Fri Jul 27 17:15:24 UTC 2012 patches/packages/bind-9.7.6_P2-i486-1_slack12.0.tgz: Upgraded. Prevents a named assert (crash) when validating caused by using "Bad cache" data before it has been initialized. [RT #30025] ISC_QUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak. This rarely occurred with UDP clients, but could be a significant problem for a server handling a steady rate of TCP queries. [RT #29539 & #30233] Under heavy incoming TCP query loads named could experience a memory leak which could lead to significant reductions in query response or cause the server to be terminated on systems with "out of memory" killers. [RT #29539] A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. [RT #29644] (* Security fix *) +--------------------------+ Wed Jul 25 02:02:40 UTC 2012 patches/packages/libpng-1.2.50-i486-1_slack12.0.tgz: Upgraded. Fixed incorrect type (int copy should be png_size_t copy) in png_inflate() (fixes CVE-2011-3045). Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386 (* Security fix *) +--------------------------+ Sun Jul 22 19:45:25 UTC 2012 patches/packages/php-5.3.15-i486-1_slack12.0.tgz: Upgraded. Fixed potential overflow in _php_stream_scandir (CVE-2012-2688). (Thanks to Jason Powell, Stas) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2688 (* Security fix *) +--------------------------+ Wed Jul 18 05:35:26 UTC 2012 patches/packages/libexif-0.6.21-i486-1_slack12.0.tgz: Upgraded. This update fixes a number of remotely exploitable issues in libexif with effects ranging from information leakage to potential remote code execution. For more information, see: http://sourceforge.net/mailarchive/message.php?msg_id=29534027 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845 (* Security fix *) +--------------------------+ Fri Jul 13 23:14:15 UTC 2012 patches/packages/php-5.3.14-i486-1_slack12.0.tgz: Upgraded. This release fixes a weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. (* Security fix *) +--------------------------+ Mon Jun 25 02:32:37 UTC 2012 patches/packages/freetype-2.4.10-i486-1_slack12.0.tgz: Upgraded. Since freetype-2.4.8 many fixes were made to better handle invalid fonts. Many of them are vulnerabilities (see CVE-2012-1126 up to CVE-2012-1144 and SA48320) so all users should upgrade. (* Security fix *) +--------------------------+ Thu Jun 14 05:02:39 UTC 2012 #################################################################### # NOTICE OF INPENDING EOL (END OF LIFE) FOR OLD SLACKWARE VERSIONS # # # # Effective August 1, 2012, security patches will no longer be # # provided for the following versions of Slackware (which will all # # be more than 5 years old at that time): # # Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0. # # If you are still running these versions you should consider # # migrating to a newer version (preferably as recent as possible). # # Alternately, you may make arrangements to handle your own # # security patches. If for some reason you are unable to upgrade # # or handle your own security patches, limited security support # # may be available for a fee. Inquire at security@slackware.com. # #################################################################### patches/packages/bind-9.7.6_P1-i486-1_slack12.0.tgz: Upgraded. This release fixes an issue that could crash BIND, leading to a denial of service. It also fixes the so-called "ghost names attack" whereby a remote attacker may trigger continued resolvability of revoked domain names. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667 IMPORTANT NOTE: This is a upgraded version of BIND, _not_ a patched one. It is likely to be more strict about the correctness of configuration files. Care should be taken about deploying this upgrade on production servers to avoid an unintended interruption of service. (* Security fix *) +--------------------------+ Wed May 23 00:14:52 UTC 2012 patches/packages/libxml2-2.6.32-i486-2_slack12.0.tgz: Upgraded. Patched an off-by-one error in XPointer that could lead to a crash or possibly the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102 (* Security fix *) +--------------------------+ Sat May 19 19:03:37 UTC 2012 patches/packages/openssl-0.9.8x-i486-1_slack12.0.tgz: Upgraded. This is a very minor security fix: o Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 (* Security fix *) patches/packages/openssl-solibs-0.9.8x-i486-1_slack12.0.tgz: Upgraded. This is a very minor security fix: o Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 (* Security fix *) +--------------------------+ Tue May 8 21:21:10 UTC 2012 patches/packages/php-5.3.13-i486-1_slack12.0.tgz: Upgraded. This release completes a fix for a vulnerability in CGI-based setups. Note: mod_php and php-fpm are not vulnerable to this attack. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311 (* Security fix *) +--------------------------+ Fri Apr 27 01:07:23 UTC 2012 patches/packages/openssl-0.9.8w-i486-1_slack12.0.tgz: Upgraded. Fixes some potentially exploitable buffer overflows. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 (* Security fix *) patches/packages/openssl-solibs-0.9.8w-i486-1_slack12.0.tgz: Upgraded. Fixes some potentially exploitable buffer overflows. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 (* Security fix *) +--------------------------+ Mon Apr 23 18:18:31 UTC 2012 patches/packages/openssl-0.9.8v-i486-1_slack12.0.tgz: Upgraded. Fixes some potentially exploitable buffer overflows. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 (* Security fix *) patches/packages/openssl-solibs-0.9.8v-i486-1_slack12.0.tgz: Upgraded. Fixes some potentially exploitable buffer overflows. Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 (* Security fix *) +--------------------------+ Wed Apr 11 17:16:32 UTC 2012 patches/packages/samba-3.0.37-i486-5_slack12.0.tgz: Rebuilt. This is a security release in order to address a vulnerability that allows remote code execution as the "root" user. All sites running a Samba server should update to the new Samba package and restart Samba. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 (* Security fix *) +--------------------------+ Sat Apr 7 21:48:42 UTC 2012 patches/packages/libtiff-3.8.2-i486-6_slack12.0.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 (* Security fix *) +--------------------------+ Wed Feb 22 18:14:58 UTC 2012 patches/packages/libpng-1.2.47-i486-1_slack12.0.tgz: Upgraded. All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57, respectively, fail to correctly validate a heap allocation in png_decompress_chunk(), which can lead to a buffer-overrun and the possibility of execution of hostile code on 32-bit systems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 (* Security fix *) +--------------------------+ Wed Feb 8 01:21:42 UTC 2012 patches/packages/apr-util-1.4.1-i486-1_slack12.0.tgz: Upgraded. Version bump for httpd upgrade. patches/packages/httpd-2.2.22-i486-1_slack12.0.tgz: Upgraded. *) SECURITY: CVE-2011-3368 (cve.mitre.org) Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton] *) SECURITY: CVE-2011-3607 (cve.mitre.org) Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames] *) SECURITY: CVE-2011-4317 (cve.mitre.org) Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton] *) SECURITY: CVE-2012-0021 (cve.mitre.org) mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format string is in use and a client sends a nameless, valueless cookie, causing a denial of service. The issue existed since version 2.2.17. PR 52256. [Rainer Canavan ] *) SECURITY: CVE-2012-0031 (cve.mitre.org) Fix scoreboard issue which could allow an unprivileged child process could cause the parent to crash at shutdown rather than terminate cleanly. [Joe Orton] *) SECURITY: CVE-2012-0053 (cve.mitre.org) Fix an issue in error responses that could expose "httpOnly" cookies when no custom ErrorDocument is specified for status code 400. [Eric Covener] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 (* Security fix *) patches/packages/php-5.3.10-i486-1_slack12.0.tgz: Upgraded. Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 (* Security fix *) patches/packages/proftpd-1.3.4a-i486-1_slack12.0.tgz: Upgraded. This update fixes a use-after-free() memory corruption error, and possibly other unspecified issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130 (* Security fix *) patches/packages/vsftpd-2.3.5-i486-1_slack12.0.tgz: Upgraded. Minor version bump, this also works around a hard to trigger heap overflow in glibc (glibc zoneinfo caching vuln). For there to be any possibility to trigger the glibc bug within vsftpd, the non-default option "chroot_local_user" must be set in /etc/vsftpd.conf. Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-) Nevertheless: (* Security fix *) +--------------------------+ Wed Feb 1 23:14:56 UTC 2012 patches/packages/freetype-2.4.8-i486-1_slack12.0.tgz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 (* Security fix *) patches/packages/openssl-0.9.8t-i486-1_slack12.0.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 (* Security fix *) patches/packages/openssl-solibs-0.9.8t-i486-1_slack12.0.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 (* Security fix *) +--------------------------+ Thu Nov 17 02:09:25 UTC 2011 patches/packages/bind-9.4_ESV_R5_P1-i486-1_slack12.0.tgz: Upgraded. --- 9.4-ESV-R5-P1 released --- 3218. [security] Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [RT #26590] (* Security fix *) +--------------------------+ Fri Nov 11 18:58:21 UTC 2011 Good 11-11-11, everyone! Enjoy some fresh time. :) patches/packages/glibc-zoneinfo-2011i_2011n-noarch-1.tgz: Upgraded. New upstream homepage: http://www.iana.org/time-zones +--------------------------+ Tue Oct 11 07:50:04 UTC 2011 patches/packages/httpd-2.2.21-i486-1_slack12.0.tgz: Upgraded. Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348 Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. [] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 (* Security fix *) +--------------------------+ Sun Sep 4 02:17:37 UTC 2011 patches/packages/httpd-2.2.20-i486-1_slack12.0.tgz: Upgraded. SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 (* Security fix *) +--------------------------+ Thu Aug 25 09:10:45 UTC 2011 patches/packages/php-5.3.8-i486-1_slack12.0.tgz: Upgraded. Security fixes vs. 5.3.6 (5.3.7 was not usable): Updated crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash in error_log(). Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt(). Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483 For those upgrading from PHP 5.2.x, be aware that quite a bit has changed, and it will very likely not 'drop in', but PHP 5.2.x is not supported by php.net any longer, so there wasn't a lot of choice in the matter. We're not able to support a security fork of PHP 5.2.x here either, so you'll have to just bite the bullet on this. You'll be better off in the long run. :) (* Security fix *) +--------------------------+ Fri Aug 12 23:20:00 UTC 2011 patches/packages/bind-9.4_ESV_R5-i486-1_slack12.0.tgz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 (* Security fix *) +--------------------------+ Fri Jul 29 18:22:40 UTC 2011 patches/packages/libpng-1.2.46-i486-1_slack12.0.tgz: Upgraded. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 (* Security fix *) +--------------------------+ Mon Jun 20 00:49:34 UTC 2011 patches/packages/fetchmail-6.3.20-i486-1_slack12.0.tgz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt (* Security fix *) +--------------------------+ Fri May 27 22:56:00 UTC 2011 patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz: Upgraded. This release fixes security issues: * A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] * Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631] For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 (* Security fix *) +--------------------------+ Wed May 25 20:03:16 UTC 2011 patches/packages/apr-1.4.5-i486-1_slack12.0.tgz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 (* Security fix *) patches/packages/apr-util-1.3.12-i486-1_slack12.0.tgz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). patches/packages/httpd-2.2.19-i486-1_slack12.0.tgz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. +--------------------------+ Fri May 13 20:30:07 UTC 2011 patches/packages/apr-1.4.4-i486-1_slack12.0.tgz: Upgraded. This fixes a possible denial of service due to an unconstrained, recursive invocation of apr_fnmatch(). This function has been reimplemented using a non-recursive algorithm. Thanks to William Rowe. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 (* Security fix *) patches/packages/apr-util-1.3.11-i486-1_slack12.0.tgz: Upgraded. patches/packages/httpd-2.2.18-i486-1_slack12.0.tgz: Upgraded. This is a bug fix release, but since the upgrades to apr/apr-util require at least an httpd recompile we opted to upgrade to the newest httpd. +--------------------------+ Thu Apr 21 03:13:14 UTC 2011 patches/packages/rdesktop-1.6.0-i486-2_slack12.0.tgz: Rebuilt. Patched a traversal vulnerability (disallow /.. requests). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595 (* Security fix *) +--------------------------+ Mon Apr 18 19:59:50 UTC 2011 patches/packages/acl-2.2.50-i486-1_slack12.0.tgz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent symlink attacks. Thanks to Martijn Dekker for the notification. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411 (* Security fix *) +--------------------------+ Fri Apr 8 06:58:48 UTC 2011 patches/packages/libtiff-3.8.2-i486-5_slack12.0.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 (* Security fix *) +--------------------------+ Thu Apr 7 04:07:29 UTC 2011 patches/packages/dhcp-3.1_ESV_R1-i486-1_slack12.0.tgz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 (* Security fix *) +--------------------------+ Wed Apr 6 06:32:00 UTC 2011 patches/packages/xrdb-1.0.9-i486-1_slack12.0.tgz: Upgraded. This fixes a security issue where improperly sanitized input could lead to privilege escalation or arbitrary command execution as root. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 (* Security fix *) +--------------------------+ Tue Apr 5 05:10:33 UTC 2011 patches/packages/proftpd-1.3.3e-i486-1_slack12.0.tgz: Upgraded. Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137 (* Security fix *) +--------------------------+ Fri Mar 11 20:10:16 UTC 2011 patches/packages/pidgin-2.7.11-i486-1_slack12.0.tgz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due to improper handling of malformed YMSG packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091 (* Security fix *) +--------------------------+ Fri Mar 11 06:34:03 UTC 2011 patches/packages/subversion-1.5.9-i486-1_slack12.0.tgz: Upgraded. Fixed a remotely triggerable NULL-pointer dereference in mod_dav_svn. For more information, see: http://subversion.apache.org/security/CVE-2011-0715-advisory.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 (* Security fix *) +--------------------------+ Mon Feb 28 22:19:08 UTC 2011 patches/packages/samba-3.0.37-i486-4_slack12.0.tgz: Rebuilt. Fix memory corruption denial of service issue. For more information, see: http://www.samba.org/samba/security/CVE-2011-0719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719 (* Security fix *) +--------------------------+ Fri Feb 25 01:10:49 UTC 2011 patches/packages/pidgin-2.7.10-i486-1_slack12.0.tgz: Upgraded. Fixed potential information disclosure issue in libpurple. (* Security fix *) +--------------------------+ Thu Feb 10 21:19:38 UTC 2011 patches/packages/apr-1.3.12-i486-1_slack12.0.tgz: Upgraded. patches/packages/apr-util-1.3.10-i486-1_slack12.0.tgz: Upgraded. Fixes a memory leak and DoS in apr_brigade_split_line(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 (* Security fix *) patches/packages/expat-2.0.1-i486-2_slack12.0.tgz: Upgraded. Fixed various crash and hang bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 (* Security fix *) patches/packages/httpd-2.2.17-i486-1_slack12.0.tgz: Upgraded. This fixes some denial of service bugs in the bundled libraries. On Slackware we do not use the bundled expat or apr-util, so the issues are also fixed in those external libraries. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 (* Security fix *) patches/packages/openssl-0.9.8r-i486-1_slack12.0.tgz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20110208.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 (* Security fix *) Patched certwatch to work with recent versions of "file". Thanks to Ulrich Schäfer and Jan Rafaj. patches/packages/openssl-solibs-0.9.8r-i486-1_slack12.0.tgz: Upgraded. (* Security fix *) patches/packages/sudo-1.7.4p6-i486-1_slack12.0.tgz: Upgraded. Fix Runas group password checking. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0010 (* Security fix *) +--------------------------+ Mon Jan 10 20:03:00 UTC 2011 patches/packages/php-5.2.17-i486-1_slack12.0.tgz: Upgraded. This update fixes an infinite loop with conversions from string to double that may result in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 (* Security fix *) +--------------------------+ Mon Dec 27 18:47:35 UTC 2010 patches/packages/pidgin-2.7.9-i486-1_slack12.0.tgz: Upgraded. Fixed denial-of-service flaw in the MSN protocol. (* Security fix *) +--------------------------+ Sat Dec 25 03:52:39 UTC 2010 patches/packages/php-5.2.16-i486-2_slack12.0.tgz: Rebuilt. This update fixes a wrong (/usr/lib64/) path in the sample php.ini files. Thanks to Steven Masta. +--------------------------+ Fri Dec 24 00:53:19 UTC 2010 patches/packages/php-5.2.16-i486-1_slack12.0.tgz: Upgraded. This fixes many bugs, including some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150 (* Security fix *) patches/packages/proftpd-1.3.3d-i486-1_slack12.0.tgz: Upgraded. This update fixes an unbounded copy operation in sql_prepare_where() that could be exploited to execute arbitrary code. However, this only affects servers that use the sql_mod module (which Slackware does not ship), and in addition the ability to exploit this depends on an SQL injection bug that was already fixed in proftpd-1.3.2rc2 (this according to upstream). So in theory, this fix should only be of academic interest. But in practice, better safe than sorry. (* Security fix *) +--------------------------+ Thu Dec 16 18:57:05 UTC 2010 patches/packages/bind-9.4_ESV_R4-i486-1_slack12.0.tgz: Upgraded. This update fixes some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 (* Security fix *) +--------------------------+ Tue Dec 7 05:01:53 UTC 2010 patches/packages/openssl-0.9.8q-i486-1_slack12.0.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101202.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252 (* Security fix *) patches/packages/openssl-solibs-0.9.8q-i486-1_slack12.0.tgz: Upgraded. (* Security fix *) +--------------------------+ Tue Nov 30 23:12:00 UTC 2010 patches/packages/pidgin-2.7.7-i486-1_slack12.0.tgz: Upgraded. This update fixes connection issues for AIM and MSN. +--------------------------+ Mon Nov 29 22:00:24 UTC 2010 patches/packages/cups-1.3.11-i486-1_slack12.0.tgz: Upgraded. Fixed memory corruption bugs that could lead to a denial of service or possibly execution of arbitrary code through a crafted IPP request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 (* Security fix *) +--------------------------+ Mon Nov 22 04:11:40 UTC 2010 patches/packages/openssl-0.9.8p-i486-1_slack12.0.tgz: Rebuilt. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101116.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 (* Security fix *) patches/packages/openssl-solibs-0.9.8p-i486-1_slack12.0.tgz: Rebuilt. (* Security fix *) +--------------------------+ Sat Nov 20 21:20:27 UTC 2010 patches/packages/xpdf-3.02pl5-i486-1_slack12.0.tgz: Upgraded. This update fixes security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 (* Security fix *) patches/packages/poppler-0.6.2-i486-3_slack12.0.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl5. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 (* Security fix *) +--------------------------+ Mon Nov 1 23:21:39 UTC 2010 patches/packages/pidgin-2.7.5-i486-1_slack12.0.tgz: Upgraded. This update addresses some denial of service bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 (* Security fix *) patches/packages/proftpd-1.3.3c-i486-1_slack12.0.tgz: Upgraded. Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925), which can allow remote execution of arbitrary code as the user running the ProFTPD daemon. Thanks to TippingPoint and the Zero Day Initiative (ZDI). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867 (* Security fix *) +--------------------------+ Thu Oct 28 22:13:53 UTC 2010 patches/packages/glibc-2.5-i486-6_slack12.0.tgz: Rebuilt. Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root by specifying an unsafe DSO in the library search path to be used with a setuid binary in LD_AUDIT mode. Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://seclists.org/fulldisclosure/2010/Oct/344 (* Security fix *) patches/packages/glibc-i18n-2.5-noarch-6_slack12.0.tgz: Rebuilt. patches/packages/glibc-profile-2.5-i486-6_slack12.0.tgz: Rebuilt. patches/packages/glibc-solibs-2.5-i486-6_slack12.0.tgz: Rebuilt. (* Security fix *) patches/packages/glibc-zoneinfo-2.5-noarch-9_slack12.0.tgz: Rebuilt. Rebuilt to tzcode2010n and tzdata2010n. +--------------------------+ Wed Oct 20 21:54:05 UTC 2010 patches/packages/glibc-2.5-i486-5_slack12.0.tgz: Rebuilt. Patched "dynamic linker expands $ORIGIN in setuid library search path". This security issue allows a local attacker to gain root if they can create a hard link to a setuid root binary. Thanks to Tavis Ormandy. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://seclists.org/fulldisclosure/2010/Oct/257 (* Security fix *) patches/packages/glibc-i18n-2.5-noarch-5_slack12.0.tgz: Rebuilt. patches/packages/glibc-profile-2.5-i486-5_slack12.0.tgz: Rebuilt. patches/packages/glibc-solibs-2.5-i486-5_slack12.0.tgz: Rebuilt. patches/packages/glibc-zoneinfo-2.5-noarch-5_slack12.0.tgz: Rebuilt. +--------------------------+ Mon Sep 20 18:39:57 UTC 2010 patches/packages/bzip2-1.0.6-i486-1_slack12.0.tgz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 (* Security fix *) +--------------------------+ Wed Sep 15 18:51:21 UTC 2010 patches/packages/sudo-1.7.4p4-i486-3_slack12.0.tgz: Rebuilt. Hi folks, since the patches for old systems (8.1 - 10.2) were briefly available containing a /var/lib with incorrect permissions, I'm issuing these again just to be 100% sure that no systems out there will be left with problems due to that. This should do it (third time's the charm). +--------------------------+ Wed Sep 15 05:58:55 UTC 2010 patches/packages/sudo-1.7.4p4-i486-2_slack12.0.tgz: Rebuilt. The last sudo packages accidentally changed the permissions on /var from 755 to 700. This build restores the proper permissions. Thanks to Petri Kaukasoina for pointing this out. +--------------------------+ Wed Sep 15 00:41:13 UTC 2010 patches/packages/samba-3.0.37-i486-3_slack12.0.tgz: Upgraded. This upgrade fixes a buffer overflow in the sid_parse() function. For more information, see: http://www.samba.org/samba/security/CVE-2010-3069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069 (* Security fix *) patches/packages/sudo-1.7.4p4-i486-1_slack12.0.tgz: Upgraded. This fixes a flaw that could lead to privilege escalation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956 (* Security fix *) +--------------------------+ Fri Aug 27 00:23:17 UTC 2010 patches/packages/gnupg2-2.0.4-i486-2_slack12.0.tgz: Rebuilt. Patched to fix "Realloc Bug with X.509 certificates in GnuPG". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 (* Security fix *) patches/packages/httpd-2.2.16-i486-1_slack12.0.tgz: Upgraded. Fix Handling of requests without a path segment. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 (* Security fix *) patches/packages/php-5.2.14-i486-1_slack12.0.tgz: Upgraded. Fixed several security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html (* Security fix *) patches/packages/pidgin-2.7.3-i486-1_slack12.0.tgz: Upgraded. This fixes a crash due to malformed X-Status messages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 (* Security fix *) patches/packages/xorg-server-1.3.0.0-i486-3_slack12.0.tgz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240 (* Security fix *) patches/packages/xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz: Rebuilt. patches/packages/xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz: Rebuilt. patches/packages/xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz: Rebuilt. +--------------------------+ Wed Jun 30 04:51:49 UTC 2010 patches/packages/libtiff-3.8.2-i486-4_slack12.0.tgz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 (* Security fix *) patches/packages/libpng-1.2.44-i486-1_slack12.0.tgz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 (* Security fix *) +--------------------------+ Fri Jun 25 05:28:02 UTC 2010 patches/packages/bind-9.4.3_P5-i486-1_slack12.0.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 (* Security fix *) +--------------------------+ Fri Jun 18 18:09:28 UTC 2010 patches/packages/samba-3.0.37-i486-2_slack12.0.tgz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 (* Security fix *) +--------------------------+ Tue May 18 18:30:53 UTC 2010 patches/packages/pidgin-2.7.0-i486-1_slack12.0.tgz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 (* Security fix *) +--------------------------+ Sun May 16 20:01:28 UTC 2010 patches/packages/fetchmail-6.3.17-i486-1_slack12.0.tgz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 (* Security fix *) +--------------------------+ Fri Apr 30 01:07:12 UTC 2010 patches/packages/irssi-0.8.15-i486-2_slack12.0.tgz: Rebuilt. Sorry, the perl modules were a mess in that last build on systems that don't use a vendor_perl dir. This should work better. +--------------------------+ Thu Apr 22 19:13:54 UTC 2010 patches/packages/irssi-0.8.15-i486-1_slack12.0.tgz: Upgraded. From the NEWS file: - Check if an SSL certificate matches the hostname of the server we are connecting to. - Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 (* Security fix *) +--------------------------+ Tue Apr 20 14:45:24 UTC 2010 patches/packages/sudo-1.7.2p6-i486-1_slack12.0.tgz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html (* Security fix *) +--------------------------+ Mon Apr 5 03:06:19 UTC 2010 patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Wed Mar 31 05:05:47 UTC 2010 patches/packages/openssl-0.9.8n-i486-1_slack12.0.