news:2016:03:15:slackwarearm-14.2-changelog

Slackwarearm-14.2 ChangeLog (2016-03-15)

Tue Mar 15 11:11:11 UTC 2016


The mini root filesystem for -current has also been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/

Packages

Rebuilt

  • a/aaa_elflibs-14.2-arm-7.txz
  • a/glibc-solibs-2.23-arm-2.txz
  • a/sysvinit-scripts-2.0-noarch-28.txz
    rc.M: Start D-Bus and NetworkManager right after rc.inet1.
  • a/upower-0.9.23-arm-3.txz
    Added several patches from the git master branch, including one to prevent
    a bluetooth mouse or keyboard from being improperly detected as a power
    source. Thanks to Robby Workman.
  • ap/ksh93-2012_08_01-arm-2.txz
    Removed broken locale files. Thanks to Didier Spaier.
  • ap/lxc-1.1.5-arm-3.txz
    Added modified versions of a few init scripts instead of having the
    lxc-slackware template try to patch them (which invariably led to the
    template breaking every time any of the other files were changed).
  • ap/mariadb-10.0.24-arm-2.txz
    Recompiled with patched binutils.
  • d/binutils-2.26-arm-2.txz
    Applied upstream patches for several bugs, including:
    PR ld/19698
    * elflink.c (bfd_elf_record_link_assignment): Set versioned if
    symbol version is unknown.
    Which was causing MariaDB to fail to start properly for Akonadi.
    Rebuilt with –enable-install-libiberty, since the binutils version of
    libiberty.a will be built with -fPIC where needed.
  • d/gcc-5.3.1-arm-4.txz
    Rebuilt with –disable-install-libiberty.
    Updated to latest patch set.
  • d/gcc-g++-5.3.1-arm-4.txz
  • d/gcc-gfortran-5.3.1-arm-4.txz
  • d/gcc-gnat-5.3.1-arm-4.txz
  • d/gcc-go-5.3.1-arm-4.txz
  • d/gcc-java-5.3.1-arm-4.txz
  • d/gcc-objc-5.3.1-arm-4.txz
  • d/python-2.7.11-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
    Thanks to Matteo Bernardini.
  • l/glibc-2.23-arm-2.txz
    Built against Linux v4.4.5 Kernel headers.
  • l/glibc-i18n-2.23-arm-2.txz
  • l/glibc-profile-2.23-arm-2.txz
  • l/neon-0.30.1-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
    Thanks to Matteo Bernardini.
  • l/qt-4.8.7-arm-4.txz
    Recompiled to drop support for OpenSSL SSLv2.
  • n/curl-7.47.1-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
  • n/fetchmail-6.3.26-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
  • n/links-2.12-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
  • n/mailx-12.5-arm-4.txz
    Drop SSLv2 support (no longer supported by OpenSSL), and fix security issues
    that could allow a local attacker to cause mailx to execute arbitrary
    shell commands through the use of a specially-crafted email address.
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844
    (* Security fix *)
  • n/wget-1.17.1-arm-2.txz
    Recompiled to drop support for OpenSSL SSLv2.
  • x/mesa-11.1.2-arm-2.txz
  • x/xf86-video-fbdev-0.4.4-arm-10.txz
  • x/xf86-video-fbturbo-199.f9a6ed7-arm-3.txz
  • x/xf86-video-opentegra-1.5158a25-arm-4.txz
  • x/xf86-video-xgi-1.6.0git_2012_08_06-arm-5.txz
  • xap/MPlayer-20160125-arm-3.txz
    Rebuilt against ffmpeg-2.8.6.
    Force lavf for flac because the native demuxer can't handle embedded album
    art. As a bonus (or a regression) you'll also get album art if it exists.
  • xap/geeqie-1.2.1-arm-2.txz
    Patched to fix crashes and high CPU usage when used with modern versions
    of GTK+. Thanks to Jas for pointing out the patch in upstream git.
  • xap/xine-lib-1.2.6-arm-7.txz
    Rebuilt against ffmpeg-2.8.6.
  • xap/xpdf-3.04-arm-4.txz
  • xfce/tumbler-0.1.31-arm-4.txz
  • isolinux/*
    Another attempt to get /sbin/probe to reliably handle nvme partitions.
    Thanks to w9cf and Grant Coady.
    Use “mkfs.brtfs -f” in SeTpartitions. Thanks to Didier Spaier.

