Changelog of slackware-current
Sat May 19 20:14:27 UTC 2012
a/gettext-0.18.1.1-i486-2.txz: Rebuilt.
a/openssl-solibs-0.9.8x-i486-1.txz: Upgraded.
This is a very minor security fix:
o Fix DTLS record length checking bug CVE-2012-2333
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
(* Security fix *)
ap/mysql-5.5.24-i486-1.txz: Upgraded.
d/gettext-tools-0.18.1.1-i486-2.txz: Rebuilt.
d/perl-5.14.2-i486-1.txz: Upgraded.
Upgraded bundled perl modules: DBD-mysql-4.021, DBI-1.620, URI-1.60,
and XML-Parser-2.41.
kde/amarok-2.5.0-i486-2.txz: Rebuilt.
Compiled against mysql-5.5.24.
l/apr-1.4.6-i486-1.txz: Upgraded.
l/apr-util-1.4.1-i486-2.txz: Upgraded.
l/neon-0.29.6-i486-1.txz: Upgraded.
l/qt-4.8.1-i486-2.txz: Rebuilt.
Compiled against mysql-5.5.24.
l/redland-1.0.15-i486-2.txz: Rebuilt.
Compiled against mysql-5.5.24.
n/httpd-2.4.2-i486-1.txz: Upgraded.
Changes to ./configure:
Added: --enable-mpms-shared=all
Removed: --enable-proxy-balancer
This is built by default but requires additional configuration or httpd
will not run, so we have commented it out in httpd.conf.
Removed: --disable-speling
This is built and commented out in httpd.conf by default.
Moved the location of httpd.pid from /var/run/httpd/ to /var/run in
preparation for /var/run eventually pointing to a tmpfs.
Thanks to Frank Gingras for preparing the initial upgrade to httpd-2.4.2.
n/openldap-client-2.4.31-i486-1.txz: Upgraded.
n/openssl-0.9.8x-i486-1.txz: Upgraded.
This is a very minor security fix:
o Fix DTLS record length checking bug CVE-2012-2333
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
(* Security fix *)
n/php-5.4.3-i486-1.txz: Upgraded.
--disable-sigchild (fixes pear and pecl). Thanks to Matteo Bernardini.
--enable-dom
Added php-fpm PHP interpreter. Thanks to Laurens Vets.
Relocate /usr/lib{,64}/build/ directory to /usr/lib{,64}/php/build/.
Thanks to Matteo Bernardini.
x/libhangul-0.1.0-i486-1.txz: Upgraded.
x/scim-hangul-0.3.2-i486-3.txz: Rebuilt.
xap/MPlayer-20120514-i486-1.txz: Upgraded.
xap/gv-3.7.3-i486-1.txz: Upgraded.
xap/pan-0.137-i486-1.txz: Upgraded.
Wed May 9 20:16:40 UTC 2012
extra/wicd/wicd-1.7.2.4-i486-2.txz: Rebuilt.
Fixed an input sanitization bug that breaks accepting a passphrase for a new
password protected access point. Patch from upstream.
Thanks to Willy Sudiarto Raharjo for the notice.
Tue May 8 21:21:10 UTC 2012
n/php-5.3.13-i486-1.txz: Upgraded.
This release completes a fix for a vulnerability in CGI-based setups.
Note: mod_php and php-fpm are not vulnerable to this attack.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311
(* Security fix *)
Mon May 7 18:54:03 UTC 2012
d/binutils-2.22.52.0.2-i486-1.txz: Upgraded.
d/oprofile-0.9.7-i486-2.txz: Rebuilt.
l/libvncserver-0.9.9-i486-1.txz: Upgraded.
x/xf86-input-keyboard-1.6.1-i486-1.txz: Upgraded.
x/xf86-input-mouse-1.7.2-i486-1.txz: Upgraded.
xap/pidgin-2.10.4-i486-1.txz: Upgraded.
Fixed possible MSN remote crash.
Fixed XMPP remote crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214
(* Security fix *)
Sat May 5 16:56:34 UTC 2012
x/xterm-278-i486-1.txz: Rebuilt.
Replaced incorrect x86_64 package. Sorry! At least it wasn't libX11. ;-)
Sat May 5 02:28:15 UTC 2012
Hey folks, here are some more updates, including the latest stuff from X.Org.
Thanks to Robby Workman for updating the X11 build tree, and B. Watson for
adding useful information to hundreds of X slack-desc files that previously
contained generic boilerplate.
a/tree-1.6.0-i486-1.txz: Upgraded.
d/llvm-3.0-i486-1.txz: Added.
This is needed to compile gallium drivers for X, and will probably
be useful for other development. Thanks to Heinz Wiesinger.
kde/bluedevil-1.2.3-i486-1.txz: Upgraded.
l/fribidi-0.19.2-i486-1.txz: Upgraded.
l/libbluedevil-1.9.2-i486-1.txz: Upgraded.
l/libwnck-2.30.7-i486-1.txz: Upgraded.
l/startup-notification-0.12-i486-1.txz: Upgraded.
n/network-scripts-13.42-noarch-1.txz: Upgraded.
Add a 'NetworkManager' option to netconfig.
Copy the hostname into NetworkManager.conf. Thanks to SqdnGuns.
n/openssh-6.0p1-i486-1.txz: Upgraded.
x/bigreqsproto-1.1.2-noarch-1.txz: Upgraded.
x/bitmap-1.0.6-i486-1.txz: Upgraded.
x/dri2proto-2.6-i486-1.txz: Upgraded.
x/font-util-1.3.0-i486-1.txz: Upgraded.
x/fontsproto-2.1.2-noarch-1.txz: Upgraded.
x/freeglut-2.8.0-i486-1.txz: Added.
x/fslsfonts-1.0.4-i486-1.txz: Upgraded.
x/fstobdf-1.0.5-i486-1.txz: Upgraded.
x/glproto-1.4.15-noarch-1.txz: Upgraded.
x/iceauth-1.0.5-i486-1.txz: Upgraded.
x/imake-1.0.5-i486-1.txz: Upgraded.
x/inputproto-2.2-noarch-1.txz: Upgraded.
x/intel-gpu-tools-1.2-i486-1.txz: Upgraded.
x/kbproto-1.0.6-noarch-1.txz: Upgraded.
x/libFS-1.0.4-i486-1.txz: Upgraded.
x/libICE-1.0.8-i486-1.txz: Upgraded.
x/libSM-1.2.1-i486-1.txz: Upgraded.
x/libX11-1.4.99.901-i486-1.txz: Upgraded.
x/libXScrnSaver-1.2.2-i486-1.txz: Upgraded.
x/libXau-1.0.7-i486-1.txz: Upgraded.
x/libXaw-1.0.10-i486-1.txz: Upgraded.
x/libXaw3d-1.6.2-i486-1.txz: Added.
x/libXcm-0.5.0-i486-1.txz: Added.
x/libXcursor-1.1.13-i486-1.txz: Upgraded.
x/libXdmcp-1.1.1-i486-1.txz: Upgraded.
x/libXext-1.3.1-i486-1.txz: Upgraded.
x/libXfont-1.4.5-i486-1.txz: Upgraded.
x/libXft-2.3.0-i486-1.txz: Upgraded.
x/libXi-1.6.1-i486-1.txz: Upgraded.
x/libXinerama-1.1.2-i486-1.txz: Upgraded.
x/libXmu-1.1.1-i486-1.txz: Upgraded.
x/libXpm-3.5.10-i486-1.txz: Upgraded.
x/libXrandr-1.3.2-i486-1.txz: Upgraded.
x/libXrender-0.9.7-i486-1.txz: Upgraded.
x/libXres-1.0.6-i486-1.txz: Upgraded.
x/libXt-1.1.3-i486-1.txz: Upgraded.
x/libXtst-1.2.1-i486-1.txz: Upgraded.
x/libXv-1.0.7-i486-1.txz: Upgraded.
x/libXvMC-1.0.7-i486-1.txz: Upgraded.
x/libXxf86dga-1.1.3-i486-1.txz: Upgraded.
x/libXxf86vm-1.1.2-i486-1.txz: Upgraded.
x/libdmx-1.1.2-i486-1.txz: Upgraded.
x/libdrm-2.4.33-i486-1.txz: Upgraded.
x/libfontenc-1.1.1-i486-1.txz: Upgraded.
x/libpciaccess-0.13.1-i486-1.txz: Upgraded.
x/libxcb-1.8.1-i486-1.txz: Upgraded.
x/libxkbfile-1.0.8-i486-1.txz: Upgraded.
x/listres-1.0.3-i486-1.txz: Upgraded.
x/lndir-1.0.3-i486-1.txz: Upgraded.
x/luit-1.1.1-i486-1.txz: Upgraded.
x/makedepend-1.0.4-i486-1.txz: Upgraded.
x/mesa-8.0.2-i486-1.txz: Upgraded.
x/mkfontdir-1.0.7-noarch-1.txz: Upgraded.
x/mkfontscale-1.1.0-i486-1.txz: Upgraded.
x/mtdev-1.1.2-i486-1.txz: Added.
