Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 24 Mar 2017, 16:31
Slackware 64-bit
Code: Select all
Thu Mar 23 21:38:23 UTC 2017
a/glibc-zoneinfo-2017b-noarch-1.txz: Upgraded.
a/libgudev-231-x86_64-1.txz: Upgraded.
a/lilo-24.2-x86_64-4.txz: Rebuilt.
Issue a warning rather than a fatal error for colons in /dev/disk/by-id/
device names. Thanks to alex14641 on LQ.
d/cmake-3.7.2-x86_64-1.txz: Upgraded.
d/ruby-2.4.1-x86_64-1.txz: Upgraded.
n/mcabber-1.0.5-x86_64-1.txz: Upgraded.
This update fixes a security issue:
An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
clients allows a remote attacker to impersonate any user, including
contacts, in the vulnerable application's display. This allows for various
kinds of social engineering attacks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *)
n/samba-4.6.1-x86_64-1.txz: Upgraded.
This update fixes a security issue:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
(* Security fix *)
Slackware 32-bit
Code: Select all
Thu Mar 23 21:38:23 UTC 2017
a/glibc-zoneinfo-2017b-noarch-1.txz: Upgraded.
a/libgudev-231-i586-1.txz: Upgraded.
a/lilo-24.2-i586-4.txz: Rebuilt.
Issue a warning rather than a fatal error for colons in /dev/disk/by-id/
device names. Thanks to alex14641 on LQ.
d/cmake-3.7.2-i586-1.txz: Upgraded.
d/ruby-2.4.1-i586-1.txz: Upgraded.
n/mcabber-1.0.5-i586-1.txz: Upgraded.
This update fixes a security issue:
An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP
clients allows a remote attacker to impersonate any user, including
contacts, in the vulnerable application's display. This allows for various
kinds of social engineering attacks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5604
(* Security fix *)
n/samba-4.6.1-i586-1.txz: Upgraded.
This update fixes a security issue:
All versions of Samba prior to 4.6.1, 4.5.7, 4.4.12 are vulnerable to
a malicious client using a symlink race to allow access to areas of
the server file system not exported under the share definition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2619
(* Security fix *)
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 30 Mar 2017, 15:13
Slackware 64-bit
Code: Select all
Tue Mar 28 20:30:50 UTC 2017
ap/mariadb-10.0.30-x86_64-1.txz: Upgraded.
This update fixes security issues:
Crash in libmysqlclient.so.
Difficult to exploit vulnerability allows low privileged attacker with
logon to compromise the server. Successful attacks of this vulnerability
can result in unauthorized access to data.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3313
(* Security fix *)
d/pkg-config-0.29.2-x86_64-1.txz: Upgraded.
l/libcdio-paranoia-10.2+0.94+1-x86_64-1.txz: Upgraded.
n/openssh-7.5p1-x86_64-1.txz: Upgraded.
This release deprecates the sshd_config UsePrivilegeSeparation option,
thereby making privilege separation mandatory. Note that privilege
separation has been on by default for almost 15 years and sandboxing
has been on by default for almost the last five, so this shouldn't
change anything for most users.
xap/mozilla-firefox-52.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
xfce/xfce4-notifyd-0.3.6-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Tue Mar 28 20:30:50 UTC 2017
ap/mariadb-10.0.30-i586-1.txz: Upgraded.
This update fixes security issues:
Crash in libmysqlclient.so.
Difficult to exploit vulnerability allows low privileged attacker with
logon to compromise the server. Successful attacks of this vulnerability
can result in unauthorized access to data.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3313
(* Security fix *)
d/pkg-config-0.29.2-i586-1.txz: Upgraded.
l/libcdio-paranoia-10.2+0.94+1-i586-1.txz: Upgraded.
n/openssh-7.5p1-i586-1.txz: Upgraded.