Upgraded

  • a/acpid-2.0.26-arm-1.txz
  • a/cryptsetup-1.7.1-arm-1.txz
  • a/ed-1.13-arm-1.txz
  • a/grep-2.24-arm-1.txz
  • a/hwdata-0.284-arm-1.txz
  • a/kernel-firmware-20160311git-noarch-1.txz
  • a/kernel-modules-armv5-4.4.5_armv5-arm-1.txz
  • a/kernel-modules-armv7-4.4.5_armv7-arm-1.txz
  • a/kernel_armv5-4.4.5-arm-1.txz
  • a/kernel_armv7-4.4.5-arm-1.txz
  • a/lvm2-2.02.145-arm-1.txz
  • a/mdadm-3.3.4-arm-1.txz
  • a/openssl-solibs-1.0.2g-arm-1.txz
  • a/pciutils-3.4.1-arm-1.txz
  • ap/cups-filters-1.8.2-arm-1.txz
  • ap/diffstat-1.60-arm-1.txz
  • ap/enscript-1.6.6-arm-1.txz
  • ap/htop-2.0.1-arm-1.txz
  • ap/man-pages-4.04-noarch-1.txz
  • ap/nano-2.5.3-arm-1.txz
  • ap/sqlite-3.11.0-arm-1.txz
  • ap/sudo-1.8.15-arm-1.txz
    New options: –with-insults –with-all-insults –with-pc-insults.
    Sorry about this, I know it's a bit silly. ;-)
    Thanks to chytraeus for the suggestion.
  • ap/sysstat-11.2.1.1-arm-1.txz
  • ap/texinfo-6.1-arm-1.txz
  • ap/vim-7.4.1530-arm-1.txz
  • d/cmake-3.5.0-arm-1.txz
  • d/cscope-15.8b-arm-1.txz
  • d/git-2.7.2-arm-1.txz
  • d/kernel-headers-4.4.5-arm-1.txz
  • d/pkg-config-0.29.1-arm-1.txz
  • d/python-setuptools-20.1.1-arm-1.txz
  • d/ruby-2.2.4-arm-1.txz
  • k/kernel-source-4.4.5-arm-1.txz
  • kde/calligra-2.9.11-arm-1.txz
  • kde/kdelibs-4.14.17-arm-1.txz
  • kdei/calligra-l10n-bs-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-ca-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-ca@valencia-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-cs-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-da-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-de-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-el-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-en_GB-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-es-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-et-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-fi-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-fr-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-gl-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-hu-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-it-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-ja-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-kk-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-nb-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-nl-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-pl-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-pt-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-pt_BR-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-ru-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-sk-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-sv-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-tr-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-uk-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-zh_CN-2.9.11-noarch-1.txz
  • kdei/calligra-l10n-zh_TW-2.9.11-noarch-1.txz
  • l/LibRaw-0.17.1-arm-1.txz
  • l/aspell-0.60.6.1-arm-1.txz
  • l/dbus-glib-0.106-arm-1.txz
  • l/dbus-python-1.2.2-arm-1.txz
  • l/fribidi-0.19.7-arm-1.txz
  • l/fuse-2.9.5-arm-1.txz
  • l/gtk+2-2.24.30-arm-1.txz
  • l/gtk+3-3.18.9-arm-1.txz
  • l/gvfs-1.26.3-arm-1.txz
  • l/libgsf-1.14.36-arm-1.txz
  • l/libnl3-3.2.27-arm-1.txz
  • l/libsecret-0.18.4-arm-1.txz
  • l/libwpg-0.3.1-arm-1.txz
  • l/mozilla-nss-3.23-arm-1.txz
    Upgraded to nss-3.23 and nspr-4.12.
    This release contains security fixes and improvements.
    For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/nss.html
    (* Security fix *)
  • l/mpfr-3.1.4-arm-1.txz
  • l/poppler-0.41.0-arm-1.txz
  • l/pycurl-7.43.0-arm-1.txz
  • l/qca-2.1.1-arm-1.txz
  • l/shared-mime-info-1.6-arm-1.txz