This is a multitouch library needed by the evdev and synaptics drivers.
x/oclock-1.0.3-i486-1.txz: Upgraded.
x/pixman-0.25.2-i486-1.txz: Upgraded.
x/recordproto-1.14.2-noarch-1.txz: Upgraded.
x/resourceproto-1.2.0-noarch-1.txz: Upgraded.
x/scripts-1.0.1-noarch-2.txz: Removed.
x/scrnsaverproto-1.2.2-noarch-1.txz: Upgraded.
x/sessreg-1.0.7-i486-1.txz: Upgraded.
x/setxkbmap-1.3.0-i486-1.txz: Upgraded.
x/smproxy-1.0.5-i486-1.txz: Upgraded.
x/twm-1.0.7-i486-1.txz: Upgraded.
x/util-macros-1.17-noarch-1.txz: Upgraded.
x/x11perf-1.5.4-i486-1.txz: Upgraded.
x/xauth-1.0.7-i486-1.txz: Upgraded.
x/xaw3d-20110415git-i486-1.txz: Removed.
x/xcb-proto-1.7.1-noarch-1.txz: Upgraded.
x/xcb-util-0.3.8-i486-1.txz: Upgraded.
x/xcb-util-image-0.3.8-i486-1.txz: Added.
x/xcb-util-keysyms-0.3.8-i486-1.txz: Added.
x/xcb-util-renderutil-0.3.8-i486-1.txz: Added.
x/xcb-util-wm-0.3.8-i486-1.txz: Added.
x/xclipboard-1.1.2-i486-1.txz: Upgraded.
x/xclock-1.0.6-i486-1.txz: Upgraded.
x/xcmiscproto-1.2.2-noarch-1.txz: Upgraded.
x/xcmsdb-1.0.4-i486-1.txz: Upgraded.
x/xcompmgr-1.1.6-i486-1.txz: Upgraded.
x/xcursorgen-1.0.5-i486-1.txz: Upgraded.
x/xdm-1.1.11-i486-1.txz: Upgraded.
x/xdpyinfo-1.3.0-i486-1.txz: Upgraded.
x/xev-1.2.0-i486-1.txz: Upgraded.
x/xextproto-7.2.1-i486-1.txz: Upgraded.
x/xf86-input-acecad-1.5.0-i486-1.txz: Upgraded.
x/xf86-input-aiptek-1.4.1-i486-1.txz: Upgraded.
x/xf86-input-evdev-2.7.0-i486-1.txz: Upgraded.
x/xf86-input-joystick-1.6.1-i486-1.txz: Upgraded.
x/xf86-input-penmount-1.5.0-i486-1.txz: Upgraded.
x/xf86-input-synaptics-1.6.0-i486-1.txz: Upgraded.
x/xf86-input-vmmouse-12.8.0-i486-1.txz: Upgraded.
x/xf86-input-void-1.4.0-i486-1.txz: Upgraded.
x/xf86-input-wacom-0.15.0-i486-1.txz: Upgraded.
x/xf86-video-apm-1.2.3-i486-2.txz: Rebuilt.
x/xf86-video-ark-0.7.4-i486-1.txz: Upgraded.
x/xf86-video-ast-0.95.00-i486-1.txz: Upgraded.
x/xf86-video-ati-6.14.4-i486-1.txz: Upgraded.
x/xf86-video-chips-1.2.4-i486-2.txz: Rebuilt.
x/xf86-video-cirrus-1.4.0-i486-1.txz: Upgraded.
x/xf86-video-dummy-0.3.5-i486-1.txz: Upgraded.
x/xf86-video-geode-2.11.13-i486-1.txz: Upgraded.
x/xf86-video-glint-1.2.7-i486-1.txz: Upgraded.
x/xf86-video-i128-1.3.5-i486-1.txz: Upgraded.
x/xf86-video-i740-1.3.2-i486-4.txz: Rebuilt.
x/xf86-video-intel-2.19.0-i486-1.txz: Upgraded.
x/xf86-video-mach64-6.9.1-i486-1.txz: Upgraded.
x/xf86-video-mga-1.5.0-i486-1.txz: Upgraded.
x/xf86-video-modesetting-0.1.0-i486-1.txz: Added.
x/xf86-video-neomagic-1.2.6-i486-1.txz: Upgraded.
x/xf86-video-nouveau-git_20120323_efd7a52-i486-1.txz: Upgraded.
x/xf86-video-nv-2.1.18-i486-2.txz: Rebuilt.
x/xf86-video-openchrome-0.2.905-i486-1.txz: Upgraded.
x/xf86-video-r128-6.8.2-i486-1.txz: Upgraded.
x/xf86-video-radeonhd-1.3.0-i486-2.txz: Removed.
x/xf86-video-rendition-4.2.4+-i486-1.txz: Upgraded.
x/xf86-video-s3-0.6.3-i486-4.txz: Rebuilt.
x/xf86-video-s3virge-1.10.4+-i486-1.txz: Upgraded.
x/xf86-video-savage-2.3.4-i486-1.txz: Upgraded.
x/xf86-video-siliconmotion-1.7.6-i486-1.txz: Upgraded.
x/xf86-video-sis-0.10.4-i486-1.txz: Upgraded.
x/xf86-video-sisusb-0.9.4-i486-1.txz: Removed.
x/xf86-video-tdfx-1.4.4-i486-1.txz: Upgraded.
x/xf86-video-tga-1.2.1-i486-4.txz: Rebuilt.
x/xf86-video-trident-1.3.5-i486-1.txz: Upgraded.
x/xf86-video-tseng-1.2.4-i486-1.txz: Removed.
x/xf86-video-v4l-0.2.0-i486-5.txz: Rebuilt.
x/xf86-video-vesa-2.3.1-i486-1.txz: Upgraded.
x/xf86-video-vmware-12.0.2-i486-1.txz: Upgraded.
x/xf86-video-voodoo-1.2.4-i486-2.txz: Rebuilt.
x/xf86-video-xgi-1.6.0-i486-1.txz: Removed.
x/xfd-1.1.1-i486-1.txz: Upgraded.
x/xfontsel-1.0.4-i486-1.txz: Upgraded.
x/xfs-1.1.2-i486-1.txz: Upgraded.
x/xgamma-1.0.5-i486-1.txz: Upgraded.
x/xhost-1.0.5-i486-1.txz: Upgraded.
x/xinit-1.3.2-i486-1.txz: Upgraded.
x/xinput-1.5.99.901-i486-1.txz: Upgraded.
x/xkbcomp-1.2.4-i486-1.txz: Upgraded.
x/xkbevd-1.1.3-i486-1.txz: Upgraded.
x/xkeyboard-config-2.5.1-noarch-1.txz: Upgraded.
x/xload-1.1.1-i486-1.txz: Upgraded.
x/xlogo-1.0.4-i486-1.txz: Upgraded.
x/xlsatoms-1.1.1-i486-1.txz: Upgraded.
x/xlsclients-1.1.2-i486-1.txz: Upgraded.
x/xlsfonts-1.0.4-i486-1.txz: Upgraded.
x/xman-1.1.2-i486-1.txz: Upgraded.
x/xmodmap-1.0.7-i486-1.txz: Upgraded.
x/xorg-docs-1.6.99.901-noarch-1.txz: Upgraded.
x/xorg-server-1.12.1-i486-1.txz: Upgraded.
x/xorg-server-xephyr-1.12.1-i486-1.txz: Upgraded.
x/xorg-server-xnest-1.12.1-i486-1.txz: Upgraded.
x/xorg-server-xvfb-1.12.1-i486-1.txz: Upgraded.
x/xorg-sgml-doctools-1.10.99.901-i486-1.txz: Upgraded.
x/xpr-1.0.4-i486-1.txz: Upgraded.
x/xprop-1.2.1-i486-1.txz: Upgraded.
x/xproto-7.0.23-noarch-1.txz: Upgraded.
x/xpyb-1.3.1-i486-1.txz: Upgraded.
x/xrandr-1.3.5-i486-1.txz: Upgraded.
x/xscope-1.3.1-i486-1.txz: Upgraded.
x/xset-1.2.2-i486-1.txz: Upgraded.
x/xterm-278-x86_64-1.txz: Upgraded.
x/xtrans-1.2.7-noarch-1.txz: Upgraded.
x/xwd-1.0.5-i486-1.txz: Upgraded.
x/xwininfo-1.1.2-i486-1.txz: Upgraded.
x/xwud-1.0.4-i486-1.txz: Upgraded.
