a/hwdata-0.319-noarch-1.txz: Upgraded.
d/doxygen-1.8.14-x86_64-3.txz: Upgraded.
Reverted (for now) to avoid segfault in doxygen-1.8.15.
l/libwpg-0.3.3-x86_64-1.txz: Upgraded.
l/libxml2-2.9.9-x86_64-1.txz: Upgraded.
l/libxslt-1.1.33-x86_64-1.txz: Upgraded.
l/python-pillow-5.4.0-x86_64-1.txz: Upgraded.
x/xterm-342-x86_64-1.txz: Upgraded.
testing/packages/wpa_supplicant-2.7-x86_64-3.txz: Rebuilt.
Apply TLSv1 patch from Debian and make some config changes to fix
WPA2-Enterprise. Once we have some testing results on this we'll consider
moving it back into the main tree. Thanks to gablek.
a/kernel-generic-4.19.13-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.13-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.13-x86_64-1.txz: Upgraded.
d/doxygen-1.8.15-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.13-x86-1.txz: Upgraded.
k/kernel-source-4.19.13-noarch-1.txz: Upgraded.
FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER y -> n
l/libsecret-0.18.7-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.6-x86_64-6.txz: Upgraded.
It seems we're not the only ones with broken WPA2-Enterprise support
with wpa_supplicant-2.7, so we'll fix it the same way as everyone else -
by reverting to wpa_supplicant-2.6 for now.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/wpa_supplicant-2.7-x86_64-2.txz: Upgraded.
Applied a patch from Gentoo to allow building CONFIG_IEEE80211X=y without
the experimental CONFIG_FILS=y option.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_elflibs-15.0-x86_64-3.txz: Rebuilt.
Moved libsigsegv.so.2 from /usr/lib{,64} to /lib{,64}.
Upgraded: libcap.so.2.26, libelf-0.175.so, libfuse.so.2.9.8,
libexpat.so.1.6.8, libglib-2.0.so.0.5800.2, libgmodule-2.0.so.0.5800.2,
libgobject-2.0.so.0.5800.2, libgthread-2.0.so.0.5800.2, libjpeg.so.62.3.0,
liblber-2.4.so.2.10.10, libldap-2.4.so.2.10.10, libpng16.so.16.36.0,
libstdc++.so.6.0.25, libtdb.so.1.3.16, libtiff.so.5.4.0,
libtiffxx.so.5.4.0, libturbojpeg.so.0.2.0.
ap/vim-8.1.0648-x86_64-1.txz: Upgraded.
d/nasm-2.14.02-x86_64-1.txz: Upgraded.
d/strace-4.26-x86_64-1.txz: Upgraded.
l/libsigsegv-2.12-x86_64-3.txz: Rebuilt.
Moved shared library into /lib{,64} to avoid problems when /usr is on a
separate partition. Thanks to TommyC7.
But please note: that has never been a recommended configuration (it was
always a bad idea prone to corner-case bugs), and with basically everyone
else moving everything into /usr, no upstream is developing with this
scenario in mind these days. Some of the problems caused by separate /usr
are simply not possibly to fix in a straightforward fashion. Consider it a
completely unsupported configuration choice. While it's not my style to
make the installer refuse to allow it, I won't be bending over backwards
to try to fix bugs related to this in the future. If I recall properly,
the original rationale was to make it possible for /usr to reside on a
shared network partition, which might have made sense back when 40MB was
a typical hard drive size. I can think of no good rationale now (and no,
I don't think making /usr read-only helps security in any tangible way).
n/wget-1.20.1-x86_64-1.txz: Upgraded.
x/xf86-video-chips-1.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-neomagic-1.3.0-x86_64-1.txz: Upgraded.
x/xterm-341-x86_64-1.txz: Upgraded.
xap/audacious-3.10.1-x86_64-1.txz: Upgraded.
xap/audacious-plugins-3.10.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.0648-x86_64-1.txz: Upgraded.
a/coreutils-8.30-x86_64-3.txz: Rebuilt.