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 (* Security fix *) patches/packages/openssl-solibs-0.9.8n-i486-1_slack12.0.tgz: Upgraded. patches/packages/proftpd-1.3.3-i486-2_slack12.0.tgz: Rebuilt. patches/packages/seamonkey-1.1.19-i486-1_slack12.0.tgz: Upgraded. Upgraded to seamonkey-1.1.19. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Wed Mar 10 22:38:18 UTC 2010 patches/packages/pidgin-2.6.6-i486-1_slack12.0.tgz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 (* Security fix *) +--------------------------+ Tue Mar 9 21:31:21 UTC 2010 patches/packages/openssl-0.9.8m-i486-2_slack12.0.tgz: Rebuilt. patches/packages/openssl-solibs-0.9.8m-i486-2_slack12.0.tgz: Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. +--------------------------+ Mon Mar 8 20:49:02 UTC 2010 patches/packages/httpd-2.2.15-i486-1_slack12.0.tgz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 (* Security fix *) +--------------------------+ Mon Mar 1 05:02:21 UTC 2010 patches/packages/openssl-0.9.8m-i486-1_slack12.0.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 (* Security fix *) patches/packages/openssl-solibs-0.9.8m-i486-1_slack12.0.tgz: Upgraded. patches/packages/proftpd-1.3.3-i486-1_slack12.0.tgz: Upgraded. +--------------------------+ Sun Jan 24 20:22:46 UTC 2010 patches/packages/httpd-2.2.14-i486-1_slack12.0.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 (* Security fix *) patches/packages/php-5.2.12-i486-1_slack12.0.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 (* Security fix *) patches/packages/pidgin-2.6.5-i486-1_slack12.0.tgz: Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 (* Security fix *) +--------------------------+ Thu Dec 10 00:12:58 UTC 2009 patches/packages/ntp-4.2.4p8-i486-1_slack12.0.tgz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 (* Security fix *) +--------------------------+ Wed Dec 2 20:51:55 UTC 2009 patches/packages/bind-9.4.3_P4-i486-1_slack12.0.tgz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 (* Security fix *) +--------------------------+ Mon Nov 16 18:56:26 UTC 2009 patches/packages/openssl-0.9.8h-i486-4_slack12.0.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) patches/packages/openssl-solibs-0.9.8h-i486-4_slack12.0.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) +--------------------------+ Wed Oct 28 22:50:35 UTC 2009 patches/packages/poppler-0.6.2-i486-2_slack12.0.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) patches/packages/xpdf-3.02pl4-i486-1_slack12.0.tgz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) +--------------------------+ Sat Oct 17 23:56:15 UTC 2009 patches/packages/pidgin-2.6.3-i486-1_slack12.0.tgz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 (* Security fix *) +--------------------------+ Sat Oct 3 18:19:00 CDT 2009 patches/packages/php-5.2.11-i486-1_slack12.0.tgz: This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 (* Security fix *) patches/packages/samba-3.0.37-i486-1_slack12.0.tgz: This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. (On Slackware, it was not installed setuid) Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 (* Security fix *) +--------------------------+ Mon Sep 7 20:57:44 CDT 2009 patches/packages/seamonkey-1.1.18-i486-1_slack12.0.tgz: Upgraded. Upgraded to seamonkey-1.1.18. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Thu Aug 20 22:12:00 CDT 2009 patches/packages/mozilla-thunderbird-2.0.0.23-i686-1.tgz: This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Wed Aug 19 14:16:07 CDT 2009 patches/packages/pidgin-2.5.9-i486-1_slack12.0.tgz: This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 (* Security fix *) +--------------------------+ Fri Aug 14 13:42:26 CDT 2009 patches/packages/curl-7.16.2-i486-3_slack12.0.tgz: This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 (* Security fix *) +--------------------------+ Mon Aug 10 14:42:54 CDT 2009 patches/packages/httpd-2.2.13-i486-1_slack12.0.tgz: Upgraded. This is a bugfix release. It also upgrades the internal versions of apr and apr-util to address CVE-2009-2412, but Slackware uses the system versions of these libraries which have already been upgraded. +--------------------------+ Fri Aug 7 14:25:03 CDT 2009 patches/packages/samba-3.0.36-i486-1_slack12.0.tgz: Upgraded. This is a bugfix release. +--------------------------+ Fri Aug 7 01:26:38 CDT 2009 patches/packages/apr-1.3.8-i486-1_slack12.0.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/apr-util-1.3.9-i486-1_slack12.0.tgz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/httpd-2.2.12-i486-2_slack12.0.tgz: Rebuilt. Recompiled against the new apr and apr-util. This allows external modules to be built without having to edit the new apr/apr-util version numbers into the httpd config files. patches/packages/subversion-1.5.7-i486-1_slack12.0.tgz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt (* Security fix *) +--------------------------+ Thu Aug 6 00:48:30 CDT 2009 patches/packages/fetchmail-6.3.11-i486-1_slack12.0.tgz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 (* Security fix *) +--------------------------+ Sun Aug 2 16:25:44 CDT 2009 patches/packages/httpd-2.2.12-i486-1_slack12.0.tgz: Upgraded. This update fixes some security issues (from the CHANGES file): *) SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605. [Joe Orton, Ruediger Pluem] *) SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] *) SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] *) SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules. These last three CVEs were addressed in Slackware previously with an update to new system apr and apr-util packages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 (* Security fix *) +--------------------------+ Wed Jul 29 23:10:01 CDT 2009 patches/packages/bind-9.4.3_P3-i486-1_slack12.0.tgz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 (* Security fix *) +--------------------------+ Tue Jul 14 18:07:41 CDT 2009 patches/packages/dhcp-3.1.2p1-i486-1_slack12.0.tgz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 (* Security fix *) +--------------------------+ Sat Jul 11 18:29:58 CDT 2009 patches/packages/php-5.2.10-i486-2_slack12.0.tgz: Rebuilt. Installed the pear.php.net.reg and pecl.php.net.reg files from php-5.2.9, since the ones installed by php-5.2.10 are broken. Thanks to Mike Peachey for the bug report. +--------------------------+ Wed Jul 1 14:37:43 CDT 2009 patches/packages/httpd-2.2.11-i486-1_slack12.0.tgz: Upgraded. This needed a recompile against the new apr package to fix building new modules, and an upgrade to the latest stable version (as long as we're under the hood) seemed like it would also be a good idea. patches/packages/php-5.2.10-i486-1_slack12.0.tgz: Upgraded. +--------------------------+ Sat Jun 27 18:54:07 CDT 2009 patches/packages/mozilla-thunderbird-2.0.0.22-i686-1.tgz: Upgraded to thunderbird-2.0.0.22. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Fri Jun 26 22:05:35 CDT 2009 patches/packages/samba-3.0.35-i486-1_slack12.0.tgz: This upgrade fixes the following security issue: o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 (* Security fix *) +--------------------------+ Wed Jun 24 19:46:28 CDT 2009 patches/packages/seamonkey-1.1.17-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Fri Jun 19 18:22:20 CDT 2009 patches/packages/libpng-1.2.37-i486-1_slack12.0.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 (* Security fix *) +--------------------------+ Fri Jun 19 16:26:49 CDT 2009 patches/packages/ruby-1.8.6_p369-i486-1_slack12.0.tgz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 (* Security fix *) +--------------------------+ Mon Jun 15 22:14:45 CDT 2009 patches/packages/apr-1.3.5-i486-1_slack12.0.tgz: Upgraded. patches/packages/apr-util-1.3.7-i486-1_slack12.0.tgz: Upgraded. Fix underflow in apr_strmatch_precompile. Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 (* Security fix *) +--------------------------+ Wed Jun 3 18:13:16 CDT 2009 patches/packages/ntp-4.2.4p7-i486-1_slack12.0.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Slackware ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 (* Security fix *) +--------------------------+ Tue May 26 16:49:34 CDT 2009 patches/packages/pidgin-2.5.6-i486-1_slack12.0.tgz: Upgraded to pidgin-2.5.6. This version fixes security issues that could lead to a denial of service or the execution of arbitrary code as the user running Pidgin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 (* Security fix *) +--------------------------+ Thu May 14 18:09:26 CDT 2009 patches/packages/cyrus-sasl-2.1.23-i486-1_slack12.0.tgz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 (* Security fix *) +--------------------------+ Sat May 9 18:03:41 CDT 2009 patches/packages/xpdf-3.02pl3-i486-1_slack12.0.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 (* Security fix *) +--------------------------+ Tue May 5 15:21:52 CDT 2009 patches/packages/gnutls-2.6.2-i486-2_slack12.0.tgz: Patched the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 (* Security fix *) +--------------------------+ Thu Apr 30 20:56:17 CDT 2009 patches/packages/ruby-1.8.6_p368-i486-1_slack12.0.tgz: Upgraded to ruby-1.8.6-p368. This update fixes a DoS in REXML. For details, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ (* Security fix *) +--------------------------+ Sun Apr 26 15:20:57 CDT 2009 patches/packages/cups-1.3.10-i486-1_slack12.0.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 (* Security fix *) +--------------------------+ Mon Apr 20 23:29:57 CDT 2009 patches/packages/udev-111-i486-6_slack12.0.tgz: This package has been patched to fix a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 (* Security fix *) +--------------------------+ Mon Apr 13 16:22:12 CDT 2009 patches/packages/seamonkey-1.1.16-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Tue Apr 7 16:59:49 CDT 2009 patches/packages/openssl-0.9.8h-i486-3_slack12.0.tgz: Patched (see below). patches/packages/openssl-solibs-0.9.8h-i486-3_slack12.0.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *) patches/packages/php-5.2.9-i486-1_slack12.0.tgz: Upgraded to php-5.2.9. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 (* Security fix *) patches/packages/xine-lib-1.1.16.3-i486-1_slack12.0.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 (* Security fix *) +--------------------------+ Fri Mar 27 20:30:48 CDT 2009 patches/packages/glib2-2.12.12-i486-2_slack12.0.tgz: This library has been patched to fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 (* Security fix *) +--------------------------+ Tue Mar 24 01:56:10 CDT 2009 patches/packages/lcms-1.18-i486-1_slack12.0.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 (* Security fix *) patches/packages/mozilla-thunderbird-2.0.0.21-i686-1.tgz: Upgraded to thunderbird-2.0.0.21. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) patches/packages/seamonkey-1.1.15-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.15. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Mon Mar 9 00:00:38 CDT 2009 patches/packages/curl-7.16.2-i486-2_slack12.0.tgz: Patched curl-7.16.2. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 (* Security fix *) patches/packages/xterm-241-i486-1_slack12.0.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 (* Security fix *) +--------------------------+ Fri Feb 20 17:20:49 CST 2009 patches/packages/git-1.6.1.3-i486-1_slack12.0.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 (* Security fix *) patches/packages/libpng-1.2.35-i486-1_slack12.0.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt (* Security fix *) +--------------------------+ Wed Jan 14 20:37:39 CST 2009 patches/packages/bind-9.4.3_P1-i486-1_slack12.0.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 (* Security fix *) patches/packages/ntp-4.2.4p6-i486-1_slack12.0.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) patches/packages/openssl-0.9.8h-i486-2_slack12.0.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) patches/packages/openssl-solibs-0.9.8h-i486-2_slack12.0.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) +--------------------------+ Wed Dec 31 11:35:43 CST 2008 patches/packages/mozilla-thunderbird-2.0.0.19-i686-1.tgz: Upgraded to thunderbird-2.0.0.19. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Fri Dec 26 22:45:51 CST 2008 patches/packages/seamonkey-1.1.14-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.14. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Thu Dec 18 12:44:59 CST 2008 patches/packages/mozilla-firefox-2.0.0.20-i686-1.tgz: Upgraded to firefox-2.0.0.20. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html (* Security fix *) +--------------------------+ Mon Dec 8 05:16:22 CST 2008 patches/packages/php-5.2.8-i486-1_slack12.0.tgz: Upgraded to php-5.2.8. This is a bugfix release that reverts a change that broke magic_quotes_gpc. +--------------------------+ Thu Dec 4 22:59:37 CST 2008 patches/packages/php-5.2.7-i486-1_slack12.0.tgz: Upgraded to php-5.2.7. In addition to improvements and bug fixes, this new version of PHP also addresses several security issues, including: Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660). rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829). Fixed extraction of zip files or directories when the entry name is a relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt These are the URLs to get more information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 http://www.sektioneins.de/advisories/SE-2008-06.txt (* Security fix *) +--------------------------+ Sat Nov 29 13:37:04 CST 2008 patches/packages/ruby-1.8.6_p287-i486-1_slack12.0.tgz: Upgraded to ruby-1.8.6-p287. This fixes several bugs in the previous Ruby update, including a security issue where the DNS resolver did not randomize the source port and transaction id sufficiently. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 (* Security fix *) +--------------------------+ Fri Nov 28 16:27:52 CST 2008 patches/packages/samba-3.0.33-i486-1_slack12.0.tgz: Upgraded to samba-3.0.33. This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 (* Security fix *) +--------------------------+ Thu Nov 20 18:14:27 CST 2008 patches/packages/mozilla-thunderbird-2.0.0.18-i686-1.tgz: Upgraded to thunderbird-2.0.0.18. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Wed Nov 19 19:13:12 CST 2008 patches/packages/libxml2-2.6.32-i486-1_slack12.0.tgz: Upgraded to libxml2-2.6.32 and patched. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 (* Security fix *) +--------------------------+ Sat Nov 15 19:22:43 CST 2008 patches/packages/mozilla-firefox-2.0.0.18-i686-1.tgz: Upgraded to firefox-2.0.0.18. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html (* Security fix *) patches/packages/net-snmp-5.4.2.1-i486-1_slack12.0.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 (* Security fix *) patches/packages/gnutls-2.6.2-i486-1_slack12.0.tgz: Upgraded to gnutls-2.6.2. The security fix in gnutls-2.6.1 had a flaw in cases where the certificate chain contained only one self-signed certificate. This update fixes the issue. patches/packages/seamonkey-1.1.13-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.13. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Mon Nov 10 19:24:19 CST 2008 patches/packages/gnutls-2.6.1-i486-1_slack12.0.tgz: Upgraded to gnutls-2.6.1. From the gnutls-2.6.1 NEWS file: ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. Thanks for report and analysis from Martin von Gagern . [CVE-2008-4989] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 IMPORTANT NOTE: This update changes the shared library soname! Pidgin has been upgraded and compiled against the new GnuTLS library, but anything else that has been built and linked locally against GnuTLS will also need to be recompiled if this update is installed. (* Security fix *) patches/packages/pidgin-2.5.2-i486-1_slack12.0.tgz: Upgraded to pidgin-2.5.2 compiled against gnutls-2.6.1. +--------------------------+ Fri Nov 7 22:23:40 CST 2008 patches/packages/cups-1.3.9-i486-1_slack12.0.tgz: Upgraded to cups-1.3.9. This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 (* Security fix *) +--------------------------+ Mon Oct 13 13:58:21 CDT 2008 patches/packages/glibc-zoneinfo-2.5-noarch-8_slack12.0.tgz: Upgraded to tzdata2008h for the latest world timezone changes. +--------------------------+ Fri Sep 26 22:38:32 CDT 2008 patches/packages/mozilla-thunderbird-2.0.0.17-i686-1.tgz: Upgraded to thunderbird-2.0.0.17. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Thu Sep 25 23:24:07 CDT 2008 patches/packages/mozilla-firefox-2.0.0.17-i686-1.tgz: Upgraded to firefox-2.0.0.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html (* Security fix *) patches/packages/seamonkey-1.1.12-i486-1_slack12.0.tgz: This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Wed Sep 17 02:28:20 CDT 2008 patches/packages/bind-9.4.2_P2-i486-1_slack12.0.tgz: Upgraded to bind-9.4.2-P2. This version has performance gains over bind-9.4.2-P1. +--------------------------+ Mon Sep 1 21:56:29 CDT 2008 patches/packages/samba-3.0.32-i486-1_slack12.0.tgz: Upgraded to samba-3.0.32. This is a bugfix release. See the WHATSNEW.txt file in the Samba docs for details on what has changed. +--------------------------+ Thu Aug 28 22:48:16 CDT 2008 patches/packages/amarok-1.4.10-i486-1_slack12.0.tgz: Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune online music library support which could be used by malicious local users to overwrite system files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 (* Security fix *) patches/packages/libgpod-0.6.0-i486-1_slack12.0.tgz: Upgraded to libgpod-0.6.0. This new version of libgpod is required for amarok-1.4.10. +--------------------------+ Mon Aug 4 14:03:01 CDT 2008 patches/packages/pan-0.133-i486-1_slack12.0.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 (* Security fix *) patches/packages/python-2.5.2-i486-1_slack12.0.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 (* Security fix *) +--------------------------+ Tue Jul 29 13:32:21 CDT 2008 patches/packages/proftpd-1.3.1-i486-1_slack12.0.tgz: Recompiled against new OpenSSL, since this evidently checks the OpenSSL version and will only run against the libraries it was compiled against. A small patch was also added due to changes in the system includes. Thanks to Martin Schmitz for the info and a pointer to the patch. +--------------------------+ Mon Jul 28 22:05:06 CDT 2008 patches/packages/fetchmail-6.3.8-i486-3_slack12.0.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 (* Security fix *) patches/packages/httpd-2.2.9-i486-1_slack12.0.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 (* Security fix *) patches/packages/libxslt-1.1.24-i486-1_slack12.0.tgz: Upgraded to libxslt-1.1.24. A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 (* Security fix *) patches/packages/links-2.1-i486-1_slack12.0.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 (* Security fix *) patches/packages/mozilla-thunderbird-2.0.0.16-i686-1.tgz: Upgraded to thunderbird-2.0.0.16. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) patches/packages/mtr-0.73-i486-1_slack12.0.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). (* Security fix *) patches/packages/net-snmp-5.4.1.2-i486-1_slack12.0.tgz: Upgraded to net-snmp-5.4.1.2. A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292 (* Security fix *) patches/packages/openssh-5.1p1-i486-1_slack12.0.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! patches/packages/openssl-0.9.8h-i486-1_slack12.0.tgz: Upgraded to OpenSSL 0.9.8h. The Codenomicon TLS test suite uncovered security bugs in OpenSSL. If OpenSSL was compiled using non-default options (Slackware's package is not), then a malicious packet could cause a crash. Also, a malformed TLS handshake could also lead to a crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or it is possible to be unable to log back into sshd! (* Security fix *) patches/packages/openssl-solibs-0.9.8h-i486-1_slack12.0.tgz: Upgraded to OpenSSL 0.9.8h shared libraries (see above). (* Security fix *) patches/packages/pcre-7.7-i486-1_slack12.0.tgz: Upgraded to pcre-7.7. Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 (* Security fix *) patches/packages/vim-7.1.330-i486-1_slack12.0.tgz: Upgraded to vim-7.1.330. This fixes several security issues related to the automatic processing of untrusted files. For more information, see: http://www.rdancer.org/vulnerablevim.html (* Security fix *) patches/packages/vim-gvim-7.1.330-i486-1_slack12.0.tgz: Upgraded to vim-gvim-7.1.330. See "vim" above for details. (* Security fix *) +--------------------------+ Wed Jul 23 16:27:21 CDT 2008 patches/packages/dnsmasq-2.45-i486-1_slack12.0.tgz: Upgraded to dnsmasq-2.45. It was discovered that earlier versions of dnsmasq have DNS cache weaknesses that are similar to the ones recently discovered in BIND. This new release minimizes the risk of cache poisoning. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 (* Security fix *) +--------------------------+ Wed Jul 16 19:28:41 CDT 2008 patches/packages/mozilla-firefox-2.0.0.16-i686-1.tgz: Upgraded to firefox-2.0.0.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html (* Security fix *) patches/packages/seamonkey-1.1.11-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.11. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Fri Jul 11 14:19:19 CDT 2008 patches/packages/pidgin-2.4.3-i486-1_slack12.0.tgz: Upgraded to pidgin-2.4.3. This updates pidgin to work with the changed ICQ protocol. +--------------------------+ Wed Jul 9 20:03:57 CDT 2008 patches/packages/bind-9.4.2_P1-i486-1_slack12.0.tgz: Upgraded to bind-9.4.2-P1. This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache Poisoning Issue. This is the summary of the problem from the BIND site: "A weakness in the DNS protocol may enable the poisoning of caching recurive resolvers with spoofed data. DNSSEC is the only full solution. New versions of BIND provide increased resilience to the attack." It is suggested that sites that run BIND upgrade to one of the new packages in order to reduce their exposure to DNS cache poisoning attacks. For more information, see: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 (* Security fix *) patches/packages/mozilla-firefox-2.0.0.15-i686-1.tgz: Upgraded to firefox-2.0.0.15. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/seamonkey-1.1.10-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.10. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Sat Jun 28 16:52:32 CDT 2008 patches/packages/gnutls-1.6.3-i486-1_slack12.0.tgz: Upgraded to GnuTLS version 1.6.3 (with additional security patches). This updated package fixes bugs which can lead to a denial of service (DoS) in programs linked with GnuTLS. Thanks to Ossi Herrala and Jukka Taimisto from the CROSS project at Codenomicon Ltd. for finding and reporting the problems, and to Simon Josefsson and Nikos Mavrogiannopoulos for researching the issues and developing patches, and to Andreas Metzler for noting and reporting a problem with one of the original patches. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 (* Security fix *) +--------------------------+ Fri Jun 27 23:17:20 CDT 2008 patches/packages/ruby-1.8.6_p230-i486-1_slack12.0.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 (* Security fix *) +--------------------------+ Wed May 28 19:46:22 CDT 2008 patches/packages/samba-3.0.30-i486-1_slack12.0.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 (* Security fix *) +--------------------------+ Tue May 27 21:53:32 CDT 2008 patches/packages/rdesktop-1.6.0-i486-1_slack12.0.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 (* Security fix *) +--------------------------+ Wed May 7 16:10:04 CDT 2008 patches/packages/mozilla-thunderbird-2.0.0.14-i686-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) patches/packages/php-5.2.6-i486-1_slack12.0.tgz: Upgraded to php-5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php (* Security fix *) +--------------------------+ Mon Apr 28 23:46:17 CDT 2008 patches/packages/libpng-1.2.27-i486-1_slack12.0.tgz: Upgraded to libpng-1.2.27. This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt (* Security fix *) +--------------------------+ Fri Apr 25 23:07:56 CDT 2008 patches/packages/kdelibs-3.5.7-i486-4_slack12.0.tgz: Patched to fix a security problem. From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code." This issue affects KDE 3.5.5 through KDE 3.5.9. We recommend upgrading to the new kdelibs package as soon as possible. For more information, see: http://www.kde.org/info/security/advisory-20080426-2.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671 (* Security fix *) +--------------------------+ Sat Apr 19 23:49:25 CDT 2008 patches/packages/xine-lib-1.1.11.1-i686-3_slack12.0.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Slackware anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format). As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12: http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 (* Security fix *) +--------------------------+ Thu Apr 17 16:25:55 CDT 2008 patches/packages/mozilla-firefox-2.0.0.14-i686-1.tgz: Upgraded to firefox-2.0.0.14. This upgrade fixes a potential security bug. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) +--------------------------+ Tue Apr 8 00:17:36 CDT 2008 patches/packages/xine-lib-1.1.11.1-i686-2_slack12.0.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release. Thanks to Diogo Sousa for pointing me to the new release notes on xinehq.de. +--------------------------+ Mon Apr 7 02:04:58 CDT 2008 patches/packages/bzip2-1.0.5-i486-1_slack12.0.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 (* Security fix *) patches/packages/m4-1.4.11-i486-1_slack12.0.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 (* Security fix *) +--------------------------+ Fri Apr 4 12:36:37 CDT 2008 patches/packages/openssh-5.0p1-i486-1_slack12.0.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 (* Security fix *) +--------------------------+ Thu Apr 3 01:15:53 CDT 2008 patches/packages/cups-1.3.7-i486-1_slack12.0.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 (* Security fix *) +--------------------------+ Mon Mar 31 23:33:58 CDT 2008 patches/packages/xine-lib-1.1.11.1-i686-1_slack12.0.tgz: Upgraded to xine-lib-1.1.11.1. Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 (* Security fix *) +--------------------------+ Sat Mar 29 03:09:17 CDT 2008 patches/packages/mozilla-firefox-2.0.0.13-i686-1.tgz: Upgraded to firefox-2.0.0.13. