patches/packages/pidgin-2.14.10-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and several security issues.
For more information, see:
https://www.pidgin.im/posts/2022-06-2.14.10-released/
(* Security fix *)
patches/packages/bind-9.16.29-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
testing/packages/bind-9.18.3-x86_64-1_slack15.0.txz: Upgraded.
Fixed a crash in DNS-over-HTTPS (DoH) code caused by premature TLS stream
socket object deletion.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1183
(* Security fix *)
patches/packages/mozilla-thunderbird-91.9.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.9.0/releasenotes/
(* Security fix *)
patches/packages/openssl-1.1.1o-x86_64-1_slack15.0.txz: Upgraded.
Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1292
(* Security fix *)
patches/packages/openssl-solibs-1.1.1o-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/seamonkey-2.53.12-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.12
(* Security fix *)
patches/packages/libxml2-2.9.14-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix integer overflow in xmlBuf and xmlBuffer.
Fix potential double-free in xmlXPtrStringRangeFunction.
Fix memory leak in xmlFindCharEncodingHandler.
Normalize XPath strings in-place.
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars().
Fix leak of xmlElementContent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
(* Security fix *)
patches/packages/mozilla-firefox-91.9.0esr-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.9.0/releasenotes/
patches/packages/samba-4.15.7-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.samba.org/samba/history/samba-4.15.7.html
patches/packages/git-2.35.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue where a Git worktree created by another
user might be able to execute arbitrary code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
(* Security fix *)
patches/packages/gzip-1.12-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
zgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *)
patches/packages/xz-5.2.5-x86_64-4_slack15.0.txz: Rebuilt.
This update fixes a security issue:
xzgrep applied to a crafted file name with two or more newlines can no
longer overwrite an arbitrary, attacker-selected file.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
(* Security fix *)
patches/packages/whois-5.5.13-x86_64-1_slack15.0.txz: Upgraded.
This update adds the .sd TLD server, updates the list of new gTLDs, and adds
a Turkish translation.
patches/packages/libarchive-3.6.1-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix and security release.
Security fixes:
7zip reader: fix PPMD read beyond boundary.
ZIP reader: fix possible out of bounds read.
ISO reader: fix possible heap buffer overflow in read_children().
RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in
libarchive 3.6.0).
Fix heap use after free in archive_read_format_rar_read_data().
Fix null dereference in read_data_compressed().
Fix heap user after free in run_filters().
(* Security fix *)
patches/packages/ca-certificates-20220403-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
This vulnerability is capable of crashing software, bypassing protection
mechanisms, modifying memory, and possibly execution of arbitrary code.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425b55986c52d
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/whois-5.5.12-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release. Thanks to Nobby6.
patches/packages/zlib-1.2.12-x86_64-1_slack15.0.txz: Upgraded.
This update fixes memory corruption when deflating (i.e., when compressing)
if the input has many distant matches. Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
(* Security fix *)
patches/packages/python3-3.9.12-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://pythoninsider.blogspot.com/2022/03/python-3104-and-3912-are-now-available.html
usb-and-pxe-installers/usbimg2disk.sh: Upgraded.
Calculate the space requirement by checking the size of the packages in the
Slackware directory tree.
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing. Thanks to Nobby6 for pointing this out.
This update fixes bugs and the following security issues:
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
testing/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Moved.
patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
An assertion could occur in resume_dslookup() if the fetch had been shut
down earlier.
Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec"
was enabled.
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release:
Fix issue with handling A2DP discover procedure.
Fix issue with media endpoint replies and SetConfiguration.
Fix issue with HoG queuing events before report map is read.
Fix issue with HoG and read order of GATT attributes.
Fix issue with HoG and not using UHID_CREATE2 interface.
Fix issue with failed scanning for 5 minutes after reboot.
patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a high severity security issue:
The BN_mod_sqrt() function, which computes a modular square root, contains
a bug that can cause it to loop forever for non-prime moduli.
For more information, see:
https://www.openssl.org/news/secadv/20220315.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
(* Security fix *)
patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded.
patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded.
Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
sure that the QtWebEngine version matches the rest of Qt, which got the
latest git pull compiling again.
If a 32-bit userspace is detected, then:
export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
This works around crashes occuring with 32-bit QtWebEngine applications.
Thanks to alienBOB.
patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt.
Patched to fix a security issue where an unprivileged user could cause a
denial of service due to process file descriptor exhaustion.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115
(* Security fix *)
patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
patches/packages/boost-1.78.0-x86_64-2_slack15.0.txz: Rebuilt.
This update has been patched to fix a regression:
Boost.Build silently skips installation of library headers and binaries in
some cases.
Thanks to Willy Sudiarto Raharjo.
patches/packages/mozilla-firefox-91.7.0esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.7.0/releasenotes/
(* Security fix *)
patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Use-after-free of ID and IDREF attributes
(Thanks to Shinji Sato for the report)
Use-after-free in xmlXIncludeCopyRange (David Kilzer)
Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
Fix memory leak in xmlXPathCompNodeTest
Fix null pointer deref in xmlStringGetNodeList
Fix several memory leaks found by Coverity (David King)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
(* Security fix *)
patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix use-after-free in xsltApplyTemplates
Fix memory leak in xsltDocumentElem (David King)
Fix memory leak in xsltCompileIdKeyPattern (David King)
Fix double-free with stylesheets containing entity nodes
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
(* Security fix *)
patches/packages/expat-2.4.6-x86_64-1_slack15.0.txz: Upgraded.
Fixed a regression introduced by the fix for CVE-2022-25313 that affects
applications that (1) call function XML_SetElementDeclHandler and (2) are
parsing XML that contains nested element declarations:
(e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>").
patches/packages/flac-1.3.4-x86_64-1_slack15.0.txz: Upgraded.
This update fixes overflow issues with encoding and decoding.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561
(* Security fix *)
patches/packages/mariadb-10.5.15-x86_64-2_slack15.0.txz: Rebuilt.
Removed dangling symlink.
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt.
If root's mailbox did not already exist, it would be created with insecure
permissions leading to possible local information disclosure. This update
ensures that a new mailbox will be created with proper permissions and
ownership, and corrects the permissions on an existing mailbox if they are
found to be incorrect. Thanks to Martin for the bug report.
(* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded.
This release fixes a security issue in chsh(1) and chfn(8):
By default, these utilities had been linked with libreadline, which allows
the INPUTRC environment variable to be abused to produce an error message
containing data from an arbitrary file. So, don't link these utilities with
libreadline as it does not use secure_getenv() (or a similar concept), or
sanitize the config file path to avoid vulnerabilities that could occur in
set-user-ID or set-group-ID programs.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
(* Security fix *)
Slackware 15.0 x86_64 stable is released!
Another too-long development cycle is behind us after we bit off more than
we could chew and then had to shine it up to a high-gloss finish. Hopefully
we've managed to get the tricky parts out of the way so that we'll be able
to see a 15.1 incremental update after a far shorter development cycle.
Certainly the development infrastructure has been streamlined here and things
should be easier moving forward. My thanks to the rest of the Slackware team,
all the upstream developers who have given us such great building materials,
the folks on LinuxQuestions.org and elsewhere for all the help with testing,
great suggestions, and countless bug fixes, and to everyone who helped
support this project so that the release could finally see the light of day.
I couldn't have done any of this without your help, and I'm grateful to all
of you. Thanks!
For more information, check out the RELEASE_NOTES, CHANGES_AND_HINTS.TXT,
and ANNOUNCE.15.0.
Have fun! :-)
fortune -m "I will be finished tomorrow" fortunes2
a/kernel-generic-5.15.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.19-x86_64-1.txz: Upgraded.
ap/screen-4.9.0-x86_64-1.txz: Upgraded.
Patched possible denial of service via a crafted UTF-8 character sequence.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937
(* Security fix *)
d/kernel-headers-5.15.19-x86-1.txz: Upgraded.
k/kernel-source-5.15.19-noarch-1.txz: Upgraded.
RTC_INTF_DEV_UIE_EMUL y -> n
RTC_SYSTOHC n -> y
+RTC_SYSTOHC_DEVICE "rtc0"
l/lcms2-2.13-x86_64-2.txz: Rebuilt.
[PATCH] Fix for optimization error on grayscale.
Thanks to Aaron Boxer for reporting this issue.
Thanks to gmgf.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/source/linux-5.16.5-configs/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141https://www.samba.org/samba/security/CVE-2021-44142.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142https://www.samba.org/samba/security/CVE-2022-0336.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
a/rpm2tgz-1.2.2-x86_64-5.txz: Rebuilt.
rpm2targz: when extracting the cpio archive from inside the RPM, use
--no-absolute-filenames to protect against a poorly made RPM scribbling all
over system files/directories. Thanks to Sl4ck3ver.
Support -i option to ignore non-zero exit value from rpm2cpio.
This allows repackaging some malformed RPMs.
Thanks to ricky_cardo for the sample malformed RPM.
a/aaa_libraries-15.0-x86_64-18.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-generic-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.17-x86_64-1.txz: Upgraded.
a/lzlib-1.13-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-8.txz: Rebuilt.
rc.S: clear /var/lock/subsys before starting libcgroup services.
Thanks to pyllyukko.
ap/pamixer-1.5-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
d/kernel-headers-5.15.17-x86-1.txz: Upgraded.
k/kernel-source-5.15.17-noarch-1.txz: Upgraded.
kde/kig-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/kopeninghours-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/krita-5.0.2-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/boost-1.78.0-x86_64-1.txz: Upgraded.
I hadn't planned to update this at such a late stage, but POV-Ray needs it
and everything we ship builds fine against it. Thanks to bender647.
Shared library .so-version bump.
l/cryfs-0.10.3-x86_64-4.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/expat-2.4.3-x86_64-3.txz: Rebuilt.
Prevent integer overflow in doProlog.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
(* Security fix *)
l/netpbm-10.97.03-x86_64-1.txz: Upgraded.
l/openexr-2.5.7-x86_64-5.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/pipewire-0.3.44-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.27-x86_64-1.txz: Upgraded.
n/libgpg-error-1.44-x86_64-1.txz: Upgraded.
x/mesa-21.3.5-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.5.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.5.1/releasenotes/
(* Security fix *)
extra/rust-for-mozilla/rust-1.54.0-x86_64-4.txz: Rebuilt.
