Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-current ChangeLog (2020-06-17) ====== ====== Wed Jun 17 08:08:08 UTC 2020 ====== > \\ The mini root filesystem has been updated: \\ ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/slack-current-miniroot_17Jun20.tar.xz \\ ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.current>a/cryptsetup-2.3.3-arm-1.txz]] * [[slackwarearm.current>a/dbus-1.12.18-arm-1.txz]] * [[slackwarearm.current>a/file-5.39-arm-1.txz]] * [[slackwarearm.current>a/haveged-1.9.11-arm-1.txz]] * [[slackwarearm.current>a/hwdata-0.336-arm-1.txz]] * [[slackwarearm.current>a/kernel-firmware-20200610_887d2a1-noarch-1.txz]] * [[slackwarearm.current>a/kernel-modules-armv7-5.4.46_armv7-arm-1.txz]] * [[slackwarearm.current>a/kernel_armv7-5.4.46-arm-1.txz]] * [[slackwarearm.current>a/pam-1.4.0-arm-1.txz]] \\ IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules. \\ None of our current configuration files in /etc/pam.d/ use either of those, \\ but if the configuration files on your machine do you'll need to comment out \\ or remove those lines, otherwise you may experience login failures. * [[slackwarearm.current>a/pciutils-3.7.0-arm-1.txz]] * [[slackwarearm.current>ap/alsa-utils-1.2.3-arm-1.txz]] \\ This version seems good, but we'll recompile it against alsa-lib-1.2.2 just \\ to be on the safe side. * [[slackwarearm.current>ap/cups-filters-1.27.5-arm-1.txz]] * [[slackwarearm.current>ap/dash-0.5.11-arm-1.txz]] * [[slackwarearm.current>ap/hplip-3.20.6-arm-1.txz]] * [[slackwarearm.current>ap/man-db-2.9.2-arm-1.txz]] * [[slackwarearm.current>ap/man-pages-5.07-noarch-1.txz]] * [[slackwarearm.current>ap/mpg123-1.26.1-arm-1.txz]] * [[slackwarearm.current>ap/nvme-cli-1.11.2-arm-1.txz]] * [[slackwarearm.current>ap/powertop-2.13-arm-1.txz]] * [[slackwarearm.current>ap/sqlite-3.32.2-arm-1.txz]] * [[slackwarearm.current>ap/usbmuxd-20200615_3daa1e9-arm-1.txz]] \\ Shared library .so-version bump. \\ Compiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. * [[slackwarearm.current>ap/vim-8.2.0901-arm-1.txz]] * [[slackwarearm.current>d/Cython-0.29.20-arm-1.txz]] * [[slackwarearm.current>d/bison-3.6.4-arm-1.txz]] * [[slackwarearm.current>d/cmake-3.17.3-arm-1.txz]] * [[slackwarearm.current>d/git-2.27.0-arm-1.txz]] * [[slackwarearm.current>d/kernel-headers-5.4.46-arm-1.txz]] * [[slackwarearm.current>d/mercurial-5.4.1-arm-1.txz]] * [[slackwarearm.current>d/meson-0.54.3-arm-1.txz]] * [[slackwarearm.current>d/patchelf-0.11-arm-1.txz]] * [[slackwarearm.current>d/perl-5.30.3-arm-1.txz]] \\ Upgraded to IO-Socket-SSL-2.068. * [[slackwarearm.current>d/python-setuptools-47.3.0-arm-1.txz]] * [[slackwarearm.current>d/rust-1.44.0-arm-1.txz]] * [[slackwarearm.current>d/strace-5.7-arm-1.txz]] * [[slackwarearm.current>d/subversion-1.14.0-arm-1.txz]] * [[slackwarearm.current>d/swig-4.0.2-arm-1.txz]] * [[slackwarearm.current>k/kernel-source-5.4.46-arm-1.txz]] * [[slackwarearm.current>l/Mako-1.1.3-arm-1.txz]] * [[slackwarearm.current>l/PyQt5-5.15.0-arm-1.txz]] * [[slackwarearm.current>l/QScintilla-2.11.5-arm-1.txz]] * [[slackwarearm.current>l/babl-0.1.78-arm-1.txz]] * [[slackwarearm.current>l/elfutils-0.180-arm-1.txz]] * [[slackwarearm.current>l/ffmpeg-4.3-arm-1.txz]] * [[slackwarearm.current>l/fuse3-3.9.2-arm-1.txz]] * [[slackwarearm.current>l/gegl-0.4.24-arm-1.txz]] * [[slackwarearm.current>l/glib-networking-2.64.3-arm-1.txz]] * [[slackwarearm.current>l/harfbuzz-2.6.7-arm-1.txz]] * [[slackwarearm.current>l/imagemagick-7.0.10_19-arm-1.txz]] * [[slackwarearm.current>l/lcms2-2.10-arm-1.txz]] * [[slackwarearm.current>l/libcap-2.36-arm-1.txz]] * [[slackwarearm.current>l/libimobiledevice-20200615_4791a82-arm-1.txz]] \\ Shared library .so-version bump. * [[slackwarearm.current>l/libplist-2.2.0-arm-1.txz]] \\ Shared library .so-version bump. * [[slackwarearm.current>l/librsvg-2.48.7-arm-1.txz]] * [[slackwarearm.current>l/libusbmuxd-20200615_c7d7d1a-arm-1.txz]] \\ Shared library .so-version bump. * [[slackwarearm.current>l/libvncserver-0.9.13-arm-1.txz]] * [[slackwarearm.current>l/libyaml-0.2.5-arm-1.txz]] * [[slackwarearm.current>l/libzip-1.7.1-arm-1.txz]] * [[slackwarearm.current>l/mozilla-nss-3.53-arm-1.txz]] * [[slackwarearm.current>l/netpbm-10.90.04-arm-1.txz]] * [[slackwarearm.current>l/python-certifi-2020.4.5.2-arm-1.txz]] * [[slackwarearm.current>l/qt5-5.15.0-arm-1.txz]] * [[slackwarearm.current>l/sip-4.19.23-arm-1.txz]] * [[slackwarearm.current>l/vte-0.60.3-arm-1.txz]] * [[slackwarearm.current>l/xapian-core-1.4.16-arm-1.txz]] * [[slackwarearm.current>n/NetworkManager-1.24.2-arm-1.txz]] * [[slackwarearm.current>n/alpine-2.22.1-arm-1.txz]] * [[slackwarearm.current>n/ca-certificates-20200602-noarch-1.txz]] \\ This update provides the latest CA certificates to check for the \\ authenticity of SSL connections. * [[slackwarearm.current>n/ethtool-5.7-arm-1.txz]] * [[slackwarearm.current>n/fetchmail-6.4.8-arm-1.txz]] * [[slackwarearm.current>n/gnutls-3.6.14-arm-1.txz]] \\ Fixed insecure session ticket key construction, since 3.6.4. The TLS server \\ would not bind the session ticket encryption key with a value supplied by \\ the application until the initial key rotation, allowing attacker to bypass \\ authentication in TLS 1.3 and recover previous conversations in TLS 1.2. \\ [GNUTLS-SA-2020-06-03, CVSS: high] \\ (* Security fix *) * [[slackwarearm.current>n/iproute2-5.7.0-arm-1.txz]] * [[slackwarearm.current>n/iptables-1.8.5-arm-1.txz]] * [[slackwarearm.current>n/iptraf-ng-1.2.0-arm-1.txz]] * [[slackwarearm.current>n/libgpg-error-1.38-arm-1.txz]] * [[slackwarearm.current>n/libnetfilter_queue-1.0.5-arm-1.txz]] * [[slackwarearm.current>n/libnftnl-1.1.7-arm-1.txz]] * [[slackwarearm.current>n/libqmi-1.24.14-arm-1.txz]] * [[slackwarearm.current>n/mutt-1.14.3-arm-1.txz]] * [[slackwarearm.current>n/nftables-0.9.6-arm-1.txz]] * [[slackwarearm.current>n/nghttp2-1.41.0-arm-1.txz]] \\ This update fixes a security issue where an overly large HTTP/2 SETTINGS \\ frame payload causes a denial of service. \\ For more information, see: \\ https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080 \\ (* Security fix *) * [[slackwarearm.current>n/openssh-8.3p1-arm-1.txz]] \\ /etc/pam.d/sshd: change the example for locking an account for too many \\ failed login attempts to use pam_faillock instead of pam_tally2. * [[slackwarearm.current>n/php-7.4.7-arm-1.txz]] * [[slackwarearm.current>n/postfix-3.5.3-arm-1.txz]] * [[slackwarearm.current>n/proftpd-1.3.6d-arm-1.txz]] \\ This is a bugfix release: \\ Fixed issue with FTPS uploads of large files using TLSv1.3 (Issue #959). * [[slackwarearm.current>n/rp-pppoe-3.14-arm-1.txz]] * [[slackwarearm.current>x/libdrm-2.4.102-arm-1.txz]] * [[slackwarearm.current>x/liberation-fonts-ttf-2.1.1-noarch-1.txz]] * [[slackwarearm.current>x/mesa-20.1.1-arm-1.txz]] * [[slackwarearm.current>x/twm-1.0.11-arm-1.txz]] * [[slackwarearm.current>x/vulkan-sdk-1.2.141.0-arm-1.txz]] * [[slackwarearm.current>x/xkeyboard-config-2.30-arm-1.txz]] * [[slackwarearm.current>xap/audacious-4.0.4-arm-1.txz]] * [[slackwarearm.current>xap/audacious-plugins-4.0.4-arm-1.txz]] * [[slackwarearm.current>xap/gimp-2.10.20-arm-1.txz]] * [[slackwarearm.current>xap/gnuchess-6.2.7-arm-1.txz]] * [[slackwarearm.current>xap/mozilla-firefox-68.9.0esr-arm-1.txz]] \\ This release contains security fixes and improvements. \\ For more information, see: \\ https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ \\ https://www.mozilla.org/security/advisories/mfsa2020-21/ \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410 \\ (* Security fix *) * [[slackwarearm.current>xap/mozilla-thunderbird-68.9.0-arm-1.txz]] \\ This release contains security fixes and improvements. \\ For more information, see: \\ https://www.mozilla.org/en-US/thunderbird/68.9.0/releasenotes/ \\ https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/ \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398 \\ (* Security fix *) * [[slackwarearm.current>xap/vim-gvim-8.2.0901-arm-1.txz]] * [[slackwarearm.current>xap/xlockmore-5.64-arm-1.txz]] * [[slackwarearm.current>kernels/*]] ==== Rebuilt ==== * [[slackwarearm.current>a/shadow-4.8.1-arm-9.txz]] \\ Get rid of "auth required pam_deny.so" which seems like a mistake. \\ /etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-' \\ system-auth: auth required pam_unix.so [...], otherwise the stack exits \\ before pam_gnome_keyring.so executes. Thanks to pyllyukko. \\ to avoid spamming the logs about failures. \\ Still pending: consider GazL's comments on moving stuff out of system-auth. * [[slackwarearm.current>a/sysvinit-scripts-2.1-noarch-27.txz]] \\ rc.S: create /var/run/faillock directory for pam_faillock(8). * [[slackwarearm.current>a/upower-0.9.23-arm-4.txz]] \\ Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. \\ The renaming mess initiated by libplist required a rebuild on this one to \\ keep things consistent for now, but don't worry - we aren't going to be \\ sticking to this version for long or anything. * [[slackwarearm.current>a/util-linux-2.35.2-arm-2.txz]] \\ /etc/pam.d/login: change the example for locking an account for too many \\ failed login attempts to use pam_faillock instead of pam_tally2. * [[slackwarearm.current>l/alsa-lib-1.2.2-arm-2.txz]] * [[slackwarearm.current>l/gvfs-1.44.1-arm-2.txz]] \\ Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. * [[slackwarearm.current>l/libgpod-0.8.3-arm-7.txz]] \\ Recompiled against libimobiledevice-20200615_4791a82 and libplist-2.2.0. * [[slackwarearm.current>l/qt5-webkit-5.212.0_alpha4-arm-3.txz]] * [[slackwarearm.current>extra/tigervnc/tigervnc-1.10.1-arm-4.txz]] \\ Applied patch from upstream Slackware that had been missed during the \\ last update. \\ Thanks to slackware_platypus on LQ for the report. * [[slackwarearm.current>isolinux/*]] ==== Added ==== * [[slackwarearm.current>d/gyp-20200512_caa60026-arm-1.txz]] {{tag>slackware changelog slackwarearm-current 2020/06}} news/2020/06/17/slackwarearm-current-changelog.txt Last modified: 4 years agoby Giuseppe Di Terlizzi Log In