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/seamonkey-1.1.9-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) patches/packages/xine-lib-1.1.11-i686-1_slack12.0.tgz: Earlier versions of xine-lib suffer from an array index bug that may have security implications if a malicious RTSP stream is played. Playback of other media formats is not affected. If you use RTSP, you should probably upgrade xine-lib. For more information on the security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 (* Security fix *) +--------------------------+ Sun Mar 2 00:15:53 CST 2008 patches/packages/espgs-8.15.4-i486-3_slack12.0.tgz: This patched version of ESP Ghostscript fixes a buffer overflow. For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 Thanks to Chris Evans and Will Drewry of Google Security for their work on discovering and demonstrating the overflow. (* Security fix *) +--------------------------+ Sat Mar 1 15:55:28 CST 2008 patches/packages/mozilla-thunderbird-2.0.0.12-i686-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-01.html These are the related CVE entries: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 (* Security fix *) +--------------------------+ Thu Feb 14 16:39:00 CST 2008 patches/packages/httpd-2.2.8-i486-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 (* Security fix *) +--------------------------+ Tue Feb 12 23:07:34 CST 2008 patches/packages/mozilla-firefox-2.0.0.12-i686-1.tgz: Upgraded to firefox-2.0.0.12. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/seamonkey-1.1.8-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Mon Feb 11 17:46:22 CST 2008 patches/packages/kernel-generic-2.6.21.5-i486-2_slack12.0.tgz: All of these kernel upgrades fix yesterday's local root exploit. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 (* Security fix *) patches/packages/kernel-generic-smp-2.6.21.5_smp-i686-2_slack12.0.tgz: (* Security fix *) patches/packages/kernel-huge-2.6.21.5-i486-2_slack12.0.tgz: (* Security fix *) patches/packages/kernel-huge-smp-2.6.21.5_smp-i686-2_slack12.0.tgz: (* Security fix *) If you use lilo, don't forget to run it again after the upgrade. +--------------------------+ Mon Dec 31 18:49:52 CST 2007 patches/packages/glibc-zoneinfo-2.5-noarch-7_slack12.0.tgz: Some deja vu. ;-) Upgraded to tzdata2007k. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) +--------------------------+ Mon Dec 24 15:54:26 CST 2007 patches/packages/glibc-zoneinfo-2.5-noarch-6_slack12.0.tgz: Upgraded to tzdata2007j. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) +--------------------------+ Fri Dec 14 18:03:59 CST 2007 patches/packages/mysql-5.0.51-i486-1_slack12.0.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 (* Security fix *) +--------------------------+ Mon Dec 10 12:45:35 CST 2007 patches/packages/samba-3.0.28-i486-1_slack12.0.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ (* Security fix *) +--------------------------+ Mon Dec 3 19:58:51 CST 2007 patches/packages/cairo-1.4.12-i486-1_slack12.0.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 (* Security fix *) patches/packages/samba-3.0.27a-i486-1_slack12.0.tgz: Upgraded to samba-3.0.27a. This update fixes a crash bug regression experienced by smbfs clients caused by the fix for CVE-2007-4572. +--------------------------+ Sat Dec 1 16:57:18 CST 2007 patches/packages/rsync-2.6.9-i486-2_slack12.0.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html (* Security fix *) patches/packages/mozilla-firefox-2.0.0.11-i686-1.tgz: Upgraded to Firefox 2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. +--------------------------+ Thu Nov 29 20:19:44 CST 2007 patches/packages/seamonkey-1.1.7-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Thu Nov 29 17:43:33 CST 2007 patches/packages/mkinitrd-1.1.3-i486-4_slack12.0.tgz: Only one more. ;-) Fixed a missing '--parents' in a cp command. Thanks to Eric Hameleers for pointing out the bug. +--------------------------+ Wed Nov 28 12:35:30 CST 2007 patches/packages/mkinitrd-1.1.3-i486-3_slack12.0.tgz: Fix one bug and then find another, eh? Edited two spots where grep was searching for / rather than ' on / '. Thanks to Erik Jan Tromp for pointing out that this needed a patch. +--------------------------+ Tue Nov 27 16:22:09 CST 2007 patches/packages/mkinitrd-1.1.3-i486-2_slack12.0.tgz: Fixed a bug where an extra "/dev" would be prepended incorrectly to some paths. Thanks to CtrlAltCa for reporting this on IRC. patches/packages/mozilla-firefox-2.0.0.10-i686-1.tgz: Upgraded to firefox-2.0.0.10. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) +--------------------------+ Wed Nov 21 00:55:51 CST 2007 patches/packages/libpng-1.2.23-i486-1_slack12.0.tgz: Upgraded to libpng-1.2.23. Previous libpng versions may crash when loading malformed PNG files. It is not currently known if this vulnerability can be exploited to execute malicious code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 (* Security fix *) +--------------------------+ Tue Nov 20 16:49:58 CST 2007 patches/packages/mozilla-thunderbird-2.0.0.9-i686-1.tgz: Upgraded to thunderbird-2.0.0.9. This update fixes the following security related issues: URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36). Crashes with evidence of memory corruption (MFSA 2007-29). OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox. JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on. For more information, see: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 (* Security fix *) +--------------------------+ Fri Nov 16 17:22:18 CST 2007 patches/packages/samba-3.0.27-i486-1_slack12.0.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 (* Security fix *) +--------------------------+ Mon Nov 12 01:25:34 CST 2007 patches/packages/kdegraphics-3.5.7-i486-2_slack12.0.tgz: Patched xpdf related bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) patches/packages/koffice-1.6.3-i486-2_slack12.0.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) patches/packages/poppler-0.6.2-i486-1_slack12.0.tgz: Upgraded to poppler-0.6.2. This release fixes xpdf related bugs. For more information, see: http://poppler.freedesktop.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) patches/packages/xpdf-3.02pl2-i486-1_slack12.0.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) +--------------------------+ Sat Nov 10 15:36:59 CST 2007 patches/packages/mozilla-firefox-2.0.0.9-i686-1.tgz: Upgraded to firefox-2.0.0.9. This upgrade improves the stability of Firefox. For more information, see: http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/ patches/packages/php-5.2.5-i486-1_slack12.0.tgz: Upgraded to php-5.2.5. This fixes bugs and security issues. For more information, see: http://www.php.net/releases/5_2_5.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 (* Security fix *) +--------------------------+ Fri Nov 9 16:34:12 CST 2007 patches/packages/seamonkey-1.1.6-i486-1_slack12.tgz: Upgraded to SeaMonkey 1.1.6. This upgrade fixes SeaMonkey's ability to display certain types of web pages. That's about all we could find about it here: http://www.mozilla.org/projects/seamonkey/ +--------------------------+ Thu Nov 1 22:03:53 CDT 2007 patches/packages/cups-1.2.11-i486-2_slack12.0.tgz: Patched cups-1.2.11. An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 (* Security fix *) +--------------------------+ Wed Oct 24 22:51:37 CDT 2007 patches/packages/mozilla-firefox-2.0.0.8-i686-1.tgz: Upgraded to firefox-2.0.0.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/seamonkey-1.1.5-i486-1_slack12.0.tgz: Upgraded to seamonkey-1.1.5. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Wed Oct 10 11:50:50 CDT 2007 patches/packages/glibc-zoneinfo-2.5-noarch-5_slack12.0.tgz: Upgraded to timezone data from tzcode2007h and tzdata2007h. This contains the latest timezone data from NIST, including some important changes to daylight savings time in Brasil and New Zealand. +--------------------------+ Tue Oct 2 22:25:23 CDT 2007 patches/packages/pidgin-2.2.1-i486-1_slack12.0.tgz: Upgraded to pidgin-2.2.1. This fixes a crash that can be triggered remotely on MSN in 2.2.0. For more information, see: http://www.pidgin.im/news/security/?id=23 (* Security fix *) +--------------------------+ Fri Sep 21 18:13:09 CDT 2007 patches/packages/kdebase-3.5.7-i486-3_slack12.0.tgz: Patched Konqueror to prevent "spoofing" the URL (i.e. displaying a URL other than the one associated with the page displayed) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 Patched KDM issue: "KDM can be tricked into performing a password-less login even for accounts with a password set under certain circumstances, namely autologin to be configured and "shutdown with password" enabled." For more information, see: http://www.kde.org/info/security/advisory-20070919-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 (* Security fix *) patches/packages/kdelibs-3.5.7-i486-3_slack12.0.tgz: Patched Konqueror's supporting libraries to prevent addressbar spoofing. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 (* Security fix *) +--------------------------+ Wed Sep 12 15:20:06 CDT 2007 patches/packages/openssh-4.7p1-i486-1_slack12.0.tgz: Upgraded to openssh-4.7p1. From the OpenSSH release notes: "Security bugs resolved in this release: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec." While it's fair to say that we here at Slackware don't see how this could be leveraged to compromise a system, a) the OpenSSH people (who presumably understand the code better) characterize this as a security bug, b) it has been assigned a CVE entry, and c) OpenSSH is one of the most commonly used network daemons. Better safe than sorry. More information should appear here eventually: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 (* Security fix *) patches/packages/php-5.2.4-i486-1_slack12.0.tgz: Upgraded to php-5.2.4. The PHP announcement says this version fixes over 120 bugs as well as "several low priority security bugs." Read more about it here: http://www.php.net/releases/5_2_4.php (* Security fix *) patches/packages/samba-3.0.26a-i486-1_slack12.0.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: "Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin." For more information, see: http://www.samba.org/samba/security/CVE-2007-4138.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 (* Security fix *) +--------------------------+ Sat Sep 1 18:23:39 CDT 2007 extra/jdk-6/jdk-6u2-i586-2.tgz: Fixed a bug in the improvement to the /etc/profile.d/ scripts where it would mess up the $MANPATH. Sorry about that, folks. The JRE package was not affected. BTW, any time a security upgrade package mentioned in an advisory is "missing", it probably means a mistake like this was made. In those cases, look for a newer package, and verify the authenticity using "gpg --verify" and the .asc file. +--------------------------+ Fri Aug 31 13:33:54 CDT 2007 patches/packages/jre-6u2-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Slackware's package format, and may be used on any version of Slackware that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 (* Security fix *) An additional change was made to the script that Slackware uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. Thanks to Jason Byrne and Jean-Christophe Fargette for suggesting this change. extra/jdk-6/jdk-6u2-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Slackware's package format, and may be used on any version of Slackware that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 (* Security fix *) An additional change was made to the script that Slackware uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. Thanks to Jason Byrne and Jean-Christophe Fargette for suggesting this change. +--------------------------+ Sat Aug 18 15:00:32 CDT 2007 patches/packages/tcpdump-3.9.7-i486-1_slack12.0.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 (* Security fix *) +--------------------------+ Fri Aug 10 22:39:13 CDT 2007 patches/packages/gimp-2.2.17-i486-1_slack12.0.tgz: Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding certain image types. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949 (* Security fix *) patches/packages/poppler-0.5.4-i486-2_slack12.0.tgz: Patched to fix an integer overflow in code borrowed from xpdf. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 (* Security fix *) patches/packages/qt-3.3.8-i486-5_slack12.0.tgz: Patched to fix several format string bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 (* Security fix *) patches/packages/seamonkey-1.1.4-i486-1_slack12.tgz: Upgraded to seamonkey-1.1.4. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) patches/packages/xpdf-3.02pl1-i486-1_slack12.0.tgz: Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly be leveraged to run arbitrary code if a malicious PDF file is processed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 (* Security fix *) +--------------------------+ Fri Aug 3 15:43:35 CDT 2007 patches/packages/mozilla-thunderbird-2.0.0.6-i686-1.tgz: Upgraded to thunderbird-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) +--------------------------+ Wed Aug 1 13:52:51 CDT 2007 patches/packages/mozilla-firefox-2.0.0.6-i686-1.tgz: Upgraded to firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) +--------------------------+ Thu Jul 26 15:51:42 CDT 2007 patches/packages/bind-9.4.1_P1-i486-1_slack12.0.tgz: Upgraded to bind-9.4.1_P1 to fix security issues. The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1. The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak. For more information on these issues, see: http://www.isc.org/index.pl?/sw/bind/bind-security.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 (* Security fix *) +--------------------------+ Tue Jul 24 12:40:16 CDT 2007 patches/packages/mozilla-thunderbird-2.0.0.5-i686-1.tgz: Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine with Firefox it is susceptible to similar vulnerabilities. This update fixes the same issues fixed in the recent Firefox patch. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) patches/packages/seamonkey-1.1.3-i486-1_slack12.tgz: Upgraded to seamonkey-1.1.3. This is presumably a security update, but the details on the net have been sparse. So far nothing has appeared at the usual URL, but I would treat this as a security update unless it is announced as otherwise. For more information (if/when it appears), see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Thu Jul 19 12:50:36 CDT 2007 patches/packages/mkinitrd-1.1.3-i486-1.tgz: Fixed a minor bug in mkinitrd where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were not affected by this bug, so most people won't run into it (which is probably why it wasn't spotted in development here). Thanks to Eric Hameleers for the patch. patches/packages/mozilla-firefox-2.0.0.5-i686-1.tgz: Upgraded to firefox-2.0.0.5. This upgrade fixes a couple of minor security bugs. Nobody here is launching Firefox from Internet Explorer, right? :-) For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/xf86-video-intel-2.1.0-i486-1.tgz: Added additional chipsets. patches/packages/xf86-video-nv-2.1.2-i486-1.tgz: Added additional chipsets. +--------------------------+ Sun Jul 1 22:30:42 CDT 2007 Released as Slackware 12.0 with no changes since the last batch. Big Thanks again are due to the CREW, without whom this just wouldn't be possible to do with the level of quality that Slackware users demand. We had a lot of help this time, and I hope it shows in project output that you'll enjoy. Thanks for the support of the Slackware community, because without your support I wouldn't be able to keep leading this project (and I happen to like it a lot :-). For more detailed information about what all has changed since Slackware 11.0, start with CHANGES_AND_HINTS.TXT, and maybe read my RELEASE_NOTES. Have fun! +--------------------------+ Sun Jul 1 18:20:45 CDT 2007 n/httpd-2.2.4-i486-6.tgz: Fixed a minor bug in the install script where it would try to back up website directories without checking that they existed. This was harmless (but did make an ugly error). n/network-scripts-12.0-noarch-4.tgz: Removed a silly "sanity check" that figured if you didn't have /bin/telnet that you must not have networking installed. ;-) Thanks to Fredrik for spotting this one. +--------------------------+ Sat Jun 30 22:21:33 CDT 2007 x/xinit-1.0.4-i486-2.tgz: This package should not contain an xinitrc since in contains no window manager. But, since it's probably already installed one on any -current running machine, removing it will remove your symlink to any existing xinitrc.*. If that happens, we link to xinitrc.kde. If that is not your window manager of choice -- sorry about that. A quick run of xwmconfig as root will let you get the system wide defaults back the way you like them. +--------------------------+ Sat Jun 30 21:08:41 CDT 2007 n/network-scripts-12.0-noarch-3.tgz: It looks like 10 is probably the minimum safe automatic DHCP timeout reduction value, as there's been a report that a common cable modem can require about 7 seconds to grant a lease. So 10 is about the best we can do for you "out of the box", but you can always set a lower timeout if that works. :-) Thanks to Catalin Tomozei for the report. +--------------------------+ Sat Jun 30 20:13:46 CDT 2007 isolinux/initrd.img: Fixed parted-1.8.7 tools (libreadline was still required by the "static" binary, so we went all dynamic). Thanks to arny. usb-and-pxe-installers/: Replaced parted-1.8.7 tools with the fixed ones. +--------------------------+ Sat Jun 30 16:06:18 CDT 2007 n/inetd-1.79s-i486-8.tgz: Fixed a couple /opt/kde/ paths in inetd.conf. Thanks to Stas Boukarev for pointing them out. extra/checkinstall/: This had to be removed because it does not work with the latest coreutils. There is a readme in this directory with the URL to checkinstall's homepage, so if you must use checkinstall poll the site periodically to see if a version comes out that fixes this issue. extra/slacktrack/slacktrack-1.32-i486-1.tgz: Merged the newest version. Note that this works, but must touch all the files on the system. This is because installwatch.so does not work with the newest coreutils. However, a new version will probably be created soon that does, so check the slacktrack page (or here, on ftp sites) for possible full-functionality upgrades. +--------------------------+ Sat Jun 30 13:56:39 CDT 2007 n/network-scripts-12.0-noarch-2.tgz: If no explicit DCHP_TIMEOUT is set, then look in /sys to see if the interface has a connection carrier. If not, reduce the DHCP timeout to 3 seconds (which, even if the kernel is wrong, is usually more than enough time for the DHCP server to respond). Thanks to Eric Hameleers for making me add this patch at the 11th hour. ;-) +--------------------------+ Fri Jun 29 23:02:49 CDT 2007 d/pkg-config-0.21-i486-6.tgz: Use a symlink to fix broken packages that think /usr/share/pkgconfig is a good place for .pc files. Move any .pc files found to already exist there. d/mercurial-0.9.4-i486-1.tgz: Upgraded to mercurial-0.9.4. Thanks to Shridhar for getting this one in under the wire. extra/xf86-video-ati-6.6.3/xf86-video-ati-6.6.3-i486-3.tgz: Some people are getting a black screen with newer driver versions, so here is an alternate to try, just in case. +--------------------------+ Fri Jun 29 00:34:26 CDT 2007 a/udev-111-i486-5.tgz: Added some more platform rules in 50-udev-rules. Thanks to Piter Punk for the new udev rules. d/git-1.5.2.2-i486-1.tgz: Upgraded to git-1.5.2.2, fixed .packlist paths, and got git-remote working again (Error.pm was previously missing). Thanks to Dagmar d'Surreal for the patch. l/gd-2.0.35-i486-2.tgz: Fixed 640 perms on docs. Thanks to Steven Masta for pointing this out. n/php-5.2.3-i486-2.tgz: OK, I think we have a working combination of PHP extensions now. If you notice any problems, let me know soon (along with a fix, if possible). As it stands, everything that could be built as an extension is loaded by default, so you may want to do some extension pruning in /etc/httpd/php.ini. kde/kdebase-3.5.7-i486-2.tgz: Fix the same kind of escaping problem as seen below in the xfce fix, also found in /etc/profile.d/kde.csh. Thanks to Laurence Darby and Tsomi. xap/xfce-4.4.1-i486-5.tgz: In xfce4-mixer, use --with-sound=alsa option to make sure that OSS is not used accidentally (probably more of an issue if someone rebuilds, I'm told). Thanks to Tsomi. Use ${VAR} instead of $VAR before a : in xfce.csh. This seems cleaner than escaping the : with a \. Thanks to Laurence Darby again. +--------------------------+ Thu Jun 28 01:44:43 CDT 2007 a/cxxlibs-6.0.8-i486-4.tgz: Restored libstdc++-3-libc6.1-2-2.10.0.so, still required for some commercial software. (Yikes!) a/hdparm-7.6-i486-1.tgz: Upgraded to hdparm-7.6. a/mkinitrd-1.1.2-i486-3.tgz: Fixed a cosmetic boot-time error if cryptsetup is not used in the initramfs. a/sysvinit-scripts-1.2-noarch-13.tgz: Mount usbfs regardless of whether udev is used. VMware and other things need this. Thanks to Bren. Oh, and BTW -- use udev. :-) d/libtool-1.5.24-i486-1.tgz: Upgraded to libtool-1.5.24. d/p2c-1.21alpha2-i486-3.tgz: Fixed build script to optimize properly. Thanks to Martijn Dekker for the bug report and fix. d/rcs-5.7-i486-2.tgz: Fixed incorrect perms (711) on binaries. Thanks to Selkfoster for the report. l/cairo-1.4.10-i486-1.tgz: Upgraded to cairo-1.4.10. l/hal-0.5.9.1-i486-1.tgz: Upgraded to hal-0.5.9.1. l/hal-info-20070618-noarch-1.tgz: Upgraded to hal-info-20070618. n/dhcp-3.0.5-i486-2.tgz: Patched kernel version detection in ./configure, which might make dhclient work. dhcpcd is probably still better though :-) Thanks to Dagmar d'Surreal for the patch. n/httpd-2.2.4-i486-5.tgz: Made the package install script look at the contents of /srv and take care not to wipe out any existing website there, but to back it up instead. Sorry if previous packages bit your site... n/iptables-1.3.8-i486-1.tgz: Upgraded to iptables-1.3.8. n/tcpdump-3.9.6-i486-1.tgz: Upgraded to libpcap-0.9.6 and tcpdump-3.9.6. n/whois-4.7.21-i486-1.tgz: Upgraded to whois-4.7.21. t/tetex-3.0-i486-5.tgz: An often-reported bug in the tetex package has been the missing /var/lib/texmf directory. Some time ago, this was removed for security reasons, since it could possibly be used to overwrite system files by symlinking to them from "font names". The directory, to be useful, had to be world-writable, or at least writable to a tetex group. Then, Mikhail Ulanov suggested setting VARTEXFONTS = $TEXMFVAR, which causes fonts to be built in $HOME/.texmf-var instead. Now TeX is working again for non-root users. Thanks very much Mikhail! :-) t/tetex-doc-3.0-i486-5.tgz: Rebuilt. x/libX11-1.1.1-i486-4.tgz: Patched to fix a bug introduced while converting some code from K&R to ANSI C. This should make gdk+ and GIMP a lot more stable. Thanks to Robby Workman for pointing out the patch on the freedesktop.org site. And thanks to dive from LQ for suggesting we look at libX11, too. :-) +--------------------------+ Wed Jun 27 01:40:34 CDT 2007 a/pkgtools-12.0.0-noarch-4.tgz: Fixed htmlview, making it a short script rather than a symlink (which doesn't always work). Thanks to Sander de Leeuw for the report and fix. kde/kvpnc-0.8.9-i486-1.tgz: Removed. The reports were that this wasn't working (though some said that earlier versions never included in Slackware did). So, it's been deemed not quite stable enough for the stable release. We'll look at it again for next time. l/gd-2.0.35-i486-1.tgz: Upgraded to gd-2.0.35. This fixes a few possible security issues: * Possible infinite loop in the PNG reader * Possible integer overflow in gdImageCreateTrueColor * Possible crash in gdImageCreateXbm * Numerous flaws in the GIF reader (* Security fix *) l/gmime-2.2.9-i486-1.tgz: Upgraded to gmime-2.2.9. n/pssh-1.3.1-noarch-1.tgz: Added pssh-1.3.1, python scripts to run openssh tools in parallel. Thanks to Jan Rafaj for the build script. Normally I wouldn't add things in late RC, but for Jan I'll make an exception. :-) n/samba-3.0.25b-i486-1.tgz: Upgraded to samba-3.0.25b. x/xf86-video-savage-2.1.2-i486-2.tgz: Committed upstream patch to fix a crash of the savage_drv.so driver when respawned. Thanks to Michael Wagner. isolinux/initrd.img: Added parted-1.8.7 tools. kernels/speakup.s/: Backed up speakup to CVS 2007-03-03 and recompiled. I'm hoping this fixes a DecTalk Express problem. Thanks to Stephen C. Greeley for all the help debugging this. usb-and-pxe-installers/: Added parted-1.8.7 tools. +--------------------------+ Tue Jun 26 01:31:45 CDT 2007 This might as well be called 12.0 RC2 so that we're not accused on skimping on release candidates. ;-) Still going through various reports, and (especially) looking into getting the php.ini defaults reasonable (as well as figuring out which features can be safely built as extensions). But, we're getting there. a/aaa_elflibs-12.0.0-i486-3.tgz: Fixed a bad link in the install script. I think the first-boot ldconfig would fix it anyway, but we like things clean around here. Thanks to Robert Boucher for noticing this. a/pkgtools-12.0.0-noarch-3.tgz: Added an installer script to make a /usr/bin/htmlview symlink if one does not already exist (programs in Slackware are starting to expect htmlview, which is not yet a standard but seems to be becoming an ad-hoc one...) So, adding it probably won't hurt too much, other than possibly stinging other distributions that haven't yet added this by encouraging its use. Shame on us. ;-) Thanks to Nikos Skalkotos for pointing out that CUPS uses this script, alias, symlink -- whatever the local implementation... a/udev-111-i486-4.tgz: Make the restart option more through. Thanks to Andrea Zulato for reporting that stop/start was needed to load rule changes, and to Piter Punk for fixing rc.udev. a/util-linux-2.12r-i486-6.tgz: Patched a problem where umounting by UUID would cause umount to segfault for non-root users. Thanks to Diogo R for the pointer to a patch at http://bugs.archlinux.org/task/7211. Evidently this has already been reported upstream. d/binutils-2.17.50.0.17-i486-1.tgz: Upgraded to binutils-2.17.50.0.17. Thanks to Giacomo Lozito for reporting that this was released and seems to be fixing problems with 'ld' segfaulting. d/oprofile-0.9.2-i486-5.tgz: Recompiled against new (binutils) libbfd. kde/k3b-1.0.2-i486-1.tgz: Upgraded to k3b-1.0.2. kdei/k3b-i18n-1.0.2-noarch-1.tgz: Upgraded to k3b-i18n-1.0.2. l/pilot-link-0.12.2-i486-4.tgz: Fixed a bug in pilot-link.m4. Thanks to Michael Stenzel for the bug report and a link to a patch. xap/xchat-2.8.2-i486-2.tgz: Recompiled with official patch. Thanks to Tsomi. extra/intel-wlan-ipw3945: Added a few missing bits and rearranged the tree a bit. Thanks to Gabriel Linder for noticing that the kernel module happens to work with the ieee80211 stack already in our kernel. That makes getting this to work quite a bit easier. :-) isolinux/initrd.img: Updated with fixed umount. pasture/: Flushed devfsd and