Slackware-13.0 ChangeLog (2009-04-26)
Sun Apr 26 15:11:57 CDT 2009
a/cups-1.3.10-i486-1.tgz:
Upgraded to cups-1.3.10.
This fixes several security issues, including an integer overflow in the TIFF
decoder, a failure to properly verify the Host HTTP header, and several
problems with PDF handling (the new CUPS uses a wrapper rather than embedded
code taken from xpdf). These issues could result in a denial of service or
the execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
(* Security fix *)
Packages
Patched to make the minimum height of
- a/dialog-1.1_20080819-i486-2.tgz
checkboxes and menuboxes 4. This fixes a bug where installer menus were
taller than they needed to be, and in some cases filled the screen
overwriting the information at the top.
Patched to fix failures when a valid
- a/pkgtools-12.34567890-noarch-4.tgz
package extension (.tgz, .tbz, .tlz, .txz) is embedded somewhere in the
directory path, or the package's name, version, or build number.
Thanks to Erik Jan Tromp.
Patched rc.M to remove files of the form
- a/sysvinit-scripts-1.2-noarch-29.tgz
{a,}quota.{group,user}.new from the top of filesystems that use quota. These
can be created if quota is interrupted by a reboot or power failure and cause
quotacheck at boot time to fail. Thanks to Erik Jan Tromp.
Upgraded to strace-4.5.18
- d/strace-4.5.18-i486-1.tgz
Removed
n/bitchx-1.1-i486-5.tgz
BitchX has several known security flaws for which there are no known
workarounds, and upstream progress seems to have stalled. Users should
switch to a supported IRC client such as irssi.
(* Security fix *)
n/metamail-2.7-i486-3.tgz: Updated patch and recompiled.
Moved fonts for mailto-hebrew to /usr/share/metamail/fonts/.
Upgraded to wpa_supplicant-0.6.9
- n/wpa_supplicant-0.6.9-i486-1.tgz
Upgraded to m17n-lib-1.5.4
- x/m17n-lib-1.5.4-i486-1.tgz
Upgraded to scim-1.4.9
- x/scim-1.4.9-i486-1.tgz
Upgraded to scim-bridge-0.4.16
- x/scim-bridge-0.4.16-i486-1.tgz
Added scim-input-pad-0.1.2
- x/scim-input-pad-0.1.2-i486-1.tgz
Upgraded to scim-m17n-0.2.3
- x/scim-m17n-0.2.3-i486-1.tgz
Upgraded to scim-tables-0.5.9
- x/scim-tables-0.5.9-i486-1.tgz
Upgraded to wqy-zenhei-0.8.38-1
- x/wqy-zenhei-font-ttf-0.8.38_1-noarch-1.tgz
Upgraded to Xaw3d-1.5E
- x/xaw3d-1.5E-i486-1.tgz
Upgraded to xfractint-20.04p09
- xap/xfractint-20.04p09-i486-1.tgz
isolinux/initrd.img: Regenerated modules.dep to reflect the compressed kernel
modules. Thanks to Piter Punk and Eric Hameleers.
When formatting an ext3 partition, don't use '-j' (using mkfs.ext3 already
takes care of that).
Use the patched dialog to fix the formatting of the installer menus.
testing/packages/bash-4.0.017-i486-1.tgz: Updated with upstream patches.
usb-and-pxe-installers/usbboot.img: Same fixes as initrd.img.