Weekly Edition
Return to the Distributions page
| |||||||||||||
Slackware updates
Slackware Current ChangeLog Notice.
The following additions have been made to The Current ChangeLog.txt
Please do not Reply to this email
-------------------------------------------------------------------
Mon Sep 12 22:48:09 PDT 2005
a/util-linux-2.12p-i486-2.tgz: Patched an issue with umount where if
the umount failed when the '-r' option was used, the filesystem would
be remounted read-only but without any extra flags specified in
/etc/fstab. This could allow an ordinary user able to mount a floppy
or CD (but with nosuid, noexec, nodev, etc in /etc/fstab) to run a
setuid binary from removable media and gain root privileges.
Reported to BugTraq by David Watson:
http://www.securityfocus.com/archive/1/410333
(* Security fix *)
ap/mdadm-2.1-i486-1.tgz: Upgraded to mdadm-2.1.
n/dnsmasq-2.23-i486-1.tgz: Upgraded to dnsmasq-2.23.
n/nmap-3.93-i486-1.tgz: Upgraded to nmap-3.93.
extra/k3b/k3b-0.12.4a-i486-1.tgz: Upgraded to k3b-0.12.4a.
extra/k3b/k3b-i18n-0.12.4-noarch-1.tgz: Upgraded to k3b-i18n-0.12.4.
+--------------------------+
Mon Sep 12 19:02:13 PDT 2005
a/aaa_elflibs-10.2.0-i486-3.tgz: Upgraded PCRE library.
a/dcron-2.3.3-i486-5.tgz: Added a patch to keep dcron from improperly
forking extra copies of itself in some circumstances.
(Thanks to Henrik Carlqvist)
a/mkinitrd-1.0.1-i486-3.tgz: Added tftp support to busybox, updated
README.initrd examples to refer to the 2.6.13 kernel.
ap/sox-12.17.8-i486-1.tgz: Upgraded to sox-12.17.8.
(Thanks to Peter Eszlari)
ap/vorbis-tools-1.1.1-i486-1.tgz: Upgraded to vorbis-tools-1.1.1.
(Thanks to Peter Eszlari)
l/libvorbis-1.1.1-i486-1.tgz: Upgraded to libvorbis-1.1.1.
(Thanks to Peter Eszlari)
l/libxml2-2.6.21-i486-1.tgz: Upgraded to libxml2-2.6.21.
l/libxslt-1.1.15-i486-1.tgz: Upgraded to libxslt-1.1.15.
l/pcre-6.4-i486-1.tgz: Upgraded to pcre-6.4.
n/dhcpcd-1.3.22pl4-i486-2.tgz: Patched an issue where a remote attacker can
cause dhcpcd to crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
(* Security fix *)
n/wget-1.10.1-i486-3.tgz: Install /etc/wgetrc properly.
(Thanks to Fred Emmott)
xap/gftp-2.0.18-i486-1.tgz: Upgraded to gftp-2.0.18.
(Thanks to Peter Eszlari)
xap/gxine-0.4.7-i486-1.tgz: Upgraded to gxine-0.4.8.
xap/sane-1.0.16-i486-1.tgz: Upgraded to sane-backends-1.0.16.
xap/xchat-2.4.5-i486-1.tgz: Upgraded to xchat-2.4.5.
xap/xpdf-3.01-i486-2.tgz: Added missing Bulgarian.nameToUnicode.
(Thanks to Dimitar Zhekov)
xap/xsane-0.97-i486-1.tgz: Upgraded to xsane-0.97.
extra/slackpkg/slackpkg-1.5.2-noarch-2.tgz:
Upgraded to slackpkg-1.5.2-noarch-2. (Thanks to Piter Punk)
+--------------------------+
-------------------------------------------------------------------
Sat Sep 10 22:21:22 PDT 2005
OK, everything was set in stone except for these things. ;-)
There may still be a couple more changes (maybe), but this is pretty close.
a/aaa_base-10.2.0-noarch-2.tgz: Fixed rp-pppoe version number in email
to root. (thanks to Piter Punk)
a/aaa_elflibs-10.2.0-i486-2.tgz: Upgraded glib libraries to 2.6.6.
a/bash-3.0-i486-3.tgz: Added bash patch bash30-016.
