Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
extra/llvm-17.0.6-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/cryfs-0.10.3-x86_64-5_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/cups-filters-1.28.17-x86_64-2_slack15.0.txz: Rebuilt.
Mitigate security issue that could lead to a denial of service or
the execution of arbitrary code.
Rebuilt with --with-browseremoteprotocols=none to disable incoming
connections, since this daemon has been shown to be insecure. If you
actually use cups-browsed, be sure to install the new
/etc/cups/cups-browsed.conf.new containing this line:
BrowseRemoteProtocols none
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-47176
(* Security fix *)
patches/packages/espeak-ng-1.50-x86_64-4_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/libvncserver-0.9.13-x86_64-4_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/marisa-0.2.6-x86_64-5_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/mlt-7.4.0-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/mozilla-firefox-115.16.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.16.0/releasenotes/https://www.mozilla.org/security/advisories/mfsa2024-48https://www.cve.org/CVERecord?id=CVE-2024-9392https://www.cve.org/CVERecord?id=CVE-2024-9393https://www.cve.org/CVERecord?id=CVE-2024-9394https://www.cve.org/CVERecord?id=CVE-2024-9401
(* Security fix *)
patches/packages/openobex-1.7.2-x86_64-6_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
patches/packages/pkgtools-15.0-noarch-44_slack15.0.txz: Rebuilt.
makepkg: when looking for ELF objects with --remove-rpaths or
--remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
of the directory or filename.
Also warn about /tmp rpaths after the package is built.
patches/packages/spirv-llvm-translator-13.0.0-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
testing/packages/llvm-18.1.8-x86_64-2_slack15.0.txz: Rebuilt.
Remove rpaths from binaries.
(* Security fix *)
n/php-7.2.15-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.20-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.5-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
Reenabled libsmbclient support.
extra/pure-alsa-system/gst-plugins-good-1.14.4-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-4_alsa.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
pasture/php-5.6.40-x86_64-1.txz: Upgraded.
Several security bugs have been fixed in this release:
GD:
Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
to use-after-free).
Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
Mbstring:
Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
Fixed bug #77371 (heap buffer overflow in mb regex functions -
compile_string_node).
Fixed bug #77381 (heap buffer overflow in multibyte match_at).
Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string).
Fixed bug #77385 (buffer overflow in fetch_token).
Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
Phar:
Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
Xmlrpc:
Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
For more information, see:
https://php.net/ChangeLog-5.php#5.6.40
(* Security fix *)
pasture/php-5.6.39-x86_64-1.txz: Upgraded.
Several security bugs have been fixed in this release:
Segfault when using convert.quoted-printable-encode filter.
Null pointer dereference in imap_mail.
imap_open allows to run arbitrary shell commands via mailbox parameter.
PharData always creates new files with mode 0666.
Heap Buffer Overflow (READ: 4) in phar_parse_pharfile.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.39
(* Security fix *)
a/kernel-firmware-20180913_44d4fca-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.70-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.70-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.70-x86_64-1.txz: Upgraded.
ap/hplip-3.18.7-x86_64-4.txz: Rebuilt.
Applied fixed patch - this has a better chance of working now. I've checked
and hpcups no longer links to libImageProcessor. Which, by the way, the
previous build dumped onto my main system (not even in "make install"),
but not into the package itself. I no longer own an HP printer and will
never buy another one, so if there are any remaining problems please report.
Thanks to Matteo Bernardini.
d/kernel-headers-4.14.70-x86-1.txz: Upgraded.
k/kernel-source-4.14.70-noarch-1.txz: Upgraded.
Config changes since 4.14.69:
CLEANCACHE n -> y
CMA n -> y
MEMORY_FAILURE n -> y
NUMA n -> y
X86_CHECK_BIOS_CORRUPTION n -> y
Z3FOLD m -> y
ZBUD m -> y
ZSMALLOC m -> y
+ACPI_APEI_MEMORY_FAILURE y
+ACPI_NUMA y
+AMD_NUMA y
+CMA_AREAS 7
+CMA_DEBUG n
+CMA_DEBUGFS n
+DMA_CMA n
+HWPOISON_INJECT m
+NEED_MULTIPLE_NODES y
+NODES_SHIFT 6
+NODES_SPAN_OTHER_NODES y
+NUMA_BALANCING n
+NUMA_EMU n
+RAS_CEC n
+USE_PERCPU_NUMA_NODE_ID y
+X86_64_ACPI_NUMA y
+X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK n
n/NetworkManager-1.14.0-x86_64-1.txz: Upgraded.
Added new options: --enable-json-validation --enable-ovs
xap/network-manager-applet-1.8.18-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
pasture/php-5.6.38-x86_64-1.txz: Upgraded.
One security bug has been fixed in this release:
Apache2: XSS due to the header Transfer-Encoding: chunked
For more information, see:
https://php.net/ChangeLog-5.php#5.6.38
(* Security fix *)
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/cups-filters-1.20.4-x86_64-2.txz: Rebuilt.
Recompiled against poppler-0.67.0.
kde/calligra-2.9.11-x86_64-23.txz: Rebuilt.
Recompiled against poppler-0.67.0.
l/ffmpeg-3.4.4-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.14.2-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.14.2-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.14.2-x86_64-1.txz: Upgraded.
l/gstreamer-1.14.2-x86_64-1.txz: Upgraded.
l/poppler-0.67.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/php-7.2.8-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
(* Security fix *)
t/texlive-2018.180630-x86_64-2.txz: Rebuilt.
Recompiled against poppler-0.67.0.
xap/MPlayer-20180720-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.1-x86_64-5.txz: Rebuilt.
Recompiled against poppler-0.67.0.
extra/pure-alsa-system/MPlayer-20180720-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.4-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/gst-plugins-good-1.14.2-x86_64-1_alsa.txz: Upgraded.
pasture/php-5.6.37-x86_64-1.txz: Upgraded.
Several security bugs have been fixed in this release, including:
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
heap-buffer-overflow (READ of size 48) while reading exif data
(* Security fix *)
a/pkgtools-15.0-noarch-13.txz: Rebuilt.
installpkg: default line length for --terselength is the number of columns.
removepkg: added --terse mode.
upgradepkg: default line length for --terselength is the number of columns.
upgradepkg: accept -option in addition to --option.
ap/vim-8.1.0026-x86_64-1.txz: Upgraded.
d/bison-3.0.5-x86_64-1.txz: Upgraded.
e/emacs-26.1-x86_64-1.txz: Upgraded.
kde/kopete-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against libidn-1.35.
n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded.
n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded.
n/libnftnl-1.1.0-x86_64-1.txz: Upgraded.
n/links-2.16-x86_64-2.txz: Rebuilt.
Rebuilt to enable X driver for -g mode.
n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded.
n/nftables-0.8.5-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.11-x86_64-1.txz: Upgraded.
n/ulogd-2.0.7-x86_64-1.txz: Upgraded.
n/whois-5.3.1-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded.
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!
The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Wed Sep 26 01:10:42 UTC 2012
Slackware 14.0 x86_64 stable is released!
We're perfectionists here at Slackware, so this release has been a long
time a-brewing. But we think you'll agree that it was worth the wait.
Slackware 14.0 combines modern components, ease of use, and flexible
configuration... our "KISS" philosophy demands it.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Thanks to everyone who helped make this happen. The Slackware team, the
upstream developers, and (of course) the awesome Slackware user
community.
Have fun! :-)
Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86_64 stable is released!
Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
As always, thanks to the Slackware community for testing, suggestions,
and feedback. :-)
Have fun!