Mon Apr 30 22:24:10 UTC 2012
a/tcsh-6.18.01-i486-1.txz: Upgraded.
Thanks to jmccue for the notice.
d/doxygen-1.8.0-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.9.1-i486-1.txz: Upgraded.
xap/mozilla-thunderbird-12.0.1-i486-1.txz: Upgraded.
This is a bugfix release.
Fixed POP3 filters that move mail to IMAP folders.
Fixed loading message body in sub-folders that use fetch headers only.
Addressed mail notification issues.
Fixed crash in nMsgDatabase.
xap/seamonkey-2.9.1-i486-1.txz: Upgraded.
This is a bugfix release.
Fixed POP3 filters that move mail to IMAP folders.
Fixed loading message body in sub-folders that use fetch headers only.
Addressed mail notification issues.
Fixed crash in nMsgDatabase.
Also, the build script and seamonkey-nss.pc were adjusted to fix issues
with compiling against Seamonkey NSS. Thanks to zerouno on LQ.
extra/wicd/wicd-1.7.2.4-i486-1.txz: Upgraded.
Correct the fix for CVE-2012-2095 (and fix other new bugs).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2095
(* Security fix *)
Fri Apr 27 01:07:23 UTC 2012
a/openssl-solibs-0.9.8w-i486-1.txz: Upgraded.
Fixed exploitable integer overflow (incomplete fix for CVE-2012-2110)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131
(* Security fix *)
d/gdb-7.4.1-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.9-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
Removed --enable-system-cairo and added --disable-crashreporter.
n/lftp-4.3.6-i486-1.txz: Upgraded.
n/openssl-0.9.8w-i486-1.txz: Upgraded.
Fixed exploitable integer overflow (incomplete fix for CVE-2012-2110)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131
(* Security fix *)
xap/mozilla-firefox-12.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
Removed --enable-system-cairo and added --disable-crashreporter.
xap/mozilla-thunderbird-12.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
Removed --enable-system-cairo and added --disable-crashreporter.
xap/seamonkey-2.9-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
Removed --enable-system-cairo and added --disable-crashreporter.
Mon Apr 23 18:18:31 UTC 2012
a/openssl-solibs-0.9.8v-i486-1.txz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
d/gdb-7.4-i486-2.txz: Rebuilt.
Changed to --with-python, requested by Benjamin Trigona-Harany.
The last time this was tried it caused some problems, as noted in this bug:
http://bugs.gentoo.org/show_bug.cgi?id=291328
Please test and let me know if any issues remain.
kde/calligra-2.4.0-i486-3.txz: Rebuilt.
Applied upstream patch to fix calligrawords compiled with gcc-4.7.0.
Thanks to Willy Sudiarto Raharjo and David Gabriel Rodriguez Castillo.
n/openssl-0.9.8v-i486-1.txz: Upgraded.
Fixes some potentially exploitable buffer overflows.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
(* Security fix *)
extra/wicd/wicd-1.7.2.1-i486-1.txz: Upgraded.
This fixes a local privilege escalation that allows a user to set arbitrary
pre/post-connection scripts through D-Bus which are then executed as the
wicd user (generally root).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2095
Thanks to dapal for the workaround allowing us to skip the pybabel
requirement (for now), and to Robby Workman for the script update.
(* Security fix *)
Fri Apr 20 16:01:36 UTC 2012
ap/htop-1.0.1-i486-1.txz: Upgraded.
d/gdb-7.4-i486-1.txz: Upgraded.
Tue Apr 17 16:35:04 UTC 2012
kde/oxygen-gtk2-1.2.3-i486-1.txz: Upgraded.
Addresses crash bugs.
Mon Apr 16 03:26:13 UTC 2012
kde/calligra-2.4.0-i486-2.txz: Rebuilt.
Due to some bugs in Qt (which had already been patched), quite a lot
of Calligra will not build if not reassured with "-DIHAVEPATCHEDQT:BOOL=ON".
I should have seen that in the release announcement email, sorry.
Thanks to alienBOB for the heads-up.
Sat Apr 14 22:06:26 UTC 2012
Hey folks! We've merged KDE 4.8.2 and a bunch of new packages that it
depends upon into -current, thanks in large part to months of work and
testing by Eric Hameleers. Note that NetworkManager is included. If
you want to use this, make sure to move the new rc.M into place,
make /etc/rc.d/rc.networkmanager executable, and then add the KDE
"Network Manager" widget to your desktop. Have fun! :-)
NOTE: After upgrading, the following obsolete KDE packages should be removed:
kdeaccessibility, kdebase, kdebase-runtime, kdebase-workspace,
kdebindings, kdeedu, kdegraphics, kdeutils, koffice, konq-plugins,
kopete-cryptography, polkit-kde-1, and all koffice-l10n-*.
a/sysvinit-scripts-1.2-noarch-44.txz: Rebuilt.
rc.S: Handle a top-level /run directory, if it exists.
rc.M: Handle rc.networkmanager.
a/udisks-1.0.4-i486-1.txz: Added.
a/upower-0.9.15-i486-1.txz: Added.
d/oprofile-0.9.7-i486-1.txz: Upgraded.
kde/amarok-2.5.0-i486-1.txz: Upgraded.
kde/analitza-4.8.2-i486-1.txz: Added.
kde/ark-4.8.2-i486-1.txz: Added.
kde/blinken-4.8.2-i486-1.txz: Added.
kde/bluedevil-1.2.2-i486-1.txz: Added.
kde/calligra-2.4.0-i486-1.txz: Added.
kde/cantor-4.8.2-i486-1.txz: Added.
kde/filelight-4.8.2-i486-1.txz: Added.
kde/gwenview-4.8.2-i486-1.txz: Added.
kde/k3b-2.0.2_20120226.git-i486-1.txz: Upgraded.
kde/kaccessible-4.8.2-i486-1.txz: Added.
kde/kactivities-4.8.2-i486-1.txz: Added.
kde/kalgebra-4.8.2-i486-1.txz: Added.
kde/kalzium-4.8.2-i486-1.txz: Added.
kde/kamera-4.8.2-i486-1.txz: Added.
kde/kanagram-4.8.2-i486-1.txz: Added.
kde/kate-4.8.2-i486-1.txz: Added.
kde/kaudiocreator-1.3-i486-1.txz: Upgraded.
kde/kbruch-4.8.2-i486-1.txz: Added.
kde/kcalc-4.8.2-i486-1.txz: Added.
kde/kcharselect-4.8.2-i486-1.txz: Added.
kde/kcolorchooser-4.8.2-i486-1.txz: Added.
kde/kde-baseapps-4.8.2-i486-1.txz: Added.
kde/kde-runtime-4.8.2-i486-1.txz: Added.
kde/kde-wallpapers-4.8.2-noarch-1.txz: Added.
kde/kde-workspace-4.8.2-i486-1.txz: Added.
kde/kdeadmin-4.8.2-i486-1.txz: Upgraded.
kde/kdeartwork-4.8.2-i486-1.txz: Upgraded.
kde/kdegames-4.8.2-i486-1.txz: Upgraded.
kde/kdegraphics-mobipocket-4.8.2-i486-1.txz: Added.
kde/kdegraphics-strigi-analyzer-4.8.2-i486-1.txz: Added.
kde/kdegraphics-thumbnailers-4.8.2-i486-1.txz: Added.
kde/kdelibs-4.8.2-i486-1.txz: Upgraded.
kde/kdemultimedia-4.8.2-i486-1.txz: Upgraded.
kde/kdenetwork-4.8.2-i486-1.txz: Upgraded.
kde/kdepim-4.8.2-i486-1.txz: Upgraded.
kde/kdepim-runtime-4.8.2-i486-1.txz: Upgraded.
kde/kdepimlibs-4.8.2-i486-1.txz: Upgraded.