(suggested by Fredrik Rinnestam and Xavier Thomassin)
Added a patch to prevent an issue with newer glibc versions and 2.4.x
kernels that leads to a bash hang if bash is recompiled on such a system.
(Thanks to Fredrik Rinnestam)
a/glibc-solibs-2.3.5-i486-5.tgz: Recompiled against header files from
linux 2.4.31 (linuxthreads version) and linux 2.6.13 (NPTL version).
a/glibc-zoneinfo-2.3.5-noarch-5.tgz: Rebuilt.
ap/vim-6.3.086-i486-1.tgz: Upgraded vim to patchlevel 86, and upgraded to
ctags-5.5.4.
l/esound-0.2.36-i486-1.tgz: Upgraded to esound-0.2.36.
l/glib2-2.6.6-i486-1.tgz: Upgraded to glib-2.6.6.
l/glibc-2.3.5-i486-5.tgz: Recompiled.
l/glibc-i18n-2.3.5-noarch-5.tgz: Rebuilt.
l/glibc-profile-2.3.5-i486-5.tgz: Recompiled.
l/gtk+2-2.6.10-i486-1.tgz: Upgraded to gtk+-2.6.10.
l/pango-1.8.2-i486-1.tgz: Upgraded to pango-1.8.2.
Thanks to Giacomo Lozito for pointing the bugfix releases of glib, gtk+,
and pango out. The 2.8 series still needs time to stabilize and may present
some compatibility issues (just a guess), and the version bump on atk-1.10.1
makes me want to play it safe on that one as well. We'll get to those in the
next -current.
l/sdl-1.2.9-i486-1.tgz: Upgraded to SDL-1.2.9, SDL_image-1.2.4,
SDL_mixer-1.2.6, and SDL_ttf-2.0.7.
n/nmap-3.90-i486-1.tgz: Upgraded to nmap-3.90. (suggested by many :-)
n/wget-1.10.1-i486-2.tgz: Change /etc/wgetrc to /etc/wgetrc.new so that it'll
be protected from replacement the next time this package is upgraded.
Suggested by Luigi Genoni.
xap/xvim-6.3.086-i486-1.tgz: Upgraded X version of vim to patchlevel 86, and
upgraded to ctags-5.5.4.
+--------------------------+
-------------------------------------------------------------------
Thu Sep 8 17:48:59 PDT 2005
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.6.13-i486-1.tgz:
Recompiled for 2.6.13. Thanks to xgizzmo for catching the omission.
+--------------------------+
Thu Sep 8 13:24:58 PDT 2005
OK folks, this is just about ready to go. Consider nearly everything to
be set in stone at this point, especially the kernels. Zipslack has yet
to be built, and some of the documentation needs minor updating, but for
the most part this is how Slackware 10.2 is going to look. Expect a
release to happen sometime within the next week or so.
Also, a bit of advance warning: I'm going to be removing most of the
ISO images for old Slackware releases from ftp.slackware.com in order to
make room for the new release, so if you're running a mirror site and
want to save those, move them elsewhere now before they go. The ISO
images at slackware.osuosl.org in /pub/slackware-iso/ will remain, but
the ones at ftp.slackware.com and other sites under /pub/slackware are
all potentially on the chopping block.
a/aaa_base-10.2.0-noarch-1.tgz: Bumped version number to 10.2. Edited
initial email.
a/aaa_elflibs-10.2.0-i486-1.tgz: Updated initial library collection.
a/bin-10.2-i486-1.tgz: Upgraded to file-4.15.
a/cxxlibs-5.0.7-i486-1.tgz: Upgraded to libstdc++.so.5.0.7 from gcc-3.3.6.
a/gawk-3.1.5-i486-1.tgz: Upgraded to gawk-3.1.5.
a/hotplug-2004_09_23-noarch-5.tgz: Fix a minor syntax error in rc.hotplug.
(the logging test was always true even if syslogd was not running)
Thanks to Luis Castilho.
