Thu Feb 2 16:02:47 UTC 2012
It is cloudy and foggy here today -- I did not see my shadow, and
will not be crawling back into my hole for 6 weeks. ;-)
testing/packages/mozilla-firefox-11.0b1-i486-1.txz: Added.
+--------------------------+
Thu Feb 2 15:07:23 UTC 2012
a/kernel-firmware-20120202git-noarch-1.txz: Upgraded.
There were some reports of a failing checksum on the .asc (which
did verify, so the package was good). So, we'll replace it with
a new build to make sure that it syncs out.
+--------------------------+
Wed Feb 1 23:20:04 UTC 2012
$(fortune) just obtained logging in to stamp the Changelog, finally:
"You single-handedly fought your way into this hopeless mess."
Well, we'll work on rectifying that situation. :-) Sorry about the
lack of updates... everything here blew up all at once, it seemed, but
equipment, upstream targets, and reality all seem to be settling down
enough to get these updates out and have them be an actual improvement
over what's already up. Hope to have more soon. Cheers!
l/seamonkey-solibs-2.7-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
xap/mozilla-firefox-10.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-10.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.7-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
+--------------------------+
Wed Feb 1 17:18:14 CST 2012
testing/packages/mozilla-firefox-10.0-i486-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-10.0-i486-1.txz: Upgraded.
+--------------------------+
Wed Feb 1 17:18:13 CST 2012
a/kernel-generic-3.2.2-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.2-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.2-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/openssl-solibs-0.9.8t-i486-1.txz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
d/kernel-headers-3.2.2_smp-x86-1.txz: Upgraded.
e/emacs-23.4-i486-1.txz: Upgraded.
k/kernel-source-3.2.2_smp-noarch-1.txz: Upgraded.
n/openssl-0.9.8t-i486-1.txz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
extra/linux-3.2.1-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Wed Feb 1 17:18:11 CST 2012
a/coreutils-8.15-i486-1.txz: Upgraded.
This will be provided as a patch to fix some important issues with ext4.
Thanks to Georgy Salnikov for the notification.
a/cups-1.4.8-i486-1.txz: Upgraded.
This might fix a printing issue with LibreOffice. We'll look into cups-1.5.0
once we know if this fix works. If it does, we'll deploy cups-1.4.8 as
a patch for Slackware 13.37. Thanks to Willy Sudiarto Raharjo.
a/glibc-solibs-2.14.1-i486-3.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz: Rebuilt.
a/kernel-generic-3.2.1-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.1_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.1-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.1_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.1-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.1_smp-i686-1.txz: Upgraded.
d/kernel-headers-3.2.1_smp-x86-1.txz: Upgraded.
k/kernel-source-3.2.1_smp-noarch-1.txz: Upgraded.
l/glibc-2.14.1-i486-3.txz: Rebuilt.
l/glibc-i18n-2.14.1-i486-3.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz: Rebuilt.
n/ca-certificates-20111211-noarch-1.txz: Upgraded.
Removes DigiNotar and other untrusted certificates.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Wed Feb 1 17:18:07 CST 2012
Hey folks! Have a few overdue updates to the toolchain. This has all been
built and rebuild (and upgraded) far too many times IMHO to wait around yet
again to get 3.2.1 in place and bump some compiler deps to get ARM working...
what was that about the echo $(fortune -m "goal of Computer Science") ?
Anyway, please test and report problems and we'll have another round here
shortly.
a/glibc-solibs-2.14.1-i486-3.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz: Rebuilt.
a/kernel-firmware-20120109git-noarch-1.txz: Upgraded.
ap/htop-1.0-i486-1.txz: Upgraded.
d/gcc-4.6.2-i486-1.txz: Upgraded.
d/gcc-g++-4.6.2-i486-1.txz: Upgraded.
d/gcc-gfortran-4.6.2-i486-1.txz: Upgraded.
d/gcc-gnat-4.6.2-i486-1.txz: Upgraded.
d/gcc-go-4.6.2-i486-1.txz: Added.
d/gcc-java-4.6.2-i486-1.txz: Upgraded.
d/gcc-objc-4.6.2-i486-1.txz: Upgraded.
d/slacktrack-2.10-i486-1.txz: Upgraded.
e/emacs-23.3.tar.xz: Upgraded.
l/freetype-2.4.8-i486-1.txz: Upgraded.