kde/kdeplasma-addons-4.8.2-i486-1.txz: Upgraded.
kde/kdesdk-4.8.2-i486-1.txz: Upgraded.
kde/kdetoys-4.8.2-i486-1.txz: Upgraded.
kde/kdevelop-4.3.1-i486-1.txz: Upgraded.
kde/kdevelop-pg-qt-1.0.0-i486-1.txz: Added.
kde/kdevplatform-1.3.1-i486-1.txz: Upgraded.
kde/kdewebdev-4.8.2-i486-1.txz: Upgraded.
kde/kdf-4.8.2-i486-1.txz: Added.
kde/kfloppy-4.8.2-i486-1.txz: Added.
kde/kgamma-4.8.2-i486-1.txz: Added.
kde/kgeography-4.8.2-i486-1.txz: Added.
kde/kgpg-4.8.2-i486-1.txz: Added.
kde/khangman-4.8.2-i486-1.txz: Added.
kde/kig-4.8.2-i486-1.txz: Added.
kde/kiten-4.8.2-i486-1.txz: Added.
kde/klettres-4.8.2-i486-1.txz: Added.
kde/kmag-4.8.2-i486-1.txz: Added.
kde/kmousetool-4.8.2-i486-1.txz: Added.
kde/kmouth-4.8.2-i486-1.txz: Added.
kde/kmplot-4.8.2-i486-1.txz: Added.
kde/kolourpaint-4.8.2-i486-1.txz: Added.
kde/konsole-4.8.2-i486-1.txz: Added.
kde/korundum-4.8.2-i486-1.txz: Added.
kde/kplayer-0.7.2-i486-1.txz: Added.
kde/kremotecontrol-4.8.2-i486-1.txz: Added.
kde/kruler-4.8.2-i486-1.txz: Added.
kde/ksaneplugin-4.8.2-i486-1.txz: Added.
kde/ksecrets-4.8.2-i486-1.txz: Added.
kde/ksnapshot-4.8.2-i486-1.txz: Added.
kde/kstars-4.8.2-i486-1.txz: Added.
kde/ktimer-4.8.2-i486-1.txz: Added.
kde/ktorrent-4.2.0-i486-1.txz: Upgraded.
kde/ktouch-4.8.2-i486-1.txz: Added.
kde/kturtle-4.8.2-i486-1.txz: Added.
kde/kwallet-4.8.2-i486-1.txz: Added.
kde/kwebkitpart-1.2.0_20111116git-i486-1.txz: Added.
kde/kwordquiz-4.8.2-i486-1.txz: Added.
kde/libkdcraw-4.8.2-i486-1.txz: Added.
kde/libkdeedu-4.8.2-i486-1.txz: Added.
kde/libkexiv2-4.8.2-i486-1.txz: Added.
kde/libkipi-4.8.2-i486-1.txz: Added.
kde/libksane-4.8.2-i486-1.txz: Added.
kde/libktorrent-1.2.0-i486-1.txz: Upgraded.
kde/marble-4.8.2-i486-1.txz: Added.
kde/networkmanagement-0.9.0-i486-1.txz: Added.
kde/okular-4.8.2-i486-1.txz: Added.
kde/oxygen-gtk2-1.2.2_1-i486-1.txz: Added.
kde/oxygen-icons-4.8.2-i486-1.txz: Upgraded.
kde/parley-4.8.2-i486-1.txz: Added.
kde/perlkde-4.8.2-i486-1.txz: Added.
kde/perlqt-4.8.2-i486-1.txz: Added.
kde/polkit-kde-agent-1-9d74ae3_20120104git-i486-1.txz: Added.
kde/polkit-kde-kcmodules-1-001bdf7_20120111git-i486-1.txz: Added.
kde/printer-applet-4.8.2-i486-1.txz: Added.
kde/pykde4-4.8.2-i486-1.txz: Added.
kde/qtruby-4.8.2-i486-1.txz: Added.
kde/quanta-29a3f8e_20111223git-i486-1.txz: Added.
kde/rocs-4.8.2-i486-1.txz: Added.
kde/skanlite-0.8-i486-1.txz: Upgraded.
kde/smokegen-4.8.2-i486-1.txz: Added.
kde/smokekde-4.8.2-i486-1.txz: Added.
kde/smokeqt-4.8.2-i486-1.txz: Added.
kde/step-4.8.2-i486-1.txz: Added.
kde/superkaramba-4.8.2-i486-1.txz: Added.
kde/svgpart-4.8.2-i486-1.txz: Added.
kde/sweeper-4.8.2-i486-1.txz: Added.
kde/wicd-kde-0.3.0_bcf27d8-i486-1.txz: Added.
kdei/calligra-l10n-ca-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-ca@valencia-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-cs-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-da-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-de-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-el-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-en_GB-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-es-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-et-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-fi-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-fr-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-hu-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-it-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-kk-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-nb-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-nds-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-nl-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-pl-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-pt-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-pt_BR-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-ru-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-sk-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-sv-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-uk-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-zh_CN-2.4.0-noarch-1.txz: Added.
kdei/calligra-l10n-zh_TW-2.4.0-noarch-1.txz: Added.
kdei/kde-l10n-ar-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-bg-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-bs-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ca-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ca@valencia-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-cs-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-da-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-de-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-el-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-en_GB-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-es-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-et-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-eu-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-fa-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-fi-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-fr-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ga-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-gl-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-he-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-hr-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-hu-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ia-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-id-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-is-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-it-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ja-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-kk-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-km-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ko-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-lt-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-lv-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-nb-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-nds-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-nl-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-nn-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-pa-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-pl-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-pt-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-pt_BR-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ro-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ru-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-si-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-sk-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-sl-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-sr-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-sv-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-tg-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-th-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-tr-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-ug-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-uk-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-vi-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-wa-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-zh_CN-4.8.2-noarch-1.txz: Upgraded.
kdei/kde-l10n-zh_TW-4.8.2-noarch-1.txz: Upgraded.
l/PyQt-4.9.1-i486-1.txz: Upgraded.
l/QScintilla-2.6.1-i486-1.txz: Upgraded.
l/akonadi-1.7.2-i486-1.txz: Upgraded.
l/attica-0.3.0-i486-1.txz: Upgraded.
l/boost-1.49.0-i486-1.txz: Upgraded.
l/clucene-2.3.3.4-i486-1.txz: Upgraded.
l/ebook-tools-0.2.1-i486-1.txz: Upgraded.
l/grantlee-0.2.0-i486-1.txz: Added.
l/herqq-1.0.0-i486-1.txz: Added.
l/hunspell-1.3.2-i486-1.txz: Upgraded.
l/lcms2-2.3-i486-1.txz: Added.
l/libatasmart-0.18-i486-1.txz: Added.
l/libbluedevil-1.9.1-i486-1.txz: Added.
l/libdbusmenu-qt-0.9.2-i486-1.txz: Upgraded.
l/libssh-0.5.2-i486-1.txz: Added.
l/libvncserver-0.9.8.2-i486-1.txz: Upgraded.
l/phonon-4.6.0-i486-1.txz: Upgraded.
l/phonon-gstreamer-4.6.0-i486-1.txz: Added.
l/phonon-mplayer-1b1fd1f_20110823git-i486-1.txz: Upgraded.
l/phonon-xine-4.4.4-i486-1.txz: Added.
l/polkit-qt-1-0.103.0-i486-1.txz: Upgraded. Moved from kde/.
l/qt-4.8.1-i486-1.txz: Upgraded.
l/raptor2-2.0.7-i486-1.txz: Added.
l/rasqal-0.9.28-i486-1.txz: Upgraded.
l/redland-1.0.15-i486-1.txz: Upgraded.
l/sg3_utils-1.33-i486-1.txz: Added.
l/shared-desktop-ontologies-0.9.0-i486-1.txz: Upgraded.
l/sip-4.13.2-i486-1.txz: Upgraded.
l/soprano-2.7.5-i486-1.txz: Upgraded.
l/strigi-0.7.7-i486-1.txz: Upgraded.
l/system-config-printer-1.3.2-i486-1.txz: Upgraded.
n/ModemManager-0.5-i486-1.txz: Added.
n/NetworkManager-0.9.2.0-i486-1.txz: Added.
n/mobile-broadband-provider-info-20120117-i486-1.txz: Added.
n/whois-5.0.15-i486-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Fix broken /bin/{,ba}sh.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Wed Apr 11 21:29:40 UTC 2012
n/sendmail-8.14.5-i486-2.txz: Rebuilt.
