news:2022:03:17:slackware64-15.0-changelog

Slackware64-15.0 ChangeLog (2022-03-17)

Thu Mar 17 19:46:28 UTC 2022

Packages

Upgraded

  • patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz
    This update fixes bugs and the following security issues:
    An assertion could occur in resume_dslookup() if the fetch had been shut
    down earlier.
    Lookups involving a DNAME could trigger an INSIST when “synth-from-dnssec”
    was enabled.
    A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
    to be called recursively, which in turn left TCP connections hanging in the
    CLOSE_WAIT state blocking indefinitely when out-of-order processing was
    disabled.
    The rules for acceptance of records into the cache have been tightened to
    prevent the possibility of poisoning if forwarders send records outside
    the configured bailiwick.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
    (* Security fix *)
  • patches/packages/bluez-5.64-x86_64-1_slack15.0.txz
    This is a bugfix release:
    Fix issue with handling A2DP discover procedure.
    Fix issue with media endpoint replies and SetConfiguration.
    Fix issue with HoG queuing events before report map is read.
    Fix issue with HoG and read order of GATT attributes.
    Fix issue with HoG and not using UHID_CREATE2 interface.
    Fix issue with failed scanning for 5 minutes after reboot.
  • patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz
    This update fixes a high severity security issue:
    The BN_mod_sqrt() function, which computes a modular square root, contains
    a bug that can cause it to loop forever for non-prime moduli.
    For more information, see:
    https://www.openssl.org/news/secadv/20220315.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
    (* Security fix *)
  • patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz
  • patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz
    Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
    sure that the QtWebEngine version matches the rest of Qt, which got the
    latest git pull compiling again.
    If a 32-bit userspace is detected, then:
    export QTWEBENGINE_CHROMIUM_FLAGS=“–disable-seccomp-filter-sandbox”
    This works around crashes occuring with 32-bit QtWebEngine applications.
    Thanks to alienBOB.
, , ,
  • news/2022/03/17/slackware64-15.0-changelog.txt
  • Last modified: 2 years ago
  • by Giuseppe Di Terlizzi