Slackware64-current ChangeLog (2016-04-15)
Fri Apr 15 20:37:37 UTC 2016
Finally got some fixes we were waiting for in this new kernel.
It's been almost a month since 14.2rc1 so we'll call this Slackware
14.2 release candidate 2. Almost there. Get in any last-minute
bug reports quickly.
Packages
Upgraded
- a/kernel-huge-4.4.7-x86_64-1.txz
BLK_DEV_NVME m → y - n/samba-4.4.2-x86_64-1.txz
This update fixes the security issues known as “badlock” (or “sadlock”),
which may allow man-in-the-middle or denial-of-service attacks:
CVE-2015-5370 (Multiple errors in DCE-RPC code)
CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
CVE-2016-2112 (LDAP client and server don't enforce integrity)
CVE-2016-2113 (Missing TLS certificate validation)
CVE-2016-2114 (“server signing = mandatory” not enforced)
CVE-2016-2115 (SMB IPC traffic is not integrity protected)
CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
(* Security fix *) - x/xf86-video-intel-git_20160224_d167280-x86_64-1.txz
So far, this version seems to be the most stable of the ones tested.
Thanks to Andrzej Telszewski. - xap/mozilla-thunderbird-45.0-x86_64-1.txz
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
Rebuilt
- l/alsa-lib-1.1.1-x86_64-2.txz
Applied upstream patch to fix error EBADFD. Thanks to e5150. - l/qca-2.1.1-x86_64-2.txz
Install crypto.prf in the correct directory. Thanks to David Spencer. - n/nfs-utils-1.3.3-x86_64-2.txz
Fix nfsd startup on kernels without IPv6 support. Thanks to Mario Preksavec. - x/xorg-server-1.18.3-x86_64-2.txz
Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950
to fix applying keyboard layout settings when using a keyboard/mouse combo
device such as a Logitech wireless keyboard with the unifying receiver.
Thanks to Jean-Philippe Guillemin.