Slackwarearm-current ChangeLog (2018-03-22)
Thu Mar 22 08:08:08 UTC 2018
The mini root filesystem for -current has been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/
Packages
Upgraded
- a/hdparm-9.55-arm-1.txz
- a/kernel-firmware-20180314_4c0bf11-noarch-1.txz
- a/kernel-modules-armv7-4.14.29_armv7-arm-1.txz
- a/kernel_armv7-4.14.29-arm-1.txz
- a/time-1.9-arm-1.txz
- ap/dmidecode-3.1-arm-1.txz
- ap/hplip-3.18.3-arm-1.txz
- ap/vim-8.0.1601-arm-1.txz
- d/Cython-0.28.1-arm-1.txz
- d/automake-1.16.1-noarch-1.txz
- d/cmake-3.10.3-arm-1.txz
- d/kernel-headers-4.14.29-arm-1.txz
- d/python-setuptools-39.0.1-arm-1.txz
- k/kernel-source-4.14.29-arm-1.txz
- l/gst-plugins-base-1.14.0-arm-1.txz
- l/gst-plugins-good-1.14.0-arm-1.txz
- l/gst-plugins-libav-1.14.0-arm-1.txz
- l/gstreamer-1.14.0-arm-1.txz
- l/imagemagick-6.9.9_38-arm-1.txz
- l/libvorbis-1.3.6-arm-1.txz
This release fixes security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
(* Security fix *) - l/pycairo-1.16.3-arm-1.txz
- n/NetworkManager-1.10.6-arm-1.txz
- n/bind-9.11.3-arm-1.txz
- n/bluez-5.49-arm-1.txz
- n/curl-7.59.0-arm-1.txz
This update fixes security issues:
FTP path trickery leads to NIL byte out of bounds write
LDAP NULL pointer dereference
RTSP RTP buffer over-read
For more information, see:
https://curl.haxx.se/docs/adv_2018-9cd6.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000120
https://curl.haxx.se/docs/adv_2018-97a2.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000121
https://curl.haxx.se/docs/adv_2018-b047.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122
(* Security fix *) - n/dnsmasq-2.79-arm-1.txz
- n/libtirpc-1.0.3-arm-1.txz
- n/nmap-7.70-arm-1.txz
- n/samba-4.7.6-arm-1.txz
This is a security update in order to patch the following defects:
On a Samba 4 AD DC the LDAP server in all versions of Samba from
4.0.0 onwards incorrectly validates permissions to modify passwords
over LDAP allowing authenticated users to change any other users`
passwords, including administrative users.
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of
service attack when the RPC spoolss service is configured to be run as
an external daemon. Missing input sanitization checks on some of the
input parameters to spoolss RPC calls could cause the print spooler
service to crash. There is no known vulnerability associated with this
error, merely a denial of service. If the RPC spoolss service is left by
default as an internal service, all a client can do is crash its own
authenticated connection.
For more information, see:
https://www.samba.org/samba/security/CVE-2018-1057.html
https://wiki.samba.org/index.php/CVE-2018-1057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1050
(* Security fix *) - x/fontconfig-2.12.6-arm-1.txz
Reverted to previous version. There are problem reports with the latest
version on x86. - x/libinput-1.10.3-arm-1.txz
- x/xf86-video-amdgpu-18.0.1-arm-1.txz
- x/xf86-video-ati-18.0.1-arm-1.txz
- xap/gparted-0.31.0-arm-1.txz
- xap/hexchat-2.14.1-arm-1.txz
- xap/mozilla-firefox-59.0.1-arm-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *) - xap/vim-gvim-8.0.1601-arm-1.txz
- xfce/xfce4-terminal-0.8.7.2-arm-1.txz
- extra/bash-completion/bash-completion-2.8-noarch-1.txz
- kernels/*
Rebuilt
- a/sysvinit-scripts-2.1-noarch-4.txz
rc.M: start consolekit before Bluetooth and NetworkManager. Thanks to allend. - extra/wicd/wicd-1.7.4-arm-2.txz
Patched to fix saving settings with wicd-curses. Thanks to justwantin. - isolinux/*
Removed
x/bigreqsproto-1.1.2-arm-1.txzx/compositeproto-0.4.2-arm-1.txzx/damageproto-1.2.1-arm-1.txzx/dmxproto-2.3.1-arm-1.txzx/dri2proto-2.8-arm-1.txzx/dri3proto-1.0-arm-1.txzx/evieext-1.1.1-arm-1.txzx/fixesproto-5.0-arm-1.txzx/fontcacheproto-0.1.3-arm-1.txzx/fontsproto-2.1.3-arm-1.txzx/glproto-1.4.17-arm-1.txzx/inputproto-2.3.2-arm-1.txzx/kbproto-1.0.7-arm-1.txzx/presentproto-1.0-arm-1.txzx/printproto-1.0.5-arm-1.txzx/randrproto-1.5.0-arm-1.txzx/recordproto-1.14.2-arm-1.txzx/renderproto-0.11.1-arm-1.txzx/resourceproto-1.2.0-arm-1.txzx/scrnsaverproto-1.2.2-arm-1.txzx/videoproto-2.3.3-arm-1.txzx/xcmiscproto-1.2.2-arm-1.txzx/xextproto-7.3.0-arm-1.txzx/xf86bigfontproto-1.2.0-arm-1.txzx/xf86dgaproto-2.1-arm-1.txzx/xf86driproto-2.1.1-arm-1.txzx/xf86miscproto-0.9.3-arm-1.txzx/xf86vidmodeproto-2.3.1-arm-1.txzx/xineramaproto-1.2.1-arm-1.txzx/xproto-7.0.31-arm-1.txz
Added
- x/xorgproto-2018.4-arm-1.txz
Include support for legacy protocols. Thanks to nobodino.