Some vulnerabilities in handling CID-keyed PostScript fonts have
been fixed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
(* Security fix *)
l/glibc-2.14.1-i486-3.txz: Rebuilt.
Patched to provide compile support for NIS and RPC again.
l/glibc-i18n-2.14.1-i486-3.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz: Rebuilt.
l/seamonkey-solibs-2.6.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
n/sendmail-8.14.5-i486-1.txz: Upgraded.
n/sendmail-cf-8.14.5-noarch-1.txz: Upgraded.
xap/mozilla-firefox-9.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-9.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.6.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/x3270-3.3.12ga7-i486-1.txz: Upgraded.
xap/xfractint-20.04p11-i486-1.txz: Upgraded.
pasture/gcc-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-g++-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-gfortran-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-gnat-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-java-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-objc-4.5.3-i486-2.txz: Moved to /pasture.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
testing/packages/mozilla-firefox-10.0b4-i486-1.txz: Added.
testing/packages/mozilla-thunderbird-10.0b3-i486-1.txz: Added.
+--------------------------+
Wed Dec 14 16:22:29 UTC 2011
d/subversion-1.7.2-i486-1.txz: Upgraded.
This update fixes an issue with "git svn clone" being broken.
Thanks to Francesco Allertsen for the heads-up.
Hmmm, perhaps vbatts can tell me what has happened to the ruby bindings...
+--------------------------+
Tue Nov 29 00:09:21 UTC 2011
testing/packages/mozilla-thunderbird-9.0b2-i486-1.txz: Upgraded.
+--------------------------+
Sun Nov 27 03:37:52 UTC 2011
d/yasm-1.2.0-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.5-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/mozilla-firefox-8.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-8.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.5-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
testing/packages/mozilla-firefox-9.0b3-i486-1.txz: Upgraded.
+--------------------------+
Wed Nov 23 15:17:39 UTC 2011
d/make-3.82-i486-3.txz: Rebuilt.
Patched a free() crash when building Android. Thanks to Troy Unrau.
Fixed IA32 arch, package locations... sorry :)
+--------------------------+
Tue Nov 22 15:23:55 UTC 2011
d/make-3.82-x86_64-3.txz: Rebuilt.
Patched a free() crash when building Android. Thanks to Troy Unrau.
testing/packages/mozilla-firefox-9.0b2-i486-1.txz: Upgraded.
+--------------------------+
Thu Nov 17 02:12:33 UTC 2011
n/bind-9.7.4_P1-i486-1.txz: Upgraded.
--- 9.7.4-P1 released ---
3218. [security] Cache lookup could return RRSIG data associated with
nonexistent records, leading to an assertion
failure. [RT #26590]
(* Security fix *)
+--------------------------+
Sun Nov 13 16:03:06 UTC 2011
a/glibc-solibs-2.14.1-i486-2.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-2.txz: Rebuilt.
l/glibc-2.14.1-i486-2.txz: Rebuilt.
Merged ELF patches -- Matt Burgess <matthew_at_linuxfromscratch_dot_org>
l/glibc-i18n-2.14.1-i486-2.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-2.txz: Rebuilt.
testing/packages/mozilla-firefox-9.0b1-i486-1.txz: Added.
+--------------------------+
Fri Nov 11 18:58:21 UTC 2011
Good 11-11-11, everyone! Enjoy some fresh time. :)
a/glibc-solibs-2.14.1-i486-1.txz: Upgraded.
a/glibc-zoneinfo-2011i_2011n-noarch-1.txz: Upgraded.
New upstream homepage: http://www.iana.org/time-zones
l/glibc-2.14.1-i486-1.txz: Upgraded.
l/glibc-i18n-2.14.1-i486-1.txz: Upgraded.
l/glibc-profile-2.14.1-i486-1.txz: Upgraded.
+--------------------------+
Tue Nov 8 04:07:49 UTC 2011
n/openssh-5.9p1-i486-2.txz: Rebuilt.
Upstream different timestamp, size, ChangeLog. GPG verifies on both
this newer one and what we had before (?).
xap/mozilla-firefox-8.0-i486-1.txz: Upgraded.
+--------------------------+
Tue Oct 11 07:50:04 UTC 2011
a/file-5.09-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.4.1-i486-1.txz: Upgraded.
n/httpd-2.2.21-i486-1.txz: Upgraded.