Removed duplicated libLLVM shared library.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
It may look like we're currently experiencing more stuckness, but this will
lead us to Quality. We'll have this release in the can before you know it.
a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt.
a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded.
a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded.
-9P_FSCACHE n
9P_FS m -> y
Thanks to peake.
a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt.
mkinitrd_command_generator.sh: properly detect partitions of a RAID device.
Thanks to perrin4869.
a/util-linux-2.37.3-x86_64-1.txz: Upgraded.
This release fixes two security mount(8) and umount(8) issues:
An issue related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Improper UID check in libmount allows an unprivileged user to unmount
FUSE filesystems of users with similar UID.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
(* Security fix *)
ap/vim-8.2.4212-x86_64-1.txz: Upgraded.
d/git-2.35.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.16-x86-2.txz: Upgraded.
k/kernel-source-5.15.16-noarch-2.txz: Upgraded.
l/expat-2.4.3-x86_64-2.txz: Rebuilt.
Fix signed integer overflow in function XML_GetBuffer for when
XML_CONTEXT_BYTES is defined to >0 (which is both common and
default). Impact is denial of service or other undefined behavior.
While we're here, also patch a memory leak on output file opening error.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
(* Security fix *)
l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded.
l/glibc-2.33-x86_64-5.txz: Rebuilt.
This update patches two security issues:
Unexpected return value from glibc's realpath().
Off-by-one buffer overflow/underflow in glibc's getcwd().
Thanks to Qualys Research Labs for reporting these issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
(* Security fix *)
l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt.
l/glibc-profile-2.33-x86_64-5.txz: Rebuilt.
l/tdb-1.4.6-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/
xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/inxi-3.3.12_1-noarch-1.txz: Upgraded.
ap/man-db-2.9.4-x86_64-3.txz: Rebuilt.
Don't use --no-purge in the daily cron job to update the databases.
l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt.
Link against neon-0.32.2. Thanks to marav.
n/bind-9.16.25-x86_64-1.txz: Upgraded.
n/ethtool-5.16-x86_64-1.txz: Upgraded.
n/samba-4.15.4-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded.
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side-channel attacks as a result of cache
access patterns.
NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
(* Security fix *)
x/xterm-370-x86_64-6.txz: Rebuilt.
XTerm-console: improve the font settings. Thanks to GazL.
Things haven't quite settled down yet with more bugfixes and a couple of safe
upgrades, so not today folks. But enjoy Slackware's half-birthday anyway! ;-)
ap/slackpkg-15.0.10-noarch-1.txz: Upgraded.
Fix mirrors.ucr.ac.cr link address (Emmet Ford)
Remove wroc.pl mirrors (Emmet Ford)
Remove kddilabs.jp from mirrors (Emmet Ford)
Unattended usage improvements (PiterPUNK)
Create file to flag if the system needs restart (PiterPUNK)
Thanks to Robby Workman.
kde/kstars-3.5.7-x86_64-1.txz: Upgraded.
kde/kwin-5.23.5-x86_64-2.txz: Rebuilt.
[PATCH] Bypass wayland interface blacklisting.
Thanks to LuckyCyborg.
kde/plasma-workspace-5.23.5-x86_64-3.txz: Rebuilt.
[PATCH 1/2] Revert "Drop setupX11 from startplasma-waylandsession."
[PATCH 2/2] Revert "Drop X11 root properties for KDE full session."
Thanks to LuckyCyborg.
l/libical-3.0.13-x86_64-1.txz: Upgraded.
n/p11-kit-0.24.1-x86_64-1.txz: Upgraded.
n/stunnel-5.62-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-4.txz: Rebuilt.
Fixed XTerm-console (previously XTerm.linux.console).
Renamed XTerm.upstream.default to XTerm-upstream.
Thanks to GazL.
xap/fluxbox-1.3.7-x86_64-6.txz: Rebuilt.
[PATCH] replace FbRootWindow::depth with maxDepth.
Thanks to OldHolborn.
xap/geeqie-1.7.1-x86_64-1.txz: Upgraded.
a/aaa_base-15.0-x86_64-3.txz: Rebuilt.
In initial email to root, use the new /var/lib/pkgtools/ paths to the files
for packages and scripts. Thanks to franzen.
a/btrfs-progs-5.16-x86_64-1.txz: Upgraded.
d/python3-3.9.10-x86_64-1.txz: Upgraded.
d/rust-1.58.0-x86_64-1.txz: Upgraded.
kde/digikam-7.5.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-2.txz: Rebuilt.
Applied patch:
[PATCH] Prevent kglobalaccel5 getting activated on non-Plasma systems.
Although this patch was later reverted, I'm on board with the need for it.
If it causes any problems, please let me know soon.
Thanks to Lockywolf.
kde/kid3-3.9.1-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.6.0-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-10.txz: Rebuilt.
Allow the init program to properly supervise sddm when entering runlevel 4.
Thanks to mumahendras3.
l/neon-0.32.2-x86_64-1.txz: Upgraded.
l/netpbm-10.97.02-x86_64-1.txz: Upgraded.
n/postfix-3.6.4-x86_64-1.txz: Upgraded.
x/mesa-21.3.4-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-2.txz: Rebuilt.
Use upstream app-defaults again. Thanks to OldHolborn.
a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded.
This update addresses a multi-step attack on LUKS2 format by orchestrating
LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to
trigger permanent data decryption (ciphertext->plaintext transformation) on
part of data device on next LUKS2 device activation. Attacker does _not_
have to know passphrase or decrypted volume encryption key.
cryptsetup versions older than 2.2.0 are not affected by this, because they
do not support online LUKS2 reencryption.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122
(* Security fix *)
Good hello, and welcome to the third and final release candidate for Slackware
15.0. We're 99% frozen at this point and are mostly looking for regression or
other bug reports that might be able to be addressed before this goes stable.
Of course, the management here reserves the right to make exceptions... that
5.15.15 kernel version has a nice ring to it. If your requests didn't make it
into this iteration, perhaps we will revisit them for the next -current cycle.
Some were just a little too late but will more than likely be needed next time
(I'm looking at Didier's grubconfig), while others are just out of scope for
the main tree where I like to abide by YAGNI as much as possible.
Anyway, let's get some testing done and we'll be there soon. Enjoy! :-)
a/aaa_base-15.0-x86_64-2.txz: Rebuilt.
The Linux Counter has shut down, so remove the registration email.
Update the welcome email for Slackware 15.0.
a/aaa_libraries-15.0-x86_64-13.txz: Rebuilt.
Upgraded: libsigsegv.so.2.0.7.
a/eudev-3.2.11-x86_64-1.txz: Upgraded.
a/haveged-1.9.17-x86_64-1.txz: Upgraded.
a/hdparm-9.63-x86_64-1.txz: Upgraded.
a/kernel-firmware-20220111_13dca28-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.14-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.14-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.14-x86_64-1.txz: Upgraded.
ap/vim-8.2.4065-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.14-x86-1.txz: Upgraded.
d/strace-5.16-x86_64-1.txz: Upgraded.
d/vala-0.54.6-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.14-noarch-1.txz: Upgraded.
VMD m -> y
Thanks to dr.s.
kde/attica-5.90.0-x86_64-1.txz: Upgraded.
kde/baloo-5.90.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.90.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.90.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.90.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.90.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.90.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.90.0-x86_64-1.txz: Upgraded.
kde/karchive-5.90.0-x86_64-1.txz: Upgraded.
kde/kauth-5.90.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.90.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.90.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.90.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.90.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.90.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.90.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.90.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.90.0-x86_64-1.txz: Upgraded.
kde/kdav-5.90.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.90.0-x86_64-1.txz: Upgraded.
kde/kded-5.90.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.90.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.90.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.90.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.90.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.90.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.90.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.90.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.90.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.90.0-x86_64-1.txz: Upgraded.
kde/khtml-5.90.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.90.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.90.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.90.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.90.0-x86_64-1.txz: Upgraded.
kde/kinit-5.90.0-x86_64-1.txz: Upgraded.
kde/kio-5.90.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.90.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.90.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.90.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kjs-5.90.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.90.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.90.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.90.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.90.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.90.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.90.0-x86_64-1.txz: Upgraded.
kde/kparts-5.90.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.90.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.90.0-x86_64-1.txz: Upgraded.
kde/kpty-5.90.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.90.0-x86_64-1.txz: Upgraded.
kde/kross-5.90.0-x86_64-1.txz: Upgraded.
kde/krunner-5.90.0-x86_64-1.txz: Upgraded.
kde/kservice-5.90.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.90.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.90.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.90.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.90.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.90.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.90.0-x86_64-1.txz: Upgraded.
kde/latte-dock-0.10.7-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.90.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.90.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.23.5-x86_64-2.txz: Rebuilt.
[PATCH] [libtaskmanager] Increase buffer for pipewire format negotiation.
Thanks to ZhaoLin1457.
[PATCH] runners/shell: Port from KToolInvocation::invokeTerminal
to KTerminalLauncherJob.
Thanks to gmgf.
kde/prison-5.90.0-x86_64-1.txz: Upgraded.
kde/purpose-5.90.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.90.0-x86_64-1.txz: Upgraded.
kde/solid-5.90.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.90.0-x86_64-1.txz: Upgraded.
kde/syndication-5.90.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.90.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.90.0-x86_64-1.txz: Upgraded.
l/SDL2-2.0.20-x86_64-1.txz: Upgraded.
l/SDL2_ttf-2.0.18-x86_64-1.txz: Upgraded.
l/libsigsegv-2.14-x86_64-1.txz: Upgraded.
l/pango-1.48.11-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.8-x86_64-1.txz: Upgraded.
n/getmail-6.18.6-x86_64-1.txz: Upgraded.
n/iproute2-5.16.0-x86_64-1.txz: Upgraded.
n/metamail-2.7-x86_64-10.txz: Rebuilt.
