The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141https://www.samba.org/samba/security/CVE-2021-44142.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142https://www.samba.org/samba/security/CVE-2022-0336.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
a/rpm2tgz-1.2.2-x86_64-5.txz: Rebuilt.
rpm2targz: when extracting the cpio archive from inside the RPM, use
--no-absolute-filenames to protect against a poorly made RPM scribbling all
over system files/directories. Thanks to Sl4ck3ver.
Support -i option to ignore non-zero exit value from rpm2cpio.
This allows repackaging some malformed RPMs.
Thanks to ricky_cardo for the sample malformed RPM.
a/aaa_libraries-15.0-x86_64-18.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-generic-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.17-x86_64-1.txz: Upgraded.
a/lzlib-1.13-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-8.txz: Rebuilt.
rc.S: clear /var/lock/subsys before starting libcgroup services.
Thanks to pyllyukko.
ap/pamixer-1.5-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
d/kernel-headers-5.15.17-x86-1.txz: Upgraded.
k/kernel-source-5.15.17-noarch-1.txz: Upgraded.
kde/kig-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/kopeninghours-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/krita-5.0.2-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/boost-1.78.0-x86_64-1.txz: Upgraded.
I hadn't planned to update this at such a late stage, but POV-Ray needs it
and everything we ship builds fine against it. Thanks to bender647.
Shared library .so-version bump.
l/cryfs-0.10.3-x86_64-4.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/expat-2.4.3-x86_64-3.txz: Rebuilt.
Prevent integer overflow in doProlog.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
(* Security fix *)
l/netpbm-10.97.03-x86_64-1.txz: Upgraded.
l/openexr-2.5.7-x86_64-5.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/pipewire-0.3.44-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.27-x86_64-1.txz: Upgraded.
n/libgpg-error-1.44-x86_64-1.txz: Upgraded.
x/mesa-21.3.5-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.5.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.5.1/releasenotes/
(* Security fix *)
extra/rust-for-mozilla/rust-1.54.0-x86_64-4.txz: Rebuilt.
Removed duplicated libLLVM shared library.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
It may look like we're currently experiencing more stuckness, but this will
lead us to Quality. We'll have this release in the can before you know it.
a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt.
a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded.
a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded.
-9P_FSCACHE n
9P_FS m -> y
Thanks to peake.
a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt.
mkinitrd_command_generator.sh: properly detect partitions of a RAID device.
Thanks to perrin4869.
a/util-linux-2.37.3-x86_64-1.txz: Upgraded.
This release fixes two security mount(8) and umount(8) issues:
An issue related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Improper UID check in libmount allows an unprivileged user to unmount
FUSE filesystems of users with similar UID.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
(* Security fix *)
ap/vim-8.2.4212-x86_64-1.txz: Upgraded.
d/git-2.35.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.16-x86-2.txz: Upgraded.
k/kernel-source-5.15.16-noarch-2.txz: Upgraded.
l/expat-2.4.3-x86_64-2.txz: Rebuilt.
Fix signed integer overflow in function XML_GetBuffer for when
XML_CONTEXT_BYTES is defined to >0 (which is both common and
default). Impact is denial of service or other undefined behavior.
While we're here, also patch a memory leak on output file opening error.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
(* Security fix *)
l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded.
l/glibc-2.33-x86_64-5.txz: Rebuilt.
This update patches two security issues:
Unexpected return value from glibc's realpath().
Off-by-one buffer overflow/underflow in glibc's getcwd().
Thanks to Qualys Research Labs for reporting these issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
(* Security fix *)
l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt.
l/glibc-profile-2.33-x86_64-5.txz: Rebuilt.
l/tdb-1.4.6-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/
xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/inxi-3.3.12_1-noarch-1.txz: Upgraded.
ap/man-db-2.9.4-x86_64-3.txz: Rebuilt.
Don't use --no-purge in the daily cron job to update the databases.
l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt.