Support tmux terms in DIR_COLORS. Thanks to qunying.
a/grep-3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.12-x86_64-1.txz: Upgraded.
a/sed-4.7-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.12-x86-1.txz: Upgraded.
d/rust-1.31.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.12-noarch-1.txz: Upgraded.
l/graphite2-1.3.13-x86_64-1.txz: Upgraded.
l/harfbuzz-2.3.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_19-x86_64-1.txz: Upgraded.
l/lmdb-0.9.23-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.3-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-1.txz: Upgraded.
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)
n/openldap-client-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.9.4-x86_64-1.txz: Upgraded.
x/intel-vaapi-driver-2.3.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/grep-3.2-x86_64-1.txz: Upgraded.
a/sed-4.6-x86_64-1.txz: Upgraded.
d/vala-0.42.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.4.0-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.4.0/releasenotes/
a/btrfs-progs-v4.19.1-x86_64-1.txz: Upgraded.
a/dbus-1.12.12-x86_64-1.txz: Upgraded.
ap/cups-2.2.10-x86_64-1.txz: Upgraded.
ap/cups-filters-1.21.5-x86_64-1.txz: Upgraded.
ap/hplip-3.18.12-x86_64-1.txz: Upgraded.
d/mercurial-4.8.1-x86_64-1.txz: Upgraded.
d/rust-1.31.0-x86_64-1.txz: Upgraded.
l/libpng-1.6.36-x86_64-1.txz: Upgraded.
l/python-idna-2.8-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p12-x86_64-5.txz: Rebuilt.
Fixed logrotate file. Thanks to allend and rworkman.
n/php-7.2.13-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.13
(* Security fix *)
n/wpa_supplicant-2.7-x86_64-1.txz: Upgraded.
x/mesa-18.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-i740-1.4.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.3.3-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/
xfce/thunar-volman-0.9.1-x86_64-1.txz: Upgraded.
ap/texinfo-6.5-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
ap/vim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
d/perl-5.28.1-x86_64-1.txz: Upgraded.
Upgraded DBD-mysql-4.049, DBI-1.642, abd IO-Socket-SSL-2.060.
Added Devel-CheckLib-1.13 (needed by DBD-mysql-4.049).
kde/perlkde-4.14.3-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
kde/perlqt-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/epic5-2.0.1-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/irssi-1.1.1-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/net-snmp-5.8-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/ntp-4.2.8p12-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/hexchat-2.14.2-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/mozilla-thunderbird-60.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.2/releasenotes/
xap/rxvt-unicode-9.22-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/vim-gvim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
xfce/xfce4-systemload-plugin-1.2.2-x86_64-1.txz: Upgraded.
n/mutt-1.11.0-x86_64-2.txz: Rebuilt.
Put info file in /usr/info and compress it.
Don't include /usr/info/dir.
Thanks to Edward Trumbo.
After upgrading this package, you'll need to reinstall the texinfo package
to restore the missing /usr/info/dir file.
n/wget-1.20-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.3-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1a-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-21.txz: Rebuilt.
rc.S: Don't run rc.fuse - udev takes care of the FUSE module and filesystem.
rc.S: Support replacing the /etc/mtab file with a symlink to /proc/mounts.
rc.6: Show more information when unmounting filesystems at shutdown.
ap/ghostscript-9.26-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.11-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://mariadb.com/kb/en/library/mariadb-10311-release-notes/https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3282
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2016-9843
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3174
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3143
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3156
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3251
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3185
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3277
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3162
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3173
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3200
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3284
(* Security fix *)
d/cmake-3.13.0-x86_64-1.txz: Upgraded.
d/git-2.19.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.63-x86-1.txz: Upgraded.
d/kernel-headers-4.19.3-x86-1.txz: Upgraded.
d/vala-0.42.3-x86_64-1.txz: Added.
k/kernel-source-4.19.3-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-3.30.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.30.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.30.0-x86_64-1.txz: Upgraded.
l/atk-2.30.0-x86_64-1.txz: Upgraded.
l/atkmm-2.28.0-x86_64-1.txz: Upgraded.
l/dconf-0.28.0-x86_64-1.txz: Upgraded.
dconf and dconf-editor require Vala; the alternative would be to try to
stick with the old versions forever, and we don't want to do that.
l/dconf-editor-3.30.2-x86_64-1.txz: Upgraded.
l/gcr-3.28.0-x86_64-3.txz: Rebuilt.