Blacklisted a new framebuffer module (arcfb.ko) in 2.6.13.
a/pkgtools-10.2.0-i486-5.tgz: Upgraded to dialog-1.0-20050306, which fixes
a bug that prevented the install-packages scripts from working.
Thanks to Krzysztof Oledzki for pointing out this bug.
a/reiserfsprogs-3.6.19-i486-1.tgz: Upgraded to reiserfsprogs-3.6.19.
a/usbutils-0.11-i486-3.tgz: Upgraded to latest usb.ids.
Note that newer versions of usbutils no longer include the usbmodules
utility, which breaks hotplugging of USB devices on 2.4.x kernels, so until
the default kernel is a 2.6.x version, this is the best version of usbutils
to include.
a/utempter-1.1.3-i486-1.tgz: Upgraded to libutempter-1.1.3.
ap/groff-1.19.1-i486-3.tgz: Fixed a /tmp bug in groffer. Groffer is a
script to display formatted output on the console or X, and is not normally
used in other scripts (for printers, etc) like most groff components are.
The risk from this bug is probably quite low. The fix was pulled from the
just-released groff-1.19.2. With Slackware 10.2 just around the corner it
didn't seem prudent to upgrade to that -- the diff from 1.19.1 to 1.19.2
is over a megabyte compressed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969
(* Security fix *)
ap/zsh-4.2.5-i486-1.tgz: Upgraded to zsh-4.2.5.
d/clisp-2.35-i486-1.tgz: Upgraded to clisp-2.35.
d/libtool-1.5.20-i486-1.tgz: Upgraded to libtool-1.5.20.
d/subversion-1.2.3-i486-1.tgz: Added subversion-1.2.3. This will be the last
last-minute addition in this release cycle. Suggested by many. :-)
kde/kdebase-3.4.2-i486-2.tgz: Patched a bug in Konqueror's handling of
characters such as '*', '[', and '?'.
Generated new kdm config files.
Added /opt/kde/man to $MANPATH.
Patched a security bug in kcheckpass that could allow a local user to
gain root privileges.
For more information, see:
http://www.kde.org/info/security/advisory-20050905-1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494
(* Security fix *)
l/jre-1_5_0_04-i586-2.tgz: Added /usr/lib/mozilla/plugins directory with a
link to the Java plugin.
l/t1lib-5.1.0-i486-1.tgz: Upgraded to t1lib-5.1.0.
n/dhcp-3.0.3-i486-1.tgz: Upgraded to dhcp-3.0.3.
n/iproute2-2.6.11_050330-i486-2.tgz: Fixed symlinks in /sbin.
Thanks to Krzysztof Oledzki for the Makefile patch.
n/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.24-1.3.33.
From the CHANGES file:
Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require" was
not enforced in per-location context if "SSLVerifyClient optional" was
configured in the global virtual host configuration.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
(* Security fix *)
n/openssh-4.2p1-i486-1.tgz: Upgraded to openssh-4.2p1.
From the OpenSSH 4.2 release announcement:
SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused
GatewayPorts to be incorrectly activated for dynamic ("-D") port
forwardings when no listen address was explicitly specified.
(* Security fix *)
n/php-4.4.0-i486-4.tgz: Added --with-dom. Suggested by Joao Carvalho.
n/ppp-2.4.4b1-i486-1.tgz: Upgraded to ppp-2.4.4b1. This should fix the issues
people were having with demand dialing and persistant connections.
n/rp-pppoe-3.6-i486-1.tgz: Upgraded to rp-pppoe-3.6.
Thanks to Erik Jan Tromp for the build script improvements.
n/samba-3.0.20-i486-2.tgz: Fixed /usr/doc/samba-3.0.20/docs/using_samba
symlink. Thanks to Valentin Avram for the bug report.
n/tcpip-0.17-i486-35.tgz: Changed to a cleaner telnet patch borrowed from
OpenBSD. Two people, both using Slackware 9.1, informed me that the previous
patch for telnet was causing a segfault when used with short hostnames from
/etc/hosts (such as localhost). If anyone is having a similar problem with
other versions of Slackware, let me know. Thanks to Dragan Simic for
telling me about the improved patch.