Link against neon-0.32.2. Thanks to marav.
n/bind-9.16.25-x86_64-1.txz: Upgraded.
n/ethtool-5.16-x86_64-1.txz: Upgraded.
n/samba-4.15.4-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded.
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side-channel attacks as a result of cache
access patterns.
NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
(* Security fix *)
x/xterm-370-x86_64-6.txz: Rebuilt.
XTerm-console: improve the font settings. Thanks to GazL.
Things haven't quite settled down yet with more bugfixes and a couple of safe
upgrades, so not today folks. But enjoy Slackware's half-birthday anyway! ;-)
ap/slackpkg-15.0.10-noarch-1.txz: Upgraded.
Fix mirrors.ucr.ac.cr link address (Emmet Ford)
Remove wroc.pl mirrors (Emmet Ford)
Remove kddilabs.jp from mirrors (Emmet Ford)
Unattended usage improvements (PiterPUNK)
Create file to flag if the system needs restart (PiterPUNK)
Thanks to Robby Workman.
kde/kstars-3.5.7-x86_64-1.txz: Upgraded.
kde/kwin-5.23.5-x86_64-2.txz: Rebuilt.
[PATCH] Bypass wayland interface blacklisting.
Thanks to LuckyCyborg.
kde/plasma-workspace-5.23.5-x86_64-3.txz: Rebuilt.
[PATCH 1/2] Revert "Drop setupX11 from startplasma-waylandsession."
[PATCH 2/2] Revert "Drop X11 root properties for KDE full session."
Thanks to LuckyCyborg.
l/libical-3.0.13-x86_64-1.txz: Upgraded.
n/p11-kit-0.24.1-x86_64-1.txz: Upgraded.
n/stunnel-5.62-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-4.txz: Rebuilt.
Fixed XTerm-console (previously XTerm.linux.console).
Renamed XTerm.upstream.default to XTerm-upstream.
Thanks to GazL.
xap/fluxbox-1.3.7-x86_64-6.txz: Rebuilt.
[PATCH] replace FbRootWindow::depth with maxDepth.
Thanks to OldHolborn.
xap/geeqie-1.7.1-x86_64-1.txz: Upgraded.
a/aaa_base-15.0-x86_64-3.txz: Rebuilt.
In initial email to root, use the new /var/lib/pkgtools/ paths to the files
for packages and scripts. Thanks to franzen.
a/btrfs-progs-5.16-x86_64-1.txz: Upgraded.
d/python3-3.9.10-x86_64-1.txz: Upgraded.
d/rust-1.58.0-x86_64-1.txz: Upgraded.
kde/digikam-7.5.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-2.txz: Rebuilt.
Applied patch:
[PATCH] Prevent kglobalaccel5 getting activated on non-Plasma systems.
Although this patch was later reverted, I'm on board with the need for it.
If it causes any problems, please let me know soon.
Thanks to Lockywolf.
kde/kid3-3.9.1-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.6.0-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-10.txz: Rebuilt.
Allow the init program to properly supervise sddm when entering runlevel 4.
Thanks to mumahendras3.
l/neon-0.32.2-x86_64-1.txz: Upgraded.
l/netpbm-10.97.02-x86_64-1.txz: Upgraded.
n/postfix-3.6.4-x86_64-1.txz: Upgraded.
x/mesa-21.3.4-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-2.txz: Rebuilt.
Use upstream app-defaults again. Thanks to OldHolborn.
a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded.
This update addresses a multi-step attack on LUKS2 format by orchestrating
LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to
trigger permanent data decryption (ciphertext->plaintext transformation) on
part of data device on next LUKS2 device activation. Attacker does _not_
have to know passphrase or decrypted volume encryption key.
cryptsetup versions older than 2.2.0 are not affected by this, because they
do not support online LUKS2 reencryption.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122
(* Security fix *)
Good hello, and welcome to the third and final release candidate for Slackware
15.0. We're 99% frozen at this point and are mostly looking for regression or
other bug reports that might be able to be addressed before this goes stable.
