Slackware64-current ChangeLog (2017-11-28)
Tue Nov 28 06:20:03 UTC 2017
Packages
Upgraded
- a/kernel-firmware-20171126git-noarch-1.txz
Remove /lib/firmware/iwlwifi-*-34.ucode until after the next kernel release. - n/samba-4.7.3-x86_64-1.txz
This is a security release in order to address the following defects:
CVE-2017-14746 (Use-after-free vulnerability.)
All versions of Samba from 4.0.0 onwards are vulnerable to a use after
free vulnerability, where a malicious SMB1 request can be used to
control the contents of heap memory via a deallocated heap pointer. It
is possible this may be used to compromise the SMB server.
CVE-2017-15275 (Server heap memory information leak.)
All versions of Samba from 3.6.0 onwards are vulnerable to a heap
memory information leak, where server allocated heap memory may be
returned to the client without being cleared.
For more information, see:
https://www.samba.org/samba/security/CVE-2017-14746.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14746
https://www.samba.org/samba/security/CVE-2017-15275.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15275
(* Security fix *) - x/libva-2.0.0-x86_64-1.txz
Shared library .so-version bump.
Rebuilt
- ap/hplip-3.17.11-x86_64-2.txz
Fixed a few Python scripts that did not have a proper python3 shebang.
Thanks to dugan. - kde/konsole-4.14.3-x86_64-3.txz
Fixed scrollUp behavior. Thanks to Andrzej Telszewski. - l/ffmpeg-3.4-x86_64-2.txz
Recompiled against libva.so.2.0.0. - n/cyrus-sasl-2.1.26-x86_64-3.txz
Use /dev/urandom rather than /dev/random to avoid entropy starvation.
Thanks to mr.spuratic. - n/dhcpcd-6.11.5-x86_64-2.txz
Use hostname_short in dhcpcd.conf. Thanks to KewlCat. - n/network-scripts-15.0-noarch-4.txz
Script cleanups from Jakub Jankowski:
netconfig: Add comment to netconfig-generated rc.inet1.conf
rc.inet1: Check for iface in /sys/class/net, not /proc/net/dev
rc.inet1: Remove unnecessary unset num
rc.inet1: Factor DEBUG_ETH_UP logging to a separate function
rc.inet1: Use ${array[*]} not ${array[@]} to produce a string
rc.inet1: Avoid de-/configuring ifaces with indexes >=MAXNICS
rc.inet1: Avoid code duplication by combining case/esac
rc.inet1: Add missing 'dev' keyword
rc.inet1: Remove unnecessary $(echo)
rc.inet1*: Simplify virtif_* code, add note to example config
rc.inet1: Test for loopback being “state UNKNOWN” too.
rc.inet1: Use simple test (-n/-z) for non-empty/empty
rc.inet1: Replace [ test1 -a test2 ] with [ test1 ] && [ test2 ] - xap/xine-lib-1.2.8-x86_64-4.txz
Recompiled against libva.so.2.0.0.
Added
- x/intel-vaapi-driver-2.0.0-x86_64-1.txz
This is the replacement for libva-intel-driver (renamed upstream).