This release deprecates the sshd_config UsePrivilegeSeparation option,
thereby making privilege separation mandatory. Note that privilege
separation has been on by default for almost 15 years and sandboxing
has been on by default for almost the last five, so this shouldn't
change anything for most users.
xap/mozilla-firefox-52.0.2-i586-1.txz: Upgraded.
This is a bugfix release.
xfce/xfce4-notifyd-0.3.6-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 31 Mar 2017, 15:47
Slackware 64-bit
Code: Select all
Thu Mar 30 20:18:17 UTC 2017
l/ffmpeg-3.2.4-x86_64-3.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
x/libwacom-0.24-x86_64-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
Slackware 32-bit
Code: Select all
Thu Mar 30 20:18:17 UTC 2017
l/ffmpeg-3.2.4-i586-3.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
x/libwacom-0.24-i586-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-i586-2.txz: Rebuilt.
Recompiled against libcdio-paranoia-10.2+0.94+1.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 02 Apr 2017, 21:07
Slackware 64-bit
Code: Select all
Sat Apr 1 05:16:59 UTC 2017
ap/nano-2.8.0-x86_64-1.txz: Upgraded.
n/samba-4.6.2-x86_64-1.txz: Upgraded.
This is a bug fix release to address a regression introduced by the security
fixes for CVE-2017-2619 (Symlink race allows access outside share definition).
Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details.
Slackware 32-bit
Code: Select all
Sat Apr 1 05:16:59 UTC 2017
ap/nano-2.8.0-i586-1.txz: Upgraded.
n/samba-4.6.2-i586-1.txz: Upgraded.
This is a bug fix release to address a regression introduced by the security
fixes for CVE-2017-2619 (Symlink race allows access outside share definition).
Please see https://bugzilla.samba.org/show_bug.cgi?id=12721 for details.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 09 Apr 2017, 22:44
Slackware 64-bit
Code: Select all
Sat Apr 8 16:24:35 UTC 2017
a/ntfs-3g-2017.3.23-x86_64-1.txz: Upgraded.
ap/acct-6.6.3-x86_64-1.txz: Upgraded.
ap/bc-1.07-x86_64-1.txz: Upgraded.
ap/cups-2.2.3-x86_64-1.txz: Upgraded.
ap/cups-filters-1.13.4-x86_64-1.txz: Upgraded.
ap/dc3dd-7.2.646-x86_64-1.txz: Upgraded.
ap/gutenprint-5.2.12-x86_64-1.txz: Upgraded.
e/emacs-25.1-x86_64-3.txz: Rebuilt.
kde/calligra-2.9.11-x86_64-9.txz: Rebuilt.
kde/kdelibs-4.14.30-x86_64-1.txz: Upgraded.
kde/kopete-4.14.3-x86_64-3.txz: Rebuilt.
kde/krdc-4.14.3-x86_64-3.txz: Rebuilt.
kde/libkdcraw-4.14.3-x86_64-4.txz: Rebuilt.
l/LibRaw-0.18.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/babl-0.1.24-x86_64-1.txz: Upgraded.
l/enchant-1.6.1-x86_64-1.txz: Upgraded.
l/ffmpeg-3.2.4-x86_64-4.txz: Rebuilt.
l/gegl-0.2.0-x86_64-4.txz: Rebuilt.
l/giflib-5.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.26.3-x86_64-2.txz: Rebuilt.
l/imagemagick-6.9.8_3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/jasper-2.0.12-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger.
l/libarchive-3.3.1-x86_64-1.txz: Upgraded.
l/libbluray-1.0.0-x86_64-1.txz: Added.
