ap/sudo-1.9.15-x86_64-1.txz: Upgraded.
The sudoers plugin has been modified to make it more resilient to ROWHAMMER
attacks on authentication and policy matching.
The sudoers plugin now constructs the user time stamp file path name using
the user-ID instead of the user name. This avoids a potential problem with
user names that contain a path separator ('/') being interpreted as part of
the path name.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-42465https://www.cve.org/CVERecord?id=CVE-2023-42456
(* Security fix *)
ap/vim-9.0.2092-x86_64-1.txz: Upgraded.
l/libuv-1.47.0-x86_64-1.txz: Upgraded.
l/xapian-core-1.4.24-x86_64-1.txz: Upgraded.
n/bind-9.18.19-x86_64-2.txz: Rebuilt.
Don't go automatically chowning files in /var/named, since some users may
have special requirements. But in case anyone finds that behavior useful,
you may set NAMED_CHOWN=YES in /etc/default/named to turn it back on.
Unless anyone has a good objection to it, this change is considered pending
for the next BIND upgrades in -stable.
Thanks to Mig21.
xap/vim-gvim-9.0.2092-x86_64-1.txz: Upgraded.
a/coreutils-9.0-x86_64-1.txz: Upgraded.
Thanks to GazL for pointing out where I needed to be looking in the code to
stick with the traditional (for us, anyway) ls quoting style.
n/ca-certificates-20210924-noarch-1.txz: Upgraded.
Removed DST_Root_CA_X3.crt.
n/cifs-utils-6.14-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-17.txz: Rebuilt.
Added named:named (53:53) user and group.
a/kernel-firmware-20210915_198ac65-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.4-x86_64-1.txz: Upgraded.
ap/sudo-1.9.8-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.4-x86-1.txz: Upgraded.
k/kernel-source-5.14.4-noarch-1.txz: Upgraded.
kde/breeze-icons-5.85.0-noarch-2.txz: Rebuilt.
Patched with upstream commit to allow using this icon theme with Xfce.
l/fluidsynth-2.2.3-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.5-x86_64-1.txz: Upgraded.
l/qca-2.3.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.32.10-x86_64-3.txz: Rebuilt.
Switch to dhcp=internal to avoid problems swimming upstream.
For those looking for a fix to continue using dhcpcd, a PRIVSEP build
variable was added to the SlackBuild, and you may produce a fully
NetworkManager compatible dhcpcd package with this command:
PRIVSEP=no ./dhcpcd.SlackBuild
Privilege separation remains the dhcpcd package default as we don't want
to weaken security for those using rc.inet1 along with dhcpcd.
Some additional comments about this were added to 00-dhcp-client.conf
mentioning this and the workaround of killing dhcpcd manually when
resuming with the stock dhcpcd package.
n/bind-9.16.21-x86_64-1.txz: Upgraded.
Fixed call to rndc-confgen in the install script.
Make /etc/rndc.key owned by named:named.
Run named as named:named by default (configurable in /etc/default/named).
rc.bind: chown /run/named and /var/named to configured user:group.
Thanks to Ressy for prompting this cleanup. :)
n/curl-7.79.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
clear the leftovers pointer when sending succeeds.
do not ignore --ssl-reqd.
reject STARTTLS server response pipelining.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
(* Security fix *)
n/links-2.24-x86_64-1.txz: Upgraded.
n/wireguard-tools-1.0.20210914-x86_64-1.txz: Upgraded.
x/libinput-1.19.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.28-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/gzip-1.11-x86_64-1.txz: Upgraded.
a/kernel-firmware-20210903_2984e26-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.1-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.1-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.1-x86-1.txz: Upgraded.
k/kernel-source-5.14.1-noarch-1.txz: Upgraded.
kde/kstars-3.5.4-x86_64-1.txz: Upgraded.
n/bind-9.16.20-x86_64-2.txz: Rebuilt.
rc.bind: Fixed typo: $RDNC_OPTIONS -> $RNDC_OPTIONS
rc.bind: Allow a 10 second (default) timeout for rndc to stop BIND. At that
point if BIND is still running, use killall -SIGTERM to stop it.
Thanks to akschu.
xap/ssr-0.4.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/dialog-1.3_20200228-x86_64-1.txz: Upgraded.
l/Mako-1.1.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_27-x86_64-1.txz: Upgraded.
l/libcap-2.33-x86_64-1.txz: Upgraded.
n/bind-9.16.0-x86_64-2.txz: Rebuilt.
rc.bind: ensure /var/run/named exists before starting named. Thanks to MarcT.
rc.bind: when stopping named, only kill processes in the current namespace.
x/libevdev-1.9.0-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.20-noarch-1.txz: Upgraded.
xap/seamonkey-2.53.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.1
(* Security fix *)
testing/packages/PAM/libcap-2.33-x86_64-1_pam.txz: Upgraded.
a/ed-1.16-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.14-x86_64-3.txz: Rebuilt.
Rebuilt to add wayland backend.
l/libuv-1.34.2-x86_64-1.txz: Added.
This is needed by bind-9.16.0.
l/qt5-5.13.2-x86_64-2.txz: Rebuilt.
Rebuilt to add wayland support.
Use the system ffmpeg, not the bundled one.
n/bind-9.16.0-x86_64-1.txz: Upgraded.
rc.bind: don't change file ownerships in /var/named. Thanks to voegelas.
n/proftpd-1.3.6c-x86_64-1.txz: Upgraded.
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *)
x/libinput-1.15.2-x86_64-1.txz: Upgraded.
x/xkbcomp-1.4.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/proftpd-1.3.6c-x86_64-1_pam.txz: Upgraded.
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *)
l/gtk+3-3.24.14-x86_64-2.txz: Rebuilt.
Rebuilt with -DG_ENABLE_DEBUG. Thanks to Bindestreck.
Also built with -DG_DISABLE_CAST_CHECKS and -Dbroadway_backend=true.
l/imagemagick-7.0.9_24-x86_64-1.txz: Upgraded.
n/bind-9.14.10-x86_64-2.txz: Rebuilt.
rc.bind: make sure it works with a non-root user specified in $NAMED_OPTIONS.
Thanks to Luigi Trovato.
n/tin-2.4.4-x86_64-1.txz: Upgraded.
xap/blackbox-0.76-x86_64-1.txz: Upgraded.
testing/packages/PAM/libcap-2.32-x86_64-1_pam.txz: Upgraded.
Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86_64 stable is released!
Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
As always, thanks to the Slackware community for testing, suggestions,
and feedback. :-)
Have fun!
Wed Aug 26 10:00:38 CDT 2009
Slackware 13.0 x86_64 is released as stable! Thanks to everyone who
helped make this release possible -- see the RELEASE_NOTES for the
credits. The ISOs are off to the replicator. This time it will be a
6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We're taking pre-orders now at store.slackware.com. Please consider
picking up a copy to help support the project. Once again, thanks to
the entire Slackware community for all the help testing and fixing
things and offering suggestions during this development cycle.
As always, have fun and enjoy! -P.