Applied an upstream patch to fix SMTP AUTH.
Thanks to Alex Bär for the notice.
n/sendmail-cf-8.14.5-noarch-2.txz: Rebuilt.
Wed Apr 11 17:16:32 UTC 2012
l/libmsn-4.2.1-i486-1.txz: Upgraded.
n/curl-7.25.0-i486-1.txz: Upgraded.
n/ntp-4.2.6p5-i486-1.txz: Upgraded.
n/samba-3.5.14-i486-1.txz: Upgraded.
This is a security release in order to address a vulnerability that allows
remote code execution as the "root" user. All sites running a Samba
server should update to the new Samba package and restart Samba.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
(* Security fix *)
xap/pidgin-2.10.3-i486-1.txz: Upgraded.
This update fixes several remotely triggerable crash bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178
(* Security fix *)
Sat Apr 7 21:48:42 UTC 2012
l/libtiff-3.9.6-i486-1.txz: Upgraded.
Patched overflows that could lead to arbitrary code execution when parsing
a malformed image file.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173
(* Security fix *)
isolinux/initrd.img: Rebuilt.
Use genuine GNU bash instead of busybox ash. This fixes installer failure
caused by exported variables such as TERM failing to propogate to subshells.
I'm still not sure what's causing that issue (perhaps a change in glibc?),
but using real bash might be better in the long run, as we won't need to
avoid bashisms in the scripts. The original reason bash was avoided was to
keep things small for installer floppies, and we're well past that era.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Thu Apr 5 21:15:52 UTC 2012
l/qtscriptgenerator-0.2.0-i486-1.txz: Upgraded.
Wed Apr 4 15:59:46 UTC 2012
a/acpid-2.0.16-i486-1.txz: Upgraded.
xap/mozilla-thunderbird-11.0.1-i486-1.txz: Upgraded.
Thu Mar 29 23:05:19 UTC 2012
Hey folks... here's a few upgrade/bugfix packages:
a/e2fsprogs-1.42.2-i486-1.txz: Upgraded.
a/xz-5.0.3-i486-2.tgz: Rebuilt.
xap/imagemagick-6.7.6_2-i486-1.txz: Upgraded.
Build twice to avoid breakage when the major library versions change.
Wed Mar 28 02:05:26 UTC 2012
a/glibc-solibs-2.15-i486-2.txz: Rebuilt.
Upstream glibc fix for crashes: "Sort objects before relocations"
git commit 6ee65ed6ddbf04402fad0bec6aa9c73b9d982ae4
a/glibc-zoneinfo-2012b_2012b-noarch-2.txz: Rebuilt.
l/glibc-2.15-i486-2.txz: Rebuilt.
l/glibc-i18n-2.15-i486-2.txz: Rebuilt.
l/glibc-profile-2.15-i486-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
Fixed the placement of libz.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Mon Mar 26 01:41:11 UTC 2012
a/acpid-2.0.15-i486-1.txz: Upgraded.
a/bash-4.2.024-i486-1.txz: Upgraded.
a/e2fsprogs-1.42.1-i486-1.txz: Upgraded.
a/glibc-solibs-2.15-i486-1.txz: Upgraded.
a/glibc-zoneinfo-2012b_2012b-noarch-1.txz: Upgraded.
Upgraded to tzcode2012b and tzdata2012b.
a/kernel-generic-3.2.13-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.13_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.13-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.13_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.13-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.13_smp-i686-1.txz: Upgraded.
a/module-init-tools-3.16-i486-1.txz: Upgraded.
d/binutils-2.22.52.0.1-i486-1.txz: Upgraded.
d/ccache-3.1.7-i486-1.txz: Upgraded.
d/gcc-4.7.0-i486-1.txz: Upgraded.
d/gcc-g++-4.7.0-i486-1.txz: Upgraded.
d/gcc-gfortran-4.7.0-i486-1.txz: Upgraded.
d/gcc-gnat-4.7.0-i486-1.txz: Upgraded.
d/gcc-go-4.7.0-i486-1.txz: Upgraded.
d/gcc-java-4.7.0-i486-1.txz: Upgraded.
d/gcc-objc-4.7.0-i486-1.txz: Upgraded.
d/kernel-headers-3.2.13_smp-x86-1.txz: Upgraded.
k/kernel-source-3.2.13_smp-noarch-1.txz: Upgraded.
l/glibc-2.15-i486-1.txz: Upgraded.
l/glibc-i18n-2.15-i486-1.txz: Upgraded.
l/glibc-profile-2.15-i486-1.txz: Upgraded.
l/gmp-5.0.4-i486-1.txz: Upgraded.
l/mpfr-3.1.0-i486-1.txz: Upgraded.
l/virtuoso-ose-6.1.3-i486-1.txz: Upgraded.
l/zlib-1.2.6-i486-1.txz: Upgraded.
Moved shared library to /lib{,64} to prepare for kmod.
n/bind-9.9.0-i486-1.txz: Upgraded.
n/obex-data-server-0.4.6-i486-1.txz: Upgraded.
n/rsync-3.0.9-i486-1.txz: Upgraded.
xap/imagemagick-6.7.6_1-i486-1.txz: Upgraded.
Libraries got a major version number bump, requiring recompiles and/or
upgrades to obex-data-server, virtuoso-ose, and xine-lib.
xap/xine-lib-1.1.19-i686-2.txz: Rebuilt.
extra/linux-3.2.13-nosmp-sdk/*: Rebuilt.
isolinux/initrd.img: Rebuilt.
In SeTpartitions, use -d single -m single as it increases performance by
about 15%, and multiple metadata copies are useless when using a btrfs
filesystem consisting of a single device or partition (which is all the
installer currently supports). Thanks to Luigi Genoni.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Wed Mar 14 09:08:26 UTC 2012
l/seamonkey-solibs-2.8-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
n/mtr-0.82-i486-1.txz: Upgraded.
xap/mozilla-firefox-11.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-11.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.8-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
y/bsd-games-2.13-i486-12.txz: Rebuilt. (typo fix)
Sun Feb 26 23:09:05 UTC 2012
a/kernel-generic-3.2.7-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.7_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.7-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.7_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.7-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.7_smp-i686-1.txz: Upgraded.
d/kernel-headers-3.2.7_smp-x86-1.txz: Upgraded.
k/kernel-source-3.2.7_smp-noarch-1.txz: Upgraded.
extra/linux-3.2.7-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Sat Feb 25 20:36:42 UTC 2012
testing/packages/mozilla-firefox-11.0b4-i486-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-11.0b3-i486-1.txz: Upgraded.
testing/packages/seamonkey-2.8b4-i486-1.txz: Upgraded.
testing/packages/seamonkey-solibs-2.8b4-i486-1.txz: Upgraded.
Wed Feb 22 18:14:58 UTC 2012
l/libpng-1.4.9-i486-1.txz: Upgraded.
All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57,
respectively, fail to correctly validate a heap allocation in
png_decompress_chunk(), which can lead to a buffer-overrun and the
possibility of execution of hostile code on 32-bit systems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
(* Security fix *)
l/seamonkey-solibs-2.7.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
xap/mozilla-firefox-10.0.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-10.0.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.7.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
Tue Feb 14 01:57:25 UTC 2012
xap/mozilla-thunderbird-10.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
Sun Feb 12 23:26:00 UTC 2012
testing/packages/mozilla-thunderbird-11.0b1-i486-1.txz: Added.
testing/packages/seamonkey-2.8b2-i486-1.txz: Added.
testing/packages/seamonkey-solibs-2.8b2-i486-1.txz: Added.
Sat Feb 11 02:37:16 UTC 2012
l/seamonkey-solibs-2.7.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
xap/mozilla-firefox-10.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/seamonkey-2.7.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
testing/packages/mozilla-firefox-11.0b2-i486-1.txz: Upgraded.
Wed Feb 8 01:21:42 UTC 2012
a/glibc-solibs-2.14.1-i486-4.txz: Rebuilt.