Built with support for BD-J menus, but without the necessary .jar
file to use it. Thanks to Heinz Wiesinger.
l/libdiscid-0.6.2-x86_64-1.txz: Upgraded.
l/libmtp-1.1.13-x86_64-1.txz: Upgraded.
l/libraw1394-2.1.2-x86_64-1.txz: Upgraded.
l/libsamplerate-0.1.9-x86_64-1.txz: Upgraded.
l/libsndfile-1.0.28-x86_64-1.txz: Upgraded.
l/libspectre-0.2.8-x86_64-1.txz: Upgraded.
l/libtiff-4.0.7-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448
(* Security fix *)
l/libvncserver-0.9.11-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-0.53.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/virtuoso-ose-6.1.8-x86_64-5.txz: Rebuilt.
n/openvpn-2.4.1-x86_64-1.txz: Upgraded.
x/libdrm-2.4.78-x86_64-1.txz: Upgraded.
x/libinput-1.7.0-x86_64-1.txz: Upgraded.
x/libpciaccess-0.13.5-x86_64-1.txz: Upgraded.
x/libva-1.8.0-x86_64-1.txz: Upgraded.
x/libva-intel-driver-1.7.3-x86_64-1.txz: Upgraded.
x/mesa-17.0.3-x86_64-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-x86_64-3.txz: Rebuilt.
xap/gimp-2.8.20-x86_64-2.txz: Rebuilt.
xap/mozilla-thunderbird-52.0-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.8-x86_64-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
xap/xlockmore-5.51-x86_64-1.txz: Upgraded.
xap/xv-3.10a-x86_64-8.txz: Rebuilt.
xfce/tumbler-0.1.31-x86_64-10.txz: Rebuilt.
Slackware 32-bit
Code: Select all
Sat Apr 8 16:24:35 UTC 2017
a/ntfs-3g-2017.3.23-i586-1.txz: Upgraded.
ap/acct-6.6.3-i586-1.txz: Upgraded.
ap/bc-1.07-i586-1.txz: Upgraded.
ap/cups-2.2.3-i586-1.txz: Upgraded.
ap/cups-filters-1.13.4-i586-1.txz: Upgraded.
ap/dc3dd-7.2.646-i586-1.txz: Upgraded.
ap/gutenprint-5.2.12-i586-1.txz: Upgraded.
e/emacs-25.1-i586-3.txz: Rebuilt.
kde/calligra-2.9.11-i586-9.txz: Rebuilt.
kde/kdelibs-4.14.30-i586-1.txz: Upgraded.
kde/kopete-4.14.3-i586-3.txz: Rebuilt.
kde/krdc-4.14.3-i586-3.txz: Rebuilt.
kde/libkdcraw-4.14.3-i586-4.txz: Rebuilt.
l/LibRaw-0.18.2-i586-1.txz: Upgraded.
Shared library .so-version bump.
l/babl-0.1.24-i586-1.txz: Upgraded.
l/enchant-1.6.1-i586-1.txz: Upgraded.
l/ffmpeg-3.2.4-i586-4.txz: Rebuilt.
l/gegl-0.2.0-i586-4.txz: Rebuilt.
l/giflib-5.1.4-i586-1.txz: Upgraded.
l/gvfs-1.26.3-i586-2.txz: Rebuilt.
l/imagemagick-6.9.8_3-i586-1.txz: Upgraded.
Shared library .so-version bump.
l/jasper-2.0.12-i586-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger.
l/libarchive-3.3.1-i586-1.txz: Upgraded.
l/libbluray-1.0.0-i586-1.txz: Added.
Built with support for BD-J menus, but without the necessary .jar
file to use it. Thanks to Heinz Wiesinger.
l/libdiscid-0.6.2-i586-1.txz: Upgraded.
l/libmtp-1.1.13-i586-1.txz: Upgraded.
l/libraw1394-2.1.2-i586-1.txz: Upgraded.
l/libsamplerate-0.1.9-i586-1.txz: Upgraded.
l/libsndfile-1.0.28-i586-1.txz: Upgraded.
l/libspectre-0.2.8-i586-1.txz: Upgraded.
l/libtiff-4.0.7-i586-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448
(* Security fix *)
l/libvncserver-0.9.11-i586-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-0.53.0-i586-1.txz: Upgraded.
