Slackware64-current ChangeLog (2017-02-10)
Fri Feb 10 21:07:35 UTC 2017
Packages
Rebuilt
- ap/tmux-2.3-x86_64-2.txz
Recompiled against libevent-2.1.8. - n/links-2.14-x86_64-2.txz
Recompiled against libevent-2.1.8. - n/mutt-1.7.2-x86_64-2.txz
Recompiled with –enable-sidebar option. Thanks to Corrado Franco. - n/nftables-0.7-x86_64-2.txz
Recompiled against iptables-1.6.1. Added libxtables support. - n/ntp-4.2.8p9-x86_64-3.txz
Recompiled against libevent-2.1.8. - x/xf86-video-vmware-13.2.1-x86_64-2.txz
Recompiled against llvm-3.9.1. - xap/xine-lib-1.2.6-x86_64-10.txz
Recompiled against system ffmpeg-3.2.3.
Upgraded
- d/llvm-3.9.1-x86_64-1.txz
Shared library .so-version bump.
Added support for lldb and openmp to the package.
Thanks to Heinz Wiesinger. - l/libevent-2.1.8-x86_64-1.txz
Shared library .so-version bump. - l/libvpx-1.6.1-x86_64-1.txz
Shared library .so-version bump. - n/bind-9.11.0_P3-x86_64-1.txz
This update fixes a denial-of-service vulnerability. Under some conditions
when using both DNS64 and RPZ to rewrite query responses, query processing
can resume in an inconsistent state leading to either an INSIST assertion
failure or an attempt to read through a NULL pointer.
For more information, see:
https://kb.isc.org/article/AA-01453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135
(* Security fix *) - n/iptables-1.6.1-x86_64-1.txz
Shared library .so-version bump. - n/openssl-1.0.2k-x86_64-1.txz
This update fixes security issues:
Truncated packet could crash via OOB read (CVE-2017-3731)
BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
Montgomery multiplication may produce incorrect results (CVE-2016-7055)
For more information, see:
https://www.openssl.org/news/secadv/20170126.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
(* Security fix *) - n/php-5.6.30-x86_64-1.txz
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.30
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161
(* Security fix *) - n/tcpdump-4.9.0-x86_64-1.txz
Fixed bugs which allow an attacker to crash tcpdump (denial of service).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
(* Security fix *) - x/fontconfig-2.12.1-x86_64-1.txz
Thanks to Robby Workman. - xap/MPlayer-1.3_20170208-x86_64-1.txz
Upgraded to 1.3 branch, compiled against system ffmpeg-3.2.3.
Thanks to Heinz Wiesinger. - xap/mozilla-thunderbird-45.7.1-x86_64-1.txz
Fixed crash when viewing certain IMAP messages (introduced in 45.7.0)
Added
- l/ffmpeg-3.2.3-x86_64-1.txz
Thanks to Heinz Wiesinger. - l/libclc-20160921_520743b-x86_64-1.txz
This is needed by Mesa. - l/libedit-20160903_3.1-x86_64-1.txz
This is needed by lldb. - l/python-six-1.10.0-x86_64-1.txz
This is needed by lldb.
Removed
l/json-c-0.12-x86_64-1.txz
This had been a required dep for PulseAudio, but has become optional. Since
being added to Slackware, a few other packages had begun to use it
(NetworkManager, BIND), but it's not really critical there either so we're
removing it from the main tree. If you require json-c for something, it is
expected that SBo will be picking it up.