Of course, the management here reserves the right to make exceptions... that
5.15.15 kernel version has a nice ring to it. If your requests didn't make it
into this iteration, perhaps we will revisit them for the next -current cycle.
Some were just a little too late but will more than likely be needed next time
(I'm looking at Didier's grubconfig), while others are just out of scope for
the main tree where I like to abide by YAGNI as much as possible.
Anyway, let's get some testing done and we'll be there soon. Enjoy! :-)
a/aaa_base-15.0-x86_64-2.txz: Rebuilt.
The Linux Counter has shut down, so remove the registration email.
Update the welcome email for Slackware 15.0.
a/aaa_libraries-15.0-x86_64-13.txz: Rebuilt.
Upgraded: libsigsegv.so.2.0.7.
a/eudev-3.2.11-x86_64-1.txz: Upgraded.
a/haveged-1.9.17-x86_64-1.txz: Upgraded.
a/hdparm-9.63-x86_64-1.txz: Upgraded.
a/kernel-firmware-20220111_13dca28-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.14-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.14-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.14-x86_64-1.txz: Upgraded.
ap/vim-8.2.4065-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.14-x86-1.txz: Upgraded.
d/strace-5.16-x86_64-1.txz: Upgraded.
d/vala-0.54.6-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.14-noarch-1.txz: Upgraded.
VMD m -> y
Thanks to dr.s.
kde/attica-5.90.0-x86_64-1.txz: Upgraded.
kde/baloo-5.90.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.90.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.90.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.90.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.90.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.90.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.90.0-x86_64-1.txz: Upgraded.
kde/karchive-5.90.0-x86_64-1.txz: Upgraded.
kde/kauth-5.90.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.90.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.90.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.90.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.90.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.90.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.90.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.90.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.90.0-x86_64-1.txz: Upgraded.
kde/kdav-5.90.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.90.0-x86_64-1.txz: Upgraded.
kde/kded-5.90.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.90.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.90.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.90.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.90.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.90.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.90.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.90.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.90.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.90.0-x86_64-1.txz: Upgraded.
kde/khtml-5.90.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.90.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.90.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.90.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.90.0-x86_64-1.txz: Upgraded.
kde/kinit-5.90.0-x86_64-1.txz: Upgraded.
kde/kio-5.90.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.90.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.90.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.90.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kjs-5.90.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.90.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.90.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.90.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.90.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.90.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.90.0-x86_64-1.txz: Upgraded.
kde/kparts-5.90.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.90.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.90.0-x86_64-1.txz: Upgraded.
kde/kpty-5.90.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.90.0-x86_64-1.txz: Upgraded.
kde/kross-5.90.0-x86_64-1.txz: Upgraded.
kde/krunner-5.90.0-x86_64-1.txz: Upgraded.
kde/kservice-5.90.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.90.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.90.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.90.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.90.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.90.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.90.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.90.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.90.0-x86_64-1.txz: Upgraded.
kde/latte-dock-0.10.7-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.90.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.90.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.90.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.23.5-x86_64-2.txz: Rebuilt.
[PATCH] [libtaskmanager] Increase buffer for pipewire format negotiation.
Thanks to ZhaoLin1457.
[PATCH] runners/shell: Port from KToolInvocation::invokeTerminal
to KTerminalLauncherJob.
Thanks to gmgf.
kde/prison-5.90.0-x86_64-1.txz: Upgraded.
kde/purpose-5.90.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.90.0-x86_64-1.txz: Upgraded.
kde/solid-5.90.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.90.0-x86_64-1.txz: Upgraded.
kde/syndication-5.90.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.90.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.90.0-x86_64-1.txz: Upgraded.
l/SDL2-2.0.20-x86_64-1.txz: Upgraded.
l/SDL2_ttf-2.0.18-x86_64-1.txz: Upgraded.
l/libsigsegv-2.14-x86_64-1.txz: Upgraded.
l/pango-1.48.11-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.8-x86_64-1.txz: Upgraded.
n/getmail-6.18.6-x86_64-1.txz: Upgraded.
n/iproute2-5.16.0-x86_64-1.txz: Upgraded.
n/metamail-2.7-x86_64-10.txz: Rebuilt.