Shared library .so-version bump.
l/virtuoso-ose-6.1.8-i586-5.txz: Rebuilt.
n/openvpn-2.4.1-i586-1.txz: Upgraded.
x/libdrm-2.4.78-i586-1.txz: Upgraded.
x/libinput-1.7.0-i586-1.txz: Upgraded.
x/libpciaccess-0.13.5-i586-1.txz: Upgraded.
x/libva-1.8.0-i586-1.txz: Upgraded.
x/libva-intel-driver-1.7.3-i586-1.txz: Upgraded.
x/mesa-17.0.3-i586-1.txz: Upgraded.
xap/MPlayer-1.3_20170208-i586-3.txz: Rebuilt.
xap/gimp-2.8.20-i586-2.txz: Rebuilt.
xap/mozilla-thunderbird-52.0-i586-1.txz: Upgraded.
xap/xine-lib-1.2.8-i586-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
xap/xlockmore-5.51-i586-1.txz: Upgraded.
xap/xv-3.10a-i586-8.txz: Rebuilt.
xfce/tumbler-0.1.31-i586-10.txz: Rebuilt.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 10 Apr 2017, 22:36
Slackware 64-bit
Code: Select all
Mon Apr 10 18:08:13 UTC 2017
ap/bc-1.07.1-x86_64-1.txz: Upgraded.
This fixes the input_char read bug that was causing kernel builds to hang.
x/m17n-lib-1.7.0-x86_64-1.txz: Upgraded.
xap/xlockmore-5.51-x86_64-2.txz: Rebuilt.
Fixed appdefaultdir location. Thanks to Richard Narron.
Slackware 32-bit
Code: Select all
Mon Apr 10 18:08:13 UTC 2017
ap/bc-1.07.1-i586-1.txz: Upgraded.
This fixes the input_char read bug that was causing kernel builds to hang.
x/m17n-lib-1.7.0-i586-1.txz: Upgraded.
xap/xlockmore-5.51-i586-2.txz: Rebuilt.
Fixed appdefaultdir location. Thanks to Richard Narron.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 16 Apr 2017, 19:59
Slackware 64-bit
Code: Select all
Thu Apr 13 21:19:45 UTC 2017
ap/nano-2.8.1-x86_64-1.txz: Upgraded.
n/bind-9.11.0_P5-x86_64-1.txz: Upgraded.
Fixed denial of service security issues.
For more information, see:
https://kb.isc.org/article/AA-01465
https://kb.isc.org/article/AA-01466
https://kb.isc.org/article/AA-01471
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138
(* Security fix *)
x/motif-2.3.7-x86_64-1.txz: Upgraded.
xfce/tumbler-0.1.31-x86_64-11.txz: Rebuilt.
Fixed ffmpegthumbnailer bug. Thanks to Robby Workman.
Slackware 32-bit
Code: Select all
Thu Apr 13 21:19:45 UTC 2017
ap/nano-2.8.1-i586-1.txz: Upgraded.
n/bind-9.11.0_P5-i586-1.txz: Upgraded.
Fixed denial of service security issues.
For more information, see:
https://kb.isc.org/article/AA-01465
https://kb.isc.org/article/AA-01466
https://kb.isc.org/article/AA-01471
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138
(* Security fix *)
x/motif-2.3.7-i586-1.txz: Upgraded.
xfce/tumbler-0.1.31-i586-11.txz: Rebuilt.
Fixed ffmpegthumbnailer bug. Thanks to Robby Workman.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 23 Apr 2017, 22:29
Slackware 64-bit
Code: Select all
Fri Apr 21 22:40:12 UTC 2017
a/etc-14.2-x86_64-10.txz: Rebuilt.
Added user:group for NTP (UID 44/GID 44).
ap/sudo-1.8.19p2-x86_64-1.txz: Upgraded.
d/git-2.12.2-x86_64-1.txz: Upgraded.
d/mercurial-4.1.3-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.13-x86_64-1.txz: Upgraded.
n/curl-7.54.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Switch off SSL session id when client cert is used.