Recompiled to add Vala bindings.
l/gdk-pixbuf2-2.38.0-x86_64-1.txz: Upgraded.
l/gexiv2-0.10.9-x86_64-1.txz: Upgraded.
l/glib-networking-2.58.0-x86_64-1.txz: Upgraded.
l/glib2-2.58.1-x86_64-1.txz: Upgraded.
l/glibmm-2.58.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.58.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.1-x86_64-1.txz: Upgraded.
l/gtkmm3-3.24.0-x86_64-1.txz: Upgraded.
l/gvfs-1.38.1-x86_64-1.txz: Upgraded.
l/libcap-2.26-x86_64-1.txz: Upgraded.
l/libpsl-0.20.1-x86_64-1.txz: Added.
Required by libsoup.
l/libsoup-2.64.2-x86_64-1.txz: Upgraded.
l/pangomm-2.42.0-x86_64-1.txz: Upgraded.
l/pygobject3-3.30.2-x86_64-1.txz: Upgraded.
l/vte-0.54.2-x86_64-1.txz: Upgraded.
n/openssl-1.1.1a-x86_64-1.txz: Upgraded.
This update fixes timing side channel attacks on DSA and ECDSA signature
generation that could allow an attacker to recover the private key.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735
(* Security fix *)
x/pixman-0.36.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.7.4-x86_64-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/efibootmgr-16-x86_64-2.txz: Rebuilt.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/efivar-35-x86_64-1.txz: Upgraded.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/hwdata-0.317-noarch-1.txz: Upgraded.
a/lvm2-2.03.01-x86_64-1.txz: Upgraded.
a/quota-4.04-x86_64-1.txz: Upgraded.
ap/cups-2.2.9-x86_64-1.txz: Upgraded.
ap/sysstat-12.0.2-x86_64-1.txz: Upgraded.
d/cscope-15.9-x86_64-1.txz: Upgraded.
d/distcc-3.3.2-x86_64-1.txz: Upgraded.
d/nasm-2.14-x86_64-1.txz: Upgraded.
d/oprofile-1.3.0-x86_64-1.txz: Upgraded.
d/rust-1.30.1-x86_64-1.txz: Upgraded.
l/elfutils-0.174-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.10-x86_64-1.txz: Upgraded.
n/samba-4.9.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.8-x86_64-1.txz: Upgraded.
a/kernel-generic-4.14.77-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.77-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.77-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.77-x86-1.txz: Upgraded.
d/ruby-2.5.3-x86_64-1.txz: Upgraded.
This update fixes bugs and two security issues:
OpenSSL::X509::Name equality check does not work correctly.
Tainted flags are not propagated in Array#pack and String#unpack with
some directives.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16395https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16396
(* Security fix *)
k/kernel-source-4.14.77-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20181008_c6b6265-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.75-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.75-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.75-x86_64-1.txz: Upgraded.
d/git-2.19.1-x86_64-1.txz: Upgraded.
Submodules' "URL"s come from the untrusted .gitmodules file, but we
blindly gave it to "git clone" to clone submodules when "git clone
--recurse-submodules" was used to clone a project that has such a
submodule. The code has been hardened to reject such malformed URLs
(e.g. one that begins with a dash). Credit for finding and fixing this
vulnerability goes to joernchen and Jeff King, respectively.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
(* Security fix *)
d/kernel-headers-4.14.75-x86-1.txz: Upgraded.
d/make-4.2.1-x86_64-4.txz: Rebuilt.
Use a non-blocking read with pselect to avoid hangs.
Thanks to Linux.tar.gz and David Spencer.
d/subversion-1.10.3-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.75-noarch-1.txz: Upgraded.
Config changes since 4.14.74:
FB_HYPERV n -> m
Thanks to walecha.
l/librsvg-2.44.7-x86_64-1.txz: Upgraded.
l/python-pillow-5.3.0-x86_64-1.txz: Upgraded.
n/nghttp2-1.34.0-x86_64-1.txz: Upgraded.
x/libSM-1.2.3-x86_64-1.txz: Upgraded.
x/libX11-1.6.7-x86_64-1.txz: Upgraded.
x/libdrm-2.4.95-x86_64-1.txz: Upgraded.
x/libxcb-1.13.1-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.85.0-x86_64-1.txz: Upgraded.
