Slackware64-current ChangeLog (2017-07-18)
Tue Jul 18 23:10:25 UTC 2017
Packages
Upgraded
- a/mkinitrd-1.4.11-x86_64-3.txz
Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80.
Handle rootflags in init script. Thanks to davjohn. - l/exiv2-0.26-x86_64-1.txz
Shared library .so-version bump. - l/expat-2.2.2-x86_64-1.txz
Fixes security issues including:
External entity infinite loop DoS
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
https://libexpat.github.io/doc/cve-2017-9233/
(* Security fix *) - l/gd-2.2.4-x86_64-1.txz
Linked against libwebp-0.6.0.
Fixes security issues:
gdImageCreate() doesn't check for oversized images and as such is prone to
DoS vulnerabilities. (CVE-2016-9317)
double-free in gdImageWebPtr() (CVE-2016-6912)
potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
Signed Integer Overflow gd_io.c (CVE-2016-10168)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
(* Security fix *)
Rebuilt
- kde/calligra-2.9.11-x86_64-12.txz
Linked against exiv2-0.26. - kde/gwenview-4.14.3-x86_64-3.txz
Linked against exiv2-0.26. - kde/kde-runtime-4.14.3-x86_64-5.txz
Linked against exiv2-0.26 and libwebp-0.6.0. - kde/kfilemetadata-4.14.3-x86_64-3.txz
Linked against exiv2-0.26. - kde/libkexiv2-4.14.3-x86_64-3.txz
Linked against exiv2-0.26. - kde/nepomuk-core-4.14.3-x86_64-3.txz
Linked against exiv2-0.26. - l/SDL2_image-2.0.1-x86_64-2.txz
Linked against libwebp-0.6.0. - l/ffmpeg-3.3.2-x86_64-2.txz
Linked against libwebp-0.6.0. - l/strigi-0.7.8-x86_64-3.txz
Linked against exiv2-0.26. - n/nfs-utils-1.3.4-x86_64-2.txz
Added /etc/default/nfs config file for setting additional options.
Thanks to shasta and Robby Workman. - n/openssh-7.5p1-x86_64-2.txz
Added /etc/default/sshd config file for setting additional options.
Thanks to shasta and Robby Workman. - n/rpcbind-0.2.4-x86_64-2.txz
Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing
a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe,
Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem
and helping to test a fix.
Added /etc/default/rpc config file (useful for setting static port
assignments). Thanks to shasta and Robby Workman. - n/yptools-2.14-x86_64-8.txz
Added /etc/default/yp config file for setting additional options.
Thanks to shasta and Robby Workman. - xap/geeqie-1.3-x86_64-2.txz
Linked against exiv2-0.26.
Added
- l/libwebp-0.6.0-x86_64-1.txz
Thanks to powtrix.