For more information, see:
https://curl.haxx.se/docs/adv_20170419.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
(* Security fix *)
n/dhcpcd-6.11.5-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
n/ethtool-4.10-x86_64-1.txz: Upgraded.
n/getmail-4.54.0-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p10-x86_64-1.txz: Upgraded.
There were some changes made to NTP setup in -current:
First, NTP drops privileges and runs as ntp:ntp. Be sure to install the
updated etc package to get the new user and group.
Some files have been relocated:
The ntp.keys file has moved from /etc/ntp/ to /etc/.
The drift and stats files now reside in /var/lib/ntp/.
The step-tickers file has been removed. It's actually been deprecated for
a while and nothing has referenced in for quite some time.
Be sure to move the new rc.ntpd.new into place, and move over or merge
from the .new config files.
Thanks to Robby Workman for help with these changes.
In addition to bug fixes and enhancements, this release fixes security
issues of medium and low severity:
Denial of Service via Malformed Config (Medium)
Authenticated DoS via Malicious Config Option (Medium)
Potential Overflows in ctl_put() functions (Medium)
Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium)
0rigin DoS (Medium)
Buffer Overflow in DPTS Clock (Low)
Improper use of snprintf() in mx4200_send() (Low)
The following issues do not apply to Linux systems:
Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low)
Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low)
Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459
(* Security fix *)
n/proftpd-1.3.6-x86_64-1.txz: Upgraded.
This release fixes a security issue:
AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
(* Security fix *)
+--------------------------+
Wed Apr 19 04:46:45 UTC 2017
a/minicom-2.7.1-x86_64-1.txz: Upgraded.
Fix an out of bounds data access that can lead to remote code execution.
This issue was found by Solar Designer of Openwall during a security audit
of the Virtuozzo 7 product, which contains derived downstream code in its
prl-vzvncserver component.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
(* Security fix *)
a/usb_modeswitch-2.5.0-x86_64-1.txz: Upgraded.
ap/hplip-3.17.4-x86_64-1.txz: Upgraded.
l/wavpack-5.1.0-x86_64-1.txz: Upgraded.
n/mutt-1.8.1-x86_64-1.txz: Upgraded.
testing/packages/gcc-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-g++-6.3.0-x86_64-2.txz: Rebuilt.
Move some Python files into this package instead of the gcc-java package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-gfortran-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-gnat-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-go-6.3.0-x86_64-2.txz: Rebuilt.
testing/packages/gcc-java-6.3.0-x86_64-2.txz: Rebuilt.
Move some Python files from this package into the gcc-g++ package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-objc-6.3.0-x86_64-2.txz: Rebuilt.
+--------------------------+
Tue Apr 18 04:21:33 UTC 2017
x/libdrm-2.4.80-x86_64-1.txz: Upgraded.
x/mesa-17.0.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-52.0.1-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Fri Apr 21 22:40:12 UTC 2017
a/etc-14.2-i586-10.txz: Rebuilt.
Added user:group for NTP (UID 44/GID 44).
ap/sudo-1.8.19p2-i586-1.txz: Upgraded.
d/git-2.12.2-i586-1.txz: Upgraded.
d/mercurial-4.1.3-i586-1.txz: Upgraded.
l/libgphoto2-2.5.13-i586-1.txz: Upgraded.
n/curl-7.54.0-i586-1.txz: Upgraded.
This update fixes a security issue:
Switch off SSL session id when client cert is used.
For more information, see:
https://curl.haxx.se/docs/adv_20170419.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
(* Security fix *)
n/dhcpcd-6.11.5-i586-1.txz: Upgraded.
Thanks to Robby Workman.
n/ethtool-4.10-i586-1.txz: Upgraded.
n/getmail-4.54.0-i586-1.txz: Upgraded.
n/ntp-4.2.8p10-i586-1.txz: Upgraded.