Thanks to dugan.
xap/gnuplot-5.2.5-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/Cython-0.28.5-x86_64-1.txz: Upgraded.
d/help2man-1.47.7-x86_64-1.txz: Upgraded.
d/meson-0.48.0-x86_64-1.txz: Upgraded.
d/python-setuptools-40.4.3-x86_64-1.txz: Upgraded.
l/M2Crypto-0.30.1-x86_64-1.txz: Upgraded.
l/cairo-1.15.14-x86_64-1.txz: Upgraded.
l/librsvg-2.44.4-x86_64-1.txz: Upgraded.
l/pycairo-1.17.1-x86_64-1.txz: Upgraded.
l/pycurl-7.43.0.2-x86_64-1.txz: Upgraded.
l/pyparsing-2.2.1-x86_64-1.txz: Upgraded.
n/ModemManager-1.8.2-x86_64-1.txz: Upgraded.
n/bind-9.12.2_P2-x86_64-1.txz: Upgraded.
This update fixes security issues:
There was a long-existing flaw in the documentation for ms-self, krb5-self,
ms-subdomain, and krb5-subdomain rules in update-policy statements. Though
the policies worked as intended, operators who configured their servers
according to the misleading documentation may have thought zone updates were
more restricted than they were; users of these rule types are advised to
review the documentation and correct their configurations if necessary. New
rule types matching the previously documented behavior will be introduced in
a future maintenance release.
named could crash during recursive processing of DNAME records when
deny-answer-aliases was in use. This flaw is disclosed in CVE-2018-5740.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740
(* Security fix *)
n/httpd-2.4.35-x86_64-1.txz: Upgraded.
This release fixes bugs and regressions in httpd-2.4.34, adds an
apache2ctl -> apachectl symlink, and no longer automatically
overwrites rc.httpd when upgraded.
a/eudev-3.2.6-x86_64-1.txz: Upgraded.
a/glibc-solibs-2.28-x86_64-2.txz: Upgraded.
a/grub-2.02-x86_64-3.txz: Rebuilt.
Patched to fix compatibility with recent xfsprogs. Thanks to Markus Wiesner.
a/kernel-generic-4.14.71-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.71-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.71-x86_64-1.txz: Upgraded.
ap/opus-tools-0.2-x86_64-1.txz: Upgraded.
ap/sqlite-3.25.1-x86_64-1.txz: Upgraded.
d/icecream-20180905_cdc6ff8-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.71-x86-1.txz: Upgraded.
d/llvm-7.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
k/kernel-source-4.14.71-noarch-1.txz: Upgraded.
l/ffmpeg-3.4.4-x86_64-2.txz: Rebuilt.
Don't try to link with Samba since the latest version is not compatible.
l/glibc-2.28-x86_64-2.txz: Upgraded.
All packages have been patched where needed for glibc-2.28 and compile
tested here. Thanks to nobodino for the help.
l/glibc-i18n-2.28-x86_64-2.txz: Upgraded.
l/glibc-profile-2.28-x86_64-2.txz: Upgraded.
l/gst-plugins-base-1.14.3-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.14.3-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.14.3-x86_64-1.txz: Upgraded.
l/gstreamer-1.14.3-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_11-x86_64-1.txz: Upgraded.
l/libopusenc-0.2-x86_64-1.txz: Added.
l/librsvg-2.44.3-x86_64-1.txz: Upgraded.
l/opus-1.3_rc2-x86_64-1.txz: Upgraded.
l/opusfile-0.11-x86_64-1.txz: Upgraded.
l/soprano-2.9.4-x86_64-3.txz: Rebuilt.
Recompiled to drop virtuoso dependency.
l/virtuoso-ose-6.1.8-x86_64-9.txz: Removed.
Even KDE4 has migrated away from actually using this for anything. The last
thing in Slackware that was dependent on it was Soprano, which has been
recompiled to no longer use it.
n/postfix-3.3.1-x86_64-2.txz: Rebuilt.
