Slackware-14.2 ChangeLog (2015-12-16)

Wed Dec 16 07:03:12 UTC 2015

  • ap/slackpkg-2.82.0-noarch-16.txz
    Bugfix for a syntax error in core-functions.sh.

Wed Dec 16 04:21:07 UTC 2015

  • a/aaa_elflibs-14.2-i586-8.txz
  • a/sysvinit-scripts-2.0-noarch-25.txz
    rc.modules: New simplfied module dep script.
    NOTE: This will be installed as /etc/rc.d/rc.modules.new by default.
    To use it, remove the existing rc.modules symlink and move the new
    file into place.
    rc.modules.local: New local module loading script.
    Thanks to GazL and rworkman for helping clean out the rc.modules cruft.
    rc.S: If executable, start rc.cgmanager.
    rc.6: If executable, stop rc.cgmanager.
  • ap/slackpkg-2.82.0-noarch-15.txz
    Don't blacklist aaa_elflibs. Upgrade it right after glibc-solibs.
    Suggest http://mirrors.slackware.com rather than ftp (which won't redirect).
    Prompt to restart the upgrade process if slackpkg is upgraded.
    Thanks to Robby Workman.
  • d/libtool-2.4.6-i586-4.txz
    Rebuilt to fix embedded GCC version number.
  • l/libgphoto2-2.5.9-i586-2.txz
    Patched to fix Nikon CoolPix Sxxxx detection.
    Thanks to Ondrej Kubecka and Marcus Meissner.
  • l/libnih-1.0.3-i586-2.txz
    Write .pid files in /run, not /var/run.
  • extra/fltk/fltk-1.3.3-i586-2.txz
    Patched to fix undefined reference to `Fl_XFont_On_Demand::value()'.
    Build shared libraries, not static.
    Thanks to Stefan Steier.
  • extra/tigervnc/tigervnc-1.5.0-i586-2.txz
    Recompiled against shared fltk libraries.
  • isolinux/initrd.img
  • usb-and-pxe-installers/usbboot.img
  • a/kernel-firmware-20151215git-noarch-1.txz
  • a/kernel-generic-4.1.15-i586-1.txz
  • a/kernel-generic-smp-4.1.15_smp-i686-1.txz
  • a/kernel-huge-4.1.15-i586-1.txz
  • a/kernel-huge-smp-4.1.15_smp-i686-1.txz
  • a/kernel-modules-4.1.15-i586-1.txz
  • a/kernel-modules-smp-4.1.15_smp-i686-1.txz
  • a/lrzip-0.621-i586-1.txz
  • a/lvm2-2.02.137-i586-1.txz
  • a/ncompress-4.2.4.4-i586-1.txz
  • a/openssl-solibs-1.0.2e-i586-1.txz
  • a/patch-2.7.5-i586-1.txz
  • a/sysklogd-1.5.1-i586-1.txz
    rc.syslog: Don't run klogd in a container.
  • a/tree-1.7.0-i586-1.txz
  • a/usb_modeswitch-2.2.6-i586-1.txz
  • a/utempter-1.1.6-i586-1.txz
  • a/util-linux-2.27.1-i586-1.txz
  • a/which-2.21-i586-1.txz
  • a/xfsprogs-4.3.0-i586-1.txz
  • ap/cgmanager-0.39-i586-1.txz
    Thanks to Matteo Bernardini and Robby Workman.
  • ap/cups-2.1.2-i586-1.txz
  • ap/cups-filters-1.4.0-i586-1.txz
    foomatic-rip: SECURITY FIX: Also consider the back tick ('`') as an illegal
    shell escape character.
    Thanks to Michal Kowalczyk from the Google Security Team for the hint.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327
    (* Security fix *)
  • ap/man-pages-4.03-noarch-1.txz
  • ap/nano-2.5.0-i586-1.txz
  • ap/qpdf-6.0.0-i586-1.txz
    Shared library .so-version bump.
  • ap/terminus-font-4.40-noarch-1.txz
  • ap/xfsdump-3.1.6-i586-1.txz
  • d/cmake-3.4.1-i586-1.txz
  • d/flex-2.6.0-i586-1.txz
  • d/gcc-5.3.0-i586-1.txz
  • d/gcc-g++-5.3.0-i586-1.txz
  • d/gcc-gfortran-5.3.0-i586-1.txz