There were some changes made to NTP setup in -current:
First, NTP drops privileges and runs as ntp:ntp. Be sure to install the
updated etc package to get the new user and group.
Some files have been relocated:
The ntp.keys file has moved from /etc/ntp/ to /etc/.
The drift and stats files now reside in /var/lib/ntp/.
The step-tickers file has been removed. It's actually been deprecated for
a while and nothing has referenced in for quite some time.
Be sure to move the new rc.ntpd.new into place, and move over or merge
from the .new config files.
Thanks to Robby Workman for help with these changes.
In addition to bug fixes and enhancements, this release fixes security
issues of medium and low severity:
Denial of Service via Malformed Config (Medium)
Authenticated DoS via Malicious Config Option (Medium)
Potential Overflows in ctl_put() functions (Medium)
Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium)
0rigin DoS (Medium)
Buffer Overflow in DPTS Clock (Low)
Improper use of snprintf() in mx4200_send() (Low)
The following issues do not apply to Linux systems:
Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low)
Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low)
Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459
(* Security fix *)
n/proftpd-1.3.6-i586-1.txz: Upgraded.
This release fixes a security issue:
AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418
(* Security fix *)
+--------------------------+
Wed Apr 19 04:46:45 UTC 2017
a/minicom-2.7.1-i586-1.txz: Upgraded.
Fix an out of bounds data access that can lead to remote code execution.
This issue was found by Solar Designer of Openwall during a security audit
of the Virtuozzo 7 product, which contains derived downstream code in its
prl-vzvncserver component.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7467
(* Security fix *)
a/usb_modeswitch-2.5.0-i586-1.txz: Upgraded.
ap/hplip-3.17.4-i586-1.txz: Upgraded.
l/wavpack-5.1.0-i586-1.txz: Upgraded.
n/mutt-1.8.1-i586-1.txz: Upgraded.
testing/packages/gcc-6.3.0-i586-2.txz: Rebuilt.
testing/packages/gcc-g++-6.3.0-i586-2.txz: Rebuilt.
Move some Python files into this package instead of the gcc-java package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-gfortran-6.3.0-i586-2.txz: Rebuilt.
testing/packages/gcc-gnat-6.3.0-i586-2.txz: Rebuilt.
testing/packages/gcc-go-6.3.0-i586-2.txz: Rebuilt.
testing/packages/gcc-java-6.3.0-i586-2.txz: Rebuilt.
Move some Python files from this package into the gcc-g++ package.
Move the Python files into a more correct directory.
Thanks to Heinz Wiesinger.
testing/packages/gcc-objc-6.3.0-i586-2.txz: Rebuilt.
+--------------------------+
Tue Apr 18 04:21:33 UTC 2017
x/libdrm-2.4.80-i586-1.txz: Upgraded.
x/mesa-17.0.4-i586-1.txz: Upgraded.
xap/mozilla-thunderbird-52.0.1-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 24 Apr 2017, 21:54
Slackware 64-bit
Code: Select all
Mon Apr 24 18:06:06 UTC 2017
a/cryptsetup-1.7.4-x86_64-1.txz: Upgraded.
a/eudev-3.2.2-x86_64-1.txz: Upgraded.
a/mdadm-4.0-x86_64-1.txz: Upgraded.
ap/vim-8.0.0586-x86_64-1.txz: Upgraded.
e/emacs-25.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-52.1.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/vim-gvim-8.0.0586-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Mon Apr 24 18:06:06 UTC 2017
a/cryptsetup-1.7.4-i586-1.txz: Upgraded.
a/eudev-3.2.2-i586-1.txz: Upgraded.
a/mdadm-4.0-i586-1.txz: Upgraded.
ap/vim-8.0.0586-i586-1.txz: Upgraded.
e/emacs-25.2-i586-1.txz: Upgraded.
xap/mozilla-firefox-52.1.0esr-i586-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/vim-gvim-8.0.0586-i586-1.txz: Upgraded.
