Slackwarearm-current ChangeLog (2019-04-04)

Thu Apr 04 08:08:08 UTC 2019

  • a/aaa_elflibs-15.0-arm-5.txz
    Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0,
    libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0,
    libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0.
  • a/shadow-4.6-arm-2.txz
    adduser: reprompt on invalid user input. Thanks to ttk.
  • ap/ghostscript-9.26-arm-2.txz
    Fixes security issues:
    A specially crafted PostScript file could have access to the file system
    outside of the constrains imposed by -dSAFER.
    Transient procedures can allow access to system operators, leading to
    remote code execution.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
    (* Security fix *)
  • ap/sqlite-3.27.2-arm-2.txz
    Recompiled against icu4c-64.1.
  • kde/calligra-2.9.11-arm-26.txz
    Recompiled against icu4c-64.1.
  • kde/kdepimlibs-4.14.10-arm-7.txz
    Recompiled to pull in new gpgme++ header files.
  • l/boost-1.69.0-arm-2.txz
    Recompiled against icu4c-64.1.
  • l/libical-3.0.4-arm-2.txz
    Recompiled against icu4c-64.1.
  • l/libvisio-0.1.6-arm-5.txz
    Recompiled against icu4c-64.1.
  • l/qt-4.8.7-arm-7.txz
    Recompiled against icu4c-64.1.
  • l/raptor2-2.0.15-arm-5.txz
    Recompiled against icu4c-64.1.
  • n/php-7.2.16-arm-2.txz
    Recompiled against icu4c-64.1.
  • n/tin-2.4.3-arm-2.txz
    Recompiled against icu4c-64.1.
  • t/texlive-2018.180822-arm-5.txz
    Recompiled against icu4c-64.1.
  • a/hwdata-0.322-arm-1.txz
  • a/kernel-firmware-20190402_67b7579-noarch-1.txz
  • a/quota-4.05-arm-1.txz
  • a/xfsprogs-4.20.0-arm-1.txz
    Recompiled against icu4c-64.1.
  • d/cmake-3.14.1-arm-1.txz
  • d/patchelf-0.10-arm-1.txz
  • d/vala-0.44.2-arm-1.txz
  • l/ffmpeg-3.4.6-arm-1.txz
  • l/giflib-5.1.9-arm-1.txz
  • l/glib-networking-2.60.1-arm-1.txz
  • l/harfbuzz-2.4.0-arm-1.txz
    Recompiled against icu4c-64.1.
  • l/icu4c-64.1-arm-1.txz
    Shared library .so-version bump.
  • l/imagemagick-6.9.10_36-arm-1.txz
  • l/python-pillow-6.0.0-arm-1.txz
  • l/utf8proc-2.3.0-arm-1.txz
  • l/v4l-utils-1.16.5-arm-1.txz
  • n/dovecot-2.3.5.1-arm-1.txz
    Missing input buffer size validation leads into arbitrary buffer overflow
    when reading fts or pop3 uidl header from Dovecot index. Exploiting this
    requires direct write access to the index files.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524
    (* Security fix *)
    Compiled against icu4c-64.1.
  • n/gpgme-1.13.0-arm-1.txz
  • n/httpd-2.4.39-arm-1.txz
    This release contains security fixes and improvements.
    In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker
    or prefork, code executing in less-privileged child processes or threads
    (including scripts executed by an in-process scripting interpreter) could
    execute arbitrary code with the privileges of the parent process by
    manipulating the scoreboard.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
    (* Security fix *)
  • n/iputils-20190324-arm-1.txz
  • n/postfix-3.4.5-arm-1.txz
    Recompiled against icu4c-64.1.
  • n/wget-1.20.2-arm-1.txz
    Fixed an unspecified buffer overflow vulnerability.
    (* Security fix *)
  • n/whois-5.4.2-arm-1.txz
  • x/libinput-1.13.0-arm-1.txz
  • x/mesa-19.0.1-arm-1.txz
  • x/vulkan-sdk-1.1.101.0-arm-1.txz
  • news/2019/04/04/slackwarearm-current-changelog.txt
  • Last modified: 20 months ago
  • by Giuseppe Di Terlizzi