Respond with HTTP_NOT_IMPLEMENTED when the method is not
recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348
Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
PR 51748. [<lowprio20 gmail.com>]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
(* Security fix *)
xap/mozilla-firefox-7.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-7.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.4.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
testing/packages/mozilla-firefox-8.0b2-i486-1.txz: Upgraded.
+--------------------------+
Tue Sep 6 16:53:43 UTC 2011
n/openssh-5.9p1-i486-1.txz: Upgraded.
+--------------------------+
Tue Sep 6 00:15:03 UTC 2011
l/seamonkey-solibs-2.3.3-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
n/httpd-2.2.20-i486-1.txz: Upgraded.
SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
(* Security fix *)
xap/mozilla-firefox-6.0.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
xap/mozilla-thunderbird-6.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
xap/seamonkey-2.3.3-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
testing/packages/mozilla-firefox-7.0b4-i486-1.txz: Upgraded.
+--------------------------+
Thu Aug 25 09:10:45 UTC 2011
a/kernel-firmware-20110814git-noarch-1.txz: Upgraded.
Fetch the latest kernel firmware from git -- the stuff in the kernel sources
is somewhat stale.
ap/soma-2.7.1-noarch-1.txz: Added.
Soma is a command line/dialog Internet radio player.
Thanks to David Woodfall.
l/jre-6u27-i586-1.txz: Upgraded.
n/php-5.3.8-i486-1.txz: Upgraded.
Security fixes vs. 5.3.6 (5.3.7 was not usable):
Updated crypt_blowfish to 1.2. (CVE-2011-2483)
Fixed crash in error_log(). Reported by Mateusz Kocielski
Fixed buffer overflow on overlog salt in crypt().
Fixed bug #54939 (File path injection vulnerability in RFC1867
File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
(* Security fix *)
extra/jdk-6/jdk-6u27-i586-1.txz: Upgraded.
testing/packages/mozilla-firefox-7.0b1-i486-1.txz: Added.
+--------------------------+
Sun Aug 14 17:49:30 UTC 2011
n/wget-1.13-i486-1.txz: Upgraded.
xap/mozilla-firefox-6.0-i486-1.txz: Upgraded.
+--------------------------+
Fri Aug 12 23:20:00 UTC 2011
d/binutils-2.21.53.0.2-i486-1.txz: Upgraded.
n/bind-9.7.4-i486-1.txz: Upgraded.
This BIND update addresses a couple of security issues:
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
+--------------------------+
Fri Aug 12 16:25:35 UTC 2011
ap/htop-0.9-i486-1.txz: Added.
Oops, this was missing on 32-bit. Thanks to Willy Sudiarto Raharjo.
+--------------------------+
Fri Aug 12 00:29:11 UTC 2011
a/lilo-23.2-i486-1.txz: Upgraded.
ap/htop-0.9-i486-1.txz: Added.
htop is an ncurses-based interactive process viewer.
Thanks to Michal Dorocinski for the suggestion.
ap/sqlite-3.7.7.1-i486-1.txz: Upgraded.
Added options: -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_PARENTHESIS=1
e/emacs-23.3a-i486-1.txz: Upgraded.
testing/packages/mozilla-firefox-6.0b5-i486-1.txz: Added.
testing/packages/mozilla-thunderbird-6.0b3-i486-1.txz: Added.
testing/packages/seamonkey-2.3b3-i486-1.txz: Added.
testing/packages/seamonkey-solibs-2.3b3-i486-1.txz: Added.
+--------------------------+
Fri Jul 29 18:22:40 UTC 2011
ap/screen-4.0.3-i486-3.txz: Rebuilt.
Use a larger buffer for the termtype variable to fix crashes with long
names (e.g. rxvt-unicode-256color).
Thanks to cteg.
l/libpng-1.4.8-i486-1.txz: Upgraded.
Upgraded to libpng-1.2.46 and libpng-1.4.8.
Fixed uninitialized memory read in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
(* Security fix *)
n/dhcpcd-5.2.12-i486-1.txz: Upgraded.
Sanitize the host name provided by the DHCP server to insure that it does
not contain any shell metacharacters.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996
(* Security fix *)
n/samba-3.5.10-i486-1.txz: Upgraded.
Fixed cross-site request forgery and cross-site scripting vulnerability
in SWAT (the Samba Web Administration Tool).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
(* Security fix *)
+--------------------------+
Thu Jul 14 21:34:41 UTC 2011
l/seamonkey-solibs-2.2-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/mozilla-firefox-5.0.1-i486-1.txz: Upgraded.
