Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 13 Sep 2016, 19:21
Slackware 64-bit
Code: Select all
Mon Sep 12 18:39:03 UTC 2016
ap/texinfo-6.3-x86_64-1.txz: Upgraded.
d/guile-2.0.12-x86_64-2.txz: Rebuilt.
Match timestamps across all $ARCH on *.go and *.scm files, otherwise
on multilib systems the compiled (go) files may be detected as older
than the source (scm) files, causing guile to attempt to recompile
itself with every use.
l/sdl-1.2.15-x86_64-5.txz: Rebuilt.
Fixed a regression that broke MOD support. Thanks to B Watson.
x/libXfont-1.5.2-x86_64-1.txz: Upgraded.
x/mesa-12.0.2-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Mon Sep 12 18:39:03 UTC 2016
ap/texinfo-6.3-i586-1.txz: Upgraded.
d/guile-2.0.12-i586-2.txz: Rebuilt.
Match timestamps across all $ARCH on *.go and *.scm files, otherwise
on multilib systems the compiled (go) files may be detected as older
than the source (scm) files, causing guile to attempt to recompile
itself with every use.
l/sdl-1.2.15-i586-5.txz: Rebuilt.
Fixed a regression that broke MOD support. Thanks to B Watson.
x/libXfont-1.5.2-i586-1.txz: Upgraded.
x/mesa-12.0.2-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 14 Sep 2016, 20:05
Slackware 64-bit
Code: Select all
Tue Sep 13 18:13:32 UTC 2016
ap/mariadb-10.0.27-x86_64-1.txz: Upgraded.
This update fixes a critical vulnerability which can allow local and
remote attackers to inject malicious settings into MySQL configuration
files (my.cnf). A successful exploitation could allow attackers to
execute arbitrary code with root privileges which would then allow them
to fully compromise the server.
This issue was discovered and reported by Dawid Golunski.
For more information, see:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://jira.mariadb.org/browse/MDEV-10465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
(* Security fix *)
ap/vim-8.0.0003-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.0.0003-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Tue Sep 13 18:13:32 UTC 2016
ap/mariadb-10.0.27-i586-1.txz: Upgraded.
This update fixes a critical vulnerability which can allow local and
remote attackers to inject malicious settings into MySQL configuration
files (my.cnf). A successful exploitation could allow attackers to
execute arbitrary code with root privileges which would then allow them
to fully compromise the server.
This issue was discovered and reported by Dawid Golunski.
For more information, see:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://jira.mariadb.org/browse/MDEV-10465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
(* Security fix *)
ap/vim-8.0.0003-i586-1.txz: Upgraded.
xap/vim-gvim-8.0.0003-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 16 Sep 2016, 14:39
Slackware 64-bit
Code: Select all
Thu Sep 15 22:54:52 UTC 2016
a/bash-4.4.0-x86_64-1.txz: Upgraded.
a/btrfs-progs-v4.7.2-x86_64-1.txz: Upgraded.
a/e2fsprogs-1.43.3-x86_64-1.txz: Upgraded.
a/pkgtools-14.2-noarch-12.txz: Rebuilt.
removepkg: Fixed removing packages with >= 3 hyphens in the package name
when using just the package name rather than the full name including
version, arch, and build.
Thanks to coralfang for the bug report, Jim Hawkins and Stuart Winter for
the patch, and SeB for testing and feedback.
removepkg: Handle filenames that contain backslashes.
Thanks to aaazen for the bug report and patch.
ap/vim-8.0.0005-x86_64-1.txz: Upgraded.
n/curl-7.50.3-x86_64-1.txz: Upgraded.
Fixed heap overflows in four libcurl functions: curl_escape(),
curl_easy_escape(), curl_unescape() and curl_easy_unescape().
For more information, see:
https://curl.haxx.se/docs/adv_20160914.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
(* Security fix *)
xap/vim-gvim-8.0.0005-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Thu Sep 15 22:54:52 UTC 2016
a/bash-4.4.0-i586-1.txz: Upgraded.
a/btrfs-progs-v4.7.2-i586-1.txz: Upgraded.
a/e2fsprogs-1.43.3-i586-1.txz: Upgraded.
a/pkgtools-14.2-noarch-12.txz: Rebuilt.
removepkg: Fixed removing packages with >= 3 hyphens in the package name
when using just the package name rather than the full name including
version, arch, and build.
Thanks to coralfang for the bug report, Jim Hawkins and Stuart Winter for
the patch, and SeB for testing and feedback.
removepkg: Handle filenames that contain backslashes.
