/kernel-modules-4.1.15-i586-1.txz
- a/kernel-modules-smp-4.1.15_smp-i686-1.txz
- a/lrzip-0.621-i586-1.txz
- a/lvm2-2.02.137-i586-1.txz
- a/ncompress-4.2.4.4-i586-1.txz
- a/openssl-solibs-1.0.2e-i586-1.txz
- a/patch-2.7.5-i586-1.txz
- a/sysklogd-1.5.1-i586-1.txz
rc.syslog: Don't run klogd in a container. - a/tree-1.7.0-i586-1.txz
- a/usb_modeswitch-2.2.6-i586-1.txz
- a/utempter-1.1.6-i586-1.txz
- a/util-linux-2.27.1-i586-1.txz
- a/which-2.21-i586-1.txz
- a/xfsprogs-4.3.0-i586-1.txz
- ap/cgmanager-0.39-i586-1.txz
Thanks to Matteo Bernardini and Robby Workman. - ap/cups-2.1.2-i586-1.txz
- ap/cups-filters-1.4.0-i586-1.txz
foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal
shell escape character.
Thanks to Michal Kowalczyk from the Google Security Team for the hint.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327
(* Security fix *) - ap/man-pages-4.03-noarch-1.txz
- ap/nano-2.5.0-i586-1.txz
- ap/qpdf-6.0.0-i586-1.txz
Shared library .so-version bump. - ap/terminus-font-4.40-noarch-1.txz
- ap/xfsdump-3.1.6-i586-1.txz
- d/cmake-3.4.1-i586-1.txz
- d/flex-2.6.0-i586-1.txz
- d/gcc-5.3.0-i586-1.txz
- d/gcc-g++-5.3.0-i586-1.txz
- d/gcc-gfortran-5.3.0-i586-1.txz
- d/gcc-gnat-5.3.0-i586-1.txz
- d/gcc-go-5.3.0-i586-1.txz
- d/gcc-java-5.3.0-i586-1.txz
- d/gcc-objc-5.3.0-i586-1.txz
- d/gdb-7.10.1-i586-1.txz
- d/git-2.6.4-i586-1.txz
- d/kernel-headers-4.1.15_smp-x86-1.txz
- d/nasm-2.11.08-i586-1.txz
- d/python-2.7.11-i586-1.txz
- d/scons-2.4.1-i586-1.txz
- k/kernel-source-4.1.15_smp-noarch-1.txz
- l/cairo-1.14.6-i586-1.txz
- l/dconf-editor-3.18.2-i586-1.txz
- l/gdk-pixbuf2-2.32.3-i586-1.txz
- l/gst-plugins-base-1.6.2-i586-1.txz
- l/gst-plugins-good-1.6.2-i586-1.txz
- l/gstreamer-1.6.2-i586-1.txz
- l/gtk+2-2.24.29-i586-1.txz
- l/gtk+3-3.18.6-i586-1.txz
- l/iso-codes-3.63-noarch-1.txz
- l/libcroco-0.6.10-i586-1.txz
- l/libpng-1.6.20-i586-1.txz
Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
vulnerability.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
(* Security fix *) - l/libraw1394-2.1.1-i586-1.txz
- l/neon-0.30.1-i586-1.txz
- n/bind-9.10.3_P2-i586-1.txz
This update fixes three security issues:
Update allowed OpenSSL versions as named is potentially vulnerable
to CVE-2015-3193.
Insufficient testing when parsing a message allowed records with an
incorrect class to be be accepted, triggering a REQUIRE failure when
those records were subsequently cached. (CVE-2015-8000)
Address fetch context reference count handling error on socket error.
(CVE-2015-8461)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
(* Security fix *) - n/dhcp-4.3.3-i586-1.txz
- n/dnsmasq-2.75-i586-1.txz
- n/ethtool-4.2-i586-1.txz
- n/iw-4.3-i586-1.txz
- n/mobile-broadband-provider-info-20151214-i586-1.txz
- n/openssl-1.0.2e-i586-1.txz
This update fixes the following security issues:
BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).
Certificate verify crash with missing PSS parameter (CVE-2015-3194).
X509_ATTRIBUTE memory leak (CVE-2015-3195).
Race condition handling PSK identify hint (CVE-2015-3196).
Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).
For more information, see:
https://openssl.org/news/secadv_20151203.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
(* Security fix *) - n/samba-4.3.2-i586-1.txz
- n/wget-1.17.1-i586-1.txz
- n/wpa_supplicant-2.5-i586-1.txz
- x/liberation-fonts-ttf-1.07.4-noarch-1.txz
- x/mesa-11.0.7-i586-1.txz
- x/xf86-video-nouveau-1.0.12-i586-1.txz
- xap/mozilla-firefox-43.0-i586-1.txz
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *) - extra/linux-4.1.15-nosmp-sdk/*
- kernels/*
Added
- n/libtirpc-1.0.1-i586-1.txz
This is needed by rpcbind. Thanks to Jan Rafaj. - n/rpcbind-0.2.3-i586-1.txz
This replaces the portmap package. Thanks to Jan Rafaj.
Removed
n/portmap-6.0-i486-1.txz
This is replaced by the new libtirpc and rpcbind packages.