Fixed misnamed mimencode man page. Thanks to mbeninca.
n/mtr-0.95-x86_64-1.txz: Upgraded.
n/socat-1.7.4.3-x86_64-1.txz: Upgraded.
xap/freerdp-2.5.0-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.5.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.5.0/releasenotes/https://www.mozilla.org/security/advisories/mfsa2022-02/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751
(* Security fix *)
xap/mozilla-thunderbird-91.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.0/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751
(* Security fix *)
xap/vim-gvim-8.2.4065-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/doxygen-1.9.3-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-18.txz: Rebuilt.
netconfig: when DHCP configuration is selected, also add hostname labeled
loopback entries to /etc/hosts. We don't want to have to rely on something
else providing correct name service in order to be able to reach our
machine through its own hostname. This was a regression since the netconfig
shipped with Slackware 14.2.
Thanks to Zexuo.
a/e2fsprogs-1.46.5-x86_64-1.txz: Upgraded.
ap/sqlite-3.37.1-x86_64-1.txz: Upgraded.
n/mutt-2.1.5-x86_64-1.txz: Upgraded.
n/yptools-4.2.3-x86_64-4.txz: Rebuilt.
Added /usr/sbin/yp_dump_binding and /usr/sbin/yptest.
Add a hint about adding "nis" in /etc/pam.d/system-auth to /etc/default/yp.
The --enable-systemd-logind change to xorg-server that caused resume from
suspend regressions (and others) has been reverted, and in retrospect it was
a bad idea to take it at that point, but it had appeared as if it wouldn't
cause problems in the case where Xorg was running as root. Oh well, lesson
learned. But the build script has been enhanced to make it easy to build
rootless versions of the xorg-server packages. Just do this:
ROOTLESSX=YES ./x11.SlackBuild xserver xorg-server
Depending on your GPU, this could work for your use case with no problems.
Also, I've gone ahead and taken a couple of shared library version bumps since
the projects (opencv and poppler) have decent track records as far as not
introducing regressions, and if there are any, we've got time to test and fix.
I'm still avoiding some things that aren't as trusted in that regard, and will
likely continue to do so. :-)
ap/cups-filters-1.28.10-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/ark-21.12.0-x86_64-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] Fix extraction "Dolphin Actions" not abiding "Open destination
folder after extracting" setting.
[PATCH] Do not highlight file after compression.
Thanks to ctrlaltca.
kde/calligra-3.2.1-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/cantor-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/digikam-7.4.0-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.5.5.
kde/kfilemetadata-5.89.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kile-2.9.93-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kitinerary-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/krita-5.0.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/okular-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gegl-0.4.34-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gst-plugins-bad-free-1.18.5-x86_64-3.txz: Rebuilt.
Recompiled against opencv-4.5.5.
l/imagemagick-7.1.0_19-x86_64-1.txz: Upgraded.
l/mlt-7.4.0-x86_64-1.txz: Upgraded.
l/opencv-4.5.5-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-21.12.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/fetchmail-6.4.26-x86_64-1.txz: Upgraded.
n/tin-2.6.1-x86_64-1.txz: Upgraded.
x/ibus-anthy-1.5.14-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-2.txz: Rebuilt.
Recompiled using these options:
--enable-suid-wrapper --enable-install-setuid --disable-systemd-logind.
x/xorg-server-xephyr-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.14-x86_64-2.txz: Rebuilt.
xap/geeqie-1.6-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xap/gimp-2.10.30-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xfce/tumbler-4.16.0-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
extra/rust-for-mozilla/rust-1.54.0-x86_64-3.txz: Added.
This is an alternate version of Rust that may be useful for compiling
software from Mozilla since using the very latest Rust often won't
compile, or produces an unstable build.
ap/vim-8.2.3868-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.89.0-noarch-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] improve installation of light fallback icons
[PATCH] Include "*@*" in the icon_files list for installation
Thanks to Heinz Wiesinger.
l/gtk+3-3.24.31-x86_64-1.txz: Upgraded.
l/zstd-1.5.1-x86_64-1.txz: Upgraded.
n/net-snmp-5.9.1-x86_64-4.txz: Rebuilt.
Moved options for snmpd from rc.snmpd to /etc/default/snmpd.
Thanks to Jakub 'shasta' Jankowski.
xap/vim-gvim-8.2.3868-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-42.txz: Rebuilt.
setup.services: list rc.nfsd. Suggested by alienBOB.
l/expat-2.4.2-x86_64-1.txz: Upgraded.
l/gegl-0.4.34-x86_64-1.txz: Upgraded.
n/httpd-2.4.52-x86_64-1.txz: Upgraded.
SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
Credits: ae 1/4*a-o(R)e 1/4
TengMA(@Te3t123)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
(* Security fix *)
xap/gimp-2.10.30-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.4.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.4.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
(* Security fix *)
xap/xlockmore-5.68-x86_64-1.txz: Upgraded.
xap/xsnow-3.4.2-x86_64-1.txz: Upgraded.
a/kernel-firmware-20211216_f682ecb-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.9-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1m-x86_64-1.txz: Upgraded.
ap/inxi-3.3.10_1-noarch-1.txz: Upgraded.
Thanks to h2-1.
d/kernel-headers-5.15.9-x86-1.txz: Upgraded.
d/vala-0.54.5-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.9-noarch-1.txz: Upgraded.
SUNRPC_DEBUG n -> y
+NFS_DEBUG y
Thanks to bassmadrigal.
kde/latte-dock-0.10.5-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.73.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.42-x86_64-1.txz: Upgraded.
n/iputils-20211215-x86_64-1.txz: Upgraded.
n/openssl-1.1.1m-x86_64-1.txz: Upgraded.
n/php-7.4.27-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-1.txz: Upgraded.
Built using --enable-systemd-logind to use elogind for device setup.
Some code changes would be required in xorg-server, xinit, and various login
managers to make rootless X work out of the box or to fall back in cases
where elogind isn't supported, and those changes aren't appropriate here in
the RC stage, but you can try it without recompiling:
chmod 755 /usr/libexec/Xorg*
Thanks to LuckyCyborg.
x/xorg-server-xephyr-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.14-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.4.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.4.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/nano-6.0-x86_64-1.txz: Upgraded.
kde/kdepim-runtime-21.12.0-x86_64-3.txz: Rebuilt.
Rebuilt with the updated patch that was merged upstream:
[PATCH] POP3: Fix SSL/TLS connections
Thanks to gmgf.
n/bind-9.16.24-x86_64-1.txz: Upgraded.
n/openvpn-2.5.5-x86_64-1.txz: Upgraded.
a/dialog-1.3_20211214-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.8-x86_64-1.txz: Upgraded.
a/sysvinit-3.01-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.8-x86-1.txz: Upgraded.
d/patchelf-0.14.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.8-noarch-1.txz: Upgraded.
l/oniguruma-6.9.7.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.41-x86_64-1.txz: Upgraded.
x/libinput-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.13-x86_64-2.txz: Rebuilt.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
x/xorg-server-xephyr-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-21.1.4-x86_64-1.txz: Upgraded.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
xap/xsnow-3.4.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/slackpkg-15.0.9-noarch-1.txz: Upgraded.
files/mirrors-x86*: Remove bad mirrors from list (Emmet Ford)
Automatically rebuild package lists if missing (Piter PUNK)
xap/seamonkey-2.53.10.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10.1
(* Security fix *)
xap/xsnow-3.4.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_16-x86_64-1.txz: Upgraded.
l/python-Jinja2-3.0.3-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-MarkupSafe-2.0.1-x86_64-1.txz: Added.
Added missing dependency of Mako.
l/python-PyYAML-6.0-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-doxypypy-0.8.8.6-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-doxyqml-0.5.1-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-pbr-5.8.0-x86_64-1.txz: Added.
Added missing dependency of python-pysol_cards.
extra/tigervnc/tigervnc-1.12.0-x86_64-2.txz: Rebuilt.
Use the upstream vncserver script, patched to search in some additional
locations for a startup script: $HOME/.vnc/xstartup, $HOME/.xinitrc, and
/etc/X11/xinit/xinitrc.
Add a symlink for vncserver in the old location (/usr/bin/vncserver).
Thanks to 0XBF.
ap/mariadb-10.5.13-x86_64-2.txz: Rebuilt.
Install /etc/security/user_map.conf as /etc/security/user_map.conf.new to
protect it from being overwritten by future upgrades.
Thanks to Markus Wiesner.
d/python3-3.9.9-x86_64-2.txz: Rebuilt.
Do not patch posix_user platlib to use $HOME/.local/lib64 on 64-bit - use
$HOME/.local/lib for all platforms. This avoids a warning from pip about the
install location not matching between distutils and sysconfig. Note that this
might require already installed modules to be moved from $HOME/.local/lib64
to $HOME/.local/lib (or they could be removed and then reinstalled).
At first this seemed to be a non-optimal solution for this issue, but other
distributions are taking this same approach and it appears that the
posix_user platlib setting has always been ignored until recently.
If this causes any unexpected issues, let me know.
Thanks to redneonglow and alijkl.
n/fetchmail-6.4.24-x86_64-1.txz: Upgraded.
d/python3-3.9.9-x86_64-1.txz: Upgraded.
This is a bugfix release, fixing four bugs in Python 3.9.8 (including an
argparse regression in Python 3.9.8 which caused complex command-line tools
to fail recognizing sub-commands properly). It also makes a couple of
corrections to the documentation.
For more information, see:
https://docs.python.org/release/3.9.9/whatsnew/changelog.html
l/libjpeg-turbo-2.1.2-x86_64-1.txz: Upgraded.
l/python-setuptools_scm-6.3.2-x86_64-1.txz: Added.
This is needed when building some Python modules to correctly parse their
metadata, as recently discovered with importlib_metadata and zipp. While
we'll stick to the version of Markdown that we've got, it seems like a good
idea to get this in before the release to help prevent people from running
into similar "version 0.0.0" issues with other Python modules.
Thanks to USUARIONUEVO.
l/python-tomli-1.2.2-x86_64-1.txz: Added.
This is needed by setuptools_scm. Also, the SlackBuild contains a nice
example of using a setup.py shim to setuptools for a Python module that
only contains pyproject.toml and not setup.py.