Fixed misnamed mimencode man page. Thanks to mbeninca.
n/mtr-0.95-x86_64-1.txz: Upgraded.
n/socat-1.7.4.3-x86_64-1.txz: Upgraded.
xap/freerdp-2.5.0-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.5.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.5.0/releasenotes/https://www.mozilla.org/security/advisories/mfsa2022-02/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751
(* Security fix *)
xap/mozilla-thunderbird-91.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.0/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751
(* Security fix *)
xap/vim-gvim-8.2.4065-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/doxygen-1.9.3-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-18.txz: Rebuilt.
netconfig: when DHCP configuration is selected, also add hostname labeled
loopback entries to /etc/hosts. We don't want to have to rely on something
else providing correct name service in order to be able to reach our
machine through its own hostname. This was a regression since the netconfig
shipped with Slackware 14.2.
Thanks to Zexuo.
a/e2fsprogs-1.46.5-x86_64-1.txz: Upgraded.
ap/sqlite-3.37.1-x86_64-1.txz: Upgraded.
n/mutt-2.1.5-x86_64-1.txz: Upgraded.
n/yptools-4.2.3-x86_64-4.txz: Rebuilt.
Added /usr/sbin/yp_dump_binding and /usr/sbin/yptest.
Add a hint about adding "nis" in /etc/pam.d/system-auth to /etc/default/yp.
The --enable-systemd-logind change to xorg-server that caused resume from
suspend regressions (and others) has been reverted, and in retrospect it was
a bad idea to take it at that point, but it had appeared as if it wouldn't
cause problems in the case where Xorg was running as root. Oh well, lesson
learned. But the build script has been enhanced to make it easy to build
rootless versions of the xorg-server packages. Just do this:
ROOTLESSX=YES ./x11.SlackBuild xserver xorg-server
Depending on your GPU, this could work for your use case with no problems.
Also, I've gone ahead and taken a couple of shared library version bumps since
the projects (opencv and poppler) have decent track records as far as not
introducing regressions, and if there are any, we've got time to test and fix.
I'm still avoiding some things that aren't as trusted in that regard, and will
likely continue to do so. :-)
ap/cups-filters-1.28.10-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/ark-21.12.0-x86_64-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] Fix extraction "Dolphin Actions" not abiding "Open destination
folder after extracting" setting.
[PATCH] Do not highlight file after compression.
Thanks to ctrlaltca.
kde/calligra-3.2.1-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/cantor-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/digikam-7.4.0-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.5.5.
kde/kfilemetadata-5.89.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kile-2.9.93-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kitinerary-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/krita-5.0.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/okular-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gegl-0.4.34-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gst-plugins-bad-free-1.18.5-x86_64-3.txz: Rebuilt.
Recompiled against opencv-4.5.5.
l/imagemagick-7.1.0_19-x86_64-1.txz: Upgraded.
l/mlt-7.4.0-x86_64-1.txz: Upgraded.
l/opencv-4.5.5-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-21.12.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/fetchmail-6.4.26-x86_64-1.txz: Upgraded.
n/tin-2.6.1-x86_64-1.txz: Upgraded.
x/ibus-anthy-1.5.14-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-2.txz: Rebuilt.
Recompiled using these options:
--enable-suid-wrapper --enable-install-setuid --disable-systemd-logind.
x/xorg-server-xephyr-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.14-x86_64-2.txz: Rebuilt.
xap/geeqie-1.6-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xap/gimp-2.10.30-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xfce/tumbler-4.16.0-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
extra/rust-for-mozilla/rust-1.54.0-x86_64-3.txz: Added.