Fixed a minor syntax error in rc.inet1 in the test for syslogd.pid.
(Thanks to Luis Castilho)
Added brctl and vconfig. (suggested by Jan Rafaj)
Increased timeout for dhcpcd.
Fixed a bit of bad grammar in rc.inet1.conf. ("appending" -> "prepending")
Added a new option "DHCP_IPADDR" to rc.inet1.conf to ask the DHCP server for
a specific IP address. (Thanks to James Michael Fultz for these last two)
n/wget-1.10.1-i486-1.tgz: Upgraded to wget-1.10.1.
xap/jre-symlink-1.0.6-noarch-2: Removed. This is obsolete now that the Java
packages contain symlinks in /usr/lib/mozilla/plugins and Mozilla and
Firefox have been patched to search for plugins in that directory.
xap/mozilla-1.7.11-i486-2.tgz: Patched mozilla startup script to
search for plugins in /usr/lib/mozilla/plugins after searching in
/usr/lib/mozilla-1.7.11/plugins.
xap/mozilla-firefox-1.0.6-i686-2.tgz: Patched firefox startup script to
search for plugins in /usr/lib/mozilla/plugins after searching in
/usr/lib/firefox-1.0.6/plugins.
xap/xpdf-3.01-i486-1.tgz: Upgraded to xpdf-3.01.
extra/bash-completion/bash-completion-20050721-noarch-1.tgz:
Upgraded to bash-completion-20050721.
extra/brltty/brltty-3.6.1-i486-1.tgz: Upgraded to brltty-3.6.1.
extra/grub/grub-0.97-i486-1.tgz: Upgraded to grub-0.97.
Thanks to Kent Robotti for the new version of grubconfig.
extra/jdk-1.5.0_04/jdk-1_5_0_04-i586-2.tgz: Added /usr/lib/mozilla/plugins
directory with a link to the Java plugin.
extra/slackpkg/slackpkg-1.5.1-noarch-2.tgz:
Upgraded to slackpkg-1.5.1-noarch-2. (Thanks to Piter Punk)
extra/slacktrack/slacktrack-1.26-i486-1.tgz: Upgraded to slacktrack-1.26_1.
(Thanks to Stuart Winter)
extra/slacktrack/slacktrack-examples-v1.01.tar.gz:
Upgraded slacktrack build script examples.
kernels/test26.s/: Added a 2.6.13 install kernel.
rootdisks/install.*, isolinux/initrd.img: Fixed install size estimate.
testing/packages/gnupg-1.4.2-i486-1.tgz: Upgraded to gnupg-1.4.2.
testing/packages/linux-2.6.13/alsa-driver-1.0.9b_2.6.13-i486-1.tgz:
Recompiled against Linux 2.6.13.
testing/packages/linux-2.6.13/kernel-generic-2.6.13-i486-1.tgz:
Upgraded to Linux 2.6.13 generic kernel.
testing/packages/linux-2.6.13/kernel-headers-2.6.13-i386-1.tgz:
Upgraded to Linux 2.6.13 kernel headers for x86.
testing/packages/linux-2.6.13/kernel-modules-2.6.13-i486-1.tgz:
Upgraded to Linux 2.6.13 kernel modules.
testing/packages/linux-2.6.13/kernel-source-2.6.13-noarch-1.tgz:
Upgraded to Linux 2.6.13 kernel source.
testing/packages/lvm2/device-mapper-1.01.04-i486-1.tgz:
Upgraded to device-mapper.1.01.04.
testing/packages/lvm2/lvm2-2.01.09-i486-1.tgz:
Upgraded to LVM2.2.01.09.
testing/packages/php-5.0.5/php-5.0.5-i486-4.tgz:
Upgraded to php-5.0.5 with --with-dom and --with-curl options.
+--------------------------+
If for some reason you no longer wish to be notified of
Entries to the ChangeLog Please send an email
To: mrgoblin@userlocal.com
Subject: "unsubscribe slacklog"
and the subscribed email address in the body of the message.
Thank you
mRgOBLIN
(Log in to post comments)
|
|||||||||||||