Thanks to Heinz Wiesinger.
l/qtkeychain-0.13.2-x86_64-1.txz: Upgraded.
n/libmbim-1.26.2-x86_64-1.txz: Upgraded.
n/libnftnl-1.2.1-x86_64-1.txz: Upgraded.
n/nftables-1.0.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.3.2/releasenotes/
extra/php8/php8-8.0.13-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
a/bash-5.1.012-x86_64-1.txz: Upgraded.
a/cryptsetup-2.4.2-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.3-x86_64-1.txz: Upgraded.
d/ccache-4.5.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.3-x86-1.txz: Upgraded.
k/kernel-source-5.15.3-noarch-1.txz: Upgraded.
kde/latte-dock-0.10.4-x86_64-1.txz: Upgraded.
n/php-7.4.26-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
x/ibus-1.5.25-x86_64-5.txz: Rebuilt.
Fixed paths in:
[PATCH] client/gtk3/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
xap/audacious-4.1-x86_64-3.txz: Rebuilt.
Removed the extra menu entry for the GTK+ version as this can just be
selected in the settings. Thanks to franzen.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Clearly we're going to have to trend more carefully for things to settle down,
so consider this RC2 and a much harder freeze. A test mass rebuild was done
here and there are no more "fails to build from source" remaining (thanks to
nobodino for some amazing and relentless testing).
a/exfatprogs-1.1.3-x86_64-1.txz: Upgraded.
ap/lxc-4.0.11-x86_64-3.txz: Rebuilt.
Added some additional packages to the lxc-slackware template:
bridge-utils, dbus, iptables, libnl3, libpcap.
Thanks to linux91 for the hints.
ap/qpdf-10.4.0-x86_64-1.txz: Upgraded.
l/python-docutils-0.17.1-x86_64-3.txz: Rebuilt.
Revert to this version for now since 0.18 isn't compatible with Sphinx.
Thanks to HQuest.
l/python-markdown-3.3.4-x86_64-3.txz: Rebuilt.
Reverted this to fix the Samba build. The newer versions of Markdown require
importlib_metadata and zipp, and adding these also fixes the build, but oddly
the installed PKG-INFO shows version 0.0.0, which I suspect is more breakage
going on with setuptools. I've tried rebuilding all other Python modules here
to see if a more general breakage had crept in somehow, but those are the
only two Python modules I've found that exhibit this issue, and I've found
other similar reports (but no fixes). Markdown-3.3.4 seems to be the safe bet
for now.
n/bind-9.16.23-x86_64-1.txz: Upgraded.
x/libdrm-2.4.107-x86_64-1.txz: Upgraded.
Reverted to 2.4.107 as 2.4.108 does not seem to be completely compatible with
xorg-server-1.20.13. Fixes xf86-video-vmware failing to build from source.
Thanks to nobodino.
ap/ksh93-1.0_7ea95b7-x86_64-1.txz: Upgraded.
Changed the fetch script to pull the 1.0 branch.
Packaged shcomp and man page and additional documentation.
Merged some other changes to the build script.
Thanks to Martijn Dekker (McDutchie).
ap/vim-8.2.3605-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_14-x86_64-1.txz: Upgraded.
l/python-markdown-3.3.5-x86_64-1.txz: Upgraded.
xap/seamonkey-2.53.10-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10
(* Security fix *)
xap/vim-gvim-8.2.3605-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-4.txz: Rebuilt.
Fixed installation of the Tcl bindings. Thanks to Stuart Winter.
extra/tigervnc/tigervnc-1.12.0-x86_64-1.txz: Upgraded.
Thanks to alienBOB for the original build script, and to 0XBF and Linux From
Scratch for some useful hints on getting this back in shape.
a/kernel-firmware-20211115_f5d5195-noarch-1.txz: Upgraded.
d/git-2.34.0-x86_64-1.txz: Upgraded.
xap/gftp-2.8.0b-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.3.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.3.1/releasenotes/
xfce/xfce4-whiskermenu-plugin-2.6.2-x86_64-1.txz: Upgraded.
d/slacktrack-2.22-x86_64-1.txz: Upgraded.
Test makepkg's response to the package name as part of the pre-build
sanity checks. This catches malformed package names and extension types.
Thanks to Eduard Rozenberg for the suggestion.
Thanks to Stuart Winter.
kde/kstars-3.5.6-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.2-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.2-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.2-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-7.txz: Rebuilt.
rc.M: adjust the startup order to make sure a few services are running when
needed (such as MariaDB for dovecot and postfix). Thanks to Tshane.
ap/ksh93-20211112_d160abc-x86_64-1.txz: Upgraded.
Don't assume that /bin/sh mode is desired when ksh is run from su.
Thanks to McDutchie.
ap/lxc-4.0.11-x86_64-2.txz: Rebuilt.
Move the bash-completion symlinks to the system directory. Thanks to kaott.
d/kernel-headers-5.15.2-x86-1.txz: Upgraded.
k/kernel-source-5.15.2-noarch-1.txz: Upgraded.
l/pipewire-0.3.40-x86_64-1.txz: Upgraded.
n/s-nail-14.9.23-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/sdparm-1.12-x86_64-2.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
a/sysvinit-scripts-15.0-noarch-6.txz: Rebuilt.
rc.{6,S,M}: merged changes for compatibility with LXC containers.
a/udisks-1.0.5-x86_64-10.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
ap/lxc-4.0.11-x86_64-1.txz: Upgraded.
Requires libseccomp-2.5.3.
No more local versions of rc.{6,S,M,inet1}: the regular versions work now.
l/elfutils-0.186-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-11.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
l/libseccomp-2.5.3-x86_64-1.txz: Added.
This is needed by lxc-4.0.11. Thanks to Willy Sudiarto Raharjo.
l/sg3_utils-1.47-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/network-scripts-15.0-noarch-17.txz: Rebuilt.
Merged changes in rc.inet1 to make it compatible with LXC containers.
Patched netconfig to ensure the proper permissions on rc.networkmanager
when NetworkManager is not chosen.
x/ibus-1.5.25-x86_64-4.txz: Rebuilt.
[PATCH] client/gtk2/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
a/btrfs-progs-5.15-x86_64-1.txz: Upgraded.
a/hwdata-0.353-noarch-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.5.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.3.0esr-x86_64-2.txz: Rebuilt.
Rebuilt with rust-1.54.0, which seems to produce a stable Firefox package.
Looking at this page, it would seem that upstream is probably compiling
the official package with rust-1.54.0:
https://firefox-source-docs.mozilla.org/writing-rust-code/update-policy.html
Normally I'd be inclined to drop back on the version of Rust in the main
tree, but rust-1.56.1 fixes a security issue (one that doesn't affect any
crates used by Firefox), so that doesn't seem to be a good idea.
d/meson-0.59.3-x86_64-1.txz: Upgraded.
Reverted to a version that works better for us. Thanks to nobodino.
l/imagemagick-7.1.0_13-x86_64-1.txz: Upgraded.
l/pcre2-10.39-x86_64-1.txz: Upgraded.
l/sip-4.19.25-x86_64-4.txz: Rebuilt.
Fixed missing sip.h.
n/getmail-6.18.5-x86_64-1.txz: Upgraded.
a/kernel-generic-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.15-x86_64-1.txz: Upgraded.
d/cmake-3.21.4-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.15-x86-1.txz: Upgraded.
k/kernel-source-5.14.15-noarch-1.txz: Upgraded.
We're going to go ahead and take both of those changes that were considered
in /testing. GazL almost had me talked out of the autogroup change, but it's
easy to disable if traditional "nice" behavior is important to someone.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
SCHED_AUTOGROUP n -> y
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
kde/plasma-desktop-5.23.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_12-x86_64-1.txz: Upgraded.
l/librsvg-2.52.3-x86_64-1.txz: Upgraded.
n/bind-9.16.22-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issue:
The "lame-ttl" option is now forcibly set to 0. This effectively disables
the lame server cache, as it could previously be abused by an attacker to
significantly degrade resolver performance.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
(* Security fix *)
n/c-ares-1.18.1-x86_64-1.txz: Upgraded.
n/samba-4.15.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/slackpkg-15.0.8-noarch-1.txz: Upgraded.
Author: piterpunk <piterpunk@slackware.com>
To make it easier to do an unattended slackpkg update/upgrade process,
this commit provides different exit codes for many situations:
0 Successful slackpkg execution.
1 Something wrong happened.
20 No package found to be downloaded, installed, reinstalled,
upgraded, or removed.
50 Slackpkg itself was upgraded and you need to re-run it.
100 There are pending updates.
Code and the main manpage are updated accordingly.
In addition, this commit also:
- removes the ChangeLog.txt in doinst.sh, so the needed
'slackpkg update' after Slackpkg upgrade won't say it's all OK
and doesn't need to redo the package lists
- removes AUTHORS from manpage. Nowadays there is code from many
people in Slackpkg and it seems a bit unfair to have only my and
Evaldo's name listed there.
Signed-off-by: Robby Workman <rworkman@slackware.com>
d/meson-0.60.0-x86_64-1.txz: Upgraded.
l/ffmpeg-4.4.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_11-x86_64-1.txz: Upgraded.
l/libcap-2.60-x86_64-1.txz: Upgraded.
l/libsoup-2.74.1-x86_64-1.txz: Upgraded.
l/sip-4.19.25-x86_64-3.txz: Rebuilt.
Drop the Qt4 modules. Thanks to gmgf.
n/dhcpcd-9.4.1-x86_64-1.txz: Upgraded.
testing/packages/linux-5.14.x/kernel-generic-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-headers-5.14.14-x86-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-huge-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-modules-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-source-5.14.14-noarch-3.txz: Rebuilt.
Let's enable SCHED_AUTOGROUP, which should improve desktop latency under a
heavy CPU load while being mostly inert on servers. It may be disabled at
boot time with a "noautogroup" kernel parameter, or at runtime like this:
echo 0 > /proc/sys/kernel/sched_autogroup_enabled
Thanks to gbschenkel.
SCHED_AUTOGROUP n -> y
a/aaa_terminfo-6.3-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2021e-noarch-1.txz: Upgraded.
ap/itstool-2.0.7-x86_64-2.txz: Rebuilt.
