[FYI] slackware 13.37 x86 current changelog

vvoody

Wed Dec 14 16:22:29 UTC 2011
d/subversion-1.7.2-i486-1.txz:  Upgraded.
  This update fixes an issue with "git svn clone" being broken.
  Thanks to Francesco Allertsen for the heads-up.
  Hmmm, perhaps vbatts can tell me what has happened to the ruby bindings...
+--------------------------+

vvoody

Thu Feb  2 16:02:47 UTC 2012
It is cloudy and foggy here today -- I did not see my shadow, and
will not be crawling back into my hole for 6 weeks.  ;-)
testing/packages/mozilla-firefox-11.0b1-i486-1.txz:  Added.
+--------------------------+
Thu Feb  2 15:07:23 UTC 2012
a/kernel-firmware-20120202git-noarch-1.txz:  Upgraded.
  There were some reports of a failing checksum on the .asc (which
  did verify, so the package was good).  So, we'll replace it with
  a new build to make sure that it syncs out.
+--------------------------+
Wed Feb  1 23:20:04 UTC 2012
$(fortune) just obtained logging in to stamp the Changelog, finally:
  "You single-handedly fought your way into this hopeless mess."
Well, we'll work on rectifying that situation.  :-)  Sorry about the
lack of updates...  everything here blew up all at once, it seemed, but
equipment, upstream targets, and reality all seem to be settling down
enough to get these updates out and have them be an actual improvement
over what's already up.  Hope to have more soon.  Cheers!
l/seamonkey-solibs-2.7-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-10.0-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.7-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
+--------------------------+
Wed Feb  1 17:18:14 CST 2012
testing/packages/mozilla-firefox-10.0-i486-1.txz:  Upgraded.
testing/packages/mozilla-thunderbird-10.0-i486-1.txz:  Upgraded.
+--------------------------+
Wed Feb  1 17:18:13 CST 2012
a/kernel-generic-3.2.2-i486-1.txz:  Upgraded.
a/kernel-generic-smp-3.2.2_smp-i686-1.txz:  Upgraded.
a/kernel-huge-3.2.2-i486-1.txz:  Upgraded.
a/kernel-huge-smp-3.2.2_smp-i686-1.txz:  Upgraded.
a/kernel-modules-3.2.2-i486-1.txz:  Upgraded.
a/kernel-modules-smp-3.2.2_smp-i686-1.txz:  Upgraded.
a/openssl-solibs-0.9.8t-i486-1.txz:  Upgraded.
  This fixes a bug where DTLS applications were not properly supported.  This
  bug could have allowed remote attackers to cause a denial of service via
  unspecified vectors.
  CVE-2012-0050 has been assigned to this issue.
  For more details see:
    http://openssl.org/news/secadv_20120118.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
  (* Security fix *)
d/kernel-headers-3.2.2_smp-x86-1.txz:  Upgraded.
e/emacs-23.4-i486-1.txz:  Upgraded.
k/kernel-source-3.2.2_smp-noarch-1.txz:  Upgraded.
n/openssl-0.9.8t-i486-1.txz:  Upgraded.
  This fixes a bug where DTLS applications were not properly supported.  This
  bug could have allowed remote attackers to cause a denial of service via
  unspecified vectors.
  CVE-2012-0050 has been assigned to this issue.
  For more details see:
    http://openssl.org/news/secadv_20120118.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
  (* Security fix *)
extra/linux-3.2.1-nosmp-sdk/*:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+
Wed Feb  1 17:18:11 CST 2012
a/coreutils-8.15-i486-1.txz:  Upgraded.
  This will be provided as a patch to fix some important issues with ext4.
  Thanks to Georgy Salnikov for the notification.