Recompiled so that it quits whining about OpenSSL. Thanks to shastah.
x/mesa-18.2.1-x86_64-1.txz: Upgraded.
Compiled against llvm-7.0.0.
x/xf86-video-vmware-13.3.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-7.0.0.
x/xterm-336-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.4-x86_64-2_alsa.txz: Rebuilt.
Don't try to link with Samba since the latest version is not compatible.
extra/pure-alsa-system/gst-plugins-good-1.14.3-x86_64-1_alsa.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/dmidecode-3.2-x86_64-1.txz: Upgraded.
ap/nano-3.1-x86_64-1.txz: Upgraded.
ap/slackpkg-2.83.0-noarch-4.txz: Rebuilt.
Merged two patches from git:
Clarify that a press of "Enter" is needed to confirm kernel change
Mention possible stale mirror if CHECKSUMS.md5 gpg verify fails
Thanks to Mario Preksavec and Robby Workman.
ap/sqlite-3.25.0-x86_64-1.txz: Upgraded.
ap/xorriso-1.5.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.22-x86_64-2.txz: Rebuilt.
Fixed the build script to clear out the build area properly - previously
it was possible for binaries of the wrong $ARCH to end up in the package.
Thanks to reddog83.
n/gnutls-3.6.3-x86_64-2.txz: Rebuilt.
Merged backported SSL/TLS fixes. Thanks to orbea.
n/samba-4.9.0-x86_64-2.txz: Rebuilt.
Recompiled in case the lmdb package was broken.
ap/hplip-3.18.7-x86_64-3.txz: Rebuilt.
Throw away the broken and ill-advised libImageProcessor closed-source blob.
Thanks to Matteo Bernardini.
ap/zsh-5.6.2-x86_64-1.txz: Upgraded.
d/rust-1.29.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.22-x86_64-1.txz: Added.
This is a new dependency of Samba.
n/php-7.2.10-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.10
(* Security fix *)
n/samba-4.9.0-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-18.1.0-x86_64-1.txz: Upgraded.
x/xf86-video-ati-18.1.0-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-20.txz: Rebuilt.
rc.6: it was reported by birdboy that JFS is not properly unmounted unless
the order of unmounting local filesystems followed by remounting the root
filesystem read-only is inverted. I tried that, and although it did get rid
of a "/ filesystem is busy" error during shutdown, the JFS / filesystem was
still checked at boot (and found to be clean). I believe that the existing
order of unmounting non-root filesystems followed by remounting the root
filesystem as read-only is the correct order, and found that putting
another sync between these also gets rid of the error on shutdown, so I've
done that. When using JFS as the root filesystem there's still another
similar error message that's generated earlier in the boot, though. I'm
unable to find any way to shut down a JFS root partition in a way that
leaves it clean enough that fsck will not check it at boot, but it is always
found to be clean so this should only be cosmetic. I recall this behavior of
JFS going all the way back to when it was first added to the kernel. If
anyone has a better fix, I'll take a look at it, but in my opinion it's not
really anything to worry about.
ap/ghostscript-9.25-x86_64-1.txz: Upgraded.
This release fixes problems with argument handling, some unintended
results of the security fixes to the SAFER file access restrictions
(specifically accessing ICC profile files), and some additional
security issues over the recent 9.24 release.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16509
(* Security fix *)
ap/squashfs-tools-20180612_6e242dc-x86_64-1.txz: Upgraded.
Linked against libzstd.so.1. Thanks to alienBOB.
ap/sudo-1.8.25p1-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-4.txz: Rebuilt.
Since baldzhang has pointed out a valid use case for windres on Linux,
we are restoring the "Windows only" utilities, as none of them are
very large and there may be valid uses for the other ones as well.
l/freetype-2.9.1-x86_64-2.txz: Rebuilt.
Patched to build properly if windres is present on the machine.
l/sg3_utils-1.44-x86_64-1.txz: Upgraded.
l/zstd-1.3.5-x86_64-1.txz: Added.