Rebuilt with PYTHON=/usr/bin/python3. Thanks to USUARIONUEVO.
ap/mpg123-1.29.2-x86_64-1.txz: Upgraded.
d/meson-0.59.3-x86_64-1.txz: Upgraded.
d/parallel-20211022-noarch-1.txz: Upgraded.
d/python-pip-21.3.1-x86_64-1.txz: Upgraded.
d/python-setuptools-58.3.0-x86_64-1.txz: Upgraded.
l/exiv2-0.27.5-x86_64-1.txz: Upgraded.
l/ncurses-6.3-x86_64-1.txz: Upgraded.
n/php-7.4.25-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
xap/mozilla-thunderbird-91.2.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.2.1/releasenotes/
testing/packages/linux-5.14.x/kernel-generic-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-headers-5.14.14-x86-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-huge-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-modules-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-source-5.14.14-noarch-2.txz: Rebuilt.
These kernels enable CONFIG_PREEMPT=y and CONFIG_PREEMPT_DYNAMIC=y allowing
the kernel preemption model to be specified on the kernel command line
with one of these options: preempt=none, preempt=voluntary, and preempt=full.
Since there is no .config option to set a default, and the default in the
kernel sources is "full" (which is probably not a good default), the
kernel-source.SlackBuild has been modified to add support for an environment
variable CONFIG_PREEMPT_DEFAULT_MODE which can be set to none, voluntary, or
full to set the default kernel preemption model when a command line option
is not provided. These kernels have been built with a preemption model of
"none" (presumably the safest choice which will behave like the kernels we
have shipped before.) The runtime overhead on 64-bit should be negligible.
On 32-bit we lack support for HAVE_STATIC_CALL_INLINE, so spinlocks and
mutexes will have to be approached through a trampoline, adding a very small
amount of overhead. I feel this is probably worth it in order to have the
option to run a kernel with voluntary or full preemption, especially for
gaming or desktop purposes. The reduction in input lag with these modes is
actually quite noticable.
To check the current preemption model, you may use debugfs:
mount -t debugfs none /sys/kernel/debug
cat /sys/kernel/debug/sched/preempt
(none) voluntary full
You may change to a different preemption model on the fly once debugfs is
mounted:
echo voluntary > /sys/kernel/debug/sched/preempt
cat /sys/kernel/debug/sched/preempt
none (voluntary) full
Thanks to Daedra.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
a/lvm2-2.03.13-x86_64-1.txz: Upgraded.
Reverted to working version.
d/rust-1.56.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.39-x86_64-1.txz: Upgraded.
n/krb5-1.19.2-x86_64-2.txz: Rebuilt.
[PATCH] Fix KDC null deref on TGS inner body null server.
This fixes an issue where an authenticated attacker can cause a denial of
service in the KDC by sending a FAST TGS request with no server field.
Thanks to nobodino.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
(* Security fix *)
x/ibus-m17n-1.4.8-x86_64-1.txz: Upgraded.
x/libinput-1.19.2-x86_64-1.txz: Upgraded.
xap/freerdp-2.4.1-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Improper client input validation for gateway connections allows to overwrite
memory.
Improper region checks in all clients allow out of bound write to memory.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
(* Security fix *)
xap/gftp-2.7.1b-x86_64-1.txz: Upgraded.
extra/php8/php8-8.0.12-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
ap/htop-3.1.1-x86_64-1.txz: Upgraded.
d/automake-1.16.2-noarch-4.txz: Rebuilt.
The GNU toolchain is making it increasingly impossible to use our usual
"${ARCH}-slackware-linux" host, erroring out with a host mismatch on at
least GTK+2. So, we'll drop back to this version of automake for now,
with a fix applied for detecting Python 3.10. More than likely we'll be
changing the host to "${ARCH}-slackware-linux-gnu" to satisfy upstream,
but that will have to wait for the next devel cycle.
d/llvm-13.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.55.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/kdevelop-5.6.2-x86_64-6.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/plasma-workspace-5.23.0-x86_64-2.txz: Rebuilt.
Applied upstream patch:
[PATCH] sddm-theme: fix missing password field on "Other" page.
Thanks to USUARIONUEVO and LuckyCyborg.
l/libclc-13.0.0-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
l/python-pillow-8.4.0-x86_64-1.txz: Upgraded.
l/qt5-5.15.3_20211013_5c7c3af5-x86_64-1.txz: Upgraded.
Upgraded to latest git (might as well) and compiled against llvm-13.0.0.
l/spirv-llvm-translator-20210920_098034ea-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
x/mesa-21.2.4-x86_64-1.txz: Upgraded.
Compiled against llvm-13.0.0.
xap/pidgin-2.14.8-x86_64-1.txz: Upgraded.
a/kernel-firmware-20211012_b563148-noarch-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-26.txz: Rebuilt.
Don't include 40-usb_modeswitch.rules on the initrd. Thanks to LuckyCyborg.
d/scons-4.2.0-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.7-x86_64-1.txz: Upgraded.
xfce/mousepad-0.5.7-x86_64-2.txz: Rebuilt.
Added plugins directory. Thanks to Roman Dyaba.
d/python-pip-21.3-x86_64-1.txz: Upgraded.
l/aspell-en-2020.12.07_0-x86_64-1.txz: Upgraded.
l/boost-1.77.0-x86_64-2.txz: Rebuilt.
Recompiled against python-3.10. Thanks to nobodino and ctrlaltca.
l/qt5-5.15.3_20211006_0243418f-x86_64-1.txz: Upgraded.
Updated from the repo to get a few Wayland related fixes.
n/gnutls-3.7.2-x86_64-1.txz: Upgraded.
n/httpd-2.4.51-x86_64-1.txz: Upgraded.
SECURITY: CVE-2021-42013: Path Traversal and Remote Code
Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
fix of CVE-2021-41773) (cve.mitre.org)
It was found that the fix for CVE-2021-41773 in Apache HTTP
Server 2.4.50 was insufficient. An attacker could use a path
traversal attack to map URLs to files outside the directories
configured by Alias-like directives.
If files outside of these directories are not protected by the
usual default configuration "require all denied", these requests
can succeed. If CGI scripts are also enabled for these aliased
pathes, this could allow for remote code execution.
This issue only affects Apache 2.4.49 and Apache 2.4.50 and not
earlier versions.
Credits: Reported by Juan Escobar from Dreamlab Technologies,
Fernando MuA+-oz from NULL Life CTF Team, and Shungo Kumasaka
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
(* Security fix *)
a/util-linux-2.37.2-x86_64-3.txz: Rebuilt.
Removed broken /usr/bin/raw symlink. Thanks to marav.
d/gdb-11.1-x86_64-2.txz: Rebuilt.
Don't ship .la files.
d/vala-0.54.2-x86_64-1.txz: Upgraded.
kde/artikulate-21.08.1-x86_64-3.txz: Rebuilt.
Fixed broken COPYING{,.DOC} symlinks. Thanks to marav.
kde/kservice-5.86.0-x86_64-4.txz: Rebuilt.
In /etc/profile.d/kde.{csh,sh}:
Fixed test for kf5 directory. Thanks to LuckyCyborg.
Make adding /etc/kde/xdg to $XDG_CONFIG_DIRS conditional on the existence
of that directory.
l/imagemagick-7.1.0_9-x86_64-1.txz: Upgraded.
n/bind-9.16.21-x86_64-4.txz: Rebuilt.
Removed broken symlink. Thanks to marav.
n/httpd-2.4.50-x86_64-1.txz: Upgraded.
x/cldr-emoji-annotation-37.0_13.0_0_2-noarch-4.txz: Rebuilt.
Fixed broken COPYING symlink. Thanks to marav.
xap/x3270-4.0ga14-x86_64-2.txz: Rebuilt.
Fixed symlinks in html directory. Thanks to marav.
d/python-setuptools-58.2.0-x86_64-1.txz: Upgraded.
kde/kservice-5.86.0-x86_64-3.txz: Rebuilt.
Fix paths in kde.{csh,sh}. Thanks to marco70.
Since kdesu and kxmlgui are looking in /usr/lib${LIBDIRSUFFIX}/kf5 for
some reason, let's just link that location to libexec/kf5 to make things
work again. Also, I'm not sure why these things are in this particular
package, but I guess they had to go somewhere.
l/python-cffi-1.14.6-x86_64-1.txz: Added.
This is needed by hexchat-2.16.0.
l/python-pycparser-2.20-x86_64-1.txz: Added.
This is needed by hexchat-2.16.0.
l/vte-0.66.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.16.0-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.1.5-noarch-1.txz: Upgraded.
x/libva-utils-2.13.0-x86_64-1.txz: Upgraded.
x/noto-fonts-ttf-20171024-noarch-4.txz: Rebuilt.
Package NotoSansCoptic-Regular.ttf and a few other unhinted fonts.
Thanks to Roman Dyaba.
xfce/Greybird-3.22.15-noarch-1.txz: Upgraded.
a/kernel-firmware-20210928_7a30050-noarch-1.txz: Upgraded.
d/ccache-4.4.2-x86_64-1.txz: Upgraded.
d/meson-0.59.2-x86_64-1.txz: Upgraded.
l/gc-8.0.6-x86_64-1.txz: Upgraded.
l/mlt-7.0.1-x86_64-2.txz: Rebuilt.
Fixed man page installation. Thanks to GazL and Markus Wiesner.
l/netpbm-10.96.00-x86_64-1.txz: Upgraded.
n/epic5-2.1.5-x86_64-2.txz: Rebuilt.
Fixed man page installation. Thanks to GazL and kaott.
n/openssh-8.8p1-x86_64-2.txz: Rebuilt.
Add pam_elogind.so to /etc/pam.d/sshd to track user sessions over ssh,
properly set the XDG_ variables, and create the runtime directory.
Thanks to davjohn.
xap/NetworkManager-openvpn-1.8.16-x86_64-1.txz: Upgraded.
n/nftables-1.0.0-x86_64-2.txz: Rebuilt.
Added options --with-json and --enable-python needed for firewalld.
Thanks to stormtracknole.
xap/mozilla-thunderbird-91.1.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.1.2/releasenotes/
a/kernel-generic-5.14.8-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.8-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.8-x86_64-1.txz: Upgraded.
ap/itstool-2.0.7-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.8-x86-1.txz: Upgraded.
k/kernel-source-5.14.8-noarch-1.txz: Upgraded.
l/libmtp-1.1.19-x86_64-1.txz: Upgraded.
n/getmail-6.18.4-x86_64-1.txz: Upgraded.
n/openssh-8.8p1-x86_64-1.txz: Upgraded.
