Slackware-14.2 ChangeLog (2016-02-23)
Tue Feb 23 19:31:59 UTC 2016
Packages
Upgraded
- a/glibc-solibs-2.23-i586-1.txz
- a/kernel-generic-4.4.2-i586-1.txz
- a/kernel-generic-smp-4.4.2_smp-i686-1.txz
- a/kernel-huge-4.4.2-i586-1.txz
- a/kernel-huge-smp-4.4.2_smp-i686-1.txz
- a/kernel-modules-4.4.2-i586-1.txz
- a/kernel-modules-smp-4.4.2_smp-i686-1.txz
- d/kernel-headers-4.4.2_smp-x86-1.txz
- k/kernel-source-4.4.2_smp-noarch-1.txz
Key .config changes for this kernel update:
DEBUG_KERNEL n → y
EXPERT n → y
KALLSYMS_ALL y - l/glibc-2.23-i586-1.txz
- l/glibc-i18n-2.23-i586-1.txz
- l/glibc-profile-2.23-i586-1.txz
- l/libproxy-0.4.12-i586-1.txz
- n/bind-9.10.3_P3-i586-1.txz
This release fixes two possible denial-of-service issues:
render_ecs errors were mishandled when printing out a OPT record resulting
in a assertion failure. (CVE-2015-8705) [RT #41397]
Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
(* Security fix *) - n/libgcrypt-1.6.5-i586-1.txz
Mitigate side-channel attack on ECDH with Weierstrass curves.
For more information, see:
http://www.cs.tau.ac.IL/~tromer/ecdh/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511
(* Security fix *) - n/nmap-7.01-i586-1.txz
- n/ntp-4.2.8p6-i586-1.txz
In addition to bug fixes and enhancements, this release fixes
several low and medium severity vulnerabilities.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
(* Security fix *) - x/xf86-video-amdgpu-1.0.1-i586-1.txz
- extra/linux-4.4.2-nosmp-sdk/*
- extra/tigervnc/tigervnc-1.6.0-i586-1.txz
- kernels/*
Rebuilt
- a/procps-ng-3.3.10-i586-5.txz
Restored FROM field in w. Thanks to Stuart Winter. - ap/cups-2.1.3-i586-2.txz
Corrected CXXFLAGS to fix build for older CPUs. Thanks to ecd102. - ap/mc-4.8.15-i586-2.txz
Patched to fix displaying man pages. Thanks to DarkVision. - l/GConf-3.2.6-i586-3.txz
Patched “GConf-WARNING **: Client failed to connect to the D-BUS daemon:”
and added a couple other patches from git. Thanks to Robby Workman. - l/alsa-lib-1.1.0-i586-3.txz
Changed the default /etc/asound.conf.new to use a different configuration
for PulseAudio that is less likely to cause issues than the previous one,
especially on machines where the analog output is not recognized as card 0
by the BIOS. Thanks to Ryan P.C. McQuen who went above and beyond on this
bug report by convincing upstream to recommend this on their website in
order to convince me to make the change. - xap/blueman-2.0.3-i586-2.txz
Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than
#!/usr/bin/env python.
For details, see: https://github.com/blueman-project/blueman/issues/435
Thanks to zakame and Robby Workman. - isolinux/initrd.img
- usb-and-pxe-installers/usbboot.img