slackware 11.0总算要来了。

Cherife

Fri Sep 29 02:10:15 CDT 2006
a/openssl-solibs-0.9.8d-i486-1.tgz: Upgraded to shared libraries from
       openssl-0.9.8d. See openssl package update below.
       (* Security fix *)
n/openssh-4.4p1-i486-1.tgz: Upgraded to openssh-4.4p1.
       This fixes a few security related issues. From the release notes found at
       http://www.openssh.com/txt/release-4.4:
       * Fix a pre-authentication denial of service found by Tavis Ormandy,
       that would cause sshd(8) to spin until the login grace time
       expired.
       * Fix an unsafe signal hander reported by Mark Dowd. The signal
       handler was vulnerable to a race condition that could be exploited
       to perform a pre-authentication denial of service. On portable
       OpenSSH, this vulnerability could theoretically lead to
       pre-authentication remote code execution if GSSAPI authentication
       is enabled, but the likelihood of successful exploitation appears
       remote.
       * On portable OpenSSH, fix a GSSAPI authentication abort that could
       be used to determine the validity of usernames on some platforms.
       Links to the CVE entries will be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
       After this upgrade, make sure the permissions on /etc/rc.d/rc.sshd are set
       the way you want them. Future upgrades will respect the existing permissions
       settings. Thanks to Manuel Reimer for pointing out that upgrading openssh
       would enable a previously disabled sshd daemon.
       Do better checking of passwd, shadow, and group to avoid adding
       redundant entries to these files. Thanks to Menno Duursma.
       (* Security fix *)
n/openssl-0.9.8d-i486-1.tgz: Upgraded to openssl-0.9.8d.
       This fixes a few security related issues:
       During the parsing of certain invalid ASN.1 structures an error
       condition is mishandled. This can result in an infinite loop which
       consumes system memory (CVE-2006-2937). (This issue did not affect
       OpenSSL versions prior to 0.9.7)
       Thanks to Dr S. N. Henson of Open Network Security and NISCC.
       Certain types of public key can take disproportionate amounts of
       time to process. This could be used by an attacker in a denial of
       service attack (CVE-2006-2940).
       Thanks to Dr S. N. Henson of Open Network Security and NISCC.
       A buffer overflow was discovered in the SSL_get_shared_ciphers()
       utility function. An attacker could send a list of ciphers to an
       application that uses this function and overrun a buffer.
       (CVE-2006-3738)
       Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
       A flaw in the SSLv2 client code was discovered. When a client
       application used OpenSSL to create an SSLv2 connection to a malicious
       server, that server could cause the client to crash (CVE-2006-4343).
       Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
       Links to the CVE entries will be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
       (* Security fix *)
zipslack/zipslack.zip: Rebuilt ZipSlack with new openssl-solibs and
       openssh packages.

jiahaolin

大家认为，有没有必要更新至11.0呢？现在我已经有点受不了这种等待了……

kite

没必要天天等。等11.0发布后2周我才安装，因为frgnome是unstable中，还要等等，哈哈。

sxzzsf

保持 current,就是slackware 11 了.等它只是为了刻张11的光盘

fei

当然需要--我的新server HP DL380G5,Dell 2950 Slackware都装不了。认不到驱动。

jiahaolin

我想知道，什么叫保持 current,又如何保持呢？

谢谢。

sxzzsf

就是当 http://www.slackware.com/changelog/current.php?cpu=i386 中出现了软件包的更新时 安装新的软件包 就可以了.
当 Pat 认为当前的包已经足够的 stable, 就会将其标记为新的版本. 然后, 又会以新的版本为基础, 标记为 current, 继续更新软件包, 当下一次足够的 stable, 新的版本就会再次出来了, 往复为之.
slackware 11 从8月到现在还没有出来, 是因为 Pat 认为现在的包还没有足够的 stable, 还需要用户的测试反馈. 只有当没有问题时, slackware 11 才会出来的.
详细情况说明见光盘上的 CURRENT.WARNING

sxzzsf

因此保持与当前current 包同步,当 Pat 宣布 slackware 11 出来了,你的系统也就是 11 的了

推荐一个镜像
http://mirrors.easynews.com/linux/slackware/
长宽比较的快 更新也比较及时

dogking

有教育网的源吗？

sxzzsf

Fri Sep 29 23:41:35 CDT 2006
l/libgpod-0.4.0-i486-1.tgz: Upgraded to libgpod-0.4.0. Thanks to Shilo Bacca.
l/pango-1.12.4-i486-1.tgz: Fixed bogus empty GPOS table warning and other
       minor bugs.
extra/linux-smp-2.6.17.13/kernel-generic-smp-2.6.17.13-i686-2.tgz:
       Rebuilt SMP kernels setting -smp in CONFIG_LOCALVERSION, not EXTRAVERSION.
       Thanks to Tom B. for snapping me out of my old-skool ways.
extra/linux-smp-2.6.17.13/kernel-headers-smp-2.6.17.13-i386-2.tgz: Rebuilt.
extra/linux-smp-2.6.17.13/kernel-modules-smp-2.6.17.13-i486-2.tgz: Rebuilt.
testing/packages/iptables-1.3.6-i486-1.tgz: This one appeared too late to be
       considered for mainline (not enough test time), but it _should_ be stable.
testing/packages/wpa_supplicant-0.4.9-i486-1.tgz: Added wpa_supplicant-0.4.9.
       Thanks to Eric Hameleers for a good head-start on this one.