Thanks to aaazen for the bug report and patch.
ap/vim-8.0.0005-i586-1.txz: Upgraded.
n/curl-7.50.3-i586-1.txz: Upgraded.
Fixed heap overflows in four libcurl functions: curl_escape(),
curl_easy_escape(), curl_unescape() and curl_easy_unescape().
For more information, see:
https://curl.haxx.se/docs/adv_20160914.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
(* Security fix *)
xap/vim-gvim-8.0.0005-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 21 Sep 2016, 22:06
Slackware 64-bit
Code: Select all
Wed Sep 21 15:54:06 UTC 2016
a/mkinitrd-1.4.8-x86_64-9.txz: Rebuilt.
When generating the initrd, include dmsetup whenever LUKS is requested.
Thanks to TracyTiger for the bug report and Eric Hameleers for the patch.
e/emacs-25.1-x86_64-1.txz: Upgraded.
l/qt-4.8.7-x86_64-5.txz: Rebuilt.
In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid
ld warnings when using qmake on a multilib system.
Thanks to Jonathan Woithe for the bug report and fix.
n/network-scripts-14.2-noarch-4.txz: Rebuilt.
rc.inet1.new: Use return (not continue) to leave the if_up() function.
Thanks to Tim Thomas for the bug report.
xap/mozilla-firefox-49.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/pidgin-2.11.0-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://www.pidgin.im/news/security/
(* Security fix *)
Slackware 32-bit
Code: Select all
Wed Sep 21 15:54:06 UTC 2016
a/mkinitrd-1.4.8-i586-9.txz: Rebuilt.
When generating the initrd, include dmsetup whenever LUKS is requested.
Thanks to TracyTiger for the bug report and Eric Hameleers for the patch.
e/emacs-25.1-i586-1.txz: Upgraded.
l/qt-4.8.7-i586-5.txz: Rebuilt.
In the .prl files, make sure to use -L/usr/X11R6/lib64 on 64-bit to avoid
ld warnings when using qmake on a multilib system.
Thanks to Jonathan Woithe for the bug report and fix.
n/network-scripts-14.2-noarch-4.txz: Rebuilt.
rc.inet1.new: Use return (not continue) to leave the if_up() function.
Thanks to Tim Thomas for the bug report.
xap/mozilla-firefox-49.0-i586-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/pidgin-2.11.0-i586-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://www.pidgin.im/news/security/
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 22 Sep 2016, 06:22
Slackware 64-bit
Code: Select all
Wed Sep 21 21:10:52 UTC 2016
n/irssi-0.8.20-x86_64-1.txz: Upgraded.
This update fixes two remote crash and heap corruption vulnerabilites
in Irssi's format parsing code. Impact: Remote crash and heap
corruption. Remote code execution seems difficult since only Nuls are
written. Bugs discovered by, and patches provided by Gabriel Campana
and Adrien Guinet from Quarkslab.
For more information, see:
https://irssi.org/security/irssi_sa_2016.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
(* Security fix *)
Slackware 32-bit
Code: Select all
Wed Sep 21 21:10:52 UTC 2016
n/irssi-0.8.20-i586-1.txz: Upgraded.
This update fixes two remote crash and heap corruption vulnerabilites
in Irssi's format parsing code. Impact: Remote crash and heap
corruption. Remote code execution seems difficult since only Nuls are
written. Bugs discovered by, and patches provided by Gabriel Campana
and Adrien Guinet from Quarkslab.
For more information, see:
https://irssi.org/security/irssi_sa_2016.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7045
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 23 Sep 2016, 15:21
Slackware 64-bit
Code: Select all
Thu Sep 22 18:38:07 UTC 2016
a/openssl-solibs-1.0.2i-x86_64-1.txz: Upgraded.
n/openssl-1.0.2i-x86_64-1.txz: Upgraded.
This update fixes denial-of-service and other security issues.
For more information, see:
https://www.openssl.org/news/secadv/20160922.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308
(* Security fix *)
Slackware 32-bit
Code: Select all
Thu Sep 22 18:38:07 UTC 2016
a/openssl-solibs-1.0.2i-i586-1.txz: Upgraded.
n/openssl-1.0.2i-i586-1.txz: Upgraded.
This update fixes denial-of-service and other security issues.