Patched an overflow in tzfile. This was evidently first reported in
2009, but is only now getting around to being patched. To exploit it,
one must be able to write beneath /usr/share/zoneinfo, which is usually
not possible for a normal user, but may be in the case where they are
chroot()ed to a directory that they own.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
(* Security fix *)
a/glibc-zoneinfo-2011i_2011n-noarch-4.txz: Rebuilt.
ap/alsa-utils-1.0.25-i486-1.txz: Upgraded.
ap/hplip-3.11.12-i486-1.txz: Upgraded.
ap/sqlite-3.7.10-i486-1.txz: Upgraded.
l/alsa-lib-1.0.25-i486-1.txz: Upgraded.
l/alsa-oss-1.0.25-i486-1.txz: Upgraded.
l/apr-util-1.4.1-i486-1.txz: Upgraded.
l/glibc-2.14.1-i486-4.txz: Rebuilt.
Patched an overflow in tzfile. This was evidently first reported in
2009, but is only now getting around to being patched. To exploit it,
one must be able to write beneath /usr/share/zoneinfo, which is usually
not possible for a normal user, but may be in the case where they are
chroot()ed to a directory that they own.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
(* Security fix *)
l/glibc-i18n-2.14.1-i486-4.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-4.txz: Rebuilt.
Patched an overflow in tzfile. This was evidently first reported in
2009, but is only now getting around to being patched. To exploit it,
one must be able to write beneath /usr/share/zoneinfo, which is usually
not possible for a normal user, but may be in the case where they are
chroot()ed to a directory that they own.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
(* Security fix *)
n/httpd-2.2.22-i486-1.txz: Upgraded.
*) SECURITY: CVE-2011-3368 (cve.mitre.org)
Reject requests where the request-URI does not match the HTTP
specification, preventing unexpected expansion of target URLs in
some reverse proxy configurations. [Joe Orton]
*) SECURITY: CVE-2011-3607 (cve.mitre.org)
Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
is enabled, could allow local users to gain privileges via a .htaccess
file. [Stefan Fritsch, Greg Ames]
*) SECURITY: CVE-2011-4317 (cve.mitre.org)
Resolve additional cases of URL rewriting with ProxyPassMatch or
RewriteRule, where particular request-URIs could result in undesired
backend network exposure in some configurations.
[Joe Orton]
*) SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. PR 52256.
[Rainer Canavan <rainer-apache 7val com>]
*) SECURITY: CVE-2012-0031 (cve.mitre.org)
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate
cleanly. [Joe Orton]
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose "httpOnly" cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
(* Security fix *)
n/php-5.3.10-i486-1.txz: Upgraded.
Fixed arbitrary remote code execution vulnerability reported by Stefan
Esser, CVE-2012-0830. (Stas, Dmitry)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
(* Security fix *)
n/proftpd-1.3.4a-i486-1.txz: Upgraded.
This update fixes a use-after-free() memory corruption error,
and possibly other unspecified issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130
(* Security fix *)
n/vsftpd-2.3.5-i486-1.txz: Upgraded.
Minor version bump, this also works around a hard to trigger heap overflow
in glibc (glibc zoneinfo caching vuln). For there to be any possibility
to trigger the glibc bug within vsftpd, the non-default option
"chroot_local_user" must be set in /etc/vsftpd.conf.
Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-)
Nevertheless:
(* Security fix *)
Thu Feb 2 16:02:47 UTC 2012
It is cloudy and foggy here today -- I did not see my shadow, and
will not be crawling back into my hole for 6 weeks. ;-)
testing/packages/mozilla-firefox-11.0b1-i486-1.txz: Added.
Thu Feb 2 15:07:23 UTC 2012
a/kernel-firmware-20120202git-noarch-1.txz: Upgraded.
There were some reports of a failing checksum on the .asc (which
did verify, so the package was good). So, we'll replace it with
a new build to make sure that it syncs out.
Wed Feb 1 23:20:04 UTC 2012
$(fortune) just obtained logging in to stamp the Changelog, finally:
"You single-handedly fought your way into this hopeless mess."
Well, we'll work on rectifying that situation. :-) Sorry about the
lack of updates... everything here blew up all at once, it seemed, but
equipment, upstream targets, and reality all seem to be settling down
enough to get these updates out and have them be an actual improvement
over what's already up. Hope to have more soon. Cheers!
l/seamonkey-solibs-2.7-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
xap/mozilla-firefox-10.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-10.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.7-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
Wed Feb 1 17:18:14 CST 2012
testing/packages/mozilla-firefox-10.0-i486-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-10.0-i486-1.txz: Upgraded.
Wed Feb 1 17:18:13 CST 2012
a/kernel-generic-3.2.2-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.2-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.2-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.2_smp-i686-1.txz: Upgraded.
a/openssl-solibs-0.9.8t-i486-1.txz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
d/kernel-headers-3.2.2_smp-x86-1.txz: Upgraded.
e/emacs-23.4-i486-1.txz: Upgraded.
k/kernel-source-3.2.2_smp-noarch-1.txz: Upgraded.
n/openssl-0.9.8t-i486-1.txz: Upgraded.
This fixes a bug where DTLS applications were not properly supported. This
bug could have allowed remote attackers to cause a denial of service via
unspecified vectors.
CVE-2012-0050 has been assigned to this issue.
For more details see:
http://openssl.org/news/secadv_20120118.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
(* Security fix *)
extra/linux-3.2.1-nosmp-sdk/*: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Wed Feb 1 17:18:11 CST 2012
a/coreutils-8.15-i486-1.txz: Upgraded.
This will be provided as a patch to fix some important issues with ext4.
Thanks to Georgy Salnikov for the notification.
a/cups-1.4.8-i486-1.txz: Upgraded.
This might fix a printing issue with LibreOffice. We'll look into cups-1.5.0
once we know if this fix works. If it does, we'll deploy cups-1.4.8 as
a patch for Slackware 13.37. Thanks to Willy Sudiarto Raharjo.
a/glibc-solibs-2.14.1-i486-3.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz: Rebuilt.
a/kernel-generic-3.2.1-i486-1.txz: Upgraded.
a/kernel-generic-smp-3.2.1_smp-i686-1.txz: Upgraded.
a/kernel-huge-3.2.1-i486-1.txz: Upgraded.
a/kernel-huge-smp-3.2.1_smp-i686-1.txz: Upgraded.
a/kernel-modules-3.2.1-i486-1.txz: Upgraded.
a/kernel-modules-smp-3.2.1_smp-i686-1.txz: Upgraded.
d/kernel-headers-3.2.1_smp-x86-1.txz: Upgraded.
k/kernel-source-3.2.1_smp-noarch-1.txz: Upgraded.
l/glibc-2.14.1-i486-3.txz: Rebuilt.
l/glibc-i18n-2.14.1-i486-3.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz: Rebuilt.
n/ca-certificates-20111211-noarch-1.txz: Upgraded.
Removes DigiNotar and other untrusted certificates.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Wed Feb 1 17:18:07 CST 2012
Hey folks! Have a few overdue updates to the toolchain. This has all been
built and rebuild (and upgraded) far too many times IMHO to wait around yet
again to get 3.2.1 in place and bump some compiler deps to get ARM working...
what was that about the echo $(fortune -m "goal of Computer Science") ?
Anyway, please test and report problems and we'll have another round here
shortly.
a/glibc-solibs-2.14.1-i486-3.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz: Rebuilt.
a/kernel-firmware-20120109git-noarch-1.txz: Upgraded.
ap/htop-1.0-i486-1.txz: Upgraded.
d/gcc-4.6.2-i486-1.txz: Upgraded.
d/gcc-g++-4.6.2-i486-1.txz: Upgraded.
d/gcc-gfortran-4.6.2-i486-1.txz: Upgraded.
d/gcc-gnat-4.6.2-i486-1.txz: Upgraded.
d/gcc-go-4.6.2-i486-1.txz: Added.
d/gcc-java-4.6.2-i486-1.txz: Upgraded.
d/gcc-objc-4.6.2-i486-1.txz: Upgraded.
d/slacktrack-2.10-i486-1.txz: Upgraded.
e/emacs-23.3.tar.xz: Upgraded.
l/freetype-2.4.8-i486-1.txz: Upgraded.
Some vulnerabilities in handling CID-keyed PostScript fonts have
been fixed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
(* Security fix *)
l/glibc-2.14.1-i486-3.txz: Rebuilt.