I guess this is only a fix for Mac OS X, but it's still 0.0.1 better. ;-)
xap/mozilla-thunderbird-5.0-i486-1.txz: Upgraded.
Thanks to dolphin77 for some hints about the ./configure options.
xap/seamonkey-2.2-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
+--------------------------+
Fri Jul 8 16:55:13 UTC 2011
n/bind-9.7.3_P3-i486-1.txz: Upgraded.
A specially constructed packet will cause BIND 9 ("named") to exit,
affecting DNS service. The issue exists in BIND 9.6.3 and newer.
"Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. This was fixed by disambiguating internal database
representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]"
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
xap/mozilla-thunderbird-3.1.11-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html
(* Security fix *)
+--------------------------+
Tue Jun 28 18:19:47 UTC 2011
ap/ghostscript-9.02-i486-2.txz: Rebuilt.
Provide pstoraster -> gstoraster symlink.
Include latest History file, but not all the old ones.
Is this ready for 13.37/patches now?
+--------------------------+
Mon Jun 27 21:29:54 UTC 2011
n/gnutls-2.12.7-i486-1.txz: Upgraded.
xap/pidgin-2.9.0-i486-1.txz: Upgraded.
Fixed a remote denial of service. A remote attacker could set a specially
crafted GIF file as their buddy icon causing vulerable versions of pidgin
to crash due to excessive memory use.
For more information, see:
http://pidgin.im/news/security/?id=52
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485
(* Security fix *)
+--------------------------+
Fri Jun 24 02:55:39 UTC 2011
ap/ghostscript-9.02-i486-1.txz: Upgraded.
I welcome reports about how well this version of ghostscript works compared
with the 9.00 that shipped in Slackware 13.37. If it fixes important bugs
without regressions, then it might be considered as a patch for 13.37.
l/jre-6u26-i586-1.txz: Upgraded.
xap/mozilla-firefox-5.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
extra/jdk-6/jdk-6u26-i586-1.txz: Upgraded.
+--------------------------+
Mon Jun 20 04:09:11 UTC 2011
n/getmail-4.20.3-i486-1.txz: Upgraded.
n/fetchmail-6.3.20-i486-1.txz: Upgraded.
This release fixes a denial of service in STARTTLS protocol phases.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
(* Security fix *)
l/seamonkey-solibs-2.1-i486-1.txz: Upgraded.
xap/seamonkey-2.1-i486-1.txz: Upgraded.
+--------------------------+
Sat May 28 19:28:21 UTC 2011
a/file-5.07-i486-1.txz: Upgraded.
d/gcc-4.5.3-i486-2.txz: Rebuilt.
d/gcc-g++-4.5.3-i486-2.txz: Rebuilt.
d/gcc-gfortran-4.5.3-i486-2.txz: Rebuilt.
d/gcc-gnat-4.5.3-i486-2.txz: Rebuilt.
d/gcc-java-4.5.3-i486-2.txz: Rebuilt.
d/gcc-objc-4.5.3-i486-2.txz: Rebuilt.
Added --enable-objc-gc option to enable Objective-C garbage collection.
Thanks to Luca De Pandis.
+--------------------------+
Fri May 27 22:56:00 UTC 2011
n/bind-9.7.3_P1-i486-1.txz: Upgraded.
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won't validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *)
+--------------------------+
Wed May 25 20:03:16 UTC 2011
a/cxxlibs-6.0.14-i486-2.txz: Rebuilt.
a/glibc-solibs-2.13-i486-5.txz: Rebuilt.
a/glibc-zoneinfo-2.13-noarch-5.txz: Rebuilt.
Upgraded to tzcode2011g and tzdata2011g.
a/kernel-firmware-2.6.38.7-noarch-1.txz: Upgraded.
a/kernel-generic-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-generic-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
a/kernel-huge-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-huge-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
a/kernel-modules-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-modules-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.66-i486-9.txz: Rebuilt.
ap/nano-2.3.1-i486-1.txz: Upgraded.
d/gcc-4.5.3-i486-1.txz: Upgraded.
d/gcc-g++-4.5.3-i486-1.txz: Upgraded.
d/gcc-gfortran-4.5.3-i486-1.txz: Upgraded.
d/gcc-gnat-4.5.3-i486-1.txz: Upgraded.
d/gcc-java-4.5.3-i486-1.txz: Upgraded.
d/gcc-objc-4.5.3-i486-1.txz: Upgraded.
d/git-1.7.5.1-i486-1.txz: Upgraded.
d/kernel-headers-2.6.38.7_smp-x86-1.txz: Upgraded.
d/perl-5.14.0-i486-1.txz: Upgraded.
d/subversion-1.6.16-i486-2.txz: Rebuilt.
k/kernel-source-2.6.38.7_smp-noarch-1.txz: Upgraded.