ipchains. Thanks to Cal Peake. usb-and-pxe-installers/: Updated with fixed umount. usb-and-pxe-installers/etherboot/: Various fixes and docs improvements. Thanks to Erik Jan Tromp. +--------------------------+ Thu Jun 21 19:37:47 CDT 2007 Still working through the pile, so if you don't see your bug report fixed yet, it could still be coming. But, we figured these things should get tested sooner rather than later. :-) a/aaa_elflibs-12.0.0-i486-2.tgz: Upgraded expat library. a/cryptsetup-1.0.5-i486-2.tgz: Fixed locale directory. Thanks to Robby Workman, Greg' Ar Tourter, Cristian Contescu, and Selkfoster. a/glibc-solibs-2.5-i486-4.tgz: Recompiled. a/glibc-zoneinfo-2.5-noarch-4.tgz: Rebuilt. a/gettext-0.16.1-i486-3.tgz: Rebuilt. a/kernel-generic-2.6.21.5-i486-2.tgz: Recompiled Linux 2.6.21.5 single processor generic.s (requires initrd) kernel. a/kernel-generic-smp-2.6.21.5_smp-i686-2.tgz: Recompiled Linux 2.6.21.5 SMP gensmp.s (requires initrd) kernel. a/kernel-huge-2.6.21.5-i486-2.tgz: Recompiled Linux 2.6.21.5 single processor huge.s (full-featured) kernel. a/kernel-huge-smp-2.6.21.5_smp-i686-2.tgz: Recompiled Linux 2.6.21.5 SMP hugesmp.s (full-featured) kernel. a/kernel-modules-2.6.21.5-i486-2.tgz Recompiled Linux 2.6.21.5 UP single processor kernel modules. a/kernel-modules-smp-2.6.21.5_smp-i686-2.tgz Recompiled Linux 2.6.21.5 SMP kernel modules. d/kernel-headers-2.6.21.5_smp-i386-2.tgz: Rebuilt Linux 2.6.21.5 SMP kernel headers. a/pkgtools-12.0.0-noarch-2.tgz: Added rc.snmpd to the services setup menu in the installer. a/shadow-4.0.3-i486-14.tgz: Added plugdev to the list of groups that a user logging in through /bin/login at the console will automatically be added to. With a login manager such as kdm, users will still need to be added to the plugdev group manually. ap/vim-7.1.012-i486-1.tgz: Upgraded to vim-7.1.012. d/gettext-tools-0.16.1-i486-3.tgz: Added back "archive.tar.gz" which is not useless and is required in some cases by the autotools. If anyone else notices any more "useless" stuff being installed by "make install", please inquire with the developers of the upstream source before requesting that it be removed. Thanks. :-) k/kernel-source-2.6.21.5_smp-noarch-2.tgz Rebuilt the Linux 2.6.21.5 SMP kernel source, removing the CONFIG_HEADERS_CHECK option. Thanks to Cardoe in #hal for cluing us in that there were some problems with trying to use the headers found in /usr/src/linux/usr/include as the userspace headers under /usr/include, such as a missing "#define SG_FLAG_LUN_INHIBIT 2" in scsi/sg.h. kde/amarok-1.4.6-i486-1.tgz: Upgraded to amarok-1.4.6. l/esound-0.2.38-i486-1.tgz: Upgraded to esound-0.2.38. l/expat-2.0.1-i486-1.tgz: Upgraded to expat-2.0.1. l/gamin-0.1.8-i486-2.tgz: Changed options to --disable-dnotify and --enable-inotify, which is a superior filesystem tracking method on 2.6.13+ kernels. Thanks to Andrey V. Panov. l/glibc-2.5-i486-4.tgz: Recompiled against the correct 2.6.21.5 headers. l/glibc-i18n-2.5-noarch-4.tgz: Rebuilt. l/glibc-profile-2.5-i486-4.tgz: Recompiled. l/libglade-2.6.1-i486-1.tgz: Upgraded to libglade-2.6.1. l/mhash-0.9.9-i486-1.tgz: Upgraded to mhash-0.9.9. n/mcabber-0.9.3-i486-1.tgz: Upgraded to mcabber-0.9.3. n/net-snmp-5.4-i486-5.tgz: Recompiled without the --enable-reentrant which was causing snmpd to not work. Added a more simple, Slackware-like rc.snmpd. Thanks to Piter Punk for fixing this. n/network-scripts-12.0-noarch-1.tgz: Rebuilt to include the better-commented rc.inet1.conf that was added to source/n/network-scripts/ back in May. Thanks to Eric Hameleers for noticing that the package never got a rebuild after that change. xap/pan-0.131-i486-1.tgz: Upgraded to pan-0.131. xap/pidgin-2.0.2-i486-1.tgz: Upgraded to pidgin-2.0.2. xap/vim-gvim-7.1.012-i486-1.tgz: Upgraded to vim-7.1.012 for GTK+. This also requires the main VIM package... extra/linux-2.6.21.5-nosmp-sdk/: Upgraded the kit to transform the Linux kernel sources in /usr/src/linux/ from SMP to non-SMP without having to recompile them. NOTE: it is probably best to use the SMP kernel even in a single processor machine if it will run. The non-SMP kernels should really be used only in machines that are not at least a Pentium-Pro, or that (for some other reason) will not properly run the SMP kernel. kernels/hugesmp.s/*: Recompiled the hugesmp.s 2.6.21.5 SMP kernel. kernels/huge.s/*: Recompiled the huge.s 2.6.21.5 single processor kernel. kernels/speakup.s/*: Updated speakup from CVS (2007-06-20) and recompiled. testing/packages/gutenprint-5.0.1-i486-1.tgz: Upgraded to gutenprint-5.0.1. +--------------------------+ Thu Jun 14 16:39:01 CDT 2007 It's that time again, and here we have Slackware 12.0 release candidate 1! :-) If we're lucky, we got it all right the first time. Big thanks to the crew. a/aaa_base-12.0.0-noarch-1.tgz: Updated versions to 12.0. a/aaa_elflibs-12.0.0-i486-1.tgz: Updated the initial library collection. a/coreutils-6.9-i486-1.tgz: Upgraded to coreutils-6.9. a/cryptsetup-1.0.5-i486-1.tgz: Added cryptsetup-1.0.5. Thanks to Eric Hameleers. a/device-mapper-1.02.19-i486-1.tgz: Split udev rules out of 50-udev-rules into 64-device-mapper.rules in this package. Thanks to Piter Punk. Added a few more ./configure options to ensure that device permissions are the same as for other disk devices. Thanks to Cal Peake. Moved from AP. a/file-4.21-i486-1.tgz: Upgraded to file-4.21. a/findutils-4.2.31-i486-1.tgz: Upgraded to findutils-4.2.31. a/gettext-0.16.1-i486-2.tgz: Recompiled. a/glibc-solibs-2.5-i486-3.tgz: Recompiled against 2.6.21.5 kernel headers. a/glibc-zoneinfo-2.5-noarch-3.tgz: Upgraded to tzcode/tzdata 2007f. a/kernel-generic-2.6.21.5-i486-1.tgz: Upgraded to Linux 2.6.21.5 single processor generic.s (requires initrd) kernel. a/kernel-generic-smp-2.6.21.5_smp-i686-1.tgz: Upgraded to Linux 2.6.21.5 SMP gensmp.s (requires initrd) kernel. a/kernel-huge-2.6.21.5-i486-1.tgz: Upgraded to Linux 2.6.21.5 single processor huge.s (full-featured) kernel. a/kernel-huge-smp-2.6.21.5_smp-i686-1.tgz: Upgraded to Linux 2.6.21.5 SMP hugesmp.s (full-featured) kernel. a/kernel-modules-2.6.21.5-i486-1.tgz Upgraded to Linux 2.6.21.5 UP single processor kernel modules. a/kernel-modules-smp-2.6.21.5_smp-i686-1.tgz Upgraded to Linux 2.6.21.5 SMP kernel modules. a/lilo-22.8-i486-4.tgz: Fixed some menu formatting in liloconfig. a/lvm2-2.02.09-i486-1.tgz: Moved from AP. a/mdadm-2.6.1-i486-1.tgz: Moved from AP. a/mkinitrd-1.1.2-i486-2.tgz: Added $@ after /sbin/init in the initrd. Added additional option -C option for cryptsetup, and -L option for LVM to mkinitrd. Thanks to Eric Hameleers and Piter Punk. :-) a/mt-st-0.9b-i486-2.tgz: Moved from AP. a/mtx-1.3.9-i486-2.tgz: Moved from AP. a/openssl-solibs-0.9.8e-i486-3.tgz: Recompiled. a/pciutils-2.2.5-i486-1.tgz: Upgraded to pciutils-2.2.5. a/pkgtools-12.0.0-noarch-1.tgz: Bumped version number. a/quota-3.13-i486-1.tgz: Moved from AP. a/sdparm-1.01-i486-2.tgz: slack-desc typo fix. a/syslinux-3.36-i486-1.tgz: Upgraded to syslinux-3.36. a/sysvinit-scripts-1.2-noarch-12.tgz: Fixed missing "start" for rc.ntpd in rc.M. Thanks to Dieter Rauschenberger, Gunnar Florus, and ivv mm for reporting this. Fixed missing rc.bluetooth start in rc.M. Thanks to Ricardson Williams. Moved the LVM init block in rc.S closer to the start of the script (right after udev) to make root-on-LVM (with an appropriate initrd) more feasible. Suggested by Eric Hameleers, with thanks to Luigi Genoni for helpful advice. a/udev-111-i486-3.tgz: Removed device-mapper rules from 50-udev-rules. Fixed a bug in /lib/udev/modprobe.sh. Thanks to Piter Punk. ap/alsa-utils-1.0.14-i486-1.tgz: Upgraded to alsa-utils-1.0.14. ap/hplip-1.7.4a-i486-2.tgz: Changed the default mode on rc.hplip.new to 644. ap/lsof-4.78-i486-1.tgz: Upgraded to lsof-4.78. ap/man-pages-2.55-noarch-1.tgz: Upgraded to man-pages-2.55. ap/vim-7.1.002-i486-1.tgz: Upgraded to vim-7.1.002. Fixed sh syntax highlighting. Thanks to Amritpal Bath and Chip Campbell for the report and fix. d/doxygen-1.5.2-i486-1.tgz: Upgraded to doxygen-1.5.2. d/gettext-tools-0.16.1-i486-2.tgz: Removed (probably) useless archive.tar.gz blob from the package. Thanks to Tomas Matejicek for pointing it out. d/git-1.5.2.1-i486-1.tgz: Upgraded to git-1.5.2.1. d/kernel-headers-2.6.21.5_smp-i386-1.tgz: Upgraded to Linux 2.6.21.5 SMP kernel headers. d/p2c-1.21alpha2-i486-2.tgz: Recompiled with gcc4 to get this working again. Thanks to Martijn Dekker for noticing the problem and suggesting some improvements. d/subversion-1.4.4-i486-1.tgz: Upgraded to subversion-1.4.4. f/linux-howtos-20070609-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070609. k/kernel-source-2.6.21.5_smp-noarch-1.tgz Upgraded to Linux 2.6.21.5 SMP kernel source. Thanks to Shridhar for noticing that the oprofile module was not in .config. kde/knemo-0.4.8-i486-1.tgz: Added knemo-0.4.8. kde/kdesdk-3.5.7-i486-2.tgz: Fixed uncompressed man pages. This also seemed to pick up new support for bugzilla. Thanks to Michael Wagner for pointing out the uncompressed man pages. kde/kdelibs-3.5.7-i486-2.tgz: Patched to call utempter in the proper location and with the right arguments. Thanks to Ken Milmore for the patch. kde/koffice-1.6.3-i486-1.tgz: Upgraded to koffice-1.6.3. kde/kvpnc-0.8.9-i486-1.tgz: Added kvpnc-0.8.9. kdei/koffice*: Upgraded to koffice-l10n 1.6.3. l/alsa-lib-1.0.14a-i486-1.tgz: Upgraded to alsa-lib-1.0.14a. l/alsa-oss-1.0.14-i486-1.tgz: Upgraded to alsa-oss-1.0.14. l/cairo-1.4.8-i486-1.tgz: Upgraded to cairo-1.4.8. l/glibc-2.5-i486-3.tgz: Recompiled against 2.6.21.5 kernel headers. l/glibc-profile-2.5-i486-3.tgz: Recompiled against 2.6.21.5 kernel headers. l/gtk+2-2.10.13-i486-1.tgz: Upgraded to gtk+2-2.10.13. l/hal-0.5.9-i486-3.tgz: Changed the default mode on rc.hald.new to 755. l/mcs-0.4.1-i486-2.tgz: slack-desc typo fix. l/lzo-2.02-i486-1.tgz: Added lzo-2.02. Thanks to Ricardson Williams. l/shared-mime-info-0.21-i486-2.tgz: Fixed an uncompressed man page. Thanks to Michael Wagner for pointing out the uncompressed man page. l/svgalib_helper-1.9.25_2.6.21.5-i486-1.tgz: Upgraded svgalib_helper package. Both SMP and non-SMP kernel modules are included. l/t1lib-5.1.0-i486-3.tgz: Corrected the font search path. Thanks to Guru. l/vte-0.16.5-i486-1.tgz: Upgraded to vte-0.16.5. n/bind-9.4.1-i486-1.tgz: Upgraded to bind-9.4.1. n/httpd-2.2.4-i486-4.tgz: Moved the main directory to the usual Slackware location of "/var/www", which should ease transitioning existing sites as well as prevent /srv from becoming (right away) a bloated top-level directory. In /srv, make two symlinks for FHS compliance: /srv/www -> /var/www (this makes htdig with KDE work again), and /srv/httpd -> /var/www (/srv/httpd will be the default path used in the httpd.conf, and seems to me to be following the spirit behind "/srv"). Thanks to Willy Sudiarto Raharjo for pointing out that these paths needed some adjustment to fix KDE's help search system (htdig). Since the old apache had visible log files (in a 755 mode directory), make these visible, too. If the admin wants to lock them down, we'll make sure the chosen mode sticks. Thanks to Dieter Rauschenberger. n/lynx-2.8.6rel.5-i486-1.tgz: Upgraded to lynx-2.8.6rel.5. Compiled with --with-screen=ncursesw and --enable-widec. Thanks to Stas Boukarev. n/mcabber-0.9.2-i486-1.tgz: Added mcabber-0.9.2. n/mtr-0.72-i486-1.tgz: Added mtr-0.72. n/net-snmp-5.4-i486-4.tgz: Fixed a few uncompressed man pages. Thanks to Michael Wagner for pointing out the uncompressed man pages. n/nmap-4.20-i486-1.tgz: Upgraded to nmap-4.20. n/openssl-0.9.8e-i486-3.tgz: Added certwatch script. Thanks to Jan Rafaj. n/openvpn-2.0.9-i486-1.tgz: Added openvpn-2.0.9. Thanks to Alan Hicks. :-) n/sendmail-8.14.1-i486-1.tgz: Upgraded to sendmail-8.14.1. Changed the default mode on rc.sendmail.new to 644. n/sendmail-cf-8.14.1-noarch-1.tgz: Upgraded to sendmail-8.14.1 config files. n/tcpdump-3.9.5-i486-1.tgz: Upgraded to tcpdump-3.9.5. n/vlan-1.9-i486-2.tgz: Recompiled. tcl/tcl-8.4.15-i486-1.tgz: Upgraded to tcl-8.4.15. tcl/tk-8.4.15-i486-1.tgz: Upgraded to tk-8.4.15. x/dejavu-ttf-2.17-noarch-1.tgz: Upgraded to dejavu-ttf-2.17. x/xkeyboard-config-0.9-noarch-2.tgz: Make sure /etc/X11/xkb/symbols/pc is installed as a file. If not, back up /etc/X11/xkb to make way for the new structure of xkeyboard-config. Thanks to Corvin Dun and David Jeannot for the bug reports. xap/audacious-plugins-1.3.5-i486-1.tgz: Upgraded to audacious-plugins-1.3.5. xap/mozilla-thunderbird-2.0.0.4-i686-1.tgz: Upgraded to thunderbird-2.0.0.4. This upgrade fixes two possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) xap/pidgin-2.0.1-i486-1.tgz: Upgraded to pidgin-2.0.1. xap/vim-gvim-7.1.002-i486-1.tgz: Upgraded to GTK+ vim-7.1.002 add-on. xap/xfce-4.4.1-i486-4.tgz: Fixed uncompressed man pages. Escaped the ':'s in /etc/profile.d/xfce.csh. Thanks to Laurence Darby. xap/xine-lib-1.1.7-i686-1.tgz: Upgraded to xine-lib-1.1.7. extra/grub/grub-0.97-i486-3.tgz: Use C locale for proper fdisk parsing in other locales. Thanks to Seb for the patch. :-) extra/intel-wlan-ipw3945: Added kernel patches and support sources for using the Intel ipw3945 wireless drivers. Due to the need to patch the kernel for a newer ieee80211 subsystem, these are all in source form rather than as packages. Consider it an opportunity to learn. :-) extra/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-i486-1.tgz: Recompiled linux-wlan-ng-0.2.8 with modules for Linux 2.6.21.5 (both SMP and non-SMP). extra/linux-2.6.21.5-nosmp-sdk/: Upgraded the kit to transform the Linux kernel sources in /usr/src/linux/ from SMP to non-SMP without having to recompile them. NOTE: it is probably best to use the SMP kernel even in a single processor machine if it will run. The non-SMP kernels should really be used only in machines that are not at least a Pentium-Pro, or that (for some other reason) will not properly run the SMP kernel. extra/slackpkg/slackpkg-2.61-noarch-2.tgz: Upgraded to slackpkg-2.61-noarch-2. Thanks to Piter Punk! isolinux/initrd.img: Merged Eric Hameleers' LVM installer changes. Added cryptsetup. Updated syslinux. Added dhcpcd. Version number bump. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.21.5. kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.21.5 (SMP). kernels/speakup.s/*: Added kernel with Speakup support. usb-and-pxe-installers/: Updated USB and PXE installers with merged-in (semi-DIY) LVM and crypto support. Thanks to Eric Hameleers! usb-and-pxe-installers/etherboot/: Added floppy images to support a PXE install with Ethernet cards and/or BIOS that lack hardware PXE support. Thanks to Erik Jan Tromp for keeping the floppy disk install alive! +--------------------------+ Wed Jun 13 22:14:23 CDT 2007 l/libexif-0.6.16-i486-1.tgz: Upgraded to libexif-0.6.16. An integer overflow in libexif can crash applications that use the library on malformed images. The upstream advisory indicates that this flaw could also be used to execute arbitrary code in the context of the user, but no exploit is known (by us) to exist among iDefense's researchers or in the wild. But, as a crash bug and heap overflow one must suppose that the possibility exists. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168 (* Security fix *) +--------------------------+ Fri Jun 1 19:42:08 CDT 2007 x/libSM-1.0.3-i486-1.tgz: Upgraded to libSM-1.0.3. x/xf86-video-ati-6.6.192-i486-1.tgz: Upgraded to xf86-video-ati-6.6.192. x/xf86-video-nv-2.0.96-i486-1.tgz: Upgraded to xf86-video-nv-2.0.96. x/xinit-1.0.4-i486-1.tgz: Upgraded to xinit-1.0.4. xap/mozilla-firefox-2.0.0.4-i686-1.tgz: Upgraded to mozilla-firefox-2.0.0.4. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/seamonkey-1.1.2-i486-1.tgz: Upgraded to seamonkey-1.1.2. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Fri Jun 1 14:19:37 CDT 2007 n/php-5.2.3-i486-1.tgz: Upgraded to php-5.2.3. Here's some basic information about the release from php.net: "This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases. These regressions relate to the timeout handling over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in certain conditions. All users are encouraged to upgrade to this release." For more complete information, see: http://www.php.net/releases/5_2_3.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872 (* Security fix *) +--------------------------+ Thu May 31 22:38:10 CDT 2007 a/gpm-1.20.1-i486-4.tgz: Added exps2 to the setup.mouse menu (thanks alphageek) a/hdparm-7.4-i486-1.tgz: Upgraded to hdparm-7.4. a/lilo-22.8-i486-3.tgz: Restored device-mapper support. Made the MBR the default selection in the LILO target menu. a/reiserfsprogs-3.6.19-i486-2.tgz: Recompiled. a/sdparm-1.01-i486-1.tgz: Added sdparm-1.01. a/sysvinit-scripts-1.2-noarch-11.tgz: Start rc.ntpd in rc.M (if executable). a/udev-111-i486-2.tgz: Merged various changes from Piter Punk to more easily blacklist the PnP modules. Thanks! :-) ap/device-mapper-1.02.19-i486-1.tgz: Upgraded to device-mapper-1.02.19. d/gperf-3.0.3-i486-1.tgz: Upgraded to gperf-3.0.3. n/nfs-utils-1.1.0-i486-2.tgz: Removed dangling symlinks in /sbin. Thanks to Luigi Genoni. isolinux/initrd.img: Added libdevmapper, upgraded to the latest dmsetup. +--------------------------+ Wed May 30 22:14:18 CDT 2007 kde/kdeutils-3.5.7-i486-2.tgz: Patched to fix a problem with the klaptopdaemon library. Thanks to Ricardson Williams for the bug report. l/dbus-1.0.2-i486-3.tgz: Fixed startup script to avoid problems when D-Bus doesn't clean up its .pid file. l/hal-0.5.9-i486-2.tgz: Cleanups to rc.hald. Thanks to "ivv mm" for reporting the problem with these startup scripts (most obvious if one tries to go to runlevel 1 and then back to runlevel 3). +--------------------------+ Mon May 28 20:03:53 CDT 2007 a/dialog-1.1_20070528-i486-1.tgz: Upgraded to dialog-1.1_20070528. a/etc-11.1-noarch-6.tgz: Added power (84) group to /etc/group. Added haldaemon (82) user to /etc/passwd, group to /etc/group, and empty shadow line to /etc/shadow. a/kernel-generic-smp-2.6.21.3_smp-i686-1.tgz: Upgraded to Linux 2.6.21.3 SMP gensmp.s (requires initrd) kernel. a/kernel-generic-2.6.21.3-i486-1.tgz: Upgraded to Linux 2.6.21.3 single processor generic.s (requires initrd) kernel. a/kernel-huge-smp-2.6.21.3_smp-i686-1.tgz: Upgraded to Linux 2.6.21.3 SMP hugesmp.s (full-featured) kernel. a/kernel-huge-2.6.21.3-i486-1.tgz: Upgraded to Linux 2.6.21.3 single processor huge.s (full-featured) kernel. a/kernel-modules-smp-2.6.21.3_smp-i686-1.tgz: Upgraded to Linux 2.6.21.3 SMP kernel modules. a/kernel-modules-2.6.21.3-i486-1.tgz: Upgraded to Linux 2.6.21.3 UP single processor kernel modules. a/pkgtools-11.0.9-noarch-6.tgz: Support making a USB boot stick during the installation process as an emergency boot device. Thanks to Eric Hameleers! Added more options to the setup.services menu. a/sysvinit-scripts-1.2-noarch-10.tgz: In rc.M, start rc.hald if executable. d/kernel-headers-2.6.21.3_smp-i386-1.tgz: Upgraded to Linux 2.6.21.3 SMP kernel headers. d/pkg-config-0.21-i486-5.tgz: Recompiled, removing /opt/kde/lib/pkgconfig from PKG_CONFIG_PATH. Thanks to sombriks. :-) k/kernel-source-2.6.21.3_smp-noarch-1.tgz: Upgraded to Linux 2.6.21.3 SMP kernel source. kde/amarok-1.4.5-i486-5.tgz: Recompiled against new libraries. kde/kdeaccessibility-3.5.7-i486-1.tgz: Upgraded to kdeaccessibility-3.5.7. kde/kdeaddons-3.5.7-i486-1.tgz: Upgraded to kdeaddons-3.5.7. kde/kdeadmin-3.5.7-i486-1.tgz: Upgraded to kdeadmin-3.5.7. kde/kdeartwork-3.5.7-i486-1.tgz: Upgraded to kdeartwork-3.5.7. kde/kdebase-3.5.7-i486-1.tgz: Upgraded to kdebase-3.5.7. (with HAL support) kde/kdebindings-3.5.7-i486-1.tgz: Upgraded to kdebindings-3.5.7. kde/kdeedu-3.5.7-i486-1.tgz: Upgraded to kdeedu-3.5.7. kde/kdegames-3.5.7-i486-1.tgz: Upgraded to kdegames-3.5.7. kde/kdegraphics-3.5.7-i486-1.tgz: Upgraded to kdegraphics-3.5.7. kde/kdelibs-3.5.7-i486-1.tgz: Upgraded to kdelibs-3.5.7. kde/kdemultimedia-3.5.7-i486-1.tgz: Upgraded to kdemultimedia-3.5.7. kde/kdenetwork-3.5.7-i486-1.tgz: Upgraded to kdenetwork-3.5.7. kde/kdepim-3.5.7-i486-1.tgz: Upgraded to kdepim-3.5.7. kde/kdesdk-3.5.7-i486-1.tgz: Upgraded to kdesdk-3.5.7. kde/kdetoys-3.5.7-i486-1.tgz: Upgraded to kdetoys-3.5.7. kde/kdeutils-3.5.7-i486-1.tgz: Upgraded to kdeutils-3.5.7. kde/kdevelop-3.4.1-i486-1.tgz: Upgraded to kdevelop-3.4.1. kde/kdewebdev-3.5.7-i486-1.tgz: Upgraded to kdewebdev-3.5.7. kdei/*: Upgraded to kde-i18n 3.5.7. l/arts-1.5.7-i486-1.tgz: Upgraded to arts-1.5.7. l/dbus-1.0.2-i486-2.tgz: Patched rc.messagebus to add a "reload" option to be used after adding users to groups such as plugdev, cdrom, etc. Thanks to Eric Hameleers. l/dbus-glib-0.73-i486-1.tgz: Upgraded to dbus-glib-0.73. l/desktop-file-utils-0.12-i486-2.tgz: Added BLURB to setup script. l/hal-0.5.9-i486-1.tgz: Added hal-0.5.9. Thanks to Ole Andre Rodlie and Robby Workman for the help. :-) l/hal-info-20070516-noarch-1.tgz: Added hal-info-20070516. l/libexif-0.6.15-i486-1.tgz: Upgraded to libexif-0.6.15. l/libkarma-0.1.0-i486-1.tgz: Upgraded to libkarma-0.1.0. l/libmtp-0.1.5-i486-1.tgz: Upgraded to libmtp-0.1.5. l/libnjb-2.2.5-i486-4.tgz: Moved libnjb.rules to 80-libnjb.rules. Got rid of obsolete hotplug files. l/shared-mime-info-0.21-i486-1.tgz: Upgraded to shared-mime-info-0.21. Added BLURB to setup script. l/svgalib-1.9.25-i486-1.tgz: This package no longer contains the kernel modules required by svgalib, which are now packaged in a separate svgalib_helper package. l/svgalib_helper-1.9.25_2.6.21.3-i486-1.tgz: Added svgalib_helper containing the kernel helper module for svgalib. Both SMP and non-SMP modules are included in the package. l/qt-3.3.8-i486-4.tgz: Rebuilt with the sources in /usr/lib/qt/, but using DESTDIR to create a finished package in /tmp. Thanks to Stuart Winter for figuring out this trick. :-) n/httpd-2.2.4-i486-3.tgz: Fixed recursion bug in the logrotate config file. Fixed incorrect options to rc.httpd (thanks to mrgoblin). n/mutt-1.4.2.3-i486-1.tgz: Upgraded to mutt-1.4.2.3. n/php-5.2.2-i486-3.tgz: Modularized all extensions, and fixed PEAR problems. Moved PHP session file to /var/lib/php. Show an example of how to run all .php, .html, and .htm files through PHP by default (thanks to mrgoblin). Thanks to Rodrigo Fuentealba for help on what ./configure options to use. n/samba-3.0.25a-i486-1.tgz: Upgraded to samba-3.0.25a. This fixes some major (non-security) bugs in samba-3.0.25 -- see the WHATSNEW.txt for details. x/x11-skel-7.1-noarch-6.tgz: Fixed number of lines in slack-desc. xap/audacious-plugins-1.3.4-i486-2.tgz: Fixed crash on non-SSE2 platforms due to use of an SSE2 instruction in the libmadplug.so plugin. Thanks to everyone who reported this, to Giacomo Lozito for the patch, and to Tsomi for testing it. :-) xap/blackbox-0.65.0-i486-4.tgz: Fixed the SlackBuild to build bbkeys. Thanks to Mikhail Zotov for the bug report and fix. xap/gimp-2.2.15-i486-1.tgz: Upgraded to gimp-2.2.15. xap/sane-1.0.18-i486-5.tgz: Moved libsane.rules to 80-libsane.rules. Got rid of obsolete hotplug files. xap/xfce-4.4.1-i486-3.tgz: Recompiled against HAL. extra/linux-2.6.21.3-nosmp-sdk/: Upgraded the kit to transform the Linux kernel sources in /usr/src/linux/ from SMP to non-SMP without having to recompile them. NOTE: it is probably best to use the SMP kernel even in a single processor machine if it will run. The non-SMP kernels should really be used only in machines that are not at least a Pentium-Pro, or that (for some other reason) will not properly run the SMP kernel. extra/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.3-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.8 with modules for Linux 2.6.21.3 (both SMP and non-SMP). extra/xcdroast: This has been shuffled off to unsupported, at least for now. But before moving it, it was patched for -current and rebuilt with GTK+2. isolinux/initrd.img: Comment out /dev/cdrom line in /etc/fstab, as it interferes with HAL. After installing, you'll have to decide if the machine will use HAL or not. If so, rc.hald will have been selected to run during the installation (by default it will be off), or chmoded 755 later. If HAL will not be used, the line in /etc/fstab should be uncommented. Changed timezone on the installer to GMT-12, so that when the true timezone is known at first boot, the filesystems will all have been created and last checked in the past. Added /sbin/sfdisk. isolinux/{network,pcmcia}.dsk: Upgraded to 2.6.21.3 modules (thanks Eric!). kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.21.3 (SMP). kernels/huge.s/*: Upgraded huge.s kernel to 2.6.21.3. kernels/gensmp.s/*: Upgraded gensmp.s kernel to 2.6.21.3 (SMP). kernels/generic.s/*: Upgraded generic.s kernel to 2.6.21.3. usb-and-pxe-installers/: Updated USB and PXE installers. Thanks to Eric Hameleers. +--------------------------+ Sun May 20 21:40:15 CDT 2007 a/umsdos-progs-1.13-i386-1.tgz: Removed, since the 2.6.x kernel does not support the UMSDOS filesystem. n/httpd-2.2.4-i486-2.tgz: Fixed /usr/doc/httpd-2.2.4/ directory. +--------------------------+ Sat May 19 15:49:00 CDT 2007 a/etc-11.1-noarch-5.tgz: Added plugdev group (83). Added apache user and group (80). a/udev-111-i486-1.tgz: Upgraded to udev-111. Thanks to Piter Punk for keeping everything in this package working as well as it does. :-) d/subversion-1.4.3-i486-2.tgz: Recompiled with support for the mod_authz_svn and mod_dav_svn modules for httpd-2.2.4 (apache2). l/pilot-link-0.12.2-i486-3.tgz: Removed empty /usr/share/pilot-link/udev/. n/apache-1.3.37-i486-3.tgz: Removed. n/bluez-utils-3.9-i486-3.tgz: Added "restart" to rc.bluetooth, and rewrote it to be more like the other Slackware rc.* scripts. Chmoded /etc/bluetooth/passkeys/ to mode 700. Located the udev related files properly (thanks to Piter Punk). n/httpd-2.2.4-i486-1.tgz: The package formerly known as "apache", upgraded to httpd-2.2.4. n/mod_ssl-2.8.28_1.3.37-i486-1.tgz: Removed, as this is now built into httpd. n/nfs-utils-1.1.0-i486-1.tgz: Upgraded to nfs-utils-1.1.0. This no longer tries to use "rpc.lockd" (nor contains it), so be sure to upgrade to the new versions of the init scripts. Thanks to Jonathan Woithe for the hint about linking with -lnsl after -lwrap, and for passing along a small patch for a memory leak in mountd. n/obexftp-0.21-i486-1.tgz: Added obexftp-0.21. n/php-5.2.2-i486-2.tgz: Upgraded to php-5.2.2. n/portmap-6.0-i486-1.tgz: Upgraded to portmap-6.0. n/wireless-tools-28-i486-5.tgz: Applied a patch from Eric Hameleers to fix a problem reported by Michiel P.H. van Wessem. isolinux/initrd.img: Upgraded /sbin/mdadm to version 2.6.1. +--------------------------+ Wed May 16 15:49:51 CDT 2007 a/sysvinit-scripts-1.2-noarch-9.tgz: Many reports of problems after the last addition of the old trick for flushing disk buffers. I guess if your rc.local needs this sort of thing to avoid trouble at boot, that you'd better add it near the beginning of that script. l/libpng-1.2.18-i486-1.tgz: Upgraded to libpng-1.2.18. A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some libpng applications. This vulnerability has been assigned the identifiers CVE-2007-2445 and CERT VU#684664. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 (* Security fix *) +--------------------------+ Tue May 15 21:50:17 CDT 2007 a/etc-11.1-noarch-4.tgz: The lack of a shadow entry for "messagebus" was bothering some people, so it was added (but it should make no difference). a/infozip-5.52-i486-2.tgz: Upgraded zip to version 2.32. Restored missing COPYING.OLD text file (reported by Steffen Wendzel). a/sysvinit-2.86-i486-5.tgz: Removed the sysvinit runlevel directories. a/sysvinit-functions-8.53-i486-2.tgz: Moved all the non-Slackware-like runlevel directories, etc, into this package. If nothing on your machine uses it, it is safe to remove. I promised "guru" not to clutter up his machine with these. :-) a/sysvinit-scripts-1.2-noarch-8.tgz: Removed the sysvinit runlevel directories. Added a wait/sync/sleep before rc.local to be sure all I/O is done. Thanks to Mark for the advice on that. a/udev-109-i486-3.tgz: Changed the following serial-type devices to use group uucp: ttyS[0-9]*, ttyUSB[0-9]*, ippp0, isdn*, dcbri*, and ircomm*. ap/ksh93-2007_03_28-i486-2.tgz: Fixed incorrect locale file permissions. Thanks to Piter Punk. ap/man-pages-2.48-noarch-1.tgz: Upgraded to man-pages-2.48. ap/mt-st-0.9b-i486-2.tgz: Added mt-st.1.gz -> mt.1.gz symlink. Thanks to Piter Punk. d/git-1.5.1.4-i486-1.tgz: Upgraded to git-1.5.1.4. l/pilot-link-0.12.2-i486-2.tgz: Changed udev rules to use group "uucp", which has traditionally been the serial device group for Slackware, Red Hat, and many other distributions. n/bluez-utils-3.9-i486-2.tgz: Rebuilt with suggestions and addtions from the folks at slacky.eu. Thanks! :-) n/net-snmp-5.4-i486-3.tgz: Added missing /var/lib/net-snmp directory. Thanks to Luczak Jacek. n/netkit-rwho-0.17-i486-2.tgz: Fixed missing /var/spool/rwho. Thanks to Piter Punk. n/network-scripts-11.1-noarch-3.tgz: Changed netconfig's method of determining if it is running from the installer. Hopefully it will get it right more often now. :-) Thanks to Marco Bonetti. n/openobex-1.3-i486-1.tgz: Added openobex-1.3. xap/gnuchess-5.07-i486-3.tgz: Upgraded to eboard-1.0.3, and applied various other fixes provided by Yair K. Thanks! extra/ktorrent/ktorrent-2.1.4-i486-1.tgz: Upgraded to ktorrent-2.1.4. extra/linux-2.6.21.1-nosmp-sdk/patch-to-non-smp.sh: Patched to fix an incorrect path to the kernel sources. Thanks to Michael Gehring. +--------------------------+ Mon May 14 18:16:10 CDT 2007 a/openssl-solibs-0.9.8e-i486-2.tgz: Patched a small bug that could cause OpenSSL to improperly decrypt older archives. ap/vim-7.1.001-i486-1.tgz: Upgraded to vim-7.1.001. n/openssl-0.9.8e-i486-2.tgz: Patched, recompiled. n/samba-3.0.25-i486-1.tgz: Upgraded to samba-3.0.25. Security Fixes included in the Samba 3.0.25 release are: o CVE-2007-2444 Versions: Samba 3.0.23d - 3.0.25pre2 Local SID/Name translation bug can result in user privilege elevation o CVE-2007-2446 Versions: Samba 3.0.0 - 3.0.24 Multiple heap overflows allow remote code execution o CVE-2007-2447 Versions: Samba 3.0.0 - 3.0.24 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 (* Security fix *) xap/vim-gvim-7.1.001-i486-1.tgz: Upgraded to vim-7.1.001 for GTK+. isolinux/initrd.img: Applied patch to /bin/pcmcia to work with Eric's new pcmcia.dsk image. Thanks to Eric Hameleers for the patch. isolinux/pcmcia.dsk: PCMCIA tools added by Eric Hameleers. usb-and-pxe-installers/: Updated USB and PXE installers with PCMCIA support. Thanks to Eric Hameleers. +--------------------------+ Fri May 11 17:26:49 CDT 2007 a/bash-3.1.017-i486-2.tgz: Reverted back to bash-3.1.017 (recompiled). bash-3.2 was moved into /testing. Please see below for the full rationale. a/cups-1.2.11-i486-1.tgz: Upgraded to cups-1.2.11. Only link against OpenSSL, not GnuTLS (as this doesn't add any useful new functionality, only new dependencies). Thanks to Iain Paton for the report. Install any new rc.cups (or rc.cups.new) with the same perms as the old one. a/mkinitrd-1.1.2-i486-1.tgz: Fixed a bug where modules in the initrd were not being replaced with the newer versions in /lib/modules/$(uname -r) if they existed on the initrd already. Changed the load_kernel_modules script to use $(uname -r) when loading modules so that the same initrd can be used with many different kernels. Now, -k and -m can be used to add additional modules to an initrd without disturbing existing ones. ap/linuxdoc-tools-0.9.21-i486-4.tgz: Added asciidoc-8.2.1 and xmlto-0.0.18. Upgraded to docbook-4.5 and gtk-doc-1.8. Thanks to Stuart Winter for improving Jerome Pinot's original build scripts to build from as many original sources as possible, and adding new features. l/aspell-0.60.5-i486-2.tgz: Recompiled against libncursesw to enable utf8. Thanks to Tomas Szepe for letting me know aspell was missing utf8 support, and about the missing link (see directly below). l/ncurses-5.6-i486-2.tgz: Added /usr/include/ncurses -> /usr/include/ncursesw symlink. Thanks to Tomas Szepe for the bug report. n/epic4-2.6-i486-1.tgz: Upgraded to epic4-2.6. n/fetchmail-6.3.8-i486-2.tgz: Fetchmail installed a sample script in the docs world-writable. Fixed. Thanks to Piter Punk. n/gnupg2-2.0.4-i486-1.tgz: Upgraded to gnupg-2.0.4. n/iputils-s20070202-i486-2.tgz: Recompiled. The iputils SGML -> man pages will build now. :-) n/network-scripts-11.1-noarch-2.tgz: Merged fixes from Eric Hameleers. Reduced the default DCHP timeout from 60 to 30 seconds. Added an example of IP aliasing setup to /etc/rc.d/rc.inet1.conf.new. n/wireless-tools-28-i486-4.tgz: Applied Eric Hameleers' patch to rc.wireless. x/xorg-server-1.3.0.0-i486-2.tgz: Recompiled with a patch found on https://bugs.freedesktop.org/show_bug.cgi?id=9758 by Iain Paton, which should fix the issues with X ignoring dpi settings. x/xorg-server-xdmx-1.3.0.0-i486-2.tgz: Recompiled. x/xorg-server-xnest-1.3.0.0-i486-2.tgz: Recompiled. x/xorg-server-xvfb-1.3.0.0-i486-2.tgz: Recompiled. xap/audacious-plugins-1.3.4-i486-1.tgz: Upgraded to audacious-plugins-1.3.4. xap/pidgin-2.0.0-i486-2.tgz: Here's a little excerpt from: http://developer.pidgin.im/wiki/WhyPackagesExist "We have no developers using Slack, and furthermore, several of us actively dislike that distribution for its history of broken installs, as well as for its non-existant package management. You cannot create true packages for Slack." Well, I'm somewhat shocked by this, having never (to my knowledge) done anything to any of the former GAIM or Pidgin developers to make them mad at me, Slackware, or anyone on the Slackware team. I guess if they feel it's not possible to make a "true" Pidgin package for Slackware, there's no point in continuing to try. Having put out 7 security advisories on GAIM, I'm quite sure there will be less work here if Pidgin is not included. The Pidgin package has been moved to the "unsupported" directory. For the record, I do not actively dislike Pidgin or any of their developers, but I do plan to use Kopete from now on. xap/xpaint-2.7.8.1-i486-2.tgz: Moved man page to the correct location. Thanks to Dan Church for the bug report. extra/linux-2.6.21.1-nosmp-sdk: Added kernel-headers and a patch to easily convert from the default SMP Linux source configuration to the non-SMP one. If you are running a non-SMP kernel, once you run the script in this directory you will be able to easily install software that involves compiling kernel modules (such as the binary nVidia drivers). extra/parted/parted-1.8.7-i486-1.tgz: Upgraded to parted-1.8.7. isolinux/pcmcia.dsk: Updated by Eric Hameleers. testing/packages/bash-3.2.017-i486-1.tgz: Upgraded to bash-3.2.017. Moved here from slackware/a. Honestly, I think /testing may be a better place for bash-3.2 for a while longer -- it's causing trouble with many old scripts. So, we'll give it a while longer to stabilize and for scripts to catch up to any syntax changes which may have occurred. The fix for 99.9% of these old scripts is to not use the deprecated `command` syntax and instead use the $(command) syntax. usb-and-pxe-installers/: Updated USB and PXE installers. Thanks to Eric Hameleers. +--------------------------+ Wed May 9 00:16:20 CDT 2007 extra/slackpkg/slackpkg-2.60-noarch-1.tgz: Upgraded to slackpkg-2.60. Thanks to Piter Punk. +--------------------------+ Mon May 7 20:44:46 CDT 2007 a/gzip-1.3.12-i486-1.tgz: Upgraded to gzip-1.3.12. a/lilo-22.8-i486-2.tgz: Removed device-mapper/lvm2 support until we have new versions of both of these that will compile with this kernel. l/libxml2-2.6.28-i486-1.tgz: Upgraded to libxml2-2.6.28. n/curl-7.16.2-i486-1.tgz: Upgraded to curl-7.16.2. n/fetchmail-6.3.8-i486-1.tgz: Upgraded to fetchmail-6.3.8. Added "fetchmail is probably not secure" to slack-desc. When we've seldom had a Slackware release that didn't need a fetchmail security advisory before the next Slackware was out, I think that's fair to say. (* Security fix *) n/getmail-4.7.4-noarch-1.tgz: A secure python-based fetchmail alternative. n/gnutls-1.6.2-i486-1.tgz: Upgraded to gnutls-1.6.2. n/links-2.1pre28-i486-1.tgz: Upgraded to links-2.1pre28. n/netkit-ntalk-0.17-i486-2.tgz: Fixed build script and slack-desc. Thanks to Steffen Wendzel. n/ntp-4.2.4p0-i486-1.tgz: Upgraded to ntp-4.2.4p0. Thanks to Mikhail Ulanov for configuration and scripting help. n/php-4.4.7-i486-1.tgz: Upgraded to php-4.4.7. This fixes bugs and improves security. For more details, see: http://www.php.net/releases/4_4_7.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 (* Security fix *) xap/xchat-2.8.2-i486-1.tgz: Upgraded to xchat-2.8.2. extra/php5/php-5.2.2-i486-1.tgz: Upgraded to php-5.2.2. This fixes bugs and improves security. For more details, see: http://www.php.net/releases/5_2_2.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 (* Security fix *) extra/slacktrack/slacktrack-1.31-i486-2.tgz: Upgraded to slacktrack-1.31_2. Thanks to Stuart Winter. +--------------------------+ Sun May 6 15:48:18 CDT 2007 a/kernel-generic-2.6.21.1-i486-2.tgz: Recompiled. This should bring out 2.6.21.2 in a matter of seconds. a/kernel-generic-smp-2.6.21.1_smp-i686-2.tgz: Recompiled. a/kernel-huge-2.6.21.1-i486-2.tgz: Recompiled. a/kernel-huge-smp-2.6.21.1_smp-i686-2.tgz: Recompiled. a/kernel-modules-2.6.21.1-i486-2.tgz: Recompiled. a/kernel-modules-smp-2.6.21.1_smp-i686-2.tgz: Patched SiS 900 driver that was causing system crashes. Thanks to Michael Wagner, Paolo Segre, Piter Punk, and Jens Odsvall for reporting the problem. Usually I'd say to report it to the kernel people, but it's already in GIT and I'll make an exception this time about patching the kernel here. :-) d/kernel-headers-2.6.21.1_smp-i386-2.tgz: Rebuilt. a/mkinitrd-1.1.1-i486-1.tgz: Upgraded mkinitrd to 1.1.1. Thanks to Piter Punk for the patch to resolve kernel module dependencies automatically. :-) ap/dvd+rw-tools-7.0-i486-2.tgz: Applied a couple of patches needed to burn with 2.6.21.x kernels with some burners. Thanks to Fedora. ;-) ap/mdadm-2.6.1-i486-1.tgz: Upgraded to mdadm-2.6.1. k/kernel-source-2.6.21.1_smp-noarch-2.tgz: Patched SiS 900 driver. +--------------------------+ Sat May 5 14:09:30 CDT 2007 xap/pidgin-2.0.0-i486-2.tgz: My Pidgin build script left a couple "droppings" in the / directory. Thanks to all those who reported this. +--------------------------+ Fri May 4 21:21:56 CDT 2007 a/sysvinit-scripts-1.2-noarch-7.tgz: Added back calls to start/stop rc.pcmcia. Thanks to alemao for the bug report. a/openssl-solibs-0.9.8e-i486-1.tgz: Upgraded to openssl-0.9.8e. ap/dmidecode-2.9-i486-1.tgz: Added dmidecode-2.9. ap/hplip-1.7.4a-i486-1.tgz: Upgraded to hplip-1.7.4a. ap/lsscsi-0.19-i486-1.tgz: Added lsscsi-0.19. Thanks to Stuart Winter for suggesting this great tool. ap/vim-7.0.240-i486-1.tgz: Upgraded to vim-7.0.240. d/binutils-2.17.50.0.15-i486-1.tgz: Upgraded to binutils-2.17.50.0.15. d/python-2.5.1-i486-1.tgz: Upgraded to python-2.5.1. d/oprofile-0.9.2-i486-3.tgz: Recompiled against libbfd-2.17.50.0.15.20070418.so from binutils-2.17.50.0.15. l/cairo-1.4.6-i486-1.tgz: Upgraded to cairo-1.4.6. l/glib2-2.12.12-i486-1.tgz: Upgraded to glib-2.12.12. l/gnome-icon-theme-2.14.2-noarch-2.tgz: Fixed incorrect pkgconfig path. Thanks to Robby Workman. l/gtk+2-2.10.12-i486-1.tgz: Upgraded to gtk+-2.10.12. l/libart_lgpl-2.3.19-i486-1.tgz: Upgraded to libart_lgpl-2.3.19. l/pango-1.16.4-i486-1.tgz: Upgraded to pango-1.16.4. l/vte-0.16.3-i486-1.tgz: Upgraded to vte-0.16.3. n/lftp-3.5.10-i486-1.tgz: Upgraded to lftp-3.5.10. n/htdig-3.2.0b6-i486-3.tgz: Fixed a typo in the "common_dir" path in /etc/htdig.conf. Thanks to Tomasz Slodkowicz for pointing it out. n/irssi-0.8.11-i486-2.tgz: Fixed /usr/doc/irssi-0.8.11/docs directory perms. n/openssl-0.9.8e-i486-1.tgz: Upgraded to openssl-0.9.8e. x/libXcomposite-0.3.2-i486-1.tgz: Upgraded to libXcomposite-0.3.2. x/xf86-video-nv-2.0.95-i486-1.tgz: Upgraded to xf86-video-nv-2.0.95. xap/pidgin-2.0.0-i486-1.tgz: Added pidgin-2.0.0, renaming that other package ;-) and representing a major upgrade. Congratulations to the Pidgin team! xap/xine-ui-0.99.5-i686-1.tgz: Upgraded to xine-ui-0.99.5. xap/vim-gvim-7.0.240-i486-1.tgz: Upgraded to vim-7.0.240 for X11/GTK+. isolinux/initrd.img: Removed kernel modules. The kernels we're booting with now have these drivers built-in. +--------------------------+ Tue May 1 15:07:21 CDT 2007 a/glibc-solibs-2.5-i486-2.tgz: Recompiled against Linux 2.6.21.1. a/glibc-zoneinfo-2.5-noarch-2.tgz: Rebuilt from tzcode2007e and tzdata2007e. a/kernel-generic-2.6.21.1-i486-1.tgz: Upgraded to Linux 2.6.21.1 single processor generic.s (requires initrd). a/kernel-generic-smp-2.6.21.1_smp-i686-1.tgz: Upgraded to Linux 2.6.21.1 generic SMP gensmp.s (requires initrd) kernel. a/kernel-huge-2.6.21.1-i486-1.tgz: Upgraded to Linux 2.6.21.1 single processor huge.s (full-featured) kernel. a/kernel-huge-smp-2.6.21.1_smp-i686-1.tgz: Upgraded to Linux 2.6.21.1 SMP hugesmp.s (full-featured) kernel. a/kernel-modules-2.6.21.1-i486-1.tgz: Upgraded to Linux 2.6.21.1 single processor kernel modules. a/kernel-modules-smp-2.6.21.1_smp-i686-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel modules. a/pkgtools-11.0.9-noarch-5.tgz: Removed the "make boot disk" menu until we have a viable replacement implemented. Link up to the install kernel automatically. Setkernel menu eliminated -- feedback welcome. a/udev-109-i486-2.tgz: Fixed /sbin/scsi_id and /sbin/vol_id symlinks. Thanks to Alfredo Rojas Ilabaca. d/kernel-headers-2.6.21.1_smp-i386-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel headers. k/kernel-source-2.6.21.1_smp-noarch-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel source. l/glibc-2.5-i486-2.tgz: Recompiled against Linux 2.6.21.1. l/glibc-i18n-2.5-noarch-2.tgz: Rebuilt. l/glibc-profile-2.5-i486-2.tgz: Recompiled against Linux 2.6.21.1. l/svgalib-1.9.25_2.6.21.1-i486-1.tgz: Recompiled for Linux 2.6.21.1. kernels/generic.s/*: Upgraded generic.s kernel to 2.6.21.1. kernels/gensmp.s/*: Upgraded gensmp.s kernel to 2.6.21.1 (SMP). kernels/huge.s/*: Upgraded huge.s kernel to 2.6.21.1. kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.21.1 (SMP). isolinux/initrd.img: Upgraded kernel modules. isolinux/network.dsk: Added 2.6.21.1 SMP and non-SMP modules. usb-and-pxe-installers/: Updated USB and PXE installers. Thanks to Eric Hameleers. +--------------------------+ Mon Apr 30 01:35:44 CDT 2007 a/pcmciautils-014-i486-3.tgz: Merged patches from Piter Punk. a/sysvinit-functions-8.53-i486-1.tgz: Split the RH-like functions and the supporting binaries out into a new package. /etc/init.d/functions now requires no patching to work on Slackware. a/sysvinit-scripts-1.2-noarch-6.tgz: Removed "functions" and /etc/init.d/ symbolic link. Thanks to Giacomo Picconi for pointing out how the /etc/init.d/ symlink could wipe out existing scripts. ap/mc-4.6.1_20070309-i486-2.tgz: Changed from --with-x=no to --with-x=yes. MC can now load X support dynamically without requiring a hard link (or dependency) on any of the X packages. This gives better keyboard support in an xterm. Thanks to Andrey V. Panov for telling me about this. a/udev-109-i486-1.tgz: Upgraded to udev-109. Thanks to Piter Punk! Added /dev/ttyUSB* symlinks. Thanks to giovanni quadriglio. ap/nano-2.0.6-i486-1.tgz: Upgraded to nano-2.0.6. l/cairo-1.4.4-i486-1.tgz: Upgraded to cairo-1.4.4. n/biff+comsat-0.17-i486-1.tgz: Split from old tcpip package. n/bridge-utils-1.2-i486-1.tgz: Split from old tcpip package. n/bsd-finger-0.17-i486-1.tgz: Split from old tcpip package. n/dnsmasq-2.39-i486-1.tgz: Upgraded to dnsmasq-2.39. n/ethtool-5-i486-1.tgz: Split from old tcpip package. n/icmpinfo-1.11-i486-1.tgz: Split from old tcpip package. n/iputils-s20070202-i486-1.tgz: Split from old tcpip package. Upgraded to iputils-s20070202. n/irssi-0.8.11-i486-1.tgz: Upgraded to irssi-0.8.11. n/net-tools-1.60-i486-1.tgz: Split from old tcpip package. n/netdate-bsd4-i486-1.tgz: Split from old tcpip package. n/netkit-bootparamd-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-ftp-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-ntalk-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-routed-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-rsh-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-rusers-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-rwall-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-rwho-0.17-i486-1.tgz: Split from old tcpip package. n/netkit-timed-0.17-i486-1.tgz: Split from old tcpip package. n/net-snmp-5.4-i486-2.tgz: Fixed a bug in the build script where cat was used instead of zcat to install a compressed config file. Oddly, the -1 package seems to be OK though (the config file is not compressed). Thanks to Jacek Luczak for the bug report. Added --without-rpm to the ./configure list. Thanks to Stuart Winter. n/network-scripts-11.1-noarch-1.tgz: Split from old tcpip package. n/netwrite-0.17-i486-1.tgz: Split from old tcpip package. n/tcp_wrappers-7.6-i486-1.tgz: Split from old tcpip package. n/tcpip-0.17-i486-39.tgz: Removed. (split into tiny little pieces) n/telnet-0.17-i486-1.tgz: Split from old tcpip package. n/tftp-hpa-0.48-i486-1.tgz: Split from old tcpip package. Upgraded to tftp-hpa-0.48. n/vlan-1.9-i486-1.tgz: Split from old tcpip package. x/bdftopcf-1.0.1-i486-1.tgz: Upgraded to bdftopcf-1.0.1. x/inputproto-1.4.2-noarch-1.tgz: Upgraded to inputproto-1.4.2. x/xf86-input-joystick-1.2.1-i486-1.tgz: Upgraded to xf86-input-joystick-1.2.1. x/xf86-input-acecad-1.2.0-i486-1.tgz: Upgraded to xf86-input-acecad-1.2.0. x/xf86-video-ati-6.6.3-i486-3.tgz: Dropped back to xf86-video-ati-6.6.3 after more reports of signal 11 crashes at boot and general instability in the newer driver. The newer one is reported to be faster, though. :-) xap/gnuplot-4.2.0-i486-1.tgz: Upgraded to gnuplot-4.2.0. +--------------------------+ Mon Apr 23 20:41:35 CDT 2007 a/cxxlibs-6.0.8-i486-3.tgz: Added back libstdc++-3-libc6.2-2-2.10.0.so, which seems to be needed by a lot of binaries floating around. a/isapnptools-1.26-i486-2.tgz: Patched for newer kernels and recompiled. a/lilo-22.8-i486-1.tgz: Upgraded to lilo-22.8. a/sysvinit-scripts-1.2-noarch-5.tgz: Make a symlink /etc/init.d -> /etc/rc.d/rc.init.d, since that's where many things expect to find the "functions" script. Thanks to Catalin Tomozei for the report. In rc.M, move fc-cache further up and background the process. ap/nano-2.0.5-i486-1.tgz: Upgraded to nano-2.0.5. d/strace-4.5.15-i486-1.tgz: Upgraded to strace-4.5.15. kde/kdepim-3.5.6-i486-7.tgz: Recompiled against pilot-link-0.12.2. l/pilot-link-0.12.2-i486-1.tgz: Upgraded to pilot-link-0.12.2 compiled with support for BlueZ, or Bluetooth(TM). n/bluez-firmware-1.2-i486-1.tgz: Added bluez-firmware-1.2. n/bluez-hcidump-1.34-i486-1.tgz: Added bluez-hcidump-1.34. n/bluez-libs-3.9-i486-1.tgz: Added bluez-libs-3.9. n/bluez-utils-3.9-i486-1.tgz: Added bluez-utils-3.9. n/htdig-3.2.0b6-i486-2.tgz: Fix a couple bugs in the default config file. Thanks to Dieter Rauschenberger. x/x11-skel-7.1-noarch-5.tgz: Removed /etc/xdg symlink. x/: Removed a bunch of redundant .txt files. Thanks to Tomas Matejicek. extra/parted/parted-1.8.6-i486-1.tgz: Upgraded to parted-1.8.6. Thanks to Piter Punk for the ./configure patch. +--------------------------+ Sun Apr 22 19:32:55 CDT 2007 kde/kdepim-3.5.6-i486-6.tgz: Recompiled with a patch to fix utf8 password encoding in KMail. kdei/koffice-l10n-km-1.6.2-noarch-1a.tgz: Fixed empty slack-desc. x/ttf-indic-fonts-0.4.7.4-noarch-1.tgz: Upgraded to ttf-indic-fonts-0.4.7.4. +--------------------------+ Sun Apr 22 14:04:37 CDT 2007 a/etc-11.1-noarch-3.tgz: In ld.so.conf, remove /usr/X11R6/lib to prevent it from showing up in ldd paths. Thanks to TJ Nardi for the report. Removed /usr/X11R6/bin from the $PATH. l/freetype-2.3.4-i486-3.tgz: Evidently unless TT_CONFIG_OPTION_UNPATENTED_HINTING is undefined the bytecode interpreter will remain disabled even if TT_CONFIG_OPTION_BYTECODE_INTERPRETER is defined. Thanks to Eric Hameleers for the new patch. extra/jdk-6/jdk-6u1-i586-1.tgz: Some of the mirrors got a corrupted copy of this package, so I've touched the files to push them out to the mirrors again. usb-and-pxe-installers/: Updated USB and PXE installers. Thanks to Eric Hameleers. +--------------------------+ Sat Apr 21 15:19:04 CDT 2007 kde/amarok-1.4.5-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeaccessibility-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeaddons-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeadmin-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeartwork-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdebase-3.5.6-i486-5.tgz: Recompiled with --sysconfdir=/etc/kde. Added a symlink from /etc/X11/kdm to /etc/kde/kdm. In /etc/profile.d/kde.*sh, set XDG_CONFIG_DIRS to contain /etc/kde/xdg (plus /etc/xdg and any previously set $XDG_CONFIG_DIRS). This avoids a problem when several desktops use /etc/xdg for XDG_CONFIG_DIRS and files may get overwritten. Although /etc/xdg is defined as the default XDG config dir, nothing should really use it or collision problems may occur. Thanks to Gyula for pointing out this issue. kde/kdebindings-3.5.6-i486-5.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeedu-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdegames-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdegraphics-3.5.6-i486-5.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdelibs-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdemultimedia-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdenetwork-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdepim-3.5.6-i486-5.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdesdk-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdetoys-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdeutils-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdevelop-3.4.0-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/kdewebdev-3.5.6-i486-4.tgz: Recompiled with --sysconfdir=/etc/kde. kde/koffice-1.6.2-i486-5.tgz: Recompiled with --sysconfdir=/etc/kde. l/arts-1.5.6-i486-4.tgz: Recompiled. l/freetype-2.3.4-i486-2.tgz: Fixed bytecode interpreter patch and added a subpixel rendering patch. Note that these are disabled by default because they use methods which are patented by Apple and Microsoft. Do not enable them unless you have obtained the required licenses. l/jre-6u1-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 1. x/xf86-video-ati-6.6.191-i486-2.tgz: This seems to work without any noticable delays or other problems here now that we're using xorg-server-1.3.0.0, so we'll give it another try. x/xf86-video-intel-2.0.0-i486-1.tgz: Upgraded to xf86-video-intel-2.0.0. x/xorg-server-1.3.0.0-i486-1.tgz: Upgraded to xorg-server-1.3.0.0. x/xorg-server-xdmx-1.3.0.0-i486-1.tgz: Upgraded to xorg-server-1.3.0.0. x/xorg-server-xnest-1.3.0.0-i486-1.tgz: Upgraded to xorg-server-1.3.0.0. x/xorg-server-xvfb-1.3.0.0-i486-1.tgz: Upgraded to xorg-server-1.3.0.0. xap/imagemagick-6.3.3_9-i486-1.tgz: Upgraded to ImageMagick-6.3.3-9. xap/xfce-4.4.1-i486-2.tgz: Recompiled with --sysconfdir=/etc/xfce. In /etc/profile.d/xfce.*sh, set XDG_CONFIG_DIRS to contain /etc/xfce/xdg (plus /etc/xdg and any previously set $XDG_CONFIG_DIRS). xap/xscreensaver-5.02-i486-1.tgz: Upgraded to xscreensaver-5.02. extra/jdk-6/jdk-6u1-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 1. extra/slacktrack/slacktrack-1.31-i486-1.tgz: Upgraded to slacktrack-1.31_1. Thanks to Stuart Winter. +--------------------------+ Thu Apr 19 18:34:58 CDT 2007 kde/k3b-1.0.1-i486-1.tgz: Upgraded to k3b-1.0.1. Moved into main tree now that k3b is no longer trying to make cdrecord setuid root. :-) kdei/k3b-i18n-1.0.1-noarch-1.tgz: Upgraded to k3b-i18n-1.0.1. x/xf86-video-ati-6.6.3-i486-2.tgz: Rebuilt the xf86-video-ati as I've gotten sereral signal 11 crash reports on the 6.6.191, but none on 6.6.3. On my Radeon 9600 here the 6.6.191 shuts off the signal to the monitor for a few seconds before continuing, but doesn't crash. The 6.6.3 version doesn't do this. Anyway, if I'm causing more trouble here than I'm fixing, let me know. x/xf86-video-nv-2.0.2-i486-1.tgz: Upgraded to xf86-video-nv-2.0.2. xap/blackbox-0.65.0-i486-3.tgz: Fixed zero length xinitrc.blackbox. Thanks to arny and Michiel P.H. van Wessem for reporting the bug. xap/fluxbox-1.0rc3-i486-1.tgz: Upgraded to fluxbox-1.0rc3. xap/gimp-2.2.14-i486-1.tgz: Upgraded to gimp-2.2.14. xap/mozilla-thunderbird-2.0.0.0-i686-1.tgz: Upgraded to thunderbird-2.0.0.0. +--------------------------+ Thu Apr 19 10:58:08 CDT 2007 a/mkinitrd-1.1.0-i486-2.tgz: Fixed sed substitutions in README.initrd. Thanks to Tsomi. kde/kdebase-3.5.6-i486-4.tgz: Fixed an Xsession bug when using tcsh. Thanks to Jim Diamond. Patched a bug in the nsplugin keyboard handler. xap/xine-lib-1.1.6-i686-2.tgz: Deleted extra junk from the docs directory. Thanks to Tsomi. +--------------------------+ Wed Apr 18 14:27:40 CDT 2007 l/svgalib-1.9.25_2.6.18.8_smp-i486-3.tgz: Recompiled. extra/linux-wlan-ng/linux-wlan-ng-0.2.7_2.6.18.8_smp-i486-1.tgz: Recompiled. +--------------------------+ Wed Apr 18 13:32:53 CDT 2007 ap/hplip-1.7.3-i486-3.tgz: Recompiled, actually *linking* with net-snmp. Thanks to my fellow slacker David Somero for pointing this one out. isolinux/initrd.img: Updated kernel modules. isolinux/network.dsk: Updated kernel modules. +--------------------------+ Tue Apr 17 22:27:54 CDT 2007 xap/xine-lib-1.1.6-i686-1.tgz: Upgraded to xine-lib-1.1.6. Thanks to Shin-ichi Abe for pointing this out so quickly. :-) +--------------------------+ Tue Apr 17 18:16:29 CDT 2007 a/dialog-1.1_20070409-i486-1.tgz: Upgraded to dialog-1.1-20070409. Added wide character support (suggested by Valentin Stoykov). a/kernel-generic-2.6.18.8_smp-i686-2.tgz: Recompiled Linux 2.6.18.8 SMP generic.s (requires initrd) kernel to use CFQ I/O scheduling by default. Also not that this kernel NO LONGER has ext2 built into it, and ext3 requires an additional module. See below in the mkinitrd comments. a/kernel-huge-2.6.18.8_smp-i686-2.tgz: Recompiled Linux 2.6.18.8 SMP huge.s (full-featured) kernel. a/kernel-modules-2.6.18.8_smp-i686-2.tgz Recompiled Linux 2.6.18.8 SMP kernel modules. a/mkinitrd-1.1.0-i486-1.tgz: Use an initramfs instead of an initrd. This allows making the ext2 filesystem as a module in the generic kernel. NOTE: Because of changes to the kernel options, *everyone* using an initrd must rebuild it! And, ext3 requires an additional module: mbcache:jbd:ext3 a/sysvinit-2.86-i486-4.tgz: Patched killall5 (pidof) to add feature from the RH fork... a/sysvinit-scripts-1.2-noarch-4.tgz: Moved /etc/init.d/functions here, as it may need work more often than originally thought. Removed /initrd directory stuff from rc.S and rc.6. ap/hplip-1.7.3-i486-2.tgz: Recompiled with net-snmp. I saw it go by during ./configure, but having no test devices I'll need some feedback to know if this gets HP network printers supported. ap/ksh93-2007_03_28-i486-1.tgz: Upgraded to ksh93-2007_03_28. d/kernel-headers-2.6.18.8_smp-i386-2.tgz: Regenerated Linux 2.6.18.8 SMP kernel headers. f/linux-howtos-20070412-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070412. k/kernel-source-2.6.18.8_smp-noarch-2.tgz: Rebuilt Linux 2.6.18.8 SMP kernel source package with new .config. kde/kdegraphics-3.5.6-i486-4.tgz: Recompiled against poppler. kde/kdepim-3.5.6-i486-4.tgz: Recompiled against pilot-link-0.12.1. kde/koffice-1.6.2-i486-4.tgz: Recompiled against poppler. l/freetype-2.3.4-i486-1.tgz: Upgraded to freetype-2.3.4. Fixed an overflow parsing BDF fonts. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 (* Security fix *) l/pilot-link-0.12.1-i486-1.tgz: Upgraded to pilot-link-0.12.1. l/poppler-0.5.4-i486-1.tgz: Added poppler-0.5.4. l/poppler-data-0.1-noarch-1.tgz: Added poppler-data-0.1. l/sdl-1.2.11-i486-3.tgz: Patched SDL_ttf for new freetype. l/vte-0.16.1-i486-2.tgz: Recompiled to fix a broken libvte.la. Thanks to Robby Workman. n/net-snmp-5.4-i486-1.tgz: Added net-snmp. This is needed for HP's network printers, but will probably find other uses as well. x/fontconfig-2.4.2-i486-2.tgz: Removed 10-autohint.conf symlink. Thanks to Laurence Darby and Darrell Anderson. Index all default directories in /usr/share/fonts except for 75dpi and 100dpi (as this makes X prefer bitmapped fonts in some cases where scaled fonts look much nicer). Thanks to Lukasz Derkacz -- sorry to render your name into ASCII ;-) x/libXdamage-1.1.1-i486-1.tgz: Upgraded to libXdamage-1.1.1. x/libXi-1.0.4-i486-1.tgz: Upgraded to libXi-1.0.4. x/x11-skel-7.1-noarch-4.tgz: Added /etc/xdg -> /etc/X11/xdg symlink. Thanks to Jerome Pinot for pointing out that the web page describing the XDG_CONFIG_DIRS environment variable states that the default is /etc/xdg unless something else is set. (Hmmm... things are installing themselves to the wrong place without help ;-) x/xf86-input-keyboard-1.2.0-i486-1.tgz: Upgraded to xf86-input-keyboard-1.2.0. Thanks to Andrzej Szelachowski for noticing that libXdamage and xf86-input-keyboard were not the latest versions. xap/audacious-plugins-1.3.3-i486-1.tgz: Upgraded to audacious-plugins-1.3.3. xap/gkrellm-2.2.10-i486-2.tgz: Fixed /usr/local path in gkrellm.pc. xap/x3270-3.3.5-i486-2.tgz: Moved fonts directly into /usr/share/fonts/misc. Thanks to "guru" for noticing that they were following a symlink. xap/xfce-4.4.1-i486-1.tgz: Upgraded to XFce-4.4.1. xap/xine-lib-1.1.5-i686-1.tgz: Upgraded to xine-lib-1.1.5. This fixes overflows in some little-used media formats. These overflows could definitely cause an application using xine-lib to crash, and it is theorized that a malicious media file could be made to run arbitrary code in the context of the user running the application. (* Security fix *) xap/xpdf-3.02-i486-1.tgz: Upgraded to xpdf-3.02. Removed the command-line utilities that are present in poppler. kernels/generic.s/*: Recompiled generic.s kernel to 2.6.18.8 (SMP). kernels/huge.s/*: Recompiled huge.s kernel to 2.6.18.8 (SMP). usb-and-pxe-installers/: Upgraded USB and PXE installers from Eric Hameleers. +--------------------------+ Tue Apr 10 16:57:30 CDT 2007 a/aaa_base-11.1.1-noarch-1.tgz: Added /srv directory. After backing up any real /usr/X11R6, create a compatibility symlink tree to support all the software out there that'll be looking for /usr/X11R6 5 years from now. a/cpio-2.5-i486-3.tgz: Recompiled. Newer versions break initramfs in the 2.6.18.x kernels, so we'll still have to wait on an upgrade... Fixed broken manpages. Thanks for the reports from Tsomi and Lilong Li. a/sysklogd-1.4.1-i486-10.tgz: Patched to compile with gcc4. Made the syslogd/klogd race handling script (hopefully) faster. a/sysvinit-scripts-1.2-noarch-3.tgz: Moved ldconfig up to near the top of rc.M and '&'ed it, which should be safe enough. Moved clockset to earlier in rc.S to avoid the "last mounted in the future" message from fsck seen by people keeping the local time (rather than UTC) in the hardware clock in certain timezones. Thanks to Darrell Anderson for reporting this and providing a fix. ap/bc-1.06.95-i486-1.tgz: Upgraded to bc-1.06.95, since the old bc won't compile with a recent flex. This version tests faster, too. ap/espgs-8.15.4-i486-2.tgz: Recompiled to let altertrack handle gziping and symlinking the manpages. ap/hplip-1.7.3-i486-1.tgz: Upgraded to hplip-1.7.3. ap/lm_sensors-2.10.3-i486-1.tgz: Upgraded to lm_sensors-2.10.3. ap/mc-4.6.1_20070309-i486-1.tgz: Patched with mc-4.6.1-2007-03-09-18 to fix various bugs. Thanks to Markus Kanet and Eugene Bogoroditskiy for pointing out the patch. The bug of being unable to cd to a directory containing '_' was also reported by Tomas Matejicek and Richard Hoyle. ap/nano-2.0.4-i486-1.tgz: Upgraded to nano-2.0.4. ap/screen-4.0.3-i486-1.tgz: Recompiled. ap/zsh-4.3.2-i486-2.tgz: Don't clobber an existing /etc/zprofile. Thanks to Stanislaw Klekot. d/flex-2.5.33-i486-3.tgz: Added lex -> flex symlink. Thanks to Luigi. d/ruby-1.8.6-i486-1.tgz: Upgraded to ruby-1.8.6. kde/kdebindings-3.5.6-i486-4.tgz: Fixed DCOP.3 manpage (hopefully for good). l/atk-1.18.0-i486-1.tgz: Upgraded to atk-1.18.0. l/cairo-1.4.2-i486-1.tgz: Upgraded to cairo-1.4.2. l/glib2-2.12.11-i486-1.tgz: Upgraded to glib-2.12.11. l/gtk+2-2.10.11-i486-1.tgz: Upgraded to gtk+2-2.10.11. l/pango-1.16.1-i486-1.tgz: Upgraded to pango-1.16.1. l/readline-5.2-i486-2.tgz: Recompiled with readline52-002 patch. Added --enable-multibyte option. l/vte-0.16.1-i486-1.tgz: Upgraded to vte-0.16.1. n/apache-1.3.37-i486-3.tgz: Added /srv/www -> /var/www symlink. n/htdig-3.2.0b6-i486-1.tgz: Upgraded to htdig-3.2.0b6. n/proftpd-1.3.0a-i486-1.tgz: Recompiled. x/libXfont-1.2.8-i486-1.tgz: Upgraded to libXfont-1.2.8. x/x11-skel-7.1-noarch-3.tgz: Fixed /usr/X11 symlink. Backup any old /usr/X11R6 and create an empty /usr/X11R6 (though there should already be one made by aaa_base and populated with backwards compatibility symlinks). A renaming of this package to "aaa_x11" is under consideration... x/xf86-video-ati-6.6.191-i486-1.tgz: Upgraded to xf86-video-ati-6.6.191. x/xorg-server-1.2.99.905-i486-1.tgz: Upgraded to xorg-server-1.2.99.905. x/xorg-server-xdmx-1.2.99.905-i486-1.tgz: Upgraded to xorg-server-1.2.99.905. x/xorg-server-xnest-1.2.99.905-i486-1.tgz: Upgraded to xorg-server-1.2.99.905. x/xorg-server-xvfb-1.2.99.905-i486-1.tgz: Upgraded to xorg-server-1.2.99.905. xap/audacious-1.3.2-i486-1.tgz: Upgraded to audacious-1.3.2. xap/audacious-plugins-1.3.2-i486-1.tgz: Upgraded to audacious-plugins-1.3.2. isolinux/initrd.img: Switch back to ash to see if this has any bearing on "currupt package" install failures on SMP machines. +--------------------------+ Thu Apr 5 14:33:11 CDT 2007 ap/dvd+rw-tools-7.0-i486-1.tgz: Upgraded to dvd+rw-tools-7.0, needed by k3b-1.0. Thanks to the many who pointed this out. +--------------------------+ Tue Apr 3 15:57:41 CDT 2007 a/aaa_base-11.1.0-noarch-3.tgz: Removed /usr/etc directory. a/cups-1.2.10-i486-1.tgz: Upgraded to cups-1.2.10. a/etc-11.1-noarch-2.tgz: Removed /usr/etc/printcap symlink. I don't think anything has used this in years, but let me know if something still wants it. a/file-4.20-i486-1.tgz: Upgraded to file-4.20. This fixes a heap overflow that could allow code to be executed as the user running file (note that there are many scenarios where file might be used automatically, such as in virus scanners or spam filters). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 (* Security fix *) a/sysvinit-2.86-i486-3.tgz: In functions, change usleep calls to sleep calls. a/tcsh-6.15.00-i486-1.tgz: Upgraded to tcsh-6.15.00. ap/espgs-8.15.4-i486-1.tgz: Upgraded to espgs-8.15.4. ap/zsh-4.3.2-i486-1.tgz: Upgraded to zsh-4.3.2. d/gdb-6.6-i486-2.tgz: Recompiled against new libexpat. Thanks to Giacomo Lozito for noticing this last link to the past. d/m4-1.4.9-i486-1.tgz: Upgraded to m4-1.4.9. kde/kdelibs-3.5.6-i486-3.tgz: Recompiled with a patch to kjs. Changed --sysconfdir from /usr/etc to /etc/X11. Thanks to Giacomo Lozito for the heads-up on this one as well. kde/kdegraphics-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdesdk-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeedu-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdemultimedia-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/amarok-1.4.5-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdebindings-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdegames-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdetoys-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdebase-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeaccessibility-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdewebdev-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdepim-3.5.6-i486-3.tgz: Patched to update timezone information for Kmail. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdenetwork-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdevelop-3.4.0-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeartwork-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeadmin-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeaddons-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/kdeutils-3.5.6-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. kde/koffice-1.6.2-i486-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. l/arts-1.5.6-i486-3.tgz: Recompiled. l/libmikmod-3.1.11a-i486-2.tgz: Removed. There's better libmikmod support in audacious-plugins, and after XMMS's removal nothing in Slackware was using this library any longer. l/qt-3.3.8-i486-3.tgz: Patched an issue where the Qt UTF 8 decoder may in some instances fail to reject overlong sequences, possibly allowing "/../" path injection or XSS errors. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 (* Security fix *) Also, restored /usr/lib/qt/lib to /etc/ld.so.conf fixing "make xconfig" in the kernel. Thanks to all those who reported this issue. l/slang-2.0.7-i486-1.tgz: Upgraded to slang-2.0.7, moved --sysconfig to /etc. l/svgalib-1.9.25_2.6.18.8_smp-i486-2.tgz: Changed to slacktrack for build method, as the SlackBuild method was embedding some incorrect paths. n/openldap-client-2.3.32-i486-1.tgz: Upgraded to openldap-2.3.32 client libs. n/openssh-4.6p1-i486-1.tgz: Upgraded to openssh-4.6p1. Changed rc.sshd slightly to avoid the potential to be disconnected from a remote box without sshd being restarted when using "sh /etc/rc.d/rc.sshd restart". Thanks to Robby Workman. x/compiz-0.5.0-i486-1.tgz: Upgraded to compiz-0.5.0. x/libX11-1.1.1-i486-3.tgz: Restored XCB support after being informed of some benchmarks that show a significant performance increase. x/libxcb-1.0-i486-2.tgz: Patched to work around the locking problem that was affecting Java and other programs. I would have preferred to hold out for a new release of libxcb, but we can see what happens with this for now. Thanks to Luigi Genoni for convincing me to try this patch. x/xf86-input-joystick-1.2.0-i486-1.tgz: Upgraded to xf86-input-joystick-1.2.0. x/xf86-video-intel-1.9.94-i486-1.tgz: Upgraded to xf86-video-intel-1.9.94. x/xf86-video-nv-2.0.1-i486-1.tgz: Upgraded to xf86-video-nv-2.0.1. x/xorg-server-1.2.99.903-i486-1.tgz: Upgraded to xorg-server-1.2.99.903. x/xorg-server-xdmx-1.2.99.903-i486-1.tgz: Upgraded to xorg-server-1.2.99.903. x/xorg-server-xnest-1.2.99.903-i486-1.tgz: Upgraded to xorg-server-1.2.99.903. x/xorg-server-xvfb-1.2.99.903-i486-1.tgz: Upgraded to xorg-server-1.2.99.903. xap/audacious-plugins-1.3.1-i486-2.tgz: Recompiled using --enable-chardet. xap/audacious-1.3.1-i486-2.tgz: Recompiled using --enable-chardet instead of the incorrect --enable-charset. xap/gqview-2.1.5-i486-2.tgz: Fixed non-Slackware-compliant slack-desc: (not 11 info lines, missing editing instructions/ruler, "GQview" improperly capitalized, top line should have the Slackware package name followed by the (description), and "empty" lines shouldn't have whitespace after the ":". Thanks to Selkfoster for pointing out the first of these minor issues. xap/pan-0.126-i486-1.tgz: Upgraded to pan-0.126. xap/x3270-3.3.5-i486-1.tgz: Upgraded to x3270-3.3.5. Moved config file from /usr/etc/x3270/ to /etc/X11/x3270/ and added config() installation. extra/k3b/k3b-1.0-i486-1.tgz: Upgraded to k3b-1.0. extra/k3b/k3b-i18n-1.0-noarch-1.tgz: Upgraded to k3b-i18n-1.0. extra/ktorrent/ktorrent-2.1.3-i486-1.tgz: Upgraded to ktorrent-2.1.3. A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may allow remote attackers to overwrite the ktorrent user's files. A bug in chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash ktorrent and cause heap corruption by the use of an invalid idx value. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385 (* Security fix *) +--------------------------+ Mon Mar 26 20:58:57 CDT 2007 a/sysvinit-scripts-1.2-noarch-2.tgz: Added an '&&' in the /tmp cleanup section to avoid an (unlikely) catastrophe. Thanks to J. Flushed out a few more X11R6 paths (and I know there are more...) x/compiz-0.3.6-i486-2.tgz: Recompiled with KDE and SVG support. This was suggested by many and added to the configure options, and then I forgot to recompile. Sorry about that. Also, I'm really not sure if this requires the Xgl server (which isn't, to my knowledge, yet in a xorg-server tarball release). Just starting to get my feet wet with this compositing stuff. :-) x/xf86-video-nv-1.99.1-i486-1.tgz: Dropped back from 2.0.0 after numerous reports of this update causing X to hang with a black screen at start. I'd hoped this driver would get my recent onboard chipset working, but no go. Didn't get the black-screen-hang though -- instead it was the same as before. The top half of the desktop stretched to fill the screen... xap/mozilla-firefox-2.0.0.3-i686-1.tgz: Upgraded to mozilla-firefox-2.0.0.3. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox NOTE: If a security issue affects *only* -current, the ChangeLog may be the only place an announcement is made. Just a friendly heads-up, though in this case you'll be seeing updates and an advisory due to Firefox in 11.0. (* Security fix *) +--------------------------+ Sat Mar 24 18:57:38 CDT 2007 d/pmake-1.111-i486-3.tgz: Patched util.c to get pmake to compile again. As nothing was changed but a chmod in the build script, this one is a bit puzzling, but it's working again. Thanks to Jerome Pinot for noticing the main binary had vanished from the package. :-) x/xf86-video-intel-1.9.91-i486-1.tgz: Dropped back to .91, as .92 needs a function that hasn't shown up yet (might be in some CVS HEAD) and thus doesn't work. Hopefully 93 will. usb-and-pxe-installers/: Upgraded to Eric Hameleers' latest versions of these installers that include the recent (c)fdisk fixes from the last batch of updates. +--------------------------+ Sat Mar 24 01:32:30 CDT 2007 a/bash-3.2.015-i486-1.tgz: Upgraded to bash-3.2 patchlevel 015. a/sysvinit-2.86-i486-2.tgz: Fixed /etc/rc.d/rc{0,1,2,3,4,5,6}.d directories. Thanks to David Somero. a/sysvinit-scripts-1.2-noarch-1.tgz: Rid rc.6 of awk usage. Thanks to Tomas Matejicek. Fixed /etc/rc.d/rc{0,1,2,3,4,5,6}.d directories. Thanks to David Somero. ap/mysql-5.0.37-i486-1.tgz: Upgraded to mysql-5.0.37. ap/vorbis-tools-1.1.1-i486-4.tgz: Recompiled against the new curl library. d/binutils-2.17.50.0.14-i486-1.tgz: Upgraded to binutils-2.17.50.0.14. d/cmake-2.4.6-i486-2.tgz: Fixed doc directory. d/git-1.5.0.5-i486-1.tgz: Upgraded to git-1.5.0.5. d/oprofile-0.9.2-i486-2.tgz: Recompiled with libbfd from new binutils. d/pmake-1.111-i486-2.tgz: Fixed perms on /usr/share/mk. Thanks to Gerardo Exequiel Pozzi for noticing this. l/libxml2-2.6.27-i486-2.tgz: Recompiled for Python 2.5. l/libxslt-1.1.20-i486-2.tgz: Recompiled for Python 2.5. l/qt-3.3.8-i486-2.tgz: Fixed dangling symlink for qt-mt.pc. Thanks to giovanni quadriglio for the bug report. n/curl-7.16.1-i486-1.tgz: Upgraded to curl-7.16.1. n/fetchmail-6.3.6-i486-2.tgz: Recompiled for Python 2.5. n/getmail-4.7.3-noarch-1.tgz: Upgraded to getmail-4.7.3. n/gnupg-1.4.7-i486-1.tgz: Upgraded to gnupg-1.4.7. n/gnupg2-2.0.3-i486-2.tgz: Recompiled against the new curl library. n/php-4.4.6-i486-2.tgz: Recompiled against the new curl library. x/dejavu-ttf-2.15-noarch-1.tgz: Upgraded to dejavu-ttf-2.15. x/font-xfree86-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-winitzki-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-sun-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-sony-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-screen-cyrillic-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-schumacher-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-mutt-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-misc-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-misc-meltho-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-misc-ethiopic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-misc-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-micro-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-jis-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-isas-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-ibm-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-dec-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-daewoo-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-cursor-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-cronyx-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bitstream-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bitstream-speedo-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bitstream-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bitstream-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-ttf-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-lucidatypewriter-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-lucidatypewriter-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-bh-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-arabic-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-adobe-utopia-type1-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-adobe-utopia-75dpi-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-adobe-utopia-100dpi-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-adobe-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/font-adobe-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. x/ttf-indic-fonts-0.4.7.1-noarch-3.tgz: Fixed mkfont{scale,dir} order. x/libX11-1.1.1-i486-2.tgz: Rebuilt with --with-xcb=no, which fixes the issues reported with Java programs. I figure if this impacted Java, it might stir things up elsewhere as well, so rather than patch XCB or wait for a new Java (it's fixed there too, in the Java repo), we'll take the conservative path for now. x/makedepend-1.0.1-i486-1.tgz: Upgraded to makedepend-1.0.1. x/mkfontdir-1.0.3-noarch-1.tgz: Upgraded to mkfontdir-1.0.3. Fixed after-fresh-install script to run mkfontscale and then mkfontdir. Moved after-fresh-install script before fc-cache. Thanks to Petri Kaukasoina for teaching me the correct order for these. x/twm-1.0.3-i486-2.tgz: Fixed X11R6 paths in xinitrc.twm. x/xdpyinfo-1.0.2-i486-1.tgz: Upgraded to xdpyinfo-1.0.2. x/xf86-video-intel-1.9.92-i486-1.tgz: Upgraded to xf86-video-intel-1.9.92. x/xf86-video-nv-2.0.0-i486-1.tgz: Upgraded to xf86-video-nv-2.0.0. x/xload-1.0.2-i486-1.tgz: Upgraded to xload-1.0.2. xap/audacious-1.3.1-i486-1.tgz: Upgraded to audacious-1.3.1. xap/audacious-plugins-1.3.1-i486-1.tgz: Upgraded to audacious-plugins-1.3.1. xap/xine-ui-0.99.4-i686-5.tgz: Recompiled against the new curl library. extra/php5/php-5.2.1-i486-2.tgz: Recompiled against the new curl library. isolinux/initrd.img: Fixed cfdisk and fdisk, which were supposed to be scripts to call the real binaries and then create /dev nodes for anything added. +--------------------------+ Mon Mar 19 21:05:46 CDT 2007 Fixed the mysteriously incorrect mozilla packages. There are also a couple other known-stale (_slack11.0) packages. +--------------------------+ Sun Mar 18 12:14:49 CDT 2007 ap/mtx-1.3.9-i486-2.tgz: Fixed docs directory permissions. +--------------------------+ Sat Mar 17 19:14:35 CDT 2007 Happy St. Patrick's Day! :-) This is more-or-less stable (functionally), but there's still a lot of package splitting and other rearranging and adding to be done, but it's time for the Slackware community to see how far we've gotten. If the luck o' the Irish is with us, it'll be a fairly short alpha/beta/rc period from here. Well, have fun! A couple notes: 1. The only kernels provided (for now) support SMP. I've seen the installer go nuts on a few machines with multiple cores where a uniprocessor core worked fine. More kernel choices will very likely be added. 2. Floppy booting (other than via PXE) is likely gone for good, but between PXE and USB flash memory boot, (along with the standard ISO boot), most machines should be covered. 3. This is still a work in progress, so don't be too hard on us. ;-) a/kernel-generic-2.6.18.8_smp-i486-1.tgz: Upgraded to Linux 2.6.18.8 SMP generic.s (requires initrd) kernel. a/kernel-huge-2.6.18.8_smp-i486-1.tgz: Upgraded to Linux 2.6.18.8 SMP huge.s (full-featured) kernel. a/kernel-modules-2.6.18.8_smp-i486-1.tgz Upgraded to Linux 2.6.18.8 SMP kernel modules. a/etc-11.1-noarch-1.tgz: Added a .xsession in /etc/skel to run gpg-agent, but it will only end up running under incredibly rare circumstances with the way the various X startup scripts are designed. I'm looking for a better way to start gpg-agent automagically. Added messagebus uid/gid (81). a/sysvinit-scripts-1.1-noarch-1.tgz: Start/stop D-Bus in rc.M and rc.6. d/kernel-headers-2.6.18.8_smp-i386-1.tgz: Upgraded to Linux 2.6.18.8 SMP kernel headers. k/kernel-source-2.6.18.8_smp-noarch-1.tgz Upgraded to Linux 2.6.18.8 SMP kernel source. kde/amarok-1.4.5-i486-2.tgz: Recompiled. kde/kdeaccessibility-3.5.6-i486-2.tgz: Recompiled. kde/kdeaddons-3.5.6-i486-2.tgz: Recompiled. kde/kdeadmin-3.5.6-i486-2.tgz: Recompiled. kde/kdeartwork-3.5.6-i486-2.tgz: Recompiled. kde/kdebase-3.5.6-i486-2.tgz: Recompiled. kde/kdebindings-3.5.6-i486-2.tgz: Recompiled. kde/kdeedu-3.5.6-i486-2.tgz: Recompiled. kde/kdegames-3.5.6-i486-2.tgz: Recompiled. kde/kdegraphics-3.5.6-i486-2.tgz: Recompiled. kde/kdelibs-3.5.6-i486-2.tgz: Recompiled. kde/kdemultimedia-3.5.6-i486-2.tgz: Recompiled. kde/kdenetwork-3.5.6-i486-2.tgz: Recompiled. kde/kdepim-3.5.6-i486-2.tgz: Recompiled. kde/kdesdk-3.5.6-i486-2.tgz: Recompiled. kde/kdetoys-3.5.6-i486-2.tgz: Recompiled. kde/kdeutils-3.5.6-i486-2.tgz: Recompiled. kde/kdevelop-3.4.0-i486-2.tgz: Recompiled. kde/kdewebdev-3.5.6-i486-2.tgz: Recompiled. kde/koffice-1.6.2-i486-2.tgz: Recompiled. l/arts-1.5.6-i486-2.tgz: Recompiled. l/dbus-1.0.2-i486-1.tgz: Added dbus-1.0.2. l/dbus-glib-0.72-i486-1.tgz: Added dbus-glib-0.72. l/dbus-qt3-0.70-i486-1.tgz: Added dbus-qt3. Thanks to Robby and Piter. l/gamin-0.1.8-i486-1.tgz: Added gamin-0.1.8. l/svgalib-1.9.25_2.6.18.8_smp-i486-1.tgz: Recompiled. l/qca-1.0-i486-3.tgz: Recompiled. Moved from KDE. l/qca-tls-1.0-i486-4.tgz: Recompiled. Moved from KDE. l/qt-3.3.8-i486-1.tgz: Upgraded to qt-3.3.8. Moved from KDE. l/libwpd-0.8.9-i486-1.tgz: Upgraded to libwpd-0.8.9. n/gnutls-1.6.1-i486-1.tgz: Added gnutls-1.6.1. x/libXinerama-1.0.2-i486-1.tgz: Upgraded to libXinerama-1.0.2. xap/mozilla-firefox-2.0.0.2-i686-1.tgz: Upgraded to firefox-2.0.0.2. xap/mozilla-thunderbird-1.5.0.10-i686-1.tgz: Upgraded to mozilla-thunderbird-1.5.0.10. xap/rdesktop-1.5.0-i486-2.tgz: Recompiled, moved from N. xap/xfce-4.4.0-i486-2.tgz: Recompiled. extra/linux-wlan-ng/linux-wlan-ng-0.2.7_2.6.18.8-i486-1.tgz: Recompiled. extra/php5/php-5.2.1-i486-1.tgz: Upgraded to php-5.2.1. extra/slackpkg/slackpkg-2.52-noarch-1.tgz: Upgraded to slackpkg-2.52. Thanks to Piter Punk! kernels/generic.s/*: Upgraded generic.s kernel to 2.6.18.8 (SMP). kernels/huge.s/*: Upgraded huge.s kernel to 2.6.18.8 (SMP). usb-and-pxe-installers/: Added updated USB and PXE installers. Thanks to Eric Hameleers! +--------------------------+ Thu Mar 15 19:46:30 CDT 2007 n/dirmngr-1.0.0-i486-1.tgz: Added dirmngr-1.0.0. n/gnupg2-2.0.3-i486-1.tgz: Added gnupg2-2.0.3. n/gpa-0.7.5-i486-1.tgz: Added gpa-0.7.5. n/gpgme-1.1.4-i486-1.tgz: Added gpgme-1.1.4. n/libassuan-1.0.1-i486-1.tgz: Added libassuan-1.0.1. n/libgcrypt-1.2.4-i486-1.tgz: Added libgcrypt-1.2.4. n/libgpg-error-1.5-i486-1.tgz: Added libgpg-error-1.5. n/libksba-1.0.1-i486-1.tgz: Added libksba-1.0.1. n/pinentry-0.7.2-i486-1.tgz: Added pinentry-0.7.2. n/pth-2.0.7-i486-1.tgz: Added pth-2.0.7. Big thanks to Robby Workman for all the help on these GPG2 packages! +--------------------------+ Thu Mar 15 19:43:10 CDT 2007 l/gmime-2.2.4-i486-1.tgz: Added gmime-2.2.4 (used by Pan). l/libpng-1.2.16-i486-1.tgz: Upgraded to libpng-1.2.16. x/xf86-input-joystick-1.1.1-i486-1.tgz: Upgraded to xf86-input-joystick-1.1.1. x/xf86-video-siliconmotion-1.5.1-i486-1.tgz: xf86-video-siliconmotion-1.5.1. xap/gucharmap-1.10.0-i486-1.tgz: Upgraded to gucharmap-1.10.0. xap/pan-0.125-i486-1.tgz: Upgraded to pan-0.125. xap/sane-1.0.18-i486-4.tgz: Recompiled. xap/xmms-1.2.10-i486-3.tgz: XMMS developers: THANK YOU for your years of dedication. We look forward to considering a new GTK+2 based design some time in the future. (Package removed). +--------------------------+ Tue Mar 13 20:00:30 CDT 2007 a/ed-0.5-i486-1.tgz: Upgraded to ed-0.5. l/glib-1.2.10-i486-3.tgz: Recompiled. l/gtk+-1.2.10-i486-4.tgz: Recompiled. l/mcs-0.4.1-i486-1.tgz: Added mcs-0.4.1. Audacious needs this. n/dnsmasq-2.38-i486-1.tgz: Upgraded to dnsmasq-2.38. n/php-4.4.6-i486-1.tgz: Upgraded to php-4.4.6. x/xf86-video-nv-1.99.1-i486-1.tgz: Upgraded to xf86-video-nv-1.99.1. xap/audacious-1.3.0-i486-1.tgz: Added audacious-1.3.0. xap/audacious-plugins-1.3.0-i486-1.tgz: Added audacious-plugins-1.3.0. xap/gftp-2.0.18-i486-3.tgz: Recompiled. xap/gimp-2.2.13-i486-2.tgz: Recompiled. xap/gkrellm-2.2.10-i486-1.tgz: Upgraded to gkrellm-2.2.10. xap/gnuplot-4.0.0-i486-3.tgz: Recompiled. xap/xsane-0.994-i486-1.tgz: Upgraded to xsane-0.994. extra/ktorrent/ktorrent-2.1.1-i486-1.tgz: Upgraded to ktorrent-2.1.1. +--------------------------+ Wed Mar 7 16:16:50 CST 2007 a/aaa_base-11.1.0-noarch-2.tgz: Removed /var/X11R6/. a/findutils-4.2.30-i486-1.tgz: Upgraded to findutils-4.2.30. x/xorg-docs-1.4-noarch-1.tgz: Upgraded to xorg-docs-1.4. x/xf86-video-intel-1.9.91-i486-1.tgz: Added xf86-video-intel-1.9.91. x/xf86-input-vmmouse-12.4.1-i486-1.tgz: Upgraded to xf86-input-vmmouse-12.4.1. x/xorg-server-1.2.99.901-i486-1.tgz: Upgraded to xorg-server-1.2.99.901. x/xorg-server-xvfb-1.2.99.901-i486-1.tgz: Upgraded to xorg-server-xvfb-1.2.99.901. x/xorg-server-xdmx-1.2.99.901-i486-1.tgz: Upgraded to xorg-server-xdmx-1.2.99.901. x/xorg-server-xnest-1.2.99.901-i486-1.tgz: Upgraded to xorg-server-xnest-1.2.99.901. x/xrandr-1.2.0-i486-1.tgz: Upgraded to xrandr-1.2.0. x/libXrandr-1.2.1-i486-1.tgz: Upgraded to libXrandr-1.2.1. x/xorg-sgml-doctools-1.2-noarch-1.tgz: Upgraded to xorg-sgml-doctools-1.2. x/randrproto-1.2.1-noarch-1.tgz: Upgraded to randrproto-1.2.1. x/inputproto-1.4.1-noarch-1.tgz: Upgraded to inputproto-1.4.1. xap/seamonkey-1.1.1-i486-1.tgz: Upgraded to seamonkey-1.1.1. +--------------------------+ Thu Mar 1 16:14:19 CST 2007 a/pkgtools-11.0.9-noarch-4.tgz: Added rc.hplip to the setup.services menu. ap/hpijs-2.1.4-i486-1.tgz: Removed (replaced by hplip). ap/hplip-1.7.1-i486-1.tgz: Upgraded to hplip-1.7.1, moved from /testing. xap/xgames-0.3-i486-1.tgz: Ported to the new glibc/gcc. Thanks to Gary Carvell for the xlander slowdown (and other fixes) patch! +--------------------------+ Thu Feb 22 01:10:51 CST 2007 a/cpio-2.5-i486-2.tgz: Recompiled. Newer versions break initramfs in the 2.6.18.x kernels, so we'll have to wait on an upgrade. a/cups-1.2.8-i486-1.tgz: Upgraded to cups-1.2.8. a/kernel-generic-2.6.18.7_smp-i486-1.tgz: Upgraded to Linux 2.6.18.7 SMP generic.s (requires initrd) kernel. a/kernel-huge-2.6.18.7_smp-i486-1.tgz: Upgraded to Linux 2.6.18.7 SMP huge.s (full-featured) kernel. a/kernel-modules-2.6.18.7_smp-i486-1.tgz Upgraded to Linux 2.6.18.7 SMP kernel modules. a/module-init-tools-3.2.2-i486-3.tgz: Recompiled, and removed old modutils. Thanks to Robby Workman for help with the build script! a/udev-104-i486-1.tgz: Upgraded to udev-104. Thanks again to Piter Punk for doing the work on this. :-) Also, please be sure if you plan to use the new sysvinit, sysvinit-scripts, and udev packages that you upgradepkg all of them, and that you search-and-handle any *.new files under /etc. I know that goes without saying for most of us old-timers, but it never hurts to add a reminder when the result otherwise would be crash and burn.. ap/cdrtools-2.01.01a23-i486-1.tgz: Upgraded to cdrtools-2.01.01a23. ap/espgs-8.15.3-i486-1.tgz: Upgraded to espgs-8.15.3. ap/ghostscript-fonts-std-8.11-noarch-1.tgz: Added ghostscript-fonts-std-8.11, which replaces the gnu-gs-fonts package. d/kernel-headers-2.6.18.7_smp-i386-1.tgz: Upgraded to Linux 2.6.18.7 SMP kernel headers. e/emacs-21.4a-i486-4.tgz: Recompiled. e/emacs-nox-21.4a-i486-3.tgz: Recompiled. k/kernel-source-2.6.18.7_smp-noarch-1.tgz Upgraded to Linux 2.6.18.7 SMP kernel source. l/libcaca-0.9-i486-2.tgz: Upgraded to libcaca-0.99.beta11. l/svgalib-1.9.25_2.6.18.7_smp-i486-1.tgz: Recompiled for Linux 2.6.18.7-smp. n/openssh-4.5p1-i486-1.tgz: Upgraded to openssh-4.5p1. t/transfig-3.2.4-i486-2.tgz: Recompiled. t/xfig-3.2.4-i486-2.tgz: Recompiled. tcl/tcl-8.4.14-i486-1.tgz: Upgraded to tcl-8.4.14. tcl/tk-8.4.14-i486-1.tgz: Upgraded to tk-8.4.14. tcl/tclx-8.4-i486-1.tgz: Upgraded to tclx-8.4. x/xaw3d-1.5-i486-4.tgz: Recompiled. Moved from L series. xap/fvwm-2.4.20-i486-1.tgz: Upgraded to fvwm-2.4.20. xap/gv-3.6.2-i486-1.tgz: Upgraded to gv-3.6.2. xap/gqview-2.1.5-i486-1.tgz: Added gqview-2.1.5. xap/imagemagick-6.3.2_8-i486-1.tgz: Upgraded to ImageMagick-6.3.2-8. xap/mozilla-firefox-2.0.0.1-i686-1.tgz: Upgraded to firefox-2.0.0.1. xap/seamonkey-1.1-i486-1.tgz: Upgraded to seamonkey-1.1. xap/seyon-2.20c-i486-3.tgz: Recompiled. xap/x3270-3.3.2p1-i486-2.tgz: Recompiled. xap/xfractint-20.04p04-i486-1.tgz: Upgraded to xfractint-20.04p04. xap/xine-ui-0.99.4-i686-4.tgz: Recompiled. This lost libcaca support, at least for a while... xap/xpdf-3.01-i486-5.tgz: Recompiled. xap/xpaint-2.7.8.1-i486-1.tgz: Upgraded to xpaint-2.7.8.1. Thanks to Piter Punk for the build script and patch! xap/xxgdb-1.12-i486-2.tgz: Recompiled. Thanks again to Piter Punk for the help. isolinux/initrd.img: Removed old deprecated raidtools, added /sbin/mdadm. Generally updated everything to use -current tools. extra/slacktrack/slacktrack-1.30-i486-1.tgz: Upgraded to slacktrack-1.30_1. Thanks to Stuart Winter for the new version! kernels/generic.s/*: Upgraded generic.s kernel to 2.6.18.7 (SMP). kernels/huge.s/*: Upgraded huge.s kernel to 2.6.18.7 (SMP). pasture/gcc-3.4.6/*: Moved to pasture as some things still aren't ready for gcc-4, such as espgs. pasture/raidtools-1.00.3-i386-1.tgz: Moved to /pasture. Use mdadm. :-) pasture/xfm-1.4.3-i486-2.tgz: Recompiled, moved to /pasture. I doubt many people use this anymore... it made history as one of the first file managers available for Linux, but there are better choices today. testing/packages/hplip-1.7.1-i486-1.tgz: Upgraded to hplip-1.7.1. +--------------------------+ Sat Feb 17 20:25:54 CST 2007 a/hdparm-6.9-i486-1.tgz: Upgraded to hdparm-6.9. a/sysvinit-scripts-1.0-noarch-2.tgz: In rc.4, check for kdm in both /opt/kde/bin and /usr/bin. d/libtool-1.5.22-i486-2.tgz: Recompiled. kde/amarok-1.4.5-i486-1.tgz: Upgraded to amarok-1.4.5. Now linked with libkarma, but you'll have to get the omfs kernel module. :-) Note: KDE is now being built with --prefix=/usr, not --prefix=/opt/kde. This makes it much easier to follow freedesktop.org's recommendations for unifying the various Linux desktops. IMO, now that X.Org has made --prefix=/usr the standard for X11, this is an obviously better place for KDE and XFce (which was always there ;-), too. kde/kdeaccessibility-3.5.6-i486-1.tgz: Upgraded to kdeaccessibility-3.5.6. kde/kdeaddons-3.5.6-i486-1.tgz: Upgraded to kdeaddons-3.5.6. kde/kdeadmin-3.5.6-i486-1.tgz: Upgraded to kdeadmin-3.5.6. kde/kdeartwork-3.5.6-i486-1.tgz: Upgraded to kdeartwork-3.5.6. kde/kdebase-3.5.6-i486-1.tgz: Upgraded to kdebase-3.5.6. kde/kdebindings-3.5.6-i486-1.tgz: Upgraded to kdebindings-3.5.6. kde/kdeedu-3.5.6-i486-1.tgz: Upgraded to kdeedu-3.5.6. kde/kdegames-3.5.6-i486-1.tgz: Upgraded to kdegames-3.5.6. kde/kdegraphics-3.5.6-i486-1.tgz: Upgraded to kdegraphics-3.5.6. kde/kdelibs-3.5.6-i486-1.tgz: Upgraded to kdelibs-3.5.6. kde/kdemultimedia-3.5.6-i486-1.tgz: Upgraded to kdemultimedia-3.5.6. kde/kdenetwork-3.5.6-i486-1.tgz: Upgraded to kdenetwork-3.5.6. kde/kdepim-3.5.6-i486-1.tgz: Upgraded to kdepim-3.5.6. kde/kdesdk-3.5.6-i486-1.tgz: Upgraded to kdesdk-3.5.6. kde/kdetoys-3.5.6-i486-1.tgz: Upgraded to kdetoys-3.5.6. kde/kdeutils-3.5.6-i486-1.tgz: Upgraded to kdeutils-3.5.6. kde/kdevelop-3.4.0-i486-1.tgz: Upgraded to kdevelop-3.4.0. kde/kdewebdev-3.5.6-i486-1.tgz: Upgraded to kdewebdev-3.5.6. kde/koffice-1.6.2-i486-1.tgz: Upgraded to koffice-1.6.2. kde/qca-1.0-i486-2.tgz: Recompiled. kde/qca-tls-1.0-i486-3.tgz: Recompiled. kde/qt-3.3.7-i486-1.tgz: Recompiled. kdei/*: Upgraded to kde-i18n 3.5.6 and koffice-l10n 1.6.2. l/arts-1.5.6-i486-1.tgz: Upgraded to arts-1.5.6. l/vte-0.15.0-i486-1.tgz: Added vte-0.15.0. xap/gxine-0.5.11-i486-1.tgz: Upgraded to gxine-0.5.11. xap/xfce-4.4.0-i486-1.tgz: Upgraded to xfce-4.4.0. Thanks to Andrea Zulato for help updating the build script. xap/xine-lib-1.1.4-i686-1.tgz: Upgraded to xine-lib-1.1.4. extra/k3b/k3b-0.12.17-i486-2.tgz: Recompiled with --prefix=/usr. extra/k3b/k3b-i18n-0.12.17-noarch-2.tgz: Recompiled with --prefix=/usr. extra/ktorrent/ktorrent-2.1-i486-1.tgz: Upgraded to ktorrent-2.1. +--------------------------+ Fri Feb 16 01:23:52 CST 2007 ap/alsa-utils-1.0.14rc2-i486-1.tgz: Upgraded to alsa-utils-1.0.14rc2. ap/flac-1.1.2-i486-3.tgz: Recompiled. ap/most-4.10.2-i486-2.tgz: Recompiled. l/aalib-1.4rc5-i486-2.tgz: Recompiled. l/alsa-lib-1.0.14rc2-i486-1.tgz: Upgraded to alsa-lib-1.0.14rc2. l/apr-1.2.8-i486-1.tgz: Upgraded to apr-1.2.8. l/apr-util-1.2.8-i486-1.tgz: Upgraded to apr-util-1.2.8. l/aspell-0.60.5-i486-1.tgz: Upgraded to aspell-0.60.5. l/audiofile-0.2.6-i486-2.tgz: Recompiled. l/desktop-file-utils-0.12-i486-1.tgz: Upgraded to desktop-file-utils-0.12. l/esound-0.2.36-i486-2.tgz: Recompiled. l/fribidi-0.10.7-i486-2.tgz: Recompiled. l/gdbm-1.8.3-i486-4.tgz: Recompiled. l/gdk-pixbuf-0.22.0-i486-1.tgz: Removed. I don't think much uses version 1 of this library anymore (I couldn't find any Slackware packages that do). l/gnet-2.0.7-i486-3.tgz: Removed. This used to be a requirement for Pan, but it hasn't been needed by anything in Slackware for some time. l/libao-0.8.6-i486-2.tgz: Recompiled. l/lcms-1.16-i486-1.tgz: Upgraded to lcms-1.16. l/libgsf-1.14.3-i486-1.tgz: Upgraded to libgsf-1.14.3. l/libgtkhtml-2.11.0-i486-1.tgz: Upgraded to libgtkhtml-2.11.0. l/libidn-0.6.10-i486-1.tgz: Upgraded to libidn-0.6.10. l/libieee1284-0.2.10-i486-2.tgz: Recompiled. l/libid3tag-0.15.1b-i486-2.tgz: Recompiled. l/libidl-0.8.7-i486-1.tgz: Upgraded to libidl-0.8.7. l/libieee1284-0.2.10-i486-2.tgz: Recompiled. l/libmad-0.15.1b-i486-2.tgz: Recompiled. l/libmikmod-3.1.11a-i486-2.tgz: Recompiled. l/libmng-1.0.9-i486-1.tgz: Upgraded to libmng-1.0.9. l/libmusicbrainz-2.1.4-i486-2.tgz: Recompiled. l/libtheora-1.0alpha7-i486-2.tgz: Recompiled. l/libtunepimp-0.4.2-i486-3.tgz: Recompiled. l/libusb-0.1.12-i486-2.tgz: Recompiled. l/libvorbis-1.1.2-i486-2.tgz: Recompiled. l/libwmf-0.2.8.4-i486-3.tgz: Recompiled. l/libwmf-docs-0.2.8.4-noarch-3.tgz: Rebuilt. l/libwpd-0.8.8-i486-1.tgz: Upgraded to libwpd-0.8.8. l/mhash-0.9.7.1-i486-1.tgz: Upgraded to mhash-0.9.7.1. l/mpeg_lib-1.3.1-i386-2.tgz: Removed. l/mpfr-2.2.1p01-i486-1.tgz: Upgraded to mpfr-2.2.1p01. l/netpbm-10.35.22-i486-1.tgz: Upgraded to netpbm-10.35.22. l/popt-1.7-i486-2.tgz: Recompiled. l/shared-mime-info-0.20-i486-1.tgz: Upgraded to shared-mime-info-0.20. l/slang-2.0.6-i486-3.tgz: Recompiled. l/startup-notification-0.8-i486-2.tgz: Recompiled. l/t1lib-5.1.0-i486-2.tgz: Recompiled. l/taglib-1.4-i486-3.tgz: Recompiled. l/wv2-0.2.3-i486-1.tgz: Upgraded to wv2-0.2.3. +--------------------------+ Thu Feb 15 14:43:45 CST 2007 a/cxxlibs-6.0.8-i486-2.tgz: Replaced libstdc++.so.6.0.8 with the version built by gcc-4.1.2. Pruned some ancient libs unlikely to be used by anyone. a/pkgtools-11.0.9-noarch-3.tgz: Moved X related files into x11-skel. a/kernel-generic-2.6.18.6-i486-1.tgz: Moved from /extra. ap/device-mapper-1.02.09-i486-1.tgz: Moved from /extra. ap/linuxdoc-tools-0.9.21-i486-3.tgz: Upgraded to OpenSP-1.5.2, rebuilt. ap/lvm2-2.02.09-i486-1.tgz: Moved from /extra. ap/mdadm-2.6-i486-1.tgz: Upgraded to mdadm-2.6. ap/vim-7.0.195-i486-1.tgz: Upgraded to vim-7.0.195. d/gcc-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gcc-g++-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gcc-gfortran-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gcc-gnat-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gcc-java-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gcc-objc-4.1.2-i486-1.tgz: Upgraded to gcc-4.1.2. d/gperf-3.0.2-i486-1.tgz: Added gperf-3.0.2. l/gd-2.0.34-i486-1.tgz: Upgraded to gd-2.0.34. l/imlib-1.9.15-i486-2.tgz: Recompiled. l/libexif-0.6.13-i486-3.tgz: Recompiled. l/libglade-2.6.0-i486-1.tgz: Upgraded to libglade-2.6.0. l/libkarma-0.0.6-i486-1.tgz: Added libkarma. l/libvisual-0.4.0-i486-2.tgz: Recompiled. l/sdl-1.2.11-i486-2.tgz: Recompiled. kde/qca-1.0-i486-2.tgz: Recompiled. kde/qca-tls-1.0-i486-3.tgz: Recompiled. kde/qt-3.3.7-i486-2.tgz: Recompiled. n/irssi-0.8.10a-i486-5.tgz: Recompiled. x/appres-1.0.1-i486-1.tgz: Added appres-1.0.1. x/bdftopcf-1.0.0-i486-1.tgz: Added bdftopcf-1.0.0. x/beforelight-1.0.2-i486-1.tgz: Added beforelight-1.0.2. x/bigreqsproto-1.0.2-noarch-1.tgz: Added bigreqsproto-1.0.2. x/bitmap-1.0.3-i486-1.tgz: Added bitmap-1.0.3. x/compiz-0.3.6-i486-1.tgz: Added compiz-0.3.6. x/compositeproto-0.3.1-noarch-1.tgz: Added compositeproto-0.3.1. x/damageproto-1.1.0-noarch-1.tgz: Added damageproto-1.1.0. x/dmxproto-2.2.2-noarch-1.tgz: Added dmxproto-2.2.2. x/editres-1.0.3-i486-1.tgz: Added editres-1.0.3. x/encodings-1.0.2-noarch-1.tgz: Added encodings-1.0.2. x/evieext-1.0.2-noarch-1.tgz: Added evieext-1.0.2. x/fixesproto-4.0-noarch-1.tgz: Added fixesproto-4.0. x/font-adobe-100dpi-1.0.0-noarch-1.tgz: Added font-adobe-100dpi-1.0.0. x/font-adobe-75dpi-1.0.0-noarch-1.tgz: Added font-adobe-75dpi-1.0.0. x/font-adobe-utopia-100dpi-1.0.1-noarch-1.tgz: Added font-adobe-utopia-100dpi-1.0.1. x/font-adobe-utopia-75dpi-1.0.1-noarch-1.tgz: Added font-adobe-utopia-75dpi-1.0.1. x/font-adobe-utopia-type1-1.0.1-noarch-1.tgz: Added font-adobe-utopia-type1-1.0.1. x/font-alias-1.0.1-noarch-1.tgz: Added font-alias-1.0.1. x/font-arabic-misc-1.0.0-noarch-1.tgz: Added font-arabic-misc-1.0.0. x/font-bh-100dpi-1.0.0-noarch-1.tgz: Added font-bh-100dpi-1.0.0. x/font-bh-75dpi-1.0.0-noarch-1.tgz: Added font-bh-75dpi-1.0.0. x/font-bh-lucidatypewriter-100dpi-1.0.0-noarch-1.tgz: Added font-bh-lucidatypewriter-100dpi-1.0.0. x/font-bh-lucidatypewriter-75dpi-1.0.0-noarch-1.tgz: Added font-bh-lucidatypewriter-75dpi-1.0.0. x/font-bh-ttf-1.0.0-noarch-1.tgz: Added font-bh-ttf-1.0.0. x/font-bh-type1-1.0.0-noarch-1.tgz: Added font-bh-type1-1.0.0. x/font-bitstream-100dpi-1.0.0-noarch-1.tgz: Added font-bitstream-100dpi-1.0.0. x/font-bitstream-75dpi-1.0.0-noarch-1.tgz: Added font-bitstream-75dpi-1.0.0. x/font-bitstream-speedo-1.0.0-noarch-1.tgz: Added font-bitstream-speedo-1.0.0. x/font-bitstream-type1-1.0.0-noarch-1.tgz: Added font-bitstream-type1-1.0.0. x/font-cronyx-cyrillic-1.0.0-noarch-1.tgz: Added font-cronyx-cyrillic-1.0.0. x/font-cursor-misc-1.0.0-noarch-1.tgz: Added font-cursor-misc-1.0.0. x/font-daewoo-misc-1.0.0-noarch-1.tgz: Added font-daewoo-misc-1.0.0. x/font-dec-misc-1.0.0-noarch-1.tgz: Added font-dec-misc-1.0.0. x/font-ibm-type1-1.0.0-noarch-1.tgz: Added font-ibm-type1-1.0.0. x/font-isas-misc-1.0.0-noarch-1.tgz: Added font-isas-misc-1.0.0. x/font-jis-misc-1.0.0-noarch-1.tgz: Added font-jis-misc-1.0.0. x/font-micro-misc-1.0.0-noarch-1.tgz: Added font-micro-misc-1.0.0. x/font-misc-cyrillic-1.0.0-noarch-1.tgz: Added font-misc-cyrillic-1.0.0. x/font-misc-ethiopic-1.0.0-noarch-1.tgz: Added font-misc-ethiopic-1.0.0. x/font-misc-meltho-1.0.0-noarch-1.tgz: Added font-misc-meltho-1.0.0. x/font-misc-misc-1.0.0-noarch-1.tgz: Added font-misc-misc-1.0.0. x/font-mutt-misc-1.0.0-noarch-1.tgz: Added font-mutt-misc-1.0.0. x/font-schumacher-misc-1.0.0-noarch-1.tgz: Added font-schumacher-misc-1.0.0. x/font-screen-cyrillic-1.0.1-noarch-1.tgz: Added font-screen-cyrillic-1.0.1. x/font-sony-misc-1.0.0-noarch-1.tgz: Added font-sony-misc-1.0.0. x/font-sun-misc-1.0.0-noarch-1.tgz: Added font-sun-misc-1.0.0. x/font-util-1.0.1-i486-1.tgz: Added font-util-1.0.1. x/font-winitzki-cyrillic-1.0.0-noarch-1.tgz: Added font-winitzki-cyrillic-1.0.0. x/font-xfree86-type1-1.0.0-noarch-1.tgz: Added font-xfree86-type1-1.0.0. x/fontcacheproto-0.1.2-noarch-1.tgz: Added fontcacheproto-0.1.2. x/fontsproto-2.0.2-noarch-1.tgz: Added fontsproto-2.0.2. x/fonttosfnt-1.0.3-i486-1.tgz: Added fonttosfnt-1.0.3. x/fslsfonts-1.0.1-i486-1.tgz: Added fslsfonts-1.0.1. x/fstobdf-1.0.2-i486-1.tgz: Added fstobdf-1.0.2. x/gccmakedep-1.0.2-noarch-1.tgz: Added gccmakedep-1.0.2. x/glproto-1.4.8-noarch-1.tgz: Added glproto-1.4.8. x/iceauth-1.0.1-i486-1.tgz: Added iceauth-1.0.1. x/ico-1.0.1-i486-1.tgz: Added ico-1.0.1. x/imake-1.0.2-i486-1.tgz: Added imake-1.0.2. x/inputproto-1.4-noarch-1.tgz: Added inputproto-1.4. x/kbproto-1.0.3-noarch-1.tgz: Added kbproto-1.0.3. x/lbxproxy-1.0.1-i486-1.tgz: Added lbxproxy-1.0.1. x/libFS-1.0.0-i486-1.tgz: Added libFS-1.0.0. x/libICE-1.0.3-i486-1.tgz: Added libICE-1.0.3. x/libSM-1.0.2-i486-1.tgz: Added libSM-1.0.2. x/libX11-1.1.1-i486-1.tgz: Added libX11-1.1.1. x/libXScrnSaver-1.1.2-i486-1.tgz: Added libXScrnSaver-1.1.2. x/libXTrap-1.0.0-i486-1.tgz: Added libXTrap-1.0.0. x/libXau-1.0.3-i486-1.tgz: Added libXau-1.0.3. x/libXaw-1.0.3-i486-1.tgz: Added libXaw-1.0.3. x/libXcomposite-0.3.1-i486-1.tgz: Added libXcomposite-0.3.1. x/libXcursor-1.1.8-i486-1.tgz: Added libXcursor-1.1.8. x/libXdamage-1.1-i486-1.tgz: Added libXdamage-1.1. x/libXdmcp-1.0.2-i486-1.tgz: Added libXdmcp-1.0.2. x/libXevie-1.0.2-i486-1.tgz: Added libXevie-1.0.2. x/libXext-1.0.3-i486-1.tgz: Added libXext-1.0.3. x/libXfixes-4.0.3-i486-1.tgz: Added libXfixes-4.0.3. x/libXfont-1.2.7-i486-1.tgz: Added libXfont-1.2.7. x/libXfontcache-1.0.4-i486-1.tgz: Added libXfontcache-1.0.4. x/libXft-2.1.12-i486-1.tgz: Added libXft-2.1.12. x/libXi-1.1.0-i486-1.tgz: Added libXi-1.1.0. x/libXinerama-1.0.1-i486-1.tgz: Added libXinerama-1.0.1. x/libXmu-1.0.3-i486-1.tgz: Added libXmu-1.0.3. x/libXp-1.0.0-i486-1.tgz: Added libXp-1.0.0. x/libXpm-3.5.6-i486-1.tgz: Added libXpm-3.5.6. x/libXprintAppUtil-1.0.1-i486-1.tgz: Added libXprintAppUtil-1.0.1. x/libXprintUtil-1.0.1-i486-1.tgz: Added libXprintUtil-1.0.1. x/libXrandr-1.1.2-i486-1.tgz: Added libXrandr-1.1.2. x/libXrender-0.9.2-i486-1.tgz: Added libXrender-0.9.2. x/libXres-1.0.3-i486-1.tgz: Added libXres-1.0.3. x/libXt-1.0.5-i486-1.tgz: Added libXt-1.0.5. x/libXtst-1.0.1-i486-1.tgz: Added libXtst-1.0.1. x/libXv-1.0.3-i486-1.tgz: Added libXv-1.0.3. x/libXvMC-1.0.4-i486-1.tgz: Added libXvMC-1.0.4. x/libXxf86dga-1.0.1-i486-1.tgz: Added libXxf86dga-1.0.1. x/libXxf86misc-1.0.1-i486-1.tgz: Added libXxf86misc-1.0.1. x/libXxf86vm-1.0.1-i486-1.tgz: Added libXxf86vm-1.0.1. x/libdmx-1.0.2-i486-1.tgz: Added libdmx-1.0.2. x/libfontenc-1.0.4-i486-1.tgz: Added libfontenc-1.0.4. x/liblbxutil-1.0.1-i486-1.tgz: Added liblbxutil-1.0.1. x/liboldX-1.0.1-i486-1.tgz: Added liboldX-1.0.1. x/libpthread-stubs-0.1-noarch-1.tgz: Added libpthread-stubs-0.1. x/libxcb-1.0-i486-1.tgz: Added libxcb-1.0. x/libxkbfile-1.0.4-i486-1.tgz: Added libxkbfile-1.0.4. x/libxkbui-1.0.2-i486-1.tgz: Added libxkbui-1.0.2. x/listres-1.0.1-i486-1.tgz: Added listres-1.0.1. x/lndir-1.0.1-i486-1.tgz: Added lndir-1.0.1. x/luit-1.0.2-i486-1.tgz: Added luit-1.0.2. x/makedepend-1.0.0-i486-1.tgz: Added makedepend-1.0.0. x/mkcomposecache-1.2-i486-1.tgz: Added mkcomposecache-1.2. x/mkfontdir-1.0.2-noarch-1.tgz: Added mkfontdir-1.0.2. x/mkfontscale-1.0.3-i486-1.tgz: Added mkfontscale-1.0.3. x/oclock-1.0.1-i486-1.tgz: Added oclock-1.0.1. x/printproto-1.0.3-noarch-1.tgz: Added printproto-1.0.3. x/proxymngr-1.0.1-i486-1.tgz: Added proxymngr-1.0.1. x/randrproto-1.2.0-noarch-1.tgz: Added randrproto-1.2.0. x/recordproto-1.13.2-noarch-1.tgz: Added recordproto-1.13.2. x/rendercheck-1.2-i486-1.tgz: Added rendercheck-1.2. x/renderproto-0.9.2-noarch-1.tgz: Added renderproto-0.9.2. x/resourceproto-1.0.2-noarch-1.tgz: Added resourceproto-1.0.2. x/rgb-1.0.1-i486-1.tgz: Added rgb-1.0.1. x/rstart-1.0.2-i486-1.tgz: Added rstart-1.0.2. x/scripts-1.0.1-noarch-1.tgz: Added scripts-1.0.1. x/scrnsaverproto-1.1.0-noarch-1.tgz: Added scrnsaverproto-1.1.0. x/sessreg-1.0.2-i486-1.tgz: Added sessreg-1.0.2. x/setxkbmap-1.0.3-i486-1.tgz: Added setxkbmap-1.0.3. x/showfont-1.0.1-i486-1.tgz: Added showfont-1.0.1. x/smproxy-1.0.2-i486-1.tgz: Added smproxy-1.0.2. x/trapproto-3.4.3-noarch-1.tgz: Added trapproto-3.4.3. x/twm-1.0.3-i486-1.tgz: Added twm-1.0.3. x/util-macros-1.1.5-noarch-1.tgz: Added util-macros-1.1.5. x/videoproto-2.2.2-noarch-1.tgz: Added videoproto-2.2.2. x/viewres-1.0.1-i486-1.tgz: Added viewres-1.0.1. x/x11-skel-7.1-noarch-2.tgz: Added X11 setup scripts from pkgtools. x/x11perf-1.4.1-i486-1.tgz: Added x11perf-1.4.1. x/xauth-1.0.2-i486-1.tgz: Added xauth-1.0.2. x/xbiff-1.0.1-i486-1.tgz: Added xbiff-1.0.1. x/xbitmaps-1.0.1-noarch-1.tgz: Added xbitmaps-1.0.1. x/xcalc-1.0.1-i486-1.tgz: Added xcalc-1.0.1. x/xcb-proto-1.0-noarch-1.tgz: Added xcb-proto-1.0. x/xclipboard-1.0.1-i486-1.tgz: Added xclipboard-1.0.1. x/xclock-1.0.2-i486-1.tgz: Added xclock-1.0.2. x/xcmiscproto-1.1.2-noarch-1.tgz: Added xcmiscproto-1.1.2. x/xcmsdb-1.0.1-i486-1.tgz: Added xcmsdb-1.0.1. x/xconsole-1.0.2-i486-1.tgz: Added xconsole-1.0.2. x/xcursor-themes-1.0.1-noarch-1.tgz: Added xcursor-themes-1.0.1. x/xcursorgen-1.0.1-i486-1.tgz: Added xcursorgen-1.0.1. x/xdbedizzy-1.0.2-i486-1.tgz: Added xdbedizzy-1.0.2. x/xditview-1.0.1-i486-1.tgz: Added xditview-1.0.1. x/xdm-1.1.4-i486-1.tgz: Added xdm-1.1.4. x/xdpyinfo-1.0.1-i486-1.tgz: Added xdpyinfo-1.0.1. x/xdriinfo-1.0.1-i486-1.tgz: Added xdriinfo-1.0.1. x/xedit-1.0.2-i486-1.tgz: Added xedit-1.0.2. x/xev-1.0.2-i486-1.tgz: Added xev-1.0.2. x/xextproto-7.0.2-noarch-1.tgz: Added xextproto-7.0.2. x/xeyes-1.0.1-i486-1.tgz: Added xeyes-1.0.1. x/xf86-input-acecad-1.1.0-i486-1.tgz: Added xf86-input-acecad-1.1.0. x/xf86-input-aiptek-1.0.1-i486-1.tgz: Added xf86-input-aiptek-1.0.1. x/xf86-input-calcomp-1.1.0-i486-1.tgz: Added xf86-input-calcomp-1.1.0. x/xf86-input-digitaledge-1.1.0-i486-1.tgz: Added xf86-input-digitaledge-1.1.0. x/xf86-input-elographics-1.1.0-i486-1.tgz: Added xf86-input-elographics-1.1.0. x/xf86-input-evdev-1.1.5-i486-1.tgz: Added xf86-input-evdev-1.1.5. x/xf86-input-fpit-1.1.0-i486-1.tgz: Added xf86-input-fpit-1.1.0. x/xf86-input-hyperpen-1.1.0-i486-1.tgz: Added xf86-input-hyperpen-1.1.0. x/xf86-input-jamstudio-1.1.0-i486-1.tgz: Added xf86-input-jamstudio-1.1.0. x/xf86-input-joystick-1.1.0-i486-1.tgz: Added xf86-input-joystick-1.1.0. x/xf86-input-keyboard-1.1.1-i486-1.tgz: Added xf86-input-keyboard-1.1.1. x/xf86-input-magellan-1.1.0-i486-1.tgz: Added xf86-input-magellan-1.1.0. x/xf86-input-magictouch-1.0.0.5-i486-1.tgz: Added xf86-input-magictouch-1.0.0.5. x/xf86-input-mouse-1.2.1-i486-1.tgz: Added xf86-input-mouse-1.2.1. x/xf86-input-mutouch-1.1.0-i486-1.tgz: Added xf86-input-mutouch-1.1.0. x/xf86-input-palmax-1.1.0-i486-1.tgz: Added xf86-input-palmax-1.1.0. x/xf86-input-spaceorb-1.1.0-i486-1.tgz: Added xf86-input-spaceorb-1.1.0. x/xf86-input-summa-1.1.0-i486-1.tgz: Added xf86-input-summa-1.1.0. x/xf86-input-tek4957-1.1.0-i486-1.tgz: Added xf86-input-tek4957-1.1.0. x/xf86-input-ur98-1.1.0-i486-1.tgz: Added xf86-input-ur98-1.1.0. x/xf86-input-vmmouse-12.4.0-i486-1.tgz: Added xf86-input-vmmouse-12.4.0. x/xf86-input-void-1.1.0-i486-1.tgz: Added xf86-input-void-1.1.0. x/xf86-video-apm-1.1.1-i486-1.tgz: Added xf86-video-apm-1.1.1. x/xf86-video-ark-0.6.0-i486-1.tgz: Added xf86-video-ark-0.6.0. x/xf86-video-ast-0.81.0-i486-1.tgz: Added xf86-video-ast-0.81.0. x/xf86-video-ati-6.6.3-i486-1.tgz: Added xf86-video-ati-6.6.3. x/xf86-video-chips-1.1.1-i486-1.tgz: Added xf86-video-chips-1.1.1. x/xf86-video-cirrus-1.1.0-i486-1.tgz: Added xf86-video-cirrus-1.1.0. x/xf86-video-cyrix-1.1.0-i486-1.tgz: Added xf86-video-cyrix-1.1.0. x/xf86-video-dummy-0.2.0-i486-1.tgz: Added xf86-video-dummy-0.2.0. x/xf86-video-fbdev-0.3.1-i486-1.tgz: Added xf86-video-fbdev-0.3.1. x/xf86-video-glint-1.1.1-i486-1.tgz: Added xf86-video-glint-1.1.1. x/xf86-video-i128-1.2.1-i486-1.tgz: Added xf86-video-i128-1.2.1. x/xf86-video-i740-1.1.0-i486-1.tgz: Added xf86-video-i740-1.1.0. x/xf86-video-i810-1.7.4-i486-1.tgz: Added xf86-video-i810-1.7.4. x/xf86-video-imstt-1.1.0-i486-1.tgz: Added xf86-video-imstt-1.1.0. x/xf86-video-mga-1.4.6.1-i486-1.tgz: Added xf86-video-mga-1.4.6.1. x/xf86-video-neomagic-1.1.1-i486-1.tgz: Added xf86-video-neomagic-1.1.1. x/xf86-video-newport-0.2.1-i486-1.tgz: Added xf86-video-newport-0.2.1. x/xf86-video-nsc-2.8.2-i486-1.tgz: Added xf86-video-nsc-2.8.2. x/xf86-video-nv-1.2.2.1-i486-1.tgz: Added xf86-video-nv-1.2.2.1. x/xf86-video-rendition-4.1.3-i486-1.tgz: Added xf86-video-rendition-4.1.3. x/xf86-video-s3-0.5.0-i486-1.tgz: Added xf86-video-s3-0.5.0. x/xf86-video-s3virge-1.9.1-i486-1.tgz: Added xf86-video-s3virge-1.9.1. x/xf86-video-savage-2.1.2-i486-1.tgz: Added xf86-video-savage-2.1.2. x/xf86-video-siliconmotion-1.4.2-i486-1.tgz: Added xf86-video-siliconmotion-1.4.2. x/xf86-video-sis-0.9.3-i486-1.tgz: Added xf86-video-sis-0.9.3. x/xf86-video-sisusb-0.8.1-i486-1.tgz: Added xf86-video-sisusb-0.8.1. x/xf86-video-tdfx-1.3.0-i486-1.tgz: Added xf86-video-tdfx-1.3.0. x/xf86-video-tga-1.1.0-i486-1.tgz: Added xf86-video-tga-1.1.0. x/xf86-video-trident-1.2.3-i486-1.tgz: Added xf86-video-trident-1.2.3. x/xf86-video-tseng-1.1.1-i486-1.tgz: Added xf86-video-tseng-1.1.1. x/xf86-video-v4l-0.1.1-i486-1.tgz: Added xf86-video-v4l-0.1.1. x/xf86-video-vesa-1.3.0-i486-1.tgz: Added xf86-video-vesa-1.3.0. x/xf86-video-vga-4.1.0-i486-1.tgz: Added xf86-video-vga-4.1.0. x/xf86-video-via-0.2.2-i486-1.tgz: Added xf86-video-via-0.2.2. x/xf86-video-vmware-10.15.0-i486-1.tgz: Added xf86-video-vmware-10.15.0. x/xf86-video-voodoo-1.1.1-i486-1.tgz: Added xf86-video-voodoo-1.1.1. x/xf86bigfontproto-1.1.2-noarch-1.tgz: Added xf86bigfontproto-1.1.2. x/xf86dga-1.0.2-i486-1.tgz: Added xf86dga-1.0.2. x/xf86dgaproto-2.0.2-noarch-1.tgz: Added xf86dgaproto-2.0.2. x/xf86driproto-2.0.3-noarch-1.tgz: Added xf86driproto-2.0.3. x/xf86miscproto-0.9.2-noarch-1.tgz: Added xf86miscproto-0.9.2. x/xf86rushproto-1.1.2-noarch-1.tgz: Added xf86rushproto-1.1.2. x/xf86vidmodeproto-2.2.2-noarch-1.tgz: Added xf86vidmodeproto-2.2.2. x/xfd-1.0.1-i486-1.tgz: Added xfd-1.0.1. x/xfindproxy-1.0.1-i486-1.tgz: Added xfindproxy-1.0.1. x/xfontsel-1.0.2-i486-1.tgz: Added xfontsel-1.0.2. x/xfs-1.0.4-i486-1.tgz: Added xfs-1.0.4. x/xfsinfo-1.0.1-i486-1.tgz: Added xfsinfo-1.0.1. x/xfwp-1.0.1-i486-1.tgz: Added xfwp-1.0.1. x/xgamma-1.0.1-i486-1.tgz: Added xgamma-1.0.1. x/xgc-1.0.1-i486-1.tgz: Added xgc-1.0.1. x/xhost-1.0.1-i486-1.tgz: Added xhost-1.0.1. x/xineramaproto-1.1.2-noarch-1.tgz: Added xineramaproto-1.1.2. x/xinit-1.0.3-i486-1.tgz: Added xinit-1.0.3. x/xkbcomp-1.0.3-i486-1.tgz: Added xkbcomp-1.0.3. x/xkbevd-1.0.2-i486-1.tgz: Added xkbevd-1.0.2. x/xkbprint-1.0.1-i486-1.tgz: Added xkbprint-1.0.1. x/xkbutils-1.0.1-i486-1.tgz: Added xkbutils-1.0.1. x/xkeyboard-config-0.9-noarch-1.tgz: Added xkeyboard-config-0.9. x/xkill-1.0.1-i486-1.tgz: Added xkill-1.0.1. x/xload-1.0.1-i486-1.tgz: Added xload-1.0.1. x/xlogo-1.0.1-i486-1.tgz: Added xlogo-1.0.1. x/xlsatoms-1.0.1-i486-1.tgz: Added xlsatoms-1.0.1. x/xlsclients-1.0.1-i486-1.tgz: Added xlsclients-1.0.1. x/xlsfonts-1.0.2-i486-1.tgz: Added