  • d/gcc-gnat-5.3.0-i586-1.txz
  • d/gcc-go-5.3.0-i586-1.txz
  • d/gcc-java-5.3.0-i586-1.txz
  • d/gcc-objc-5.3.0-i586-1.txz
  • d/gdb-7.10.1-i586-1.txz
  • d/git-2.6.4-i586-1.txz
  • d/kernel-headers-4.1.15_smp-x86-1.txz
  • d/nasm-2.11.08-i586-1.txz
  • d/python-2.7.11-i586-1.txz
  • d/scons-2.4.1-i586-1.txz
  • k/kernel-source-4.1.15_smp-noarch-1.txz
  • l/cairo-1.14.6-i586-1.txz
  • l/dconf-editor-3.18.2-i586-1.txz
  • l/gdk-pixbuf2-2.32.3-i586-1.txz
  • l/gst-plugins-base-1.6.2-i586-1.txz
  • l/gst-plugins-good-1.6.2-i586-1.txz
  • l/gstreamer-1.6.2-i586-1.txz
  • l/gtk+2-2.24.29-i586-1.txz
  • l/gtk+3-3.18.6-i586-1.txz
  • l/iso-codes-3.63-noarch-1.txz
  • l/libcroco-0.6.10-i586-1.txz
  • l/libpng-1.6.20-i586-1.txz
    Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
    not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
    vulnerability.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
    (* Security fix *)
  • l/libraw1394-2.1.1-i586-1.txz
  • l/neon-0.30.1-i586-1.txz
  • n/bind-9.10.3_P2-i586-1.txz
    This update fixes three security issues:
    Update allowed OpenSSL versions as named is potentially vulnerable
    to CVE-2015-3193.
    Insufficient testing when parsing a message allowed records with an
    incorrect class to be be accepted, triggering a REQUIRE failure when
    those records were subsequently cached. (CVE-2015-8000)
    Address fetch context reference count handling error on socket error.
    (CVE-2015-8461)
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
    (* Security fix *)
  • n/dhcp-4.3.3-i586-1.txz
  • n/dnsmasq-2.75-i586-1.txz
  • n/ethtool-4.2-i586-1.txz
  • n/iw-4.3-i586-1.txz
  • n/mobile-broadband-provider-info-20151214-i586-1.txz
  • n/openssl-1.0.2e-i586-1.txz
    This update fixes the following security issues:
    BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).
    Certificate verify crash with missing PSS parameter (CVE-2015-3194).
    X509_ATTRIBUTE memory leak (CVE-2015-3195).
    Race condition handling PSK identify hint (CVE-2015-3196).
    Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).
    For more information, see:
    https://openssl.org/news/secadv_20151203.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
    (* Security fix *)
  • n/samba-4.3.2-i586-1.txz
  • n/wget-1.17.1-i586-1.txz
  • n/wpa_supplicant-2.5-i586-1.txz
  • x/liberation-fonts-ttf-1.07.4-noarch-1.txz
  • x/mesa-11.0.7-i586-1.txz
  • x/xf86-video-nouveau-1.0.12-i586-1.txz
  • xap/mozilla-firefox-43.0-i586-1.txz
    This release contains security fixes and improvements.
    For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
    (* Security fix *)
  • extra/linux-4.1.15-nosmp-sdk/*
  • kernels/*
  • n/libtirpc-1.0.1-i586-1.txz
    This is needed by rpcbind. Thanks to Jan Rafaj.
  • n/rpcbind-0.2.3-i586-1.txz
    This replaces the portmap package. Thanks to Jan Rafaj.
  • n/portmap-6.0-i486-1.txz
    This is replaced by the new libtirpc and rpcbind packages.
  • news/2015/12/16/slackware-14.2-changelog.txt
  • Last modified: 4 years ago
  • by Giuseppe Di Terlizzi