-
- Posts: 1680
- Joined: 07 Jun 2012, 18:01
- Location: Najlipši grad na svitu :)
Post
Napisano: 27 Apr 2017, 15:34
Slackware 64-bit
Code: Select all
Wed Apr 26 23:09:45 UTC 2017
Thanks to Robby Workman for help with these packages, especially with
preparing and testing updates to the GTK stack. :-)
a/btrfs-progs-v4.10.2-x86_64-1.txz: Upgraded.
a/grub-2.02-x86_64-1.txz: Upgraded.
a/lvm2-2.02.170-x86_64-1.txz: Upgraded.
a/xfsprogs-4.10.0-x86_64-1.txz: Upgraded.
ap/dmapi-2.2.12-x86_64-2.txz: Rebuilt.
ap/tmux-2.4-x86_64-1.txz: Upgraded.
d/swig-3.0.12-x86_64-1.txz: Upgraded.
l/adwaita-icon-theme-3.24.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.24.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.24.0-x86_64-1.txz: Upgraded.
l/atk-2.24.0-x86_64-1.txz: Upgraded.
l/dconf-0.26.0-x86_64-1.txz: Upgraded.
l/dconf-editor-3.22.3-x86_64-1.txz: Upgraded.
l/freetype-2.7.1-x86_64-1.txz: Upgraded.
Subpixel hinting has been enabled upstream by default, but you may adjust
this in /etc/profile.d/freetype.{csh,sh}.
l/gdk-pixbuf2-2.36.6-x86_64-1.txz: Upgraded.
l/glib-networking-2.50.0-x86_64-1.txz: Upgraded.
l/glib2-2.52.1-x86_64-1.txz: Upgraded.
l/glibmm-2.50.1-x86_64-1.txz: Upgraded.
l/gnome-themes-standard-3.22.3-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.52.1-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.24.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.22.12-x86_64-1.txz: Upgraded.
l/gtkmm3-3.22.0-x86_64-1.txz: Upgraded.
l/gvfs-1.32.1-x86_64-1.txz: Upgraded.
l/harfbuzz-1.4.6-x86_64-1.txz: Upgraded.
l/keyutils-1.5.10-x86_64-1.txz: Upgraded.
l/libcroco-0.6.12-x86_64-1.txz: Upgraded.
l/libgsf-1.14.41-x86_64-1.txz: Upgraded.
l/libnotify-0.7.7-x86_64-1.txz: Upgraded.
l/librsvg-2.40.17-x86_64-1.txz: Upgraded.
l/libsigc++-2.10.0-x86_64-1.txz: Upgraded.
l/libsoup-2.58.0-x86_64-1.txz: Upgraded.
l/libssh-0.7.5-x86_64-1.txz: Upgraded.
l/libssh2-1.8.0-x86_64-1.txz: Upgraded.
l/pango-1.40.5-x86_64-1.txz: Upgraded.
l/pangomm-2.40.1-x86_64-1.txz: Upgraded.
l/pygobject3-3.24.1-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.7-x86_64-1.txz: Upgraded.
l/sip-4.19.2-x86_64-1.txz: Upgraded.
l/vte-0.44.3-x86_64-1.txz: Upgraded.
n/bluez-5.44-x86_64-1.txz: Upgraded.
n/iproute2-4.10.0-x86_64-1.txz: Upgraded.
x/libevdev-1.5.6-x86_64-1.txz: Upgraded.
x/xf86-video-nouveau-1.0.15-x86_64-1.txz: Upgraded.
xap/gparted-0.28.1-x86_64-1.txz: Upgraded.
xfce/garcon-0.6.0-x86_64-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.2.5-x86_64-1.txz: Upgraded.
xfce/xfce4-systemload-plugin-1.2.1-x86_64-1.txz: Upgraded.
xfce/xfce4-taskmanager-1.2.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.4-x86_64-1.txz: Upgraded.
xfce/xfce4-weather-plugin-0.8.9-x86_64-1.txz: Upgraded.