Please note "Potentially-incompatible changes" from the release notes:
This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]
For most users, this change should be invisible and there is
no need to replace ssh-rsa keys. OpenSSH has supported RFC8332
RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys
will automatically use the stronger algorithm where possible.
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).
[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
Application to the PGP Web of Trust" Leurent, G and Peyrin, T
(2020) https://eprint.iacr.org/2020/014.pdf
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/coreutils-9.0-x86_64-2.txz: Rebuilt.
DIR_COLORS: Add support for .tzst, .zst, .flv, and .m2t extensions.
Thanks to regdub.
a/elvis-2.2_0-x86_64-8.txz: Rebuilt.
Removed elvis.clr.orig. Thanks to ctrlaltca.
d/bison-3.8.2-x86_64-1.txz: Upgraded.
d/meson-0.59.1-x86_64-1.txz: Upgraded.
d/subversion-1.14.1-x86_64-4.txz: Rebuilt.
Added compile options --with-kwallet and --with-gnome-keyring (the latter was
already used by default). Thanks to rsts and Windu.
kde/plasma-desktop-5.22.5-x86_64-2.txz: Rebuilt.
Removed main.xml.orig. Thanks to ctrlaltca.
l/gst-plugins-bad-free-1.18.5-x86_64-1.txz: Added.
These are the "bad" GStreamer plugins that have free enough licenses to ship.
Thanks to Heinz Wiesinger.
l/gtk4-4.4.0-x86_64-1.txz: Upgraded.
l/libssh2-1.10.0-x86_64-1.txz: Upgraded.
n/lynx-2.9.0dev.9-x86_64-1.txz: Upgraded.
Based on testing here, this seems stable enough to include. Please let me
know if there are any new problems.
lynx.cfg: Add ASSUME_CHARSET:utf-8. Thanks to usr345.
Removed CHANGES.orig. Thanks to ctrlaltca.
xap/x3270-4.0ga14-x86_64-1.txz: Upgraded.
xap/xpdf-4.03-x86_64-3.txz: Rebuilt.
Removed .orig files. Thanks to ctrlaltca.
a/coreutils-9.0-x86_64-1.txz: Upgraded.
Thanks to GazL for pointing out where I needed to be looking in the code to
stick with the traditional (for us, anyway) ls quoting style.
n/ca-certificates-20210924-noarch-1.txz: Upgraded.
Removed DST_Root_CA_X3.crt.
n/cifs-utils-6.14-x86_64-1.txz: Upgraded.
a/kernel-firmware-20210923_0268c1b-noarch-1.txz: Upgraded.
d/parallel-20210922-noarch-1.txz: Upgraded.
l/pipewire-0.3.37-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.7-x86_64-1.txz: Upgraded.
xap/freerdp-2.4.0-x86_64-1.txz: Added.
This is needed for krdc to use RDP. Thanks to max242.
xfce/mousepad-0.5.7-x86_64-1.txz: Upgraded.
a/kernel-firmware-20210919_d526e04-noarch-1.txz: Upgraded.
l/gd-2.3.3-x86_64-2.txz: Rebuilt.
Applied upstream patch to restore macros used while building PHP.
Thanks to nobodino.
l/gjs-1.68.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_8-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.6-x86_64-1.txz: Upgraded.
xfce/xfce4-whiskermenu-plugin-2.6.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.22.5-x86_64-2.txz: Rebuilt.
Patched to fix USB storage devices detected only once per session.
Thanks to ctrlaltca.
n/NetworkManager-1.32.10-x86_64-4.txz: Rebuilt.
Patched to shut down dhcpcd gracefully, and restored dhcpcd as the default
client when using NetworkManager on Slackware. In this case I'll swim
upstream if it means better security. Who knows what your DHCP server might
attempt when it comes to public WiFi? :-)
Thanks to Roy Marples and marav.
n/gnupg2-2.2.31-x86_64-1.txz: Upgraded.
xap/pidgin-2.14.7-x86_64-1.txz: Upgraded.
a/cryptsetup-2.4.1-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-5.txz: Rebuilt.
Stop D-Bus after NFS partitions are unmounted to avoid a hang.
Thanks to vulcan59 and bassmadrigal.
ap/sudo-1.9.8p1-x86_64-1.txz: Upgraded.
l/fftw-3.3.10-x86_64-1.txz: Upgraded.
l/libxkbcommon-1.3.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.36-x86_64-1.txz: Upgraded.
n/dhcpcd-9.4.0-x86_64-2.txz: Rebuilt.
Applied upstream patch:
DHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages.
Thanks to marav.
n/httpd-2.4.49-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic]
core: ap_escape_quotes buffer overflow
mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic]
core: null pointer dereference on malformed request
mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
(* Security fix *)
x/ibus-libpinyin-1.12.1-x86_64-1.txz: Upgraded.
x/libpinyin-2.6.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.1.1/releasenotes/
a/etc-15.0-x86_64-17.txz: Rebuilt.
Added named:named (53:53) user and group.
a/kernel-firmware-20210915_198ac65-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.4-x86_64-1.txz: Upgraded.
ap/sudo-1.9.8-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.4-x86-1.txz: Upgraded.
k/kernel-source-5.14.4-noarch-1.txz: Upgraded.
kde/breeze-icons-5.85.0-noarch-2.txz: Rebuilt.
Patched with upstream commit to allow using this icon theme with Xfce.
l/fluidsynth-2.2.3-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.5-x86_64-1.txz: Upgraded.
l/qca-2.3.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.32.10-x86_64-3.txz: Rebuilt.
Switch to dhcp=internal to avoid problems swimming upstream.
For those looking for a fix to continue using dhcpcd, a PRIVSEP build
variable was added to the SlackBuild, and you may produce a fully
NetworkManager compatible dhcpcd package with this command:
PRIVSEP=no ./dhcpcd.SlackBuild
Privilege separation remains the dhcpcd package default as we don't want
to weaken security for those using rc.inet1 along with dhcpcd.
Some additional comments about this were added to 00-dhcp-client.conf
mentioning this and the workaround of killing dhcpcd manually when
resuming with the stock dhcpcd package.
n/bind-9.16.21-x86_64-1.txz: Upgraded.
Fixed call to rndc-confgen in the install script.
Make /etc/rndc.key owned by named:named.
Run named as named:named by default (configurable in /etc/default/named).
rc.bind: chown /run/named and /var/named to configured user:group.
Thanks to Ressy for prompting this cleanup. :)
n/curl-7.79.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
clear the leftovers pointer when sending succeeds.
do not ignore --ssl-reqd.
reject STARTTLS server response pipelining.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
(* Security fix *)
n/links-2.24-x86_64-1.txz: Upgraded.
n/wireguard-tools-1.0.20210914-x86_64-1.txz: Upgraded.
x/libinput-1.19.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.28-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/grub-2.06-x86_64-4.txz: Rebuilt.
Install file in /etc/grub.d as .new so that they won't be clobbered by
future package updates.
Patch grub-mkconfig to skip .new files in /etc/grub.d.
Thanks to denydias.
d/bison-3.7.6-x86_64-1.txz: Upgraded.
Reverted bison-3.8 since it breaks building glibc. Looks like I picked the
wrong week to upgrade bison. ;-)
Thanks to nobodino.
l/jansson-2.14-x86_64-1.txz: Upgraded.
l/libcap-2.57-x86_64-1.txz: Upgraded.
l/liburing-2.1-x86_64-1.txz: Upgraded.
xap/libnma-1.8.32-x86_64-2.txz: Rebuilt.
Added glib-compile-schemas to the install script. Thanks to bormant.
xap/network-manager-applet-1.24.0-x86_64-2.txz: Rebuilt.
Removed glib-compile-schemas from the install script. Thanks to bormant.
d/python-setuptools-58.0.2-x86_64-1.txz: Upgraded.
l/SDL2_mixer-2.0.4-x86_64-5.txz: Rebuilt.
Rebuilt to fix embedded shared library .so-versions used for dynamic loading.
Thanks to teeemcee.
l/fuse3-3.10.5-x86_64-1.txz: Upgraded.
l/harfbuzz-2.9.1-x86_64-1.txz: Upgraded.
l/poppler-data-0.4.11-noarch-1.txz: Upgraded.
l/sdl-1.2.15-x86_64-12.txz: Rebuilt.
Rebuilt to fix embedded shared library .so-versions in libSDL_mixer-1.2.so.0
used for dynamic loading. Thanks to teeemcee.
n/libqmi-1.30.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.1.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.1.0/releasenotes/
(* Security fix *)
ap/mpg123-1.29.0-x86_64-1.txz: Upgraded.
ap/texinfo-6.8-x86_64-2.txz: Rebuilt.
Regenerate /usr/info/dir.new.
d/python-setuptools-58.0.1-x86_64-1.txz: Upgraded.
d/rinutils-0.10.0-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.4.0-x86_64-1.txz: Upgraded.
l/gegl-0.4.32-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_6-x86_64-1.txz: Upgraded.
l/libgtop-2.40.0-x86_64-4.txz: Rebuilt.
Remove /usr/info/dir that shouldn't have been included.
Upgrade the texinfo package after this one to restore the correct file.
Thanks to elyk.
l/libsamplerate-0.2.2-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.70-x86_64-1.txz: Upgraded.
xap/gimp-2.10.26-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.1.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.1.0/releasenotes/
xfce/libxfce4ui-4.16.1-x86_64-1.txz: Upgraded.
a/gzip-1.11-x86_64-1.txz: Upgraded.
a/kernel-firmware-20210903_2984e26-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.1-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.1-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.1-x86-1.txz: Upgraded.
k/kernel-source-5.14.1-noarch-1.txz: Upgraded.
kde/kstars-3.5.4-x86_64-1.txz: Upgraded.
n/bind-9.16.20-x86_64-2.txz: Rebuilt.
rc.bind: Fixed typo: $RDNC_OPTIONS -> $RNDC_OPTIONS
rc.bind: Allow a 10 second (default) timeout for rndc to stop BIND. At that
point if BIND is still running, use killall -SIGTERM to stop it.