a/cups-1.4.8-i486-1.txz:  Upgraded.
  This might fix a printing issue with LibreOffice.  We'll look into cups-1.5.0
  once we know if this fix works.  If it does, we'll deploy cups-1.4.8 as
  a patch for Slackware 13.37.  Thanks to Willy Sudiarto Raharjo.
a/glibc-solibs-2.14.1-i486-3.txz:  Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz:  Rebuilt.
a/kernel-generic-3.2.1-i486-1.txz:  Upgraded.
a/kernel-generic-smp-3.2.1_smp-i686-1.txz:  Upgraded.
a/kernel-huge-3.2.1-i486-1.txz:  Upgraded.
a/kernel-huge-smp-3.2.1_smp-i686-1.txz:  Upgraded.
a/kernel-modules-3.2.1-i486-1.txz:  Upgraded.
a/kernel-modules-smp-3.2.1_smp-i686-1.txz:  Upgraded.
d/kernel-headers-3.2.1_smp-x86-1.txz:  Upgraded.
k/kernel-source-3.2.1_smp-noarch-1.txz:  Upgraded.
l/glibc-2.14.1-i486-3.txz:  Rebuilt.
l/glibc-i18n-2.14.1-i486-3.txz:  Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz:  Rebuilt.
n/ca-certificates-20111211-noarch-1.txz:  Upgraded.
  Removes DigiNotar and other untrusted certificates.
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+
Wed Feb  1 17:18:07 CST 2012
Hey folks!  Have a few overdue updates to the toolchain.  This has all been
built and rebuild (and upgraded) far too many times IMHO to wait around yet
again to get 3.2.1 in place and bump some compiler deps to get ARM working...
what was that about the echo $(fortune -m "goal of Computer Science") ?
Anyway, please test and report problems and we'll have another round here
shortly.
a/glibc-solibs-2.14.1-i486-3.txz:  Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz:  Rebuilt.
a/kernel-firmware-20120109git-noarch-1.txz:  Upgraded.
ap/htop-1.0-i486-1.txz:  Upgraded.
d/gcc-4.6.2-i486-1.txz:  Upgraded.
d/gcc-g++-4.6.2-i486-1.txz:  Upgraded.
d/gcc-gfortran-4.6.2-i486-1.txz:  Upgraded.
d/gcc-gnat-4.6.2-i486-1.txz:  Upgraded.
d/gcc-go-4.6.2-i486-1.txz:  Added.
d/gcc-java-4.6.2-i486-1.txz:  Upgraded.
d/gcc-objc-4.6.2-i486-1.txz:  Upgraded.
d/slacktrack-2.10-i486-1.txz:  Upgraded.
e/emacs-23.3.tar.xz:  Upgraded.
l/freetype-2.4.8-i486-1.txz:  Upgraded.
  Some vulnerabilities in handling CID-keyed PostScript fonts have
  been fixed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
  (* Security fix *)
l/glibc-2.14.1-i486-3.txz:  Rebuilt.
  Patched to provide compile support for NIS and RPC again.
l/glibc-i18n-2.14.1-i486-3.txz:  Rebuilt.
l/glibc-profile-2.14.1-i486-3.txz:  Rebuilt.
l/seamonkey-solibs-2.6.1-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
n/sendmail-8.14.5-i486-1.txz:  Upgraded.
n/sendmail-cf-8.14.5-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-9.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-9.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.6.1-i486-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
xap/x3270-3.3.12ga7-i486-1.txz:  Upgraded.
xap/xfractint-20.04p11-i486-1.txz:  Upgraded.
pasture/gcc-4.5.3-i486-2.txz:  Moved to /pasture.
pasture/gcc-g++-4.5.3-i486-2.txz:  Moved to /pasture.
pasture/gcc-gfortran-4.5.3-i486-2.txz:  Moved to /pasture.
pasture/gcc-gnat-4.5.3-i486-2.txz:  Moved to /pasture.
pasture/gcc-java-4.5.3-i486-2.txz:  Moved to /pasture.
pasture/gcc-objc-4.5.3-i486-2.txz:  Moved to /pasture.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
testing/packages/mozilla-firefox-10.0b4-i486-1.txz:  Added.
testing/packages/mozilla-thunderbird-10.0b3-i486-1.txz:  Added.
+--------------------------+