Patched to provide compile support for NIS and RPC again.
l/glibc-i18n-2.14.1-i486-3.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz: Rebuilt.
l/seamonkey-solibs-2.6.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
n/sendmail-8.14.5-i486-1.txz: Upgraded.
n/sendmail-cf-8.14.5-noarch-1.txz: Upgraded.
xap/mozilla-firefox-9.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-9.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.6.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/x3270-3.3.12ga7-i486-1.txz: Upgraded.
xap/xfractint-20.04p11-i486-1.txz: Upgraded.
pasture/gcc-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-g++-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-gfortran-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-gnat-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-java-4.5.3-i486-2.txz: Moved to /pasture.
pasture/gcc-objc-4.5.3-i486-2.txz: Moved to /pasture.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
testing/packages/mozilla-firefox-10.0b4-i486-1.txz: Added.
testing/packages/mozilla-thunderbird-10.0b3-i486-1.txz: Added.
Wed Dec 14 16:22:29 UTC 2011
d/subversion-1.7.2-i486-1.txz: Upgraded.
This update fixes an issue with "git svn clone" being broken.
Thanks to Francesco Allertsen for the heads-up.
Hmmm, perhaps vbatts can tell me what has happened to the ruby bindings...
Tue Nov 29 00:09:21 UTC 2011
testing/packages/mozilla-thunderbird-9.0b2-i486-1.txz: Upgraded.
Sun Nov 27 03:37:52 UTC 2011
d/yasm-1.2.0-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.5-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/mozilla-firefox-8.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-8.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.5-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
testing/packages/mozilla-firefox-9.0b3-i486-1.txz: Upgraded.
Wed Nov 23 15:17:39 UTC 2011
d/make-3.82-i486-3.txz: Rebuilt.
Patched a free() crash when building Android. Thanks to Troy Unrau.
Fixed IA32 arch, package locations... sorry :)
Tue Nov 22 15:23:55 UTC 2011
d/make-3.82-x86_64-3.txz: Rebuilt.
Patched a free() crash when building Android. Thanks to Troy Unrau.
testing/packages/mozilla-firefox-9.0b2-i486-1.txz: Upgraded.
Thu Nov 17 02:12:33 UTC 2011
n/bind-9.7.4_P1-i486-1.txz: Upgraded.
--- 9.7.4-P1 released ---
3218. [security] Cache lookup could return RRSIG data associated with
nonexistent records, leading to an assertion
failure. [RT #26590]
(* Security fix *)
Sun Nov 13 16:03:06 UTC 2011
a/glibc-solibs-2.14.1-i486-2.txz: Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-2.txz: Rebuilt.
l/glibc-2.14.1-i486-2.txz: Rebuilt.
Merged ELF patches -- Matt Burgess <matthew_at_linuxfromscratch_dot_org>
l/glibc-i18n-2.14.1-i486-2.txz: Rebuilt.
l/glibc-profile-2.14.1-i486-2.txz: Rebuilt.
testing/packages/mozilla-firefox-9.0b1-i486-1.txz: Added.
Fri Nov 11 18:58:21 UTC 2011
Good 11-11-11, everyone! Enjoy some fresh time. :)
a/glibc-solibs-2.14.1-i486-1.txz: Upgraded.
a/glibc-zoneinfo-2011i_2011n-noarch-1.txz: Upgraded.
New upstream homepage: http://www.iana.org/time-zones
l/glibc-2.14.1-i486-1.txz: Upgraded.
l/glibc-i18n-2.14.1-i486-1.txz: Upgraded.
l/glibc-profile-2.14.1-i486-1.txz: Upgraded.
Tue Nov 8 04:07:49 UTC 2011
n/openssh-5.9p1-i486-2.txz: Rebuilt.
Upstream different timestamp, size, ChangeLog. GPG verifies on both
this newer one and what we had before (?).
xap/mozilla-firefox-8.0-i486-1.txz: Upgraded.
Tue Oct 11 07:50:04 UTC 2011
a/file-5.09-i486-1.txz: Upgraded.
l/seamonkey-solibs-2.4.1-i486-1.txz: Upgraded.
n/httpd-2.2.21-i486-1.txz: Upgraded.
Respond with HTTP_NOT_IMPLEMENTED when the method is not
recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348
Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
PR 51748. [<lowprio20 gmail.com>]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
(* Security fix *)
xap/mozilla-firefox-7.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
xap/mozilla-thunderbird-7.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
xap/seamonkey-2.4.1-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
testing/packages/mozilla-firefox-8.0b2-i486-1.txz: Upgraded.
Tue Sep 6 16:53:43 UTC 2011
n/openssh-5.9p1-i486-1.txz: Upgraded.
Tue Sep 6 00:15:03 UTC 2011
l/seamonkey-solibs-2.3.3-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
n/httpd-2.2.20-i486-1.txz: Upgraded.
SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
(* Security fix *)
xap/mozilla-firefox-6.0.2-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
xap/mozilla-thunderbird-6.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
xap/seamonkey-2.3.3-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(* Security fix *)
testing/packages/mozilla-firefox-7.0b4-i486-1.txz: Upgraded.
Thu Aug 25 09:10:45 UTC 2011
a/kernel-firmware-20110814git-noarch-1.txz: Upgraded.
Fetch the latest kernel firmware from git -- the stuff in the kernel sources
is somewhat stale.
ap/soma-2.7.1-noarch-1.txz: Added.
Soma is a command line/dialog Internet radio player.
Thanks to David Woodfall.
l/jre-6u27-i586-1.txz: Upgraded.
n/php-5.3.8-i486-1.txz: Upgraded.
Security fixes vs. 5.3.6 (5.3.7 was not usable):
Updated crypt_blowfish to 1.2. (CVE-2011-2483)
Fixed crash in error_log(). Reported by Mateusz Kocielski
Fixed buffer overflow on overlog salt in crypt().
Fixed bug #54939 (File path injection vulnerability in RFC1867
File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
(* Security fix *)
extra/jdk-6/jdk-6u27-i586-1.txz: Upgraded.
testing/packages/mozilla-firefox-7.0b1-i486-1.txz: Added.
Sun Aug 14 17:49:30 UTC 2011
n/wget-1.13-i486-1.txz: Upgraded.
xap/mozilla-firefox-6.0-i486-1.txz: Upgraded.
Fri Aug 12 23:20:00 UTC 2011
d/binutils-2.21.53.0.2-i486-1.txz: Upgraded.
n/bind-9.7.4-i486-1.txz: Upgraded.
This BIND update addresses a couple of security issues:
* named, set up to be a caching resolver, is vulnerable to a user
querying a domain with very large resource record sets (RRSets)
when trying to negatively cache the response. Due to an off-by-one
error, caching the response could cause named to crash. [RT #24650]
[CVE-2011-1910]
* Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. [RT #24777] [CVE-2011-2464]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
Fri Aug 12 16:25:35 UTC 2011
ap/htop-0.9-i486-1.txz: Added.
Oops, this was missing on 32-bit. Thanks to Willy Sudiarto Raharjo.
Fri Aug 12 00:29:11 UTC 2011
a/lilo-23.2-i486-1.txz: Upgraded.
ap/htop-0.9-i486-1.txz: Added.
htop is an ncurses-based interactive process viewer.
Thanks to Michal Dorocinski for the suggestion.
ap/sqlite-3.7.7.1-i486-1.txz: Upgraded.
Added options: -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_PARENTHESIS=1
e/emacs-23.3a-i486-1.txz: Upgraded.
testing/packages/mozilla-firefox-6.0b5-i486-1.txz: Added.
testing/packages/mozilla-thunderbird-6.0b3-i486-1.txz: Added.
testing/packages/seamonkey-2.3b3-i486-1.txz: Added.
testing/packages/seamonkey-solibs-2.3b3-i486-1.txz: Added.
Fri Jul 29 18:22:40 UTC 2011
ap/screen-4.0.3-i486-3.txz: Rebuilt.
Use a larger buffer for the termtype variable to fix crashes with long
names (e.g. rxvt-unicode-256color).
Thanks to cteg.
l/libpng-1.4.8-i486-1.txz: Upgraded.
Upgraded to libpng-1.2.46 and libpng-1.4.8.
Fixed uninitialized memory read in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
(* Security fix *)
n/dhcpcd-5.2.12-i486-1.txz: Upgraded.
Sanitize the host name provided by the DHCP server to insure that it does
not contain any shell metacharacters.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996
(* Security fix *)
n/samba-3.5.10-i486-1.txz: Upgraded.
Fixed cross-site request forgery and cross-site scripting vulnerability
in SWAT (the Samba Web Administration Tool).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
(* Security fix *)
Thu Jul 14 21:34:41 UTC 2011
l/seamonkey-solibs-2.2-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
xap/mozilla-firefox-5.0.1-i486-1.txz: Upgraded.