For more information, see:
https://www.openssl.org/news/secadv/20160922.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6305
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6306
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 24 Sep 2016, 20:48
Slackware 64-bit
Code: Select all
Fri Sep 23 23:30:53 UTC 2016
n/php-5.6.26-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.26
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
(* Security fix *)
Slackware 32-bit
Code: Select all
Fri Sep 23 23:30:53 UTC 2016
n/php-5.6.26-i586-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.26
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 25 Sep 2016, 12:27
Slackware 64-bit
Code: Select all
Sun Sep 25 02:32:25 UTC 2016
a/kernel-firmware-20160924git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.22-x86_64-1.txz: Upgraded.
a/kernel-huge-4.4.22-x86_64-1.txz: Upgraded.
a/kernel-modules-4.4.22-x86_64-1.txz: Upgraded.
d/kernel-headers-4.4.22-x86-1.txz: Upgraded.
k/kernel-source-4.4.22-noarch-1.txz: Upgraded.
n/sshfs-2.8-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Slackware 32-bit
Code: Select all
Sun Sep 25 02:32:25 UTC 2016
a/kernel-firmware-20160924git-noarch-1.txz: Upgraded.
a/kernel-generic-4.4.22-i586-1.txz: Upgraded.
a/kernel-generic-smp-4.4.22_smp-i686-1.txz: Upgraded.
a/kernel-huge-4.4.22-i586-1.txz: Upgraded.
a/kernel-huge-smp-4.4.22_smp-i686-1.txz: Upgraded.
a/kernel-modules-4.4.22-i586-1.txz: Upgraded.
a/kernel-modules-smp-4.4.22_smp-i686-1.txz: Upgraded.
d/kernel-headers-4.4.22_smp-x86-1.txz: Upgraded.
k/kernel-source-4.4.22_smp-noarch-1.txz: Upgraded.
n/sshfs-2.8-i586-1.txz: Added.
Thanks to Heinz Wiesinger.
extra/linux-4.4.22-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 26 Sep 2016, 22:39
Slackware 64-bit
Code: Select all
Mon Sep 26 18:14:08 UTC 2016
a/openssl-solibs-1.0.2j-x86_64-1.txz: Upgraded.
a/pkgtools-14.2-noarch-13.txz: Rebuilt.
removepkg: Fixed removing filenames containing "%".
Thanks to SeB for the bug report, and to Jim Hawkins for the patch.
n/openssl-1.0.2j-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Missing CRL sanity check (CVE-2016-7052)
For more information, see:
https://www.openssl.org/news/secadv/20160926.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052
(* Security fix *)
Slackware 32-bit
Code: Select all
Mon Sep 26 18:14:08 UTC 2016
a/openssl-solibs-1.0.2j-i586-1.txz: Upgraded.
a/pkgtools-14.2-noarch-13.txz: Rebuilt.
removepkg: Fixed removing filenames containing "%".
Thanks to SeB for the bug report, and to Jim Hawkins for the patch.
n/openssl-1.0.2j-i586-1.txz: Upgraded.
This update fixes a security issue:
Missing CRL sanity check (CVE-2016-7052)
For more information, see:
https://www.openssl.org/news/secadv/20160926.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7052
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 28 Sep 2016, 18:44
Slackware 64-bit
Code: Select all
Tue Sep 27 19:16:56 UTC 2016
ap/hplip-3.16.9-x86_64-1.txz: Upgraded.
Reenabled parallel port support. Thanks to Jas for the bug report.
n/bind-9.10.4_P3-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. Testing by ISC has
uncovered a critical error condition which can occur when a nameserver is
constructing a response. A defect in the rendering of messages into
packets can cause named to exit with an assertion failure in buffer.c while
constructing a response to a query that meets certain criteria.
For more information, see:
https://kb.isc.org/article/AA-01419/0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776
(* Security fix *)
xap/gnuchess-6.2.3-x86_64-1.txz: Upgraded.
Upgraded to gnuchess-6.2.3 and xboard-4.9.1.
Slackware 32-bit
Code: Select all
Tue Sep 27 19:16:56 UTC 2016
ap/hplip-3.16.9-i586-1.txz: Upgraded.
Reenabled parallel port support. Thanks to Jas for the bug report.
n/bind-9.10.4_P3-i586-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. Testing by ISC has
uncovered a critical error condition which can occur when a nameserver is
constructing a response. A defect in the rendering of messages into
packets can cause named to exit with an assertion failure in buffer.c while
constructing a response to a query that meets certain criteria.
For more information, see:
https://kb.isc.org/article/AA-01419/0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776
(* Security fix *)
xap/gnuchess-6.2.3-i586-1.txz: Upgraded.
Upgraded to gnuchess-6.2.3 and xboard-4.9.1.
Who is online
Users browsing this forum: No registered users and 84 guests