Thanks to akschu.
xap/ssr-0.4.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/util-linux-2.37.2-x86_64-2.txz: Rebuilt.
Rebuild with --disable-raw since the raw driver has been removed from the
kernel. Thanks to nobodino and SeB.
ap/vim-8.2.3394-x86_64-1.txz: Upgraded.
l/glib2-2.68.4-x86_64-2.txz: Rebuilt.
Better detect UTF-8 locales in libglib2.sh and libglib2.csh.
Thanks to Didier Spaier.
l/tidy-html5-5.8.0-x86_64-2.txz: Rebuilt.
Fixed manpage installation. Thanks to kaott.
n/iproute2-5.14.0-x86_64-1.txz: Upgraded.
x/libwacom-1.12-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.22-noarch-1.txz: Upgraded.
xap/vim-gvim-8.2.3394-x86_64-1.txz: Upgraded.
extra/sendmail/sendmail-8.17.1-x86_64-2.txz: Rebuilt.
Rebuilt with -DUSE_EAI and -licui18n -licuuc -licudata added to
site.config.m4 to support SMTPUTF8. Thanks to niksoggia.
extra/sendmail/sendmail-cf-8.17.1-noarch-2.txz: Rebuilt.
a/etc-15.0-x86_64-15.txz: Rebuilt.
/etc/profile: Don't define a $LESS variable, but provide a commented-out
example of "-M -R". As far as I can tell, setting $LESS to -M is something
that we picked up from SLS's /etc/profile at the very beginning and then
kept it because it wasn't causing any problems. Personally, I'll be
uncommenting this because it's nice to get the extra output from less
provided by -M concerning your place in the file, but we'll leave it up
to the end user how to handle this.
Thanks to krown, marav, LockyWolf, and drgibbon.
a/kernel-generic-5.14.0-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.0-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.0-x86-1.txz: Upgraded.
k/kernel-source-5.14.0-noarch-1.txz: Upgraded.
l/libcap-2.55-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.30-x86_64-1.txz: Upgraded.
n/proftpd-1.3.7c-x86_64-1.txz: Upgraded.
xap/xsnow-3.3.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/man-pages-5.13-noarch-1.txz: Upgraded.
d/binutils-2.37-x86_64-1.txz: Upgraded.
With a few upstream patches to fix some regressions in the release, we no
longer get any new FTBFS with this, so we'll take it.
d/oprofile-1.4.0-x86_64-8.txz: Rebuilt.
Recompiled against binutils-2.37.
kde/sddm-0.19.0-x86_64-8.txz: Rebuilt.
Patched to fix build.
l/libcap-2.54-x86_64-1.txz: Upgraded.
l/libssh-0.9.6-x86_64-1.txz: Upgraded.
Fix possible heap-buffer overflow when rekeying with different key exchange
mechanism.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634
(* Security fix *)
l/qt5-5.15.3_20210826_21ea9c12-x86_64-1.txz: Upgraded.
Switched to the patched qt5 from https://invent.kde.org/qt/qt/qt5.git.
Huge thanks to Heinz Wiesinger for the script to create a release tarball.
Likely this fixes many security issues.
(* Security fix *)
x/libglvnd-1.3.3-x86_64-1.txz: Upgraded.
Reverted to this version because changes to the header files won't allow the
EGL portions of Qt to properly compile.
d/help2man-1.48.5-x86_64-1.txz: Upgraded.
x/mesa-21.2.1-x86_64-1.txz: Upgraded.
21.2.x has some important bug fixes, and there's still time to test, so...
a/e2fsprogs-1.46.4-x86_64-1.txz: Upgraded.
d/ccache-4.4-x86_64-1.txz: Upgraded.
d/mercurial-5.9-x86_64-1.txz: Upgraded.
kde/konsole-21.08.0-x86_64-3.txz: Rebuilt.
Merged another upstream patch for the case where there is no konsolerc.
l/glib2-2.68.4-x86_64-1.txz: Upgraded.
l/gnu-efi-3.0.14-x86_64-1.txz: Upgraded.
n/libmilter-8.17.1-x86_64-1.txz: Upgraded.
n/nftables-1.0.0-x86_64-1.txz: Upgraded.
n/openssh-8.7p1-x86_64-1.txz: Upgraded.
x/ibus-1.5.25-x86_64-1.txz: Upgraded.
x/ibus-anthy-1.5.13-x86_64-1.txz: Upgraded.
xap/libnma-1.8.32-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.0.2/releasenotes/
xap/pavucontrol-5.0-x86_64-1.txz: Upgraded.
a/aaa_libraries-15.0-x86_64-9.txz: Rebuilt.
Fixed wrong version of libasound.so.2.0.0.
Thanks to Eduardo Charquero and PiterPunk.
a/kernel-firmware-20210818_c46b8c3-noarch-1.txz: Upgraded.
a/kernel-generic-5.13.12-x86_64-1.txz: Upgraded.
a/kernel-huge-5.13.12-x86_64-1.txz: Upgraded.
a/kernel-modules-5.13.12-x86_64-1.txz: Upgraded.
d/kernel-headers-5.13.12-x86-1.txz: Upgraded.
k/kernel-source-5.13.12-noarch-1.txz: Upgraded.
kde/konsole-21.08.0-x86_64-2.txz: Rebuilt.
Patched to fix konsole size and toolbars. Thanks to alienBOB and PiterPunk.
n/bind-9.16.20-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issue:
An assertion failure occurred when named attempted to send a UDP packet that
exceeded the MTU size, if Response Rate Limiting (RRL) was enabled.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25218
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_glibc-solibs-2.33-x86_64-3.txz: Rebuilt.
a/usbutils-014-x86_64-1.txz: Upgraded.
ap/mariadb-10.6.4-x86_64-1.txz: Upgraded.
ap/nvme-cli-1.15-x86_64-1.txz: Upgraded.
l/glibc-2.33-x86_64-3.txz: Rebuilt.
Since glibc-2.34 makes a potentially risky change of moving all functions
into the main library, and another inconvenient (for us) change of renaming
the library files, we'll stick with glibc-2.33 for Slackware 15.0 and test
the newer glibc in the next release cycle. But we'll backport the security
fixes from glibc-2.34 with this update:
The nameserver caching daemon (nscd), when processing a request for netgroup
lookup, may crash due to a double-free, potentially resulting in degraded
service or Denial of Service on the local system. Reported by Chris Schanzle.
The mq_notify function has a potential use-after-free issue when using a
notification type of SIGEV_THREAD and a thread attribute with a non-default
affinity mask.
The wordexp function may overflow the positional parameter number when
processing the expansion resulting in a crash. Reported by Philippe Antoine.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
(* Security fix *)
l/glibc-i18n-2.33-x86_64-3.txz: Rebuilt.
l/glibc-profile-2.33-x86_64-3.txz: Rebuilt.
l/liburing-2.0-x86_64-1.txz: Added.
This is needed by mariadb, and provides increased performance on high speed
devices such as NVMe.
n/dovecot-2.3.16-x86_64-1.txz: Upgraded.
xap/blueman-2.2.2-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-4.txz: Rebuilt.
rc.S: Change /var/run to be a symlink to /run rather than bind mounted.
This works around an issue with solid-5.84.0. While there is a patch
available for solid, it's probably best to handle the legacy /var/run
location in the same way that most other distributions do.
Unfortunately, this change needs to be made at boot time before /var/run
would be mounted, so a reboot will be required. Make sure that the new
/etc/rc.d/rc.S.new is moved to /etc/rc.d/rc.S before rebooting.
Thanks to ZhaoLin1457.
ap/sudo-1.9.7p2-x86_64-1.txz: Upgraded.
d/cmake-3.21.1-x86_64-1.txz: Upgraded.
kde/bluedevil-5.22.4-x86_64-1.txz: Upgraded.
kde/breeze-5.22.4-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.22.4-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.22.4-x86_64-1.txz: Upgraded.
kde/drkonqi-5.22.4-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.22.4-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.22.4-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.22.4-x86_64-1.txz: Upgraded.
kde/kdecoration-5.22.4-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.22.4-x86_64-1.txz: Upgraded.
kde/kgamma5-5.22.4-x86_64-1.txz: Upgraded.
kde/khotkeys-5.22.4-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.22.4-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.22.4-x86_64-1.txz: Upgraded.
kde/kscreen-5.22.4-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.22.4-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.22.4-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.22.4-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.22.4-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.22.4-x86_64-1.txz: Upgraded.
kde/kwayland-server-5.22.4-x86_64-1.txz: Upgraded.
kde/kwin-5.22.4-x86_64-1.txz: Upgraded.
kde/kwrited-5.22.4-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.22.4-x86_64-1.txz: Upgraded.
kde/libkscreen-5.22.4-x86_64-1.txz: Upgraded.
kde/libksysguard-5.22.4-x86_64-1.txz: Upgraded.
kde/milou-5.22.4-x86_64-1.txz: Upgraded.
kde/oxygen-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.22.4-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.22.4-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.22.4-x86_64-1.txz: Upgraded.
kde/powerdevil-5.22.4-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.22.4-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.22.4-x86_64-1.txz: Upgraded.
kde/systemsettings-5.22.4-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.22.4-x86_64-1.txz: Upgraded.
a/util-linux-2.37.1-x86_64-1.txz: Upgraded.
l/libidn-1.38-x86_64-1.txz: Upgraded.
n/bind-9.16.19-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-90.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/90.0.2/releasenotes/
xap/seamonkey-2.53.8.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.8.1
(* Security fix *)
Happy 28th birthday, Slackware! :-)
a/aaa_base-15.0-x86_64-1.txz: Upgraded.
Bump version numbers in /etc/os-release and /etc/slackware-version.
Not quite ready to freeze things for a release candidate, but getting there.
Initial email to root still needs a refresh.
a/kernel-firmware-20210716_b7c134f-noarch-1.txz: Upgraded.
x/ibus-m17n-1.4.6-x86_64-1.txz: Upgraded.
x/ibus-table-1.13.3-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-25.txz: Rebuilt.