I guess this is only a fix for Mac OS X, but it's still 0.0.1 better. ;-)
xap/mozilla-thunderbird-5.0-i486-1.txz: Upgraded.
Thanks to dolphin77 for some hints about the ./configure options.
xap/seamonkey-2.2-i486-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/announce/
(* Security fix *)
Fri Jul 8 16:55:13 UTC 2011
n/bind-9.7.3_P3-i486-1.txz: Upgraded.
A specially constructed packet will cause BIND 9 ("named") to exit,
affecting DNS service. The issue exists in BIND 9.6.3 and newer.
"Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash
named. This was fixed by disambiguating internal database
representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]"
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
(* Security fix *)
xap/mozilla-thunderbird-3.1.11-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html
(* Security fix *)
Tue Jun 28 18:19:47 UTC 2011
ap/ghostscript-9.02-i486-2.txz: Rebuilt.
Provide pstoraster -> gstoraster symlink.
Include latest History file, but not all the old ones.
Is this ready for 13.37/patches now?
Mon Jun 27 21:29:54 UTC 2011
n/gnutls-2.12.7-i486-1.txz: Upgraded.
xap/pidgin-2.9.0-i486-1.txz: Upgraded.
Fixed a remote denial of service. A remote attacker could set a specially
crafted GIF file as their buddy icon causing vulerable versions of pidgin
to crash due to excessive memory use.
For more information, see:
http://pidgin.im/news/security/?id=52
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485
(* Security fix *)
Fri Jun 24 02:55:39 UTC 2011
ap/ghostscript-9.02-i486-1.txz: Upgraded.
I welcome reports about how well this version of ghostscript works compared
with the 9.00 that shipped in Slackware 13.37. If it fixes important bugs
without regressions, then it might be considered as a patch for 13.37.
l/jre-6u26-i586-1.txz: Upgraded.
xap/mozilla-firefox-5.0-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
extra/jdk-6/jdk-6u26-i586-1.txz: Upgraded.
Mon Jun 20 04:09:11 UTC 2011
n/getmail-4.20.3-i486-1.txz: Upgraded.
n/fetchmail-6.3.20-i486-1.txz: Upgraded.
This release fixes a denial of service in STARTTLS protocol phases.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
(* Security fix *)
l/seamonkey-solibs-2.1-i486-1.txz: Upgraded.
xap/seamonkey-2.1-i486-1.txz: Upgraded.
Sat May 28 19:28:21 UTC 2011
a/file-5.07-i486-1.txz: Upgraded.
d/gcc-4.5.3-i486-2.txz: Rebuilt.
d/gcc-g++-4.5.3-i486-2.txz: Rebuilt.
d/gcc-gfortran-4.5.3-i486-2.txz: Rebuilt.
d/gcc-gnat-4.5.3-i486-2.txz: Rebuilt.
d/gcc-java-4.5.3-i486-2.txz: Rebuilt.
d/gcc-objc-4.5.3-i486-2.txz: Rebuilt.
Added --enable-objc-gc option to enable Objective-C garbage collection.
Thanks to Luca De Pandis.
Fri May 27 22:56:00 UTC 2011
n/bind-9.7.3_P1-i486-1.txz: Upgraded.
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won't validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *)
Wed May 25 20:03:16 UTC 2011
a/cxxlibs-6.0.14-i486-2.txz: Rebuilt.
a/glibc-solibs-2.13-i486-5.txz: Rebuilt.
a/glibc-zoneinfo-2.13-noarch-5.txz: Rebuilt.
Upgraded to tzcode2011g and tzdata2011g.
a/kernel-firmware-2.6.38.7-noarch-1.txz: Upgraded.
a/kernel-generic-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-generic-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
a/kernel-huge-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-huge-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
a/kernel-modules-2.6.38.7-i486-1.txz: Upgraded.
a/kernel-modules-smp-2.6.38.7_smp-i686-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.66-i486-9.txz: Rebuilt.
ap/nano-2.3.1-i486-1.txz: Upgraded.
d/gcc-4.5.3-i486-1.txz: Upgraded.
d/gcc-g++-4.5.3-i486-1.txz: Upgraded.
d/gcc-gfortran-4.5.3-i486-1.txz: Upgraded.
d/gcc-gnat-4.5.3-i486-1.txz: Upgraded.
d/gcc-java-4.5.3-i486-1.txz: Upgraded.
d/gcc-objc-4.5.3-i486-1.txz: Upgraded.
d/git-1.7.5.1-i486-1.txz: Upgraded.
d/kernel-headers-2.6.38.7_smp-x86-1.txz: Upgraded.
d/perl-5.14.0-i486-1.txz: Upgraded.
d/subversion-1.6.16-i486-2.txz: Rebuilt.
k/kernel-source-2.6.38.7_smp-noarch-1.txz: Upgraded.
These are the main configuration changes from the 2.6.37.6 kernel in 13.37:
BLK_DEV_LOOP y -> m
HIGHMEM4G y -> n
HIGHMEM64G n -> y
LOG_BUF_SHIFT 15 -> 18
M686 y -> n
MPENTIUMIII n -> y
MOUSE_PS2_ELANTECH n -> y
And, compared with the 2.6.38.4 kernel in 13.37/testing:
LOG_BUF_SHIFT 15 -> 18
M686 y -> n
MPENTIUMIII n -> y
PREEMPT_NONE y -> n
PREEMPT_VOLUNTARY n -> y
SCHED_AUTOGROUP y -> n
It remains to be seen where the PREEMPT_* options will settle in the future.
SCHED_AUTOGROUP still seems sketchy to me, and might be behind some odd
clockskew issues. And, thanks to Carl Wenninger for reporting that the
LOG_BUF_SHIFT setting was less than the kernel defaults and was leading to
a few missing lines at the beginning of 'dmesg' output.
kde/kdebindings-4.5.5-i486-3.txz: Rebuilt.
l/apr-1.4.5-i486-1.txz: Upgraded.
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *)
l/apr-util-1.3.12-i486-1.txz: Upgraded.
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init().
l/glibc-2.13-i486-5.txz: Rebuilt.
l/glibc-i18n-2.13-i486-5.txz: Rebuilt.
l/glibc-profile-2.13-i486-5.txz: Rebuilt.
l/libidn-1.22-i486-1.txz: Upgraded.
l/pilot-link-0.12.5-i486-4.txz: Rebuilt.
l/virtuoso-ose-6.1.2-i486-2.txz: Rebuilt.
n/gnutls-2.12.5-i486-1.txz: Upgraded.
n/httpd-2.2.19-i486-1.txz: Upgraded.
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.
n/irssi-0.8.15-i486-4.txz: Rebuilt.
n/net-snmp-5.6.1-i486-2.txz: Rebuilt.
n/ntp-4.2.6p3-i486-2.txz: Rebuilt.
n/obexftp-0.23-i486-6.txz: Rebuilt.
x/libdrm-2.4.25-i486-1.txz: Upgraded.
x/mesa-7.10.2-i486-1.txz: Upgraded.
x/xf86-video-nouveau-git_20110515_8378443-i486-1.txz: Upgraded.
xap/gv-3.7.2-i486-1.txz: Upgraded.
xap/imagemagick-6.6.9_8-i486-1.txz: Upgraded.
xap/pidgin-2.7.11-i486-2.txz: Rebuilt.
xap/xchat-2.8.8-i486-4.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
extra/linux-2.6.38.7-nosmp-sdk/*: Rebuilt.
Fri May 13 20:30:07 UTC 2011
l/apr-1.4.4-i486-1.txz: Upgraded.
This fixes a possible denial of service due to an unconstrained, recursive
invocation of apr_fnmatch(). This function has been reimplemented using a
non-recursive algorithm. Thanks to William Rowe.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
(* Security fix *)
l/apr-util-1.3.11-i486-1.txz: Upgraded.
n/httpd-2.2.18-i486-1.txz: Upgraded.
This is a bug fix release, but since the upgrades to apr/apr-util require at
least an httpd recompile we opted to upgrade to the newest httpd.
Thu May 5 23:23:20 UTC 2011
a/coreutils-8.12-i486-1.txz: Upgraded.
Mon May 2 20:20:50 UTC 2011
xap/mozilla-firefox-4.0.1-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox40.html
(* Security fix *)
xap/mozilla-thunderbird-3.1.10-i486-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html
(* Security fix *)
Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86 stable is released!
Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
As always, thanks to the Slackware community for testing, suggestions,
and feedback. :-)
Have fun!