xlsfonts-1.0.2. x/xmag-1.0.1-i486-1.tgz: Added xmag-1.0.1. x/xman-1.0.2-i486-1.tgz: Added xman-1.0.2. x/xmessage-1.0.1-i486-1.tgz: Added xmessage-1.0.1. x/xmh-1.0.1-i486-1.tgz: Added xmh-1.0.1. x/xmodmap-1.0.2-i486-1.tgz: Added xmodmap-1.0.2. x/xmore-1.0.1-i486-1.tgz: Added xmore-1.0.1. x/xorg-cf-files-1.0.2-noarch-1.tgz: Added xorg-cf-files-1.0.2. x/xorg-docs-1.3-noarch-1.tgz: Added xorg-docs-1.3. x/xorg-server-1.2.0-i486-1.tgz: Added xorg-server-1.2.0. x/xorg-server-xdmx-1.2.0-i486-1.tgz: Added xorg-server-xdmx-1.2.0. x/xorg-server-xnest-1.2.0-i486-1.tgz: Added xorg-server-xnest-1.2.0. x/xorg-server-xvfb-1.2.0-i486-1.tgz: Added xorg-server-xvfb-1.2.0. x/xorg-sgml-doctools-1.1.1-noarch-1.tgz: Added xorg-sgml-doctools-1.1.1. x/xphelloworld-1.0.1-i486-1.tgz: Added xphelloworld-1.0.1. x/xplsprinters-1.0.1-i486-1.tgz: Added xplsprinters-1.0.1. x/xpr-1.0.2-i486-1.tgz: Added xpr-1.0.2. x/xprehashprinterlist-1.0.1-i486-1.tgz: Added xprehashprinterlist-1.0.1. x/xprop-1.0.2-i486-1.tgz: Added xprop-1.0.2. x/xproto-7.0.10-noarch-1.tgz: Added xproto-7.0.10. x/xproxymanagementprotocol-1.0.2-noarch-1.tgz: Added xproxymanagementprotocol-1.0.2. x/xrandr-1.0.2-i486-1.tgz: Added xrandr-1.0.2. x/xrdb-1.0.3-i486-1.tgz: Added xrdb-1.0.3. x/xrefresh-1.0.2-i486-1.tgz: Added xrefresh-1.0.2. x/xrx-1.0.1-i486-1.tgz: Added xrx-1.0.1. x/xset-1.0.2-i486-1.tgz: Added xset-1.0.2. x/xsetmode-1.0.0-i486-1.tgz: Added xsetmode-1.0.0. x/xsetpointer-1.0.1-i486-1.tgz: Added xsetpointer-1.0.1. x/xsetroot-1.0.1-i486-1.tgz: Added xsetroot-1.0.1. x/xsm-1.0.1-i486-1.tgz: Added xsm-1.0.1. x/xstdcmap-1.0.1-i486-1.tgz: Added xstdcmap-1.0.1. x/xtrans-1.0.3-noarch-1.tgz: Added xtrans-1.0.3. x/xtrap-1.0.2-i486-1.tgz: Added xtrap-1.0.2. x/xvidtune-1.0.1-i486-1.tgz: Added xvidtune-1.0.1. x/xvinfo-1.0.1-i486-1.tgz: Added xvinfo-1.0.1. x/xwd-1.0.1-i486-1.tgz: Added xwd-1.0.1. x/xwininfo-1.0.2-i486-1.tgz: Added xwininfo-1.0.2. x/xwud-1.0.1-i486-1.tgz: Added xwud-1.0.1. xap/gaim-2.0.0beta6-i486-1.tgz: Upgraded to gaim-2.0.0beta6. xap/vim-gvim-7.0.195-i486-1.tgz: Upgraded to vim-7.0.195 for X11/GTK+. xap/xchat-2.8.0-i486-1.tgz: Upgraded to xchat-2.8.0. extra/blackbox-0.70.1/blackbox-0.70.1-i486-2.tgz: Recompiled, changed --prefix to /usr. extra/linux-wlan-ng/linux-wlan-ng-0.2.7_2.6.18.6-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.7 compiled for Linux 2.6.18.6. extra/mpg123/mpg123-0.65-i486-1.tgz: Upgraded to mpg123-0.65. extra/ntfsprogs/ntfsprogs-1.13.1-i486-1.tgz: Added ntfsprogs-1.13.1. extra/parted/parted-1.8.2-i486-1.tgz: Upgraded to parted-1.8.2. pasture/lvm-1.0.8-i486-1.tgz: Moved here from ap/. +--------------------------+ Wed Feb 14 02:21:48 CST 2007 Removed temporary packages used to bootstrap and test modular X. x/x11-app-i20070206-i486-1.tgz: Removed. x/x11-data-i20070201-i486-1.tgz: Removed. x/x11-doc-i20070201-i486-1.tgz: Removed. x/x11-driver-i20070201-i486-1.tgz: Removed. x/x11-font-i20070201-i486-1.tgz: Removed. x/x11-lib-i20070201-i486-1.tgz: Removed. x/x11-proto-i20070201-i486-1.tgz: Removed. x/x11-util-i20070201-i486-1.tgz: Removed. x/x11-xdmx-1.2.0-i486-1.tgz: Removed. x/x11-xnest-1.2.0-i486-1.tgz: Removed. x/x11-xorg-server-1.2.0-i486-1.tgz: Removed. x/x11-xvfb-1.2.0-i486-1.tgz: Removed. +--------------------------+ Tue Feb 13 19:04:02 CST 2007 a/aaa_base-11.1.0-noarch-1.tgz: Delete a bunch of obsolete X11/X11R6 paths. a/lilo-22.7.3-i486-1.tgz: Upgraded to lilo-22.7.3. a/pkgtools-11.0.9-noarch-2.tgz: Fixed missing doinst.sh. ap/mtx-1.3.9-i486-1.tgz: Added mtx-1.3.9. Thanks to Stuart Winter for the build script. ap/mysql-5.0.33-i486-1.tgz: Upgraded to mysql-5.0.33. d/perl-5.8.8-i486-4.tgz: Recompiled with thread support. Upgraded to DBD-mysql-4.001 and DBI-1.53. f/linux-howtos-20070211-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070211. n/lftp-3.5.9-i486-1.tgz: Upgraded to lftp-3.5.9. n/links-2.1pre26-i486-1.tgz: Upgraded to links-2.1pre26. n/rsync-2.6.9-i486-1.tgz: Upgraded to rsync-2.6.9. n/wpa_supplicant-0.5.7-i486-1.tgz: Added wpa_supplicant-0.5.7. Thanks to Eric Hameleers for the build script! x/x11-xdmx-1.2.0-i486-1.tgz: Split from x11-xorg-server. x/x11-xnest-1.2.0-i486-1.tgz: Split from x11-xorg-server. x/x11-xvfb-1.2.0-i486-1.tgz: Split from x11-xorg-server. x/xterm-224-i486-1.tgz: Added xterm-224. +--------------------------+ Fri Feb 9 22:59:51 CST 2007 a/sysvinit-2.86-i486-1.tgz: Upgraded to sysvinit-2.86. Split the actual init scripts into a new package to avoid needlessly compiling sysvinit over and over again. a/sysvinit-scripts-1.0-noarch-1.tgz: Added a new package containing the system startup scripts. Thanks to Piter Punk for 2.4 kernel cruft removal and other bugfixes and enhancements. ap/nano-2.0.3-i486-1.tgz: Added nano-2.0.3. This one's for Kanedaaa. ;-) d/autoconf-2.61-noarch-1.tgz: Upgraded to autoconf-2.61. d/binutils-2.17.50.0.12-i486-1.tgz: Upgraded to binutils-2.17.50.0.12. d/bison-2.3-i486-1.tgz: Upgraded to bison-2.3. d/byacc-1.9-i386-1.tgz: Removed. Pretty much everything expects bison now. d/clisp-2.41a-i486-1.tgz: Upgraded to clisp-2.41a. d/cmake-2.4.6-i486-1.tgz: Added cmake-2.4.6. d/doxygen-1.5.1-i486-1.tgz: Upgraded to doxygen-1.5.1. d/flex-2.5.33-i486-2.tgz: Upgraded to flex-2.5.33. d/git-1.4.4.4-i486-1.tgz: Upgraded to git-1.4.4.4. d/mercurial-0.9.3-i486-1.tgz: Upgraded to mercurial-0.9.3. d/pkg-config-0.21-i486-4.tgz: Recompiled, and renamed the package from "pkgconfig", which is the correct upstream name. d/pmake-1.111-i486-1.tgz: Swiched to pmake-1.111, which seems to be a more popular version. ;-) d/python-2.5-i486-1.tgz: Upgraded to Python-2.5. d/ruby-1.8.5_p12-i486-1.tgz: Upgraded to ruby-1.8.5-p12. d/subversion-1.4.3-i486-1.tgz: Upgraded to subversion-1.4.3. l/glut-3.7-i486-1.tgz: Removed since MesaGLUT is now bundled with Slackware's Mesa package. l/lesstif-0.95.0-i486-2.tgz: Recompiled, changing install prefix to /usr. l/libmtp-0.1.3-i486-1.tgz: Upgraded to libmtp-0.1.3. l/libnjb-2.2.5-i486-3.tgz: Recompiled. l/neon-0.25.5-i486-3.tgz: Recompiled. n/samba-3.0.24-i486-1.tgz: Upgraded to samba-3.0.24. x/x11-app-i20070206-i486-1.tgz: Upgraded to xdm-1.1.4. xap/blackbox-0.65.0-i486-2.tgz: Recompiled, changing install prefix to /usr. xap/fluxbox-1.0rc2-i486-2.tgz: Recompiled to change --prefix from /usr/X11R6 (which is now deprecated) to /usr. xap/rxvt-2.7.10-i486-3.tgz: Recompiled, changing install prefix to /usr. xap/xlockmore-5.23-i486-1.tgz: Upgraded to xlockmore-5.23, changed --prefix to /usr. xap/xv-3.10a-i486-5.tgz: Recompiled, changing install prefix to /usr. extra/bittornado/bittornado-0.3.18-noarch-1.tgz: Upgraded to bittornado-0.3.18, built against Python-2.5. extra/bittorrent/bittorrent-4.4.0-noarch-2.tgz: Rebuilt against Python-2.5. +--------------------------+ Mon Feb 5 02:13:06 CST 2007 x/dejavu-ttf-2.14-noarch-1.tgz: Upgraded to dejavu-2.14. x/fontconfig-2.4.2-i486-1.tgz: Adjusted font path in /etc/fonts/fonts.conf. x/libdrm-2.3.0-i486-1.tgz: Added Direct Rendering library. x/mesa-6.5.2-i486-1.tgz: Added Mesa 3-D library. x/ttf-indic-fonts-0.4.7.1-noarch-2.tgz: Rebuilt to put in new fonts directory. x/x11-app-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-data-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-doc-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-driver-i20070201-i486-1.tgz: New package based on recent modular code. Several of the input drivers do not compile any more (such as various tablets, touchscreens, etc). Hopefully this code will be fixed before the X.Org 7.2 release... it's not Slackware-specific and is unlikely to be fixed here. x/x11-font-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-lib-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-proto-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-util-i20070201-i486-1.tgz: New package based on recent modular code. x/x11-xorg-server-1.2.0-i486-1.tgz: New package based on recent modular code. +--------------------------+ Sun Feb 4 16:52:03 CST 2007 a/bzip2-1.0.4-i486-1.tgz: Upgraded to bzip2-1.0.4. a/ed-0.4-i486-1.tgz: Upgraded to ed-0.4. l/atk-1.12.4-i486-1.tgz: Upgraded to atk-1.12.4. l/cairo-1.2.6-i486-1.tgz: Upgraded to cairo-1.2.6. l/db44-4.4.20-i486-2.tgz: Recompiled. Yes, db-4.5 is out, but there's no good reason (IMHO) to chase the API/ABI of the week and break things. l/expat-2.0.0-i486-1.tgz: Upgraded to expat-2.0.0. l/freetype-2.1.9-i486-2.tgz: Recompiled. l/glib2-2.12.9-i486-1.tgz: Upgraded to glib2-2.12.9. l/gmp-4.2.1-i486-2.tgz: Recompiled. l/gtk+2-2.10.9-i486-1.tgz: Upgraded to gtk+2-2.10.9. l/libgpod-0.4.2-i486-1.tgz: Upgraded to libgpod-0.4.2. l/libpng-1.2.15-i486-1.tgz: Upgraded to libpng-1.2.15. l/libungif-4.1.4-i486-4.tgz: Recompiled. l/libxml2-2.6.27-i486-1.tgz: Upgraded to libxml2-2.6.27. l/libxslt-1.1.20-i486-1.tgz: Upgraded to libxslt-1.1.20. l/mm-1.4.2-i486-2.tgz: Recompiled. l/pango-1.15.5-i486-1.tgz: Upgraded to pango-1.15.5. l/pcre-7.0-i486-1.tgz: Upgraded to pcre-7.0. l/svgalib-1.9.25_2.6.18.6-i486-1.tgz: Upgraded to svgalib-1.9.25. (with svgalib_helper kernel module for Linux 2.6.18.6) n/bind-9.3.4-i486-1.tgz: Upgraded to bind-9.3.4. n/fetchmail-6.3.6-i486-1.tgz: Upgraded to fetchmail-6.3.6. This depends on Python, which is not yet upgraded to 2.5, and due to some compatibility issues, the decision about upgrading beyond 2.4.x (yet) hasn't been settled. n/lynx-2.8.6rel.4-i486-1.tgz: Upgraded to lynx-2.8.6rel.4. x/dejavu-ttf-2.13-noarch-1.tgz: Upgraded to dejavu-ttf-2.13. x/fontconfig-2.4.2-i486-1.tgz: Upgraded to fontconfig-2.4.2. xap/mozilla-firefox-1.5.0.9-i686-1.tgz: Upgraded to firefox-1.5.0.9. xap/mozilla-thunderbird-1.5.0.9-i686-1.tgz: Upgraded to thunderbird-1.5.0.9. xap/xscreensaver-5.01-i486-1.tgz: Upgraded to xscreensaver-5.01. +--------------------------+ Thu Jan 11 12:55:55 CST 2007 a/aaa_terminfo-5.6-noarch-1.tgz: A subset of the terminfo database from ncurses-5.6, formerly bundled with the pkgtools package. a/bin-11.1-i486-1.tgz: Split out most of the utilities from this package. This package only contains a few loose odds and ends now, but various system scripts still need them. a/coreutils-6.7-i486-1.tgz: Upgraded to coreutils-6.7. Colorize .ram files. Use absolute path to /bin/dircolors in eval statements for /etc/profile.d/ scripts (thanks to Donald R. Laster, Jr.) a/dialog-1.0_20060221-i486-1.tgz: Upgraded to dialog-1.0-20060221. This was formerly bundled with the pkgtools package. a/dosfstools-2.11-i486-1.tgz: Upgraded to dosfstools-2.11, split from the bin package. a/dcron-2.3.3-i486-6.tgz: Bundle the run-parts script needed by crond. a/ed-0.3-i486-1.tgz: Upgraded to ed-0.3, split from the bin package. a/eject-2.1.5-i486-1.tgz: Split eject from the bin package. a/file-4.19-i486-1.tgz: Split file from the bin package. a/lha-114i-i486-1.tgz: Split lha from the bin package. a/ncompress-4.2.4-i486-1.tgz: Split ncompress from the bin package. a/patch-2.5.4-i486-1.tgz: Split patch from the bin package. a/pkgtools-11.0.9-noarch-1.tgz: Removed dialog, terminfo subset, and extra copy of ipmask.c that's been sitting around for years. ;-) a/rpm2tgz-1.0-i486-1.tgz: Split rpm2tgz from the bin package. a/splitvt-1.6.5-i486-1.tgz: Split splitvt from the bin package. a/syslinux-3.31-i486-1.tgz: Upgraded to syslinux-3.31. a/time-1.7-i486-1.tgz: Split time from the bin package. a/tree-1.5.0-i486-1.tgz: Split tree from the bin package. a/unarj-265-i486-1.tgz: Split unarj from the bin package. a/usbutils-0.72-i486-2.tgz: Recompiled, added update-usbids. a/which-2.16-i486-1.tgz: Split which from the bin package. a/zoo-2.10-i486-1.tgz: Split zoo from the bin package. d/binutils-2.17.50.0.9-i486-1.tgz: Upgraded to binutils-2.17.50.0.9. d/m4-1.4.8-i486-1.tgz: Upgraded to m4-1.4.8. l/jre-6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0. l/ncurses-5.6-i486-1.tgz: Upgraded to ncurses-5.6. n/bind-9.3.3-i486-1.tgz: Upgraded to bind-9.3.3. n/dhcp-3.0.5-i486-1.tgz: Upgraded to dhcp-3.0.5. n/iptraf-3.0.0-i486-1.tgz: Upgraded to iptraf-3.0.0. extra/jdk-6/jdk-6-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0. +--------------------------+ Sat Dec 23 00:56:10 CST 2006 a/acl-2.2.39_1-i486-2.tgz: Recompiled. a/apmd-3.2.2-i486-1.tgz: Upgraded to apmd-3.2.2. a/attr-2.4.32_1-i486-2.tgz: Recompiled. a/bash-3.2.009-i486-1.tgz: Upgraded to bash-3.2.009. a/bzip2-1.0.3-i486-4.tgz: Recompiled. a/cups-1.2.7-i486-1.tgz: Upgraded to cups-1.2.7. a/cxxlibs-6.0.8-i486-1.tgz: Upgraded to libstdc++.so.6.0.8 from gcc-4.1.1. a/e2fsprogs-1.39-i486-1.tgz: Upgraded to e2fsprogs-1.39. a/gettext-0.16.1-i486-1.tgz: Upgraded to gettext-0.16.1. a/hotplug-2004_09_23-noarch-11.tgz: Removed. a/pcmcia-cs-3.2.8-i486-3.tgz: Removed. a/procps-3.2.7-i486-2.tgz: Upgraded to psmisc-22.3. a/utempter-1.1.4-i486-1.tgz: Upgraded to utempter-1.1.4. d/gettext-tools-0.16.1-i486-1.tgz: Upgraded to gettext-0.16.1. a/glibc-solibs-2.5-i486-1.tgz: Upgraded to glibc-2.5. Note that you must be running a 2.6+ kernel BEFORE upgrading to the glibc-2.5 packages in -current! a/glibc-zoneinfo-2.5-noarch-1.tgz: Upgraded to glibc-2.5, plus the latest (tzcode2006p and tzdata2006p) timezone packages. a/gpm-1.20.1-i486-3.tgz: Recompiled. a/kernel-huge-2.6.18.6-i486-1.tgz: A 2.6.18.6 Linux kernel with all of the commonly required options compiled in. a/kernel-modules-2.6.18.6-i486-1.tgz Upgraded to Linux 2.6.18.6 kernel modules. a/openssl-solibs-0.9.8d-i486-2.tgz: Recompiled. a/pciutils-2.2.4-i486-1.tgz: Upgraded to pciutils-2.2.4. a/sysfsutils-2.1.0-i486-1.tgz: Upgraded to sysfsutils-2.1.0. a/tar-1.16.1-i486-1.tgz: Upgraded to tar-1.16.1. a/xfsprogs-2.8.16_1-i486-1.tgz: Upgraded to xfsprogs-2.8.16-1. ap/ap/dmapi-2.2.5_1-i486-2.tgz: Recompiled. d/binutils-2.17.50.0.8-i486-1.tgz: Upgraded to binutils-2.17.50.0.8. d/gcc-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. d/gcc-g++-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. d/gcc-gfortran-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. This replaces the gcc-g77 package. d/gcc-gnat-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. d/gcc-java-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. d/gcc-objc-4.1.1-i486-1.tgz: Upgraded to gcc-4.1.1. d/gdb-6.6-i486-1.tgz: Upgraded to gdb-6.6. d/kernel-headers-2.6.18.6-i386-1.tgz: Upgraded to Linux 2.6.18.6 kernel headers. d/oprofile-0.9.2-i486-1.tgz: Upgraded to oprofile-0.9.2. k/kernel-source-2.6.18.6-noarch-1.tgz Upgraded to Linux 2.6.18.6 kernel source. l/alsa-driver-alsa-driver-1.0.11_2.4.33.3-i486-1.tgz: Removed. The 2.6 kernel includes ALSA, so we'll use that. l/glibc-2.5-i486-1.tgz: Upgraded to glibc-2.5. l/glibc-i18n-2.5-noarch-1.tgz: Upgraded to glibc-2.5. l/glibc-profile-2.5-i486-1.tgz: Upgraded to glibc-2.5. l/libjpeg-6b-i486-5.tgz: Recompiled. l/libpng-1.2.14-i486-1.tgz: Upgraded to libpng-1.2.14. This fixes a bug where a specially crafted PNG file could crash applications that use libpng. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 (* Security fix *) l/libtiff-3.8.2-i486-3.tgz: Recompiled. l/ncurses-5.5-i486-2.tgz: Recompiled. l/readline-5.2-i486-1.tgz: Upgraded to readline-5.2. l/libtermcap-1.2.3-i486-7.tgz: Recompiled. l/zlib-1.2.3-i486-2.tgz: Recompiled. n/iptables-1.3.7-i486-1.tgz: Upgraded to iptables-1.3.7. n/openssl-0.9.8d-i486-2.tgz: Recompiled. xap/seamonkey-1.0.7-i486-1.tgz: Upgraded to seamonkey-1.0.7. patches/packages/seamonkey-1.0.7-i486-1: Upgraded to seamonkey-1.0.7. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) extra/linux-2.6.18.6/kernel-generic-2.6.18.6-i486-1.tgz: Upgraded to Linux 2.6.18.6 generic kernel. I'm placing this (and the instructions for the mkinitrd usage) in here, as it makes it easier for now to use huge26.s for installs and not to overwrite it with the kernel-generic package. The goal, though, will be to have the installer contruct an initrd for the generic kernel. We'll see if that happens. :-) kernels/generic.s/*: Upgraded generic.s kernel to 2.6.18.6. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.18.6. Thanks to honeypie at slackware.com for the kernel builds (and everything else :-) +--------------------------+ Mon Dec 11 14:29:39 CST 2006 Merged more patches from Slackware 11.0: a/tar-1.16-i486-1_slack11.0.tgz: Upgraded to tar-1.16. This fixes an issue where files may be extracted outside of the current directory, possibly allowing a malicious tar archive, when extracted, to overwrite any of the user's files (in the case of root, any file on the system). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 (* Security fix *) n/gnupg-1.4.6-i486-1_slack11.0.tgz Upgraded to gnupg-1.4.6. This release fixes a severe and exploitable bug in earlier versions of gnupg. All gnupg users should update to the new packages as soon as possible. For details, see the information concerning CVE-2006-6235 posted on lists.gnupg.org: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235 This update also addresses a more minor security issue possibly exploitable when GnuPG is used in interactive mode. For more information about that issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169 (* Security fix *) n/proftpd-1.3.0a-i486-1_slack11.0.tgz Upgraded to proftpd-1.3.0a plus an additional security patch. Several security issues were found in proftpd that could lead to the execution of arbitrary code by a remote attacker, including one in mod_tls that does not require the attacker to be authenticated first. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 (* Security fix *) +--------------------------+ Mon Nov 20 14:43:48 CST 2006 Merged the patches listed below into the /slackware directory where applicable, but left the _slack11.0 tag on them since we'll be rebuilding just about everything anyway. ap/screen-4.0.3-i486-1_slack11.0.tgz: Upgraded to screen-4.0.3. This addresses an issue with the way screen handles UTF-8 character encoding that could allow screen to be crashed (or possibly code to be executed in the context of the screen user) if a specially crafted sequence of pseudo-UTF-8 characters are displayed withing a screen session. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 (* Security fix *) kde/qca-tls-1.0-i486-3_slack11.0.tgz: Rebuilt to place the plugin in /usr/lib/qt-3.3.7/plugins/crypto/. kde/qt-3.3.7-i486-1_slack11.0.tgz: Upgraded to qt-x11-free-3.3.7. This fixes an issue with Qt's handling of pixmap images that causes Qt linked applications to crash if a specially crafted malicious image is loaded. Inspection of the code in question makes it seem unlikely that this could lead to more serious implications (such as arbitrary code execution), but it is recommended that users upgrade to the new Qt package. For more information, see: http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 (* Security fix *) n/bind-9.3.2_P2-i486-1_slack11.0.tgz: Upgraded to bind-9.3.2-P2. This fixes some security issues related to previous fixes in OpenSSL. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions (these patches were already issued for Slackware). If you have not upgraded yet, get those as well to prevent a potentially exploitable security problem in named. In addition, the default RSA exponent was changed from 3 to 65537. RSA keys using exponent 3 (which was previously BIND's default) will need to be regenerated to protect against the forging of RRSIGs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 (* Security fix *) n/php-4.4.4-i486-4_slack11.0.tgz: Patched the UTF-8 overflow. More details about the vulnerability may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 (* Security fix *) xap/mozilla-firefox-1.5.0.8-i686-1.tgz Upgraded to firefox-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/mozilla-thunderbird-1.5.0.8-i686-1.tgz: Upgraded to thunderbird-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) xap/seamonkey-1.0.6-i486-1_slack11.0.tgz: Upgraded to seamonkey-1.0.6. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Mon Nov 20 14:31:25 CST 2006 Thanks to everyone who provided valuable feedback on the question below. It looks as if Slackware -current (future 12.0?) is going to charge into 2.6-only territory, but it will be a conservative "charge". :-) The overwhelming consensus is that the 2.6 series is now more than stable enough for production use. Some folks expressed concern over the loss of Linux 2.4.x compatibility, but they were a definite minority. Some suggested maintaining two -current branches -- one following 2.4 and the other 2.6. The solution that'll be taken concerning 2.4.x will be to make Slackware 11.0 better maintained than simply security updates. It should see some other non-security updates as well (perhaps the introduction of an /updates directory?), and will be a long lived OS for those who swear by the stability of the 2.4.x kernel series. Meanwhile, 2.4.x compatibility features (such as the, er, mess? going on in the startup scripts) will be steadily eliminated in -current to focus on the best possible 2.6.x support. With a lot of work, we should be able to make the next Slackware release an excellent choice for both servers and desktops. Again -- thanks for all the input! :-) +--------------------------+ Thu Nov 9 18:16:50 CST 2006 Q: Hey, what's the deal with -current? A: Renovations are underway to the toolchain (gcc, glibc, binutils, etc), and it makes little sense to update what is essentially Slackware 11.0 only to do the work all over again once the new toolchain is ready. In addition, these things aren't going as smoothly as anticipated. I'd like to put the NPTL version of glibc into /lib and the LinuxThreads version into /lib/obsolete/linuxthreads (since some old binaries are going to need them), but doing this prevents the use of a 2.4 kernel. Perhaps it's finally time to drop support for Linux 2.4? Personally, I'd rather not as 2.4 is more forgiving of flaky hardware and thus tends to get better uptimes (at least on the servers I run ;-). Comments about this issue are welcomed. glibc-2.5 has also been having some problems with locale support here that need to be investigated and dealt with. I'd rather base the glibc in Slackware on an official glibc release, but using the development repo is also something under (slight) consideration if it works better. +--------------------------+ Thu Nov 9 18:04:51 CST 2006 extra/mozilla-firefox-2.0/mozilla-firefox-2.0-i686-1.tgz: Moved from /patches, since it was pointed out that this sets LD_LIBRARY_PATH to use the libraries in /usr/lib/firefox-2.0/ which aren't compatible with the SeaMonkey libraries that are used to compile the gxine plugin, breaking it. I'm currently looking for a workaround for this issue, but meanwhile using firefox-1.5.0.8 with the gxine plugin works just fine. Honestly, I hadn't expected to see another firefox-1.x release once 2.0 came out or I might not have added it to Slackware 11.0 after the release... patches/packages/mozilla-firefox-1.5.0.8-i686-1.tgz: Upgraded to firefox-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) patches/packages/mozilla-thunderbird-1.5.0.8-i686-1.tgz: Upgraded to thunderbird-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) patches/packages/seamonkey-1.0.6-i486-1_slack11.0.tgz: Upgraded to seamonkey-1.0.6. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Mon Nov 6 21:29:24 CST 2006 patches/packages/bind-9.3.2_P2-i486-1_slack11.0.tgz: Upgraded to bind-9.3.2-P2. This fixes some security issues related to previous fixes in OpenSSL. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions (these patches were already issued for Slackware). If you have not upgraded yet, get those as well to prevent a potentially exploitable security problem in named. In addition, the default RSA exponent was changed from 3 to 65537. RSA keys using exponent 3 (which was previously BIND's default) will need to be regenerated to protect against the forging of RRSIGs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 (* Security fix *) +--------------------------+ Fri Nov 3 23:17:57 CST 2006 extra/php5/php-5.2.0-i486-1.tgz: Upgraded to php-5.2.0. This release "includes a large number of new features, bug fixes and security enhancements." In particular, when the UTF-8 charset is selected there are buffer overflows in the htmlspecialchars() and htmlentities() that may be exploited to execute arbitrary code. More details about the vulnerability may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 Further details about the release can be found in the release announcement: http://www.php.net/releases/5_2_0.php Some syntax has changed since PHP 5.1.x. An upgrading guide may be found at this location: http://www.php.net/UPDATE_5_2.txt This package was placed in /extra rather than /patches to save people from possible surprises with automated upgrade tools, since users of PHP4 and PHP 5.1.x applications may need to make some code changes before things will work again. (* Security fix *) patches/packages/php-4.4.4-i486-4_slack11.0.tgz: Patched the UTF-8 overflow. More details about the vulnerability may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 (* Security fix *) patches/packages/screen-4.0.3-i486-1_slack11.0.tgz: Upgraded to screen-4.0.3. This addresses an issue with the way screen handles UTF-8 character encoding that could allow screen to be crashed (or possibly code to be executed in the context of the screen user) if a specially crafted sequence of pseudo-UTF-8 characters are displayed withing a screen session. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 (* Security fix *) +--------------------------+ Sat Oct 28 23:52:38 CDT 2006 patches/packages/mozilla-firefox-2.0-i686-1.tgz: Upgraded to Mozilla Firefox 2.0. This is a completely optional enhanced feature package update. Usually I'd reserve this space only for security patches (which this is not), but Firefox 2.0 is just so cool that I couldn't resist upgrading it, especially with Slackware 11.0 so recently released. +--------------------------+ Wed Oct 25 15:45:46 CDT 2006 patches/packages/qca-tls-1.0-i486-3_slack11.0.tgz: Rebuilt to place the plugin in /usr/lib/qt-3.3.7/plugins/crypto/. patches/packages/qt-3.3.7-i486-1_slack11.0.tgz: Upgraded to qt-x11-free-3.3.7. This fixes an issue with Qt's handling of pixmap images that causes Qt linked applications to crash if a specially crafted malicious image is loaded. Inspection of the code in question makes it seem unlikely that this could lead to more serious implications (such as arbitrary code execution), but it is recommended that users upgrade to the new Qt package. For more information, see: http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 (* Security fix *) +--------------------------+ Sun Oct 1 23:50:53 CDT 2006 Slackware 11.0 is released. Thanks to everyone who helped out and made this release possible. If I forgot you in the ChangeLog, mea culpa, but you know who you are, and thanks. :-) Enjoy! -P.