vvoody

Wed Feb  8 01:21:42 UTC 2012
a/glibc-solibs-2.14.1-i486-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
a/glibc-zoneinfo-2011i_2011n-noarch-4.txz:  Rebuilt.
ap/alsa-utils-1.0.25-i486-1.txz:  Upgraded.
ap/hplip-3.11.12-i486-1.txz:  Upgraded.
ap/sqlite-3.7.10-i486-1.txz:  Upgraded.
l/alsa-lib-1.0.25-i486-1.txz:  Upgraded.
l/alsa-oss-1.0.25-i486-1.txz:  Upgraded.
l/apr-util-1.4.1-i486-1.txz:  Upgraded.
l/glibc-2.14.1-i486-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
l/glibc-i18n-2.14.1-i486-4.txz:  Rebuilt.
l/glibc-profile-2.14.1-i486-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
n/httpd-2.2.22-i486-1.txz:  Upgraded.
  *) SECURITY: CVE-2011-3368 (cve.mitre.org)
     Reject requests where the request-URI does not match the HTTP
     specification, preventing unexpected expansion of target URLs in
     some reverse proxy configurations.  [Joe Orton]
  *) SECURITY: CVE-2011-3607 (cve.mitre.org)
     Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
     is enabled, could allow local users to gain privileges via a .htaccess
     file. [Stefan Fritsch, Greg Ames]
  *) SECURITY: CVE-2011-4317 (cve.mitre.org)
     Resolve additional cases of URL rewriting with ProxyPassMatch or
     RewriteRule, where particular request-URIs could result in undesired
     backend network exposure in some configurations.
     [Joe Orton]
  *) SECURITY: CVE-2012-0021 (cve.mitre.org)
     mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
     string is in use and a client sends a nameless, valueless cookie, causing
     a denial of service. The issue existed since version 2.2.17. PR 52256.
     [Rainer Canavan <rainer-apache 7val com>]
  *) SECURITY: CVE-2012-0031 (cve.mitre.org)
     Fix scoreboard issue which could allow an unprivileged child process
     could cause the parent to crash at shutdown rather than terminate
     cleanly.  [Joe Orton]
  *) SECURITY: CVE-2012-0053 (cve.mitre.org)
     Fix an issue in error responses that could expose "httpOnly" cookies
     when no custom ErrorDocument is specified for status code 400.
     [Eric Covener]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
  (* Security fix *)
n/php-5.3.10-i486-1.txz:  Upgraded.
  Fixed arbitrary remote code execution vulnerability reported by Stefan
  Esser, CVE-2012-0830. (Stas, Dmitry)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
  (* Security fix *)
n/proftpd-1.3.4a-i486-1.txz:  Upgraded.
  This update fixes a use-after-free() memory corruption error,
  and possibly other unspecified issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130
  (* Security fix *)
n/vsftpd-2.3.5-i486-1.txz:  Upgraded.
  Minor version bump, this also works around a hard to trigger heap overflow
  in glibc (glibc zoneinfo caching vuln).  For there to be any possibility
  to trigger the glibc bug within vsftpd, the non-default option
  "chroot_local_user" must be set in /etc/vsftpd.conf.
  Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-)
    Nevertheless:
  (* Security fix *)
+--------------------------+

vvoody

Sat Feb 11 02:37:16 UTC 2012
l/seamonkey-solibs-2.7.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/seamonkey-2.7.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
testing/packages/mozilla-firefox-11.0b2-i486-1.txz:  Upgraded.
+--------------------------+

vvoody

Tue Feb 14 01:57:25 UTC 2012
xap/mozilla-thunderbird-10.0.1-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
+--------------------------+
Sun Feb 12 23:26:00 UTC 2012
testing/packages/mozilla-thunderbird-11.0b1-i486-1.txz:  Added.
testing/packages/seamonkey-2.8b2-i486-1.txz:  Added.
testing/packages/seamonkey-solibs-2.8b2-i486-1.txz:  Added.
+--------------------------+

vvoody

Sun Feb 26 23:09:05 UTC 2012
a/kernel-generic-3.2.7-i486-1.txz:  Upgraded.
a/kernel-generic-smp-3.2.7_smp-i686-1.txz:  Upgraded.
a/kernel-huge-3.2.7-i486-1.txz:  Upgraded.
a/kernel-huge-smp-3.2.7_smp-i686-1.txz:  Upgraded.
a/kernel-modules-3.2.7-i486-1.txz:  Upgraded.
a/kernel-modules-smp-3.2.7_smp-i686-1.txz:  Upgraded.
d/kernel-headers-3.2.7_smp-x86-1.txz:  Upgraded.
k/kernel-source-3.2.7_smp-noarch-1.txz:  Upgraded.
extra/linux-3.2.7-nosmp-sdk/*:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+
Sat Feb 25 20:36:42 UTC 2012
testing/packages/mozilla-firefox-11.0b4-i486-1.txz:  Upgraded.
testing/packages/mozilla-thunderbird-11.0b3-i486-1.txz:  Upgraded.
testing/packages/seamonkey-2.8b4-i486-1.txz:  Upgraded.
testing/packages/seamonkey-solibs-2.8b4-i486-1.txz:  Upgraded.
+--------------------------+
Wed Feb 22 18:14:58 UTC 2012
l/libpng-1.4.9-i486-1.txz:  Upgraded.
  All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57,
  respectively, fail to correctly validate a heap allocation in
  png_decompress_chunk(), which can lead to a buffer-overrun and the
  possibility of execution of hostile code on 32-bit systems.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
  (* Security fix *)
l/seamonkey-solibs-2.7.2-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0.2-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-10.0.2-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.7.2-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
+--------------------------+

ilxsh

firefox更新得好快啊，什么时候才到sl14呢

vvoody

Wed Mar 14 09:08:26 UTC 2012
l/seamonkey-solibs-2.8-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
n/mtr-0.82-i486-1.txz:  Upgraded.
xap/mozilla-firefox-11.0-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... lities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-11.0-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... es/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.8-i486-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/ ... ties/seamonkey.html
  (* Security fix *)
y/bsd-games-2.13-i486-12.txz:  Rebuilt.  (typo fix)
+--------------------------+