Slackwarearm-14.1 ChangeLog (2013-06-28)
Fri Jun 28 06:50:35 UTC 2013
Packages
Rebuilt
- a/procps-3.2.8-arm-4.tgz
Include header files. Thanks to mancha. - a/sysklogd-1.5-arm-5.tgz
On new installations, restrict the ability to read logs to members of the
root group. Thanks to Kees Theunissen. - ap/pm-utils-1.4.1-arm-4.tgz
Merged various patches. Thanks to Robby Workman.
Documentation fixes. Thanks to Fabio Sangiovanni.
Removed hooks that cause repeated commit=0 mount options with ext
filesystems after suspend/resume. Thanks to Marin Glibic.
In the 49bluetooth-generic hook, don't take action unless the kernel supports
rfkill, the rfkill binary is present, and rc.bluetooth is executable.
Thanks to Grifulkin and Darth Vader for the bug report. - l/aalib-1.4rc5-arm-4.tgz
Patched aalib.m4 to fix linking problems. Thanks to gmgf. - l/gnome-icon-theme-3.8.2-arm-2.tgz
Upgraded to gnome-icon-theme-symbolic-3.8.3. - l/qtscriptgenerator-0.2.0-arm-2.tgz
Packaged libqtscript_uitools. Thanks to Luigi Trovato. - xap/xine-ui-0.99.6-arm-2.tgz
isolinux/*: Rebuilt
Upgraded
- a/mkinitrd-1.4.8-arm-1.tgz
New busybox, changes to mdadm handling.
Thanks to Robby Workman.
Bugfix for new file command in mkinitrd_command_generator.sh.
Thanks to Eric Hameleers. - d/ruby-1.9.3_p448-arm-1.tgz
This update patches a vulnerability in Ruby's SSL client that could allow
man-in-the-middle attackers to spoof SSL servers via a valid certificate
issued by a trusted certification authority.
For more information, see:
http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
(* