Slackware64-current ChangeLog (2017-01-12)
Thu Jan 12 21:07:23 UTC 2017
Packages
Upgraded
- l/poppler-0.50.0-x86_64-1.txz
Shared library .so-version bump.
Rebuilt
- ap/nano-2.7.4-x86_64-2.txz
Fixed /etc/nanorc.new. Thanks to SeB.
Thu Jan 12 01:15:52 UTC 2017
Packages
Rebuilt
- a/aaa_elflibs-14.2-x86_64-27.txz
Upgraded libcap.so.2.25, liblzma.so.5.2.3, and libz.so.1.2.10. - ap/ghostscript-9.20-x86_64-2.txz
Restored /usr/bin/ijs-config. - xap/MPlayer-1.2_20160125-x86_64-4.txz
Upgraded to ffmpeg-2.8.10. - xap/xine-lib-1.2.6-x86_64-9.txz
Upgraded to ffmpeg-2.8.10. - extra/brltty/brltty-5.4-x86_64-2.txz
Patched /lib/udev/rules.d/40-usb-brltty.rules to fix a syntax error.
Thanks to Willy Sudiarto Raharjo.
Upgraded
- a/grub-2.02~beta3-x86_64-1.txz
Thanks to Heinz Wiesinger.
Thanks to ReaperX7 for the updated dejavusansmono patch. - d/perl-5.24.0-x86_64-1.txz
Also upgraded to DBD-mysql-4.041 and TermReadKey-2.37. - l/boost-1.63.0-x86_64-1.txz
Shared library .so-version bump. - l/hunspell-1.6.0-x86_64-1.txz
Shared library .so-version bump. - n/bind-9.11.0_P2-x86_64-1.txz
This update fixes a denial-of-service vulnerability. An error in handling
certain queries can cause an assertion failure when a server is using the
nxdomain-redirect feature to cover a zone for which it is also providing
authoritative service. A vulnerable server could be intentionally stopped
by an attacker if it was using a configuration that met the criteria for
the vulnerability and if the attacker could cause it to accept a query
that possessed the required attributes.
Please note: This vulnerability affects the “nxdomain-redirect” feature,
which is one of two methods of handling NXDOMAIN redirection, and is only
available in certain versions of BIND. Redirection using zones of type
“redirect” is not affected by this vulnerability.
For more information, see:
https://kb.isc.org/article/AA-01442
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9778
(* Security fix *) - n/gnutls-3.5.8-x86_64-1.txz
This update fixes some bugs and security issues.
For more information, see:
https://gnutls.org/security.html#GNUTLS-SA-2017-1
https://gnutls.org/security.html#GNUTLS-SA-2017-2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5334
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5335
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5336
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5337
(* Security fix *) - n/irssi-0.8.21-x86_64-1.txz
Fixed security issues that may result in a denial of service.
For more information, see:
https://irssi.org/security/irssi_sa_2017_01.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5196
(* Security fix *) - xap/imagemagick-6.9.7_3-x86_64-1.txz
Shared library .so-version bump.