This is an alternate version of Rust that may be useful for compiling
software from Mozilla since using the very latest Rust often won't
compile, or produces an unstable build.
ap/vim-8.2.3868-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.89.0-noarch-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] improve installation of light fallback icons
[PATCH] Include "*@*" in the icon_files list for installation
Thanks to Heinz Wiesinger.
l/gtk+3-3.24.31-x86_64-1.txz: Upgraded.
l/zstd-1.5.1-x86_64-1.txz: Upgraded.
n/net-snmp-5.9.1-x86_64-4.txz: Rebuilt.
Moved options for snmpd from rc.snmpd to /etc/default/snmpd.
Thanks to Jakub 'shasta' Jankowski.
xap/vim-gvim-8.2.3868-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-42.txz: Rebuilt.
setup.services: list rc.nfsd. Suggested by alienBOB.
l/expat-2.4.2-x86_64-1.txz: Upgraded.
l/gegl-0.4.34-x86_64-1.txz: Upgraded.
n/httpd-2.4.52-x86_64-1.txz: Upgraded.
SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
Credits: ae 1/4*a-o(R)e 1/4
TengMA(@Te3t123)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
(* Security fix *)
xap/gimp-2.10.30-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.4.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.4.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
(* Security fix *)
xap/xlockmore-5.68-x86_64-1.txz: Upgraded.
xap/xsnow-3.4.2-x86_64-1.txz: Upgraded.
a/kernel-firmware-20211216_f682ecb-noarch-1.txz: Upgraded.
a/kernel-generic-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.9-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.9-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1m-x86_64-1.txz: Upgraded.
ap/inxi-3.3.10_1-noarch-1.txz: Upgraded.
Thanks to h2-1.
d/kernel-headers-5.15.9-x86-1.txz: Upgraded.
d/vala-0.54.5-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.9-noarch-1.txz: Upgraded.
SUNRPC_DEBUG n -> y
+NFS_DEBUG y
Thanks to bassmadrigal.
kde/latte-dock-0.10.5-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.73.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.42-x86_64-1.txz: Upgraded.
n/iputils-20211215-x86_64-1.txz: Upgraded.
n/openssl-1.1.1m-x86_64-1.txz: Upgraded.
n/php-7.4.27-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-1.txz: Upgraded.
Built using --enable-systemd-logind to use elogind for device setup.
Some code changes would be required in xorg-server, xinit, and various login
managers to make rootless X work out of the box or to fall back in cases
where elogind isn't supported, and those changes aren't appropriate here in
the RC stage, but you can try it without recompiling:
chmod 755 /usr/libexec/Xorg*
Thanks to LuckyCyborg.
x/xorg-server-xephyr-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.14-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.14-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.4.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.4.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/nano-6.0-x86_64-1.txz: Upgraded.
kde/kdepim-runtime-21.12.0-x86_64-3.txz: Rebuilt.
Rebuilt with the updated patch that was merged upstream:
[PATCH] POP3: Fix SSL/TLS connections
Thanks to gmgf.
n/bind-9.16.24-x86_64-1.txz: Upgraded.
n/openvpn-2.5.5-x86_64-1.txz: Upgraded.
a/dialog-1.3_20211214-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.8-x86_64-1.txz: Upgraded.
a/sysvinit-3.01-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.8-x86-1.txz: Upgraded.
d/patchelf-0.14.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.8-noarch-1.txz: Upgraded.
l/oniguruma-6.9.7.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.41-x86_64-1.txz: Upgraded.
x/libinput-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.13-x86_64-2.txz: Rebuilt.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
x/xorg-server-xephyr-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-21.1.4-x86_64-1.txz: Upgraded.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
xap/xsnow-3.4.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/slackpkg-15.0.9-noarch-1.txz: Upgraded.
files/mirrors-x86*: Remove bad mirrors from list (Emmet Ford)
Automatically rebuild package lists if missing (Piter PUNK)
xap/seamonkey-2.53.10.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10.1
(* Security fix *)
xap/xsnow-3.4.0-x86_64-1.txz: Upgraded.