Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-14.2 ChangeLog (2016-04-15) ====== ====== Fri Apr 15 20:37:37 UTC 2016 ====== > Finally got some fixes we were waiting for in this new kernel. \\ It's been almost a month since 14.2rc1 so we'll call this Slackware \\ 14.2 release candidate 2. Almost there. Get in any last-minute \\ bug reports quickly. :-) ===== Packages ===== ==== Upgraded ==== * [[slackware64.14.2>a/kernel-generic-4.4.7-x86_64-1.txz]] * [[slackware64.14.2>a/kernel-huge-4.4.7-x86_64-1.txz]] \\ BLK_DEV_NVME m -> y * [[slackware64.14.2>a/kernel-modules-4.4.7-x86_64-1.txz]] * [[slackware64.14.2>d/kernel-headers-4.4.7-x86-1.txz]] * [[slackware64.14.2>k/kernel-source-4.4.7-noarch-1.txz]] * [[slackware64.14.2>l/glibmm-2.46.4-x86_64-1.txz]] * [[slackware64.14.2>l/gst-plugins-base-1.6.4-x86_64-1.txz]] * [[slackware64.14.2>l/gst-plugins-good-1.6.4-x86_64-1.txz]] * [[slackware64.14.2>l/gstreamer-1.6.4-x86_64-1.txz]] * [[slackware64.14.2>l/gtkmm3-3.18.1-x86_64-1.txz]] * [[slackware64.14.2>n/gnutls-3.4.11-x86_64-1.txz]] * [[slackware64.14.2>n/samba-4.4.2-x86_64-1.txz]] \\ This update fixes the security issues known as "badlock" (or "sadlock"), \\ which may allow man-in-the-middle or denial-of-service attacks: \\ CVE-2015-5370 (Multiple errors in DCE-RPC code) \\ CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) \\ CVE-2016-2111 (NETLOGON Spoofing Vulnerability) \\ CVE-2016-2112 (LDAP client and server don't enforce integrity) \\ CVE-2016-2113 (Missing TLS certificate validation) \\ CVE-2016-2114 ("server signing = mandatory" not enforced) \\ CVE-2016-2115 (SMB IPC traffic is not integrity protected) \\ CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) \\ For more information, see: \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118 \\ (* Security fix *) * [[slackware64.14.2>x/xf86-video-intel-git_20160224_d167280-x86_64-1.txz]] \\ So far, this version seems to be the most stable of the ones tested. \\ Thanks to Andrzej Telszewski. * [[slackware64.14.2>x/xf86-video-openchrome-0.4.0-x86_64-1.txz]] * [[slackware64.14.2>xap/geeqie-1.2.3-x86_64-1.txz]] * [[slackware64.14.2>xap/mozilla-thunderbird-45.0-x86_64-1.txz]] \\ This release contains security fixes and improvements. \\ For more information, see: \\ http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html \\ (* Security fix *) * [[slackware64.14.2>kernels/*]] ==== Rebuilt ==== * [[slackware64.14.2>l/alsa-lib-1.1.1-x86_64-2.txz]] \\ Applied upstream patch to fix error EBADFD. Thanks to e5150. * [[slackware64.14.2>l/qca-2.1.1-x86_64-2.txz]] \\ Install crypto.prf in the correct directory. Thanks to David Spencer. * [[slackware64.14.2>n/nfs-utils-1.3.3-x86_64-2.txz]] \\ Fix nfsd startup on kernels without IPv6 support. Thanks to Mario Preksavec. * [[slackware64.14.2>x/xorg-server-1.18.3-x86_64-2.txz]] \\ Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950 \\ to fix applying keyboard layout settings when using a keyboard/mouse combo \\ device such as a Logitech wireless keyboard with the unifying receiver. \\ Thanks to Jean-Philippe Guillemin. * [[slackware64.14.2>x/xorg-server-xephyr-1.18.3-x86_64-2.txz]] * [[slackware64.14.2>x/xorg-server-xnest-1.18.3-x86_64-2.txz]] * [[slackware64.14.2>x/xorg-server-xvfb-1.18.3-x86_64-2.txz]] * [[slackware64.14.2>isolinux/initrd.img]] * [[slackware64.14.2>usb-and-pxe-installers/usbboot.img]] {{tag>slackware changelog slackware64-14.2 2016/04}} news/2016/04/15/slackware64-14.2-changelog.txt Last modified: 8 years agoby Giuseppe Di Terlizzi Log In