|
Mon Jul 19 23:36:56 UTC 2010
n/bind-9.7.1_P2-i486-1.txz: Upgraded.
This reverses a change that was introduced in BIND 9.7.1 that could cause
cause the server to enter an endless query loop resulting in a denial of
service. (-current only, does not affect any released Slackware)
Thanks to Grigorios Bouzakis for pointing out this BIND update.
(* Security fix *)
+--------------------------+
Sun Jul 18 01:41:06 UTC 2010
KDE 4.4.5 update -- thanks to Eric Hameleers!
kde/amarok-2.3.1-i486-1.txz: Upgraded.
kde/k3b-2.0.0-i486-1.txz: Upgraded.
kde/kdeaccessibility-4.4.5-i486-1.txz: Upgraded.
kde/kdeadmin-4.4.5-i486-1.txz: Upgraded.
kde/kdeartwork-4.4.5-i486-1.txz: Upgraded.
kde/kdebase-4.4.5-i486-1.txz: Upgraded.
kde/kdebase-runtime-4.4.5-i486-1.txz: Upgraded.
kde/kdebase-workspace-4.4.5-i486-1.txz: Upgraded.
kde/kdebindings-4.4.5-i486-1.txz: Upgraded.
kde/kdeedu-4.4.5-i486-1.txz: Upgraded.
kde/kdegames-4.4.5-i486-1.txz: Upgraded.
kde/kdegraphics-4.4.5-i486-1.txz: Upgraded.
kde/kdelibs-4.4.5-i486-1.txz: Upgraded.
kde/kdemultimedia-4.4.5-i486-1.txz: Upgraded.
kde/kdenetwork-4.4.5-i486-1.txz: Upgraded.
kde/kdepim-4.4.5-i486-1.txz: Upgraded.
kde/kdepim-runtime-4.4.5-i486-1.txz: Upgraded.
kde/kdepimlibs-4.4.5-i486-1.txz: Upgraded.
kde/kdeplasma-addons-4.4.5-i486-1.txz: Upgraded.
kde/kdesdk-4.4.5-i486-1.txz: Upgraded.
kde/kdetoys-4.4.5-i486-1.txz: Upgraded.
kde/kdeutils-4.4.5-i486-1.txz: Upgraded.
kde/kdevelop-4.0.1-i486-1.txz: Upgraded.
kde/kdevplatform-1.0.1-i486-1.txz: Upgraded.
kde/kdewebdev-4.4.5-i486-1.txz: Upgraded.
kde/koffice-2.2.1-i486-1.txz: Upgraded.
kde/ktorrent-4.0.2-i486-1.txz: Upgraded.
This now requires libktorrent.
kde/libktorrent-1.0.2-i486-1.txz: Added.
kde/oxygen-icons-4.4.5-i486-1.txz: Upgraded.
kde/polkit-kde-1-r1145544-i486-1.txz: Upgraded.
kde/polkit-qt-1-r1145513-i486-1.txz: Upgraded.
kdei/*: Upgraded.
l/polkit-1_a2edcef-i486-1.txz: Upgraded.
l/attica-0.1.4-i486-1.txz: Upgraded.
l/akonadi-1.3.90-i486-1.txz: Upgraded.
l/phonon-4.4.2-i486-1.txz: Upgraded.
l/soprano-2.4.63-i486-1.txz: Upgraded.
l/shared-desktop-ontologies-0.5-i486-1.txz: Upgraded.
l/qimageblitz-0.0.6-i486-1.txz: Upgraded.
l/qt-4.6.3_ef2e850-i486-1.txz: Upgraded.
testing/packages/btrfs-progs-20100717-i486-1.txz: Upgraded.
+--------------------------+
Wed Jun 30 04:51:49 UTC 2010
l/libpng-1.4.3-i486-1.txz: Upgraded.
Upgraded to libpng-1.2.44 and libpng-1.4.3.
This fixes out-of-bounds memory write bugs that could lead to crashes
or the execution of arbitrary code, and a memory leak bug which could
lead to application crashes.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
(* Security fix *)
l/libtiff-3.9.4-i486-1.txz: Upgraded.
This fixes image structure handling bugs that could lead to crashes or
execution of arbitrary code if a specially-crafted TIFF image is loaded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
(* Security fix *)
+--------------------------+
Sun Jun 27 17:25:18 UTC 2010
xap/mozilla-firefox-3.6.6-i686-1.txz: Upgraded.
This changes the crash protection feature to increase the timeout
before a plugin is considered non-responsive.
+--------------------------+
Sun Jun 27 03:43:13 UTC 2010
ap/ghostscript-8.71-i486-3.txz: Rebuilt.
Merged an upstream patch from Till Kamppeter to fix printing black pages
with CUPS and certain printers.
+--------------------------+
Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-i486-1.txz: Upgraded.
Fixed a memory allocation error in texttops.
Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote
attacker to reconfigure or disable CUPS if a CUPS admin logged into the
web interface visited a specially-crafted website.
Fixed a bug where uninitialized memory from the cupsd process could
reveal sensitive information.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
(* Security fix *)
d/ccache-3.0-i486-1.txz: Upgraded.
d/gdb-7.1-i486-2.txz: Rebuilt.
Added --with-python=no to fix errors about missing backtrace.py, which is
not yet in stable glib. Thanks to David Woodfall.
l/imlib-1.9.15-i486-7.txz: Rebuilt.
This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-i486-1.txz: Upgraded.
n/bind-9.7.1-i486-1.txz: Upgraded.
This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
and checking is disabled (CD).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
(* Security fix *)
Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-i686-1.txz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/ ... ties/firefox36.html
(* Security fix *)
xap/mozilla-thunderbird-3.1-i686-1.txz: Upgraded.
(* Security fix *)
xap/seamonkey-2.0.5-i486-1.txz: Upgraded.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/ ... es/seamonkey20.html
(* Security fix *)
+--------------------------+
Sat Jun 19 00:59:41 UTC 2010
testing/packages/btrfs-progs-20100618-i486-1.txz:
Added btrfs-convert. Thanks to mancha.
+--------------------------+
Fri Jun 18 18:12:04 UTC 2010
ap/alsa-utils-1.0.23-i486-2.txz: Rebuilt.
Patched alsaconf to generate /etc/modprobe.d/sound.conf.
Thanks to Alan Hicks.
kde/kdebase-workspace-4.4.3-i486-2.txz: Rebuilt.
Patched xinitrc.kde to launch with ck-launch-session only if the
DESKTOP_SESSION variable is empty. This fixes a bug where a ck-aware
login manager such as KDM may have already launched a ConsoleKit
session, causing the xinitrc to launch another one and marking the
first one inactive. This can lead to auth failures.
Thanks to Robby Workman.
n/samba-3.5.3-i486-1.txz: Upgraded.
xap/xfce-4.6.1-i486-9.txz: Rebuilt.
Patched xinitrc.xfce to launch with ck-launch-session only if the
DESKTOP_SESSION variable is empty. Thanks to Robby Workman.
+--------------------------+
Wed May 19 08:58:23 UTC 2010
Slackware 13.1 x86 stable is released!
Lots of thanks are due -- see the RELEASE_NOTES and the rest of the
ChangeLog for credits. The ISOs are on their way to replication,
a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We are taking pre-orders now at store.slackware.com, and offering
a discount if you sign up for a subscription. Consider picking up
a copy to help support the project. Thanks again to the Slackware
community for testing, contributing, and generally holding us to a
high level of quality. :-)
Enjoy! |
|