Abort if a temporary directory cannot be created, otherwise the contents of
the current directory could be destroyed. Thanks to Andypoo.
d/Cython-0.29.24-x86_64-1.txz: Upgraded.
l/libedit-20210714_3.1-x86_64-1.txz: Upgraded.
x/libwacom-1.11-x86_64-1.txz: Upgraded.
ap/mpg123-1.28.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-90.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/90.0/releasenotes/
(* Security fix *)
kde/kmymoney-5.1.2-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.28-x86_64-1.txz: Upgraded.
Probably best to revert to this version for now.
x/xf86-input-libinput-1.1.0-x86_64-1.txz: Upgraded.
kde/kid3-3.8.7-x86_64-1.txz: Upgraded.
l/openexr-2.5.7-x86_64-1.txz: Upgraded.
n/dovecot-2.3.15-x86_64-1.txz: Upgraded.
This update fixes security issues:
Dovecot did not correctly escape kid and azp fields in JWT tokens. This may
be used to supply attacker controlled keys to validate tokens, if attacker
has local access.
On-path attacker could have injected plaintext commands before STARTTLS
negotiation that would be executed after STARTTLS finished with the client.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29157https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33515
(* Security fix *)
x/libva-2.12.0-x86_64-1.txz: Upgraded.
a/util-linux-2.37-x86_64-1.txz: Upgraded.
l/glib2-2.68.3-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.67-x86_64-1.txz: Upgraded.
l/rubygem-asciidoctor-2.0.15-x86_64-1.txz: Added.
This is required to process the man pages for the util-linux build.
Thanks to Trevor D. Cook.
n/gnupg2-2.2.28-x86_64-1.txz: Upgraded.
Hey folks! Sorry about the delay in getting this batch out but I had other
distractions going on here last week that prevented getting this one wrapped
up. Anyway, probably the highlight of this update set is that we've decided
to abandon the 5.10 LTS kernel in favor of following the latest one. We've
never really had a policy that required LTS in a stable release although that
is how it has been done for years, but based on comments from the Slackware
community it seems like 5.10 LTS isn't getting a lot of love and lacks
hardware support that people need now. Conversely, the reports on 5.12 have
been almost entirely positive, so we're going to provide what we think is the
best available kernel. It's unlikely that we'll see another LTS prior to
release, so the plan for maintenance is to keep following the latest kernels
as needed for security purposes. If that means we have to jump to a new branch
while supporting the stable release, we'll start the kernel out in testing
first until we've had some feedback that it's safe to move it to the patches
directory. Sooner or later we will end up on an LTS kernel again, and at that
point we'll just roll with that one. Feel free to comment (or complain) about
this plan on LQ... I'll be curious to see what people think. Anyway, enjoy!
a/hwdata-0.348-noarch-1.txz: Upgraded.
a/kernel-generic-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.12.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.12.9-x86_64-1.txz: Upgraded.
ap/ispell-3.4.04-x86_64-1.txz: Upgraded.
ap/mpg123-1.28.0-x86_64-1.txz: Upgraded.
ap/slackpkg-15.0.5-noarch-1.txz: Upgraded.
Add "--" option to "command cd" in bash completion file. (akinomyoga)
shell-completions/slackpkg.bash: add "show-changelog".
Import bash-completion file from upstream project.
Added the new-config actions for specific files. (Piter PUNK)
Harden slackpkg with respect to obtaining GPG key. (CRTS)
d/clisp-2.50_20191103_c26de7873-x86_64-5.txz: Rebuilt.
Upgraded to libffcall-2.3.
d/git-2.32.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.12.9-x86-1.txz: Upgraded.
d/poke-1.3-x86_64-1.txz: Upgraded.
d/vala-0.52.4-x86_64-1.txz: Upgraded.
k/kernel-source-5.12.9-noarch-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/cantor-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/digikam-7.2.0-x86_64-3.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
kde/kfilemetadata-5.82.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kile-2.9.93-x86_64-9.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/kitinerary-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/krita-4.4.3-x86_64-5.txz: Rebuilt.
Recompiled against poppler-21.06.1.
kde/okular-21.04.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.06.1.
l/alsa-lib-1.2.5-x86_64-2.txz: Rebuilt.
Account for unexpected packing of the conf file tarballs. We'll see if this
is enough to make things work well again.
l/at-spi2-core-2.40.2-x86_64-1.txz: Upgraded.
l/dvdauthor-0.7.2-x86_64-5.txz: Rebuilt.
Recompiled against imagemagick-7.0.11_14.
l/libogg-1.3.5-x86_64-1.txz: Upgraded.
l/librsvg-2.50.7-x86_64-1.txz: Upgraded.
l/pipewire-0.3.29-x86_64-1.txz: Upgraded.
l/polkit-0.119-x86_64-1.txz: Upgraded.
This update includes a mitigation for local privilege escalation using
polkit_system_bus_name_get_creds_sync().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560
(* Security fix *)
l/poppler-21.06.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/pycairo-1.20.1-x86_64-1.txz: Upgraded.
l/qca-2.3.3-x86_64-1.txz: Upgraded.
l/vte-0.64.2-x86_64-1.txz: Upgraded.
n/epic5-2.1.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.48-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
mod_http2: Fix a potential NULL pointer dereference.
Unexpected <Location> section matching with 'MergeSlashes OFF'.
mod_auth_digest: possible stack overflow by one nul byte while validating
the Digest nonce.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service with a malicious backend
server and SessionHeader.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_http: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end
negotiation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
(* Security fix *)
n/libmbim-1.24.8-x86_64-1.txz: Upgraded.
n/libqmi-1.28.6-x86_64-1.txz: Upgraded.
n/nettle-3.7.3-x86_64-1.txz: Upgraded.
n/openldap-2.4.59-x86_64-1.txz: Upgraded.
n/p11-kit-0.24.0-x86_64-1.txz: Upgraded.
n/php-7.4.20-x86_64-1.txz: Upgraded.
n/vsftpd-3.0.4-x86_64-1.txz: Upgraded.
n/whois-5.5.10-x86_64-1.txz: Upgraded.
x/libX11-1.7.2-x86_64-1.txz: Upgraded.
This is a bug fix release, correcting a regression introduced by and
improving the checks from the fix for CVE-2021-31535.
x/libinput-1.18.0-x86_64-1.txz: Upgraded.
x/mesa-21.1.2-x86_64-1.txz: Upgraded.
xap/blueman-2.2.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.11.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.11.0/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29964https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
(* Security fix *)
xap/pidgin-2.14.5-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.11-x86_64-6.txz: Rebuilt.
Recompiled against poppler-21.06.1.
extra/bash-completion/bash-completion-2.11-noarch-2.txz: Rebuilt.
Removed the slackpkg completion file.
extra/php8/php8-8.0.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
n/dhcp-4.4.2_P1-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Corrected a buffer overwrite possible when parsing hexadecimal
literals with more than 1024 octets. Reported by Jon Franklin from Dell,
and also by Pawel Wieczorkiewicz from Amazon Web Services. [Gitlab #182]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217
(* Security fix *)
a/xfsprogs-5.12.0-x86_64-1.txz: Upgraded.
l/libcap-2.50-x86_64-1.txz: Upgraded.
l/libqalculate-3.19.0-x86_64-1.txz: Upgraded.
n/gnutls-3.6.16-x86_64-1.txz: Upgraded.
Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle.
In GnuTLS, as long as it is built and linked against the fixed version of
Nettle, this only affects GOST curves. [CVE-2021-20305]
Fixed potential use-after-free in sending "key_share" and "pre_shared_key"
extensions. When sending those extensions, the client may dereference a
pointer no longer valid after realloc. This happens only when the client
sends a large Client Hello message, e.g., when HRR is sent in a resumed
session previously negotiated large FFDHE parameters, because the initial
allocation of the buffer is large enough without having to call realloc
(#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305
(* Security fix *)
n/libnftnl-1.2.0-x86_64-1.txz: Upgraded.
n/links-2.23-x86_64-1.txz: Upgraded.
a/mcelog-176-x86_64-2.txz: Rebuilt.
Fixed size syntax in logrotate config file. Thanks to ecd102.
d/parallel-20210522-noarch-1.txz: Upgraded.
d/python-pip-21.1.2-x86_64-1.txz: Upgraded.
d/python-setuptools-57.0.0-x86_64-1.txz: Upgraded.
l/elfutils-0.185-x86_64-1.txz: Upgraded.
l/expat-2.4.1-x86_64-1.txz: Upgraded.
This update provides new mitigations against the "billion laughs" denial
of service attack.
For more information, see:
https://github.com/libexpat/libexpat/blob/R_2_4_1/expat/Changeshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
(* Security fix *)
l/imagemagick-7.0.11_13-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.34.0.
n/httpd-2.4.46-x86_64-4.txz: Rebuilt.
Fixed size syntax in logrotate config file. Thanks to ecd102.
a/exfatprogs-1.1.2-x86_64-1.txz: Upgraded.
a/kmod-29-x86_64-1.txz: Upgraded.
a/logrotate-3.18.1-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-41.txz: Rebuilt.
installpkg, upgradepkg: skip the install script when doing upgradepkg's
pre-install. In cases where the script operations are expensive this can
nearly double the speed of upgrading a package. Thanks to Stuart Winter.
ap/texinfo-6.7-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.34.0.
ap/vim-8.2.2876-x86_64-1.txz: Upgraded.
Compiled against perl-5.34.0.
d/perl-5.34.0-x86_64-1.txz: Upgraded.
d/sassc-3.6.2-x86_64-1.txz: Upgraded.
d/subversion-1.14.1-x86_64-3.txz: Rebuilt.
Recompiled against perl-5.34.0.
l/libsass-3.6.5-x86_64-1.txz: Upgraded.
l/libsigc++3-3.0.7-x86_64-1.txz: Upgraded.
n/bind-9.16.16-x86_64-1.txz: Upgraded.
n/epic5-2.1.4-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.34.0.
n/irssi-1.2.3-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.34.0.
n/libndp-1.8-x86_64-1.txz: Upgraded.
n/net-snmp-5.9-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.34.0.
n/ntp-4.2.8p15-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.34.0.
n/openldap-2.4.58-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.34.0.
x/mesa-21.1.1-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.34.0.
xap/rxvt-unicode-9.26-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.34.0.
xap/vim-gvim-8.2.2876-x86_64-1.txz: Upgraded.
Compiled against perl-5.34.0.