Slackware 32-bit
Code: Select all
Wed Apr 26 23:09:45 UTC 2017
Thanks to Robby Workman for help with these packages, especially with
preparing and testing updates to the GTK stack. :-)
a/btrfs-progs-v4.10.2-i586-1.txz: Upgraded.
a/grub-2.02-i586-1.txz: Upgraded.
a/lvm2-2.02.170-i586-1.txz: Upgraded.
a/xfsprogs-4.10.0-i586-1.txz: Upgraded.
ap/dmapi-2.2.12-i586-2.txz: Rebuilt.
ap/tmux-2.4-i586-1.txz: Upgraded.
d/swig-3.0.12-i586-1.txz: Upgraded.
l/adwaita-icon-theme-3.24.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.24.0-i586-1.txz: Upgraded.
l/at-spi2-core-2.24.0-i586-1.txz: Upgraded.
l/atk-2.24.0-i586-1.txz: Upgraded.
l/dconf-0.26.0-i586-1.txz: Upgraded.
l/dconf-editor-3.22.3-i586-1.txz: Upgraded.
l/freetype-2.7.1-i586-1.txz: Upgraded.
Subpixel hinting has been enabled upstream by default, but you may adjust
this in /etc/profile.d/freetype.{csh,sh}.
l/gdk-pixbuf2-2.36.6-i586-1.txz: Upgraded.
l/glib-networking-2.50.0-i586-1.txz: Upgraded.
l/glib2-2.52.1-i586-1.txz: Upgraded.
l/glibmm-2.50.1-i586-1.txz: Upgraded.
l/gnome-themes-standard-3.22.3-i586-1.txz: Upgraded.
l/gobject-introspection-1.52.1-i586-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.24.0-i586-1.txz: Upgraded.
l/gtk+3-3.22.12-i586-1.txz: Upgraded.
l/gtkmm3-3.22.0-i586-1.txz: Upgraded.
l/gvfs-1.32.1-i586-1.txz: Upgraded.
l/harfbuzz-1.4.6-i586-1.txz: Upgraded.
l/keyutils-1.5.10-i586-1.txz: Upgraded.
l/libcroco-0.6.12-i586-1.txz: Upgraded.
l/libgsf-1.14.41-i586-1.txz: Upgraded.
l/libnotify-0.7.7-i586-1.txz: Upgraded.
l/librsvg-2.40.17-i586-1.txz: Upgraded.
l/libsigc++-2.10.0-i586-1.txz: Upgraded.
l/libsoup-2.58.0-i586-1.txz: Upgraded.
l/libssh-0.7.5-i586-1.txz: Upgraded.
l/libssh2-1.8.0-i586-1.txz: Upgraded.
l/pango-1.40.5-i586-1.txz: Upgraded.
l/pangomm-2.40.1-i586-1.txz: Upgraded.
l/pygobject3-3.24.1-i586-1.txz: Upgraded.
l/shared-mime-info-1.7-i586-1.txz: Upgraded.
l/sip-4.19.2-i586-1.txz: Upgraded.
l/vte-0.44.3-i586-1.txz: Upgraded.
n/bluez-5.44-i586-1.txz: Upgraded.
n/iproute2-4.10.0-i586-1.txz: Upgraded.
x/libevdev-1.5.6-i586-1.txz: Upgraded.
x/xf86-video-nouveau-1.0.15-i586-1.txz: Upgraded.
xap/gparted-0.28.1-i586-1.txz: Upgraded.
xfce/garcon-0.6.0-i586-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.2.5-i586-1.txz: Upgraded.
xfce/xfce4-systemload-plugin-1.2.1-i586-1.txz: Upgraded.
xfce/xfce4-taskmanager-1.2.0-i586-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.4-i586-1.txz: Upgraded.
xfce/xfce4-weather-plugin-0.8.9-i586-1.txz: Upgraded.
Who is online
Users browsing this forum: No registered users and 54 guests