These are the main configuration changes from the 2.6.37.6 kernel in 13.37:
BLK_DEV_LOOP y -> m
HIGHMEM4G y -> n
HIGHMEM64G n -> y
LOG_BUF_SHIFT 15 -> 18
M686 y -> n
MPENTIUMIII n -> y
MOUSE_PS2_ELANTECH n -> y
And, compared with the 2.6.38.4 kernel in 13.37/testing:
LOG_BUF_SHIFT 15 -> 18
M686 y -> n
MPENTIUMIII n -> y
PREEMPT_NONE y -> n
PREEMPT_VOLUNTARY n -> y
SCHED_AUTOGROUP y -> n
It remains to be seen where the PREEMPT_* options will settle in the future.
SCHED_AUTOGROUP still seems sketchy to me, and might be behind some odd
clockskew issues. And, thanks to Carl Wenninger for reporting that the
LOG_BUF_SHIFT setting was less than the kernel defaults and was leading to
a few missing lines at the beginning of 'dmesg' output.
kde/kdebindings-4.5.5-i486-3.txz: Rebuilt.
l/apr-1.4.5-i486-1.txz: Upgraded.
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *)
l/apr-util-1.3.12-i486-1.txz: Upgraded.
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init().
l/glibc-2.13-i486-5.txz: Rebuilt.
l/glibc-i18n-2.13-i486-5.txz: Rebuilt.
l/glibc-profile-2.13-i486-5.txz: Rebuilt.
l/libidn-1.22-i486-1.txz: Upgraded.
l/pilot-link-0.12.5-i486-4.txz: Rebuilt.
l/virtuoso-ose-6.1.2-i486-2.txz: Rebuilt.
n/gnutls-2.12.5-i486-1.txz: Upgraded.
n/httpd-2.2.19-i486-1.txz: Upgraded.
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.
n/irssi-0.8.15-i486-4.txz: Rebuilt.
n/net-snmp-5.6.1-i486-2.txz: Rebuilt.
n/ntp-4.2.6p3-i486-2.txz: Rebuilt.
n/obexftp-0.23-i486-6.txz: Rebuilt.
x/libdrm-2.4.25-i486-1.txz: Upgraded.
x/mesa-7.10.2-i486-1.txz: Upgraded.
x/xf86-video-nouveau-git_20110515_8378443-i486-1.txz: Upgraded.
xap/gv-3.7.2-i486-1.txz: Upgraded.
xap/imagemagick-6.6.9_8-i486-1.txz: Upgraded.
xap/pidgin-2.7.11-i486-2.txz: Rebuilt.
xap/xchat-2.8.8-i486-4.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
extra/linux-2.6.38.7-nosmp-sdk/*: Rebuilt.
+--------------------------+
Fri May 13 20:30:07 UTC 2011
l/apr-1.4.4-i486-1.txz: Upgraded.
This fixes a possible denial of service due to an unconstrained, recursive
invocation of apr_fnmatch(). This function has been reimplemented using a
non-recursive algorithm. Thanks to William Rowe.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
(* Security fix *)
l/apr-util-1.3.11-i486-1.txz: Upgraded.
n/httpd-2.2.18-i486-1.txz: Upgraded.
This is a bug fix release, but since the upgrades to apr/apr-util require at
least an httpd recompile we opted to upgrade to the newest httpd.
+--------------------------+
Thu May 5 23:23:20 UTC 2011
a/coreutils-8.12-i486-1.txz: Upgraded.
+--------------------------+
Mon May 2 20:20:50 UTC 2011
xap/mozilla-firefox-4.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox40.html
(* Security fix *)
xap/mozilla-thunderbird-3.1.10-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html
(* Security fix *)
+--------------------------+
Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86 stable is released!
Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
As always, thanks to the Slackware community for testing, suggestions,
and feedback. :-)
Have fun!
+--------------------------+
|
Slackware® is a registered trademark of Slackware Linux, Inc. All logos and graphics are copyrighted.
|
|
|