Thanks to alienBOB.
xfce/tumbler-0.2.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Use the ter-114v terminus font. It has been reported that the font we were
using (ter-v14v) restricts the available console colors from 16 to 8 due
to needing an extra bit for the higher number of available glyphs (though
in testing here I couldn't see any difference). The new font covers
ISO8859-1, ISO8859-15, and Windows-1252 codepages. I'm still not sure it's
the best choice, so additional input is welcomed.
Thanks to bormant.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Use the ter-114v terminus font.
a/elilo-3.16-x86_64-8.txz: Rebuilt.
eliloconfig: this was occasionally failing and the issue was traced to the
script's use of tr (not sure why still). Replaced the construct with sed
and the issue seems to have gone away.
a/openssl-solibs-1.1.1-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-3.txz: Rebuilt.
Do not install the Windows-specific tools. Not only are these useless on
Linux, but the presence of windres fools freetype into thinking that it is
on a Windows system, leading to a build failure.
d/git-2.19.0-x86_64-1.txz: Upgraded.
l/freetype-2.9.1-x86_64-1.txz: Upgraded.
l/harfbuzz-1.9.0-x86_64-1.txz: Upgraded.
l/media-player-info-24-noarch-1.txz: Upgraded.
l/pcre2-10.32-x86_64-1.txz: Upgraded.
l/sg3_utils-1.43-x86_64-1.txz: Upgraded.
n/openssl-1.1.1-x86_64-1.txz: Upgraded.
x/fontconfig-2.13.1-x86_64-1.txz: Upgraded.
We had problem reports with fontconfig-2.13.0 which led to it being reverted
but we'll try it again. Please let me know if the issues (with Wine iirc)
persist.
x/libinput-1.12.0-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-23.txz: Rebuilt.
Removed stray cat and loop kludges for lack of reported size, since this
is fixed now in tar.
a/tar-1.30-x86_64-3.txz: Rebuilt.
Fixed a bug in the nolonezero patch that was evidently causing all of the
issues in installpkg that we'd been kludging around (e.g. the "stray cat").
Thanks *very* much to NonNonBa for the patch, and to SeB for the initial
analysis of the problem.
ap/ghostscript-9.24-x86_64-2.txz: Rebuilt.
Applied upstream patch to fix "Filter failed". Thanks to th_r and bamunds.
d/gdb-8.2-x86_64-1.txz: Upgraded.
d/indent-2.2.12-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
installpkg: prevent noise from the "stray cat" if tar hands it a broken
pipe. Thanks to ivandi.
Also (in the comments) provide a possibly better but untested solution.
Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
sysvinit-2.90 added an undocumented feature that tries to spawn agetty
if it sees console= in the kernel command line. Avoiding the debate about
whether this code belongs in init at all, at least such a change should
be documented, and probably made opt-in. This patch disables the new
behavior unless "sysvinit_agetty" is also seen in the kernel command line.
It seems like this might have been something added for Hurd, and it might
be wise to stick to what we've got rather than following upstream on this
particular package. If anyone notices any other odd behavior, please let
me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
When checking for intel_pstate, direct the stderr to /dev/null in case
the file doesn't exist in /sys. Thanks to ivandi.
Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
Patched multiple -dSAFER sandbox bypass vulnerabilities.
Thanks to Tavis Ormandy.
For more information, see:
https://www.ghostscript.com/doc/9.24/News.htmhttps://www.kb.cert.org/vuls/id/332928
(* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for
corrupt symbol version info.
elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
when overriding a dynamic definition.
Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
This update fixes an NTLM password overflow via integer overflow.
For more information, see:
https://curl.haxx.se/docs/CVE-2018-14618.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
(* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/sysvinit-scripts-2.1-noarch-18.txz: Rebuilt.
rc.cpufreq: for CPUs that use intel_pstate, default to the performance
governor. The performance governor provides power savings while avoiding
the ramp-up lag caused by using "ondemand", which defaults to "powersave"
on these systems. Thanks to EdGr.
d/bison-3.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.14.62-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.62-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.62-x86_64-1.txz: Upgraded.
ap/pamixer-1.3.1-x86_64-7.txz: Rebuilt.
Recompiled against boost-1.68.0.
d/cmake-3.12.1-x86_64-1.txz: Upgraded.
d/distcc-3.3-x86_64-3.txz: Rebuilt.
Install masquerade symlinks in /usr/lib${LIBDIRSUFFIX}/distcc/.
d/kernel-headers-4.14.62-x86-1.txz: Upgraded.
k/kernel-source-4.14.62-noarch-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-24.txz: Rebuilt.
Recompiled against boost-1.68.0.
l/akonadi-1.13.0-x86_64-10.txz: Rebuilt.
Recompiled against boost-1.68.0.
l/boost-1.68.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/harfbuzz-1.8.7-x86_64-1.txz: Upgraded.
l/libgsf-1.14.44-x86_64-1.txz: Upgraded.
l/librsvg-2.42.6-x86_64-1.txz: Upgraded.
l/libsoup-2.62.3-x86_64-1.txz: Upgraded.
n/bind-9.12.2_P1-x86_64-1.txz: Upgraded.
Fixed a security issue where named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was in use resulting in a
denial of service. Note that "deny-answer-aliases" is rarely used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740
(* Security fix *)
xap/audacious-3.10-x86_64-1.txz: Upgraded.
xap/audacious-plugins-3.10-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-3.10-x86_64-1_alsa.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/man-db-2.8.4-x86_64-1.txz: Upgraded.
d/gdb-8.1.1-x86_64-1.txz: Upgraded.
d/python-pip-18.0-x86_64-1.txz: Upgraded.
d/python-setuptools-40.0.0-x86_64-1.txz: Upgraded.
d/python3-3.6.6-x86_64-1.txz: Upgraded.
l/libpcap-1.9.0-x86_64-1.txz: Upgraded.
l/pango-1.42.3-x86_64-1.txz: Upgraded.
x/libdrm-2.4.93-x86_64-1.txz: Upgraded.
xap/blueman-2.0.6-x86_64-1.txz: Upgraded.
This update fixes an issue where blueman-mechanism did not enforce the
polkit action 'org.blueman.network.setup' for which a polkit policy is
shipped. This meant that any user with access to the D-Bus system bus was
able to access the related API without authentication. The result was an
unspecified impact on the networking stack.
Thanks to Matthias Gerstner for discovering this issue.
(* Security fix *)
testing/packages/glibc-2.28-x86_64-1.txz: Added.
These packages are in /testing pending FTBFS analysis. They seem to work
fine here, but with a few header file deprecations and some other
possible API changes and incompatibilities (see the NEWS file), I expect
there will be some changes required to various packages. Feel free to
test them out though. Because of changes to the way glibc is built and
installed that started with the glibc-2.27 packages, you can upgrade to
these packages and also (if you wish) downgrade back to glibc-2.27 using
upgradepkg.
testing/packages/glibc-i18n-2.28-x86_64-1.txz: Added.
testing/packages/glibc-profile-2.28-x86_64-1.txz: Added.
testing/packages/glibc-solibs-2.28-x86_64-1.txz: Added.
Hey folks, my first order of business here needs to be a huge thank you to
everyone who has donated at https://paypal.me/volkerdi to help keep this
project going. As most of you are already aware by now, the financal situation
here at Slackware HQ has not been great for many years, including not getting
any pay for the last two years and forcing me (and my family) to live very
frugally while I continued to work on the project hoping I'd figure out a way
to actually monitize it by the time that Slackware 15.0 is ready for release.
I'm not trying to cast any blame regarding the situation. Really, I can only
blame myself for not trying to build my own ship years ago when things began
to not really work out. I'm still looking into sustainable funding options
such as Patreon or Liberapay (or perhaps both), and I'm open to other ideas.
I'm no longer in immediate danger of going broke, and I'm no longer
entertaining the notion of joining my friends at the local potato chip factory
in order to pay my bills. :) My family is grateful and humbled by the support
we've received. Hope we'll be able to keep this project going for a long time.
Also, I realize that the website lacks updates and needs attention and I will
need to find some time to devote to that. I've never been much of a website
designer, and the slackware.com site is basically left over from work done by
former Walnut Creek / BSDi employees. I've never seen able to make much sense
of the SQL backend. The interface to edit and post articles is clunky (and
I'm not sure the PHP for that even works any more). When I've posted articles
in recent years, I've done so by editing the main page already processed from
PHP into HTML, which is pretty darn messy as I'm sure you can imagine. I tend
to prioritize the distribution itself over other demands on my time - that's
clearly a lot to do with how things ended up the way they did.
So, I guess that's the report for now. Lots more work to do and not enough
time to do it in... that part I don't see changing moving forward. :)
Thanks very much again. I'll do my best to keep you all posted.
- Pat
a/file-5.34-x86_64-1.txz: Upgraded.
a/kernel-firmware-20180727_b01151b-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.58-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.58-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.58-x86_64-1.txz: Upgraded.
d/gcc-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-brig-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-g++-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-gfortran-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-gnat-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-go-8.2.0-x86_64-1.txz: Upgraded.
d/gcc-objc-8.2.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.58-x86-1.txz: Upgraded.
d/libtool-2.4.6-x86_64-9.txz: Rebuilt.
Recompiled to update embedded GCC version number.
k/kernel-source-4.14.58-noarch-1.txz: Upgraded.
CRASH_DUMP n -> y
KEXEC n -> y
+KEXEC_JUMP y
+PROC_VMCORE y
l/babl-0.1.54-x86_64-1.txz: Upgraded.
l/gegl-0.4.6-x86_64-1.txz: Upgraded.
l/libart_lgpl-2.3.21-x86_64-2.txz: Removed.
This actually hasn't been needed by any Slackware package since koffice in
KDE3, and this particular version won't work with the Trinity Desktop
Environment, which is essentially a fork of KDE 3.5 updated to compile and
run with modern libraries and development tools. I can't see much point in
keeping it around. Thanks to _gin.
n/NetworkManager-1.12.2-x86_64-1.txz: Upgraded.
n/dhcpcd-7.0.7-x86_64-1.txz: Upgraded.
x/libinput-1.11.3-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.9.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-4.14.57-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.57-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.57-x86_64-1.txz: Upgraded.
a/shadow-4.2.1-x86_64-5.txz: Rebuilt.
adduser: added "input" to additional user groups. Thanks to stormtracknole.
a/sysvinit-scripts-2.1-noarch-14.txz: Rebuilt.
Handle remote (NFS, etc.) mounts with spaces in the name. Thanks to upnort.
d/kernel-headers-4.14.57-x86-1.txz: Upgraded.
d/parallel-20180722-noarch-1.txz: Upgraded.
d/rust-1.27.2-x86_64-1.txz: Upgraded.
d/subversion-1.10.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.57-noarch-1.txz: Upgraded.
l/libgphoto2-2.5.19-x86_64-1.txz: Upgraded.
l/libzip-1.5.1-x86_64-4.txz: Rebuilt.
Make sure that the API-CHANGES file is included in the package documentation.
x/xf86-video-r128-6.11.0-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.0-x86_64-3.txz: Rebuilt.
Applied some patches that other distributions have been using for a while:
Fix glamor so that the return value from glamor_fds_from_pixmap matches
what's expected (thanks to Darth Vader for pointing out these patches).
Autobind secondary GPUs to the master as output sink / offload source. This
seems like a beneficial patch until/unless DEs start to handle this.
For nvidia cards, if they are GeForce 8 or newer use the modesetting driver
by default. Seems to be recommmended by upstream where they indicate that
fixes going into nouveau are primarily to target older cards for legacy
support and that the modesetting ddx is preferable for newer ones:
https://bugs.freedesktop.org/show_bug.cgi?id=94844
x/xorg-server-xephyr-1.20.0-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.0-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.0-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
Use ter-v14v.psf.gz as the consolefont. It supports more character sets, and
the larger font was causing wraparound on UEFI (at least on bare metal here).
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-4.14.55-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.55-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.55-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.55-x86-1.txz: Upgraded.
d/rust-1.27.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.55-noarch-1.txz: Upgraded.
n/bind-9.13.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fixed a bug where extraordinarily large zone transfers caused several
problems, with possible outcomes including corrupted journal files or
server exit due to assertion failure.
Don't permit recursive query service to unauthorized clients.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738
(* Security fix *)
n/curl-7.61.0-x86_64-1.txz: Upgraded.
This update fixes a buffer overflow in SMTP send.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