  • l/v4l-utils-1.10.0-arm-1.txz
  • n/bind-9.10.3_P4-arm-1.txz
    Fixed security issues:
    Duplicate EDNS COOKIE options in a response could trigger an assertion
    failure. (CVE-2016-2088) [RT #41809]
    Fix resolver assertion failure due to improper DNAME handling when
    parsing fetch reply messages. (CVE-2016-1286) [RT #41753]
    Malformed control messages can trigger assertions in named and rndc.
    (CVE-2016-1285) [RT #41666]
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
    (* Security fix *)
  • n/conntrack-tools-1.4.3-arm-1.txz
  • n/gnupg-1.4.20-arm-1.txz
  • n/gnutls-3.4.10-arm-1.txz
  • n/httpd-2.4.18-arm-1.txz
  • n/iproute2-4.4.0-arm-1.txz
  • n/iptables-1.6.0-arm-1.txz
  • n/irssi-0.8.18-arm-1.txz
  • n/lftp-4.6.5-arm-1.txz
  • n/libnetfilter_conntrack-1.0.5-arm-1.txz
  • n/libnftnl-1.0.5-arm-1.txz
  • n/lynx-2.8.8rel.2-arm-1.txz
  • n/nettle-3.2-arm-1.txz
  • n/netwatch-1.3.1_2-arm-1.txz
  • n/nftables-0.5-arm-1.txz
  • n/openssh-7.2p2-arm-1.txz
    This release fixes a security bug:
    sshd(8): sanitise X11 authentication credentials to avoid xauth
    command injection when X11Forwarding is enabled.
    For more information, see:
    http://www.openssh.com/txt/x11fwd.adv
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
    (* Security fix *)
    Also thanks to Alan Brantley for updating the libwrap patch.
  • n/openssl-1.0.2g-arm-1.txz
    This update fixes the following security issues:
    Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
    Double-free in DSA code (CVE-2016-0705)
    Memory leak in SRP database lookups (CVE-2016-0798)
    BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption (CVE-2016-0797)
    Fix memory issues in BIO_*printf functions (CVE-2016-0799)
    Side channel attack on modular exponentiation (CVE-2016-0702)
    Note that this package drops all support for SSLv2, which breaks the ABI for
    any binaries that make use of SSLv2_client_method.
    For more information, see:
    https://www.openssl.org/news/secadv/20160301.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0702
    (* Security fix *)
  • n/p11-kit-0.23.2-arm-1.txz
  • n/php-5.6.19-arm-1.txz
    This release fixes bugs and security issues.
    For more information, see:
    http://php.net/ChangeLog-5.php#5.6.19
    (* Security fix *)
  • n/samba-4.3.6-arm-1.txz
    This update fixes bugs, and two security issues:
    Incorrect ACL get/set allowed on symlink path (CVE-2015-7560).
    Out-of-bounds read in internal DNS server (CVE-2016-0771).
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
    (* Security fix *)
  • n/stunnel-5.31-arm-1.txz
    Allow OpenSSL to use the default key size for DH in generate-stunnel-key.sh.
    Thanks to Markus Reichelt.
    Recompiled to drop support for OpenSSL SSLv2.
  • tcl/expect-5.45-arm-1.txz
  • tcl/tcl-8.6.5-arm-1.txz
  • tcl/tk-8.6.5-arm-1.txz
  • x/libdrm-2.4.67-arm-1.txz
  • x/libva-1.6.2-arm-1.txz
  • x/videoproto-2.3.3-arm-1.txz
  • x/xf86-video-armsoc-1.4.0-arm-1.txz
  • x/xf86-video-openchrome-git_20160309_74e95a6-arm-1.txz
  • x/xf86-video-vmware-13.1.0-arm-1.txz
  • x/xorg-server-1.18.2-arm-1.txz
  • x/xorg-server-xephyr-1.18.2-arm-1.txz
  • x/xorg-server-xnest-1.18.2-arm-1.txz
  • x/xorg-server-xvfb-1.18.2-arm-1.txz
  • x/xrandr-1.5.0-arm-1.txz
  • xap/vim-gvim-7.4.1530-arm-1.txz
  • extra/bash-completion/bash-completion-2.2-noarch-1.txz
  • kernels/*

Removed

  • ap/foomatic-filters-4.0.17-arm-1.txz
    The cups-filters package contains these programs.
  • l/qca-cyrus-sasl-2.0.0_beta3-arm-5.txz
  • l/qca-gnupg-2.0.0_beta3-arm-4.txz
  • l/qca-ossl-2.0.0_beta3-arm-4.txz
, , ,
  • news/2016/03/15/slackwarearm-14.2-changelog.txt
  • Last modified: 6 months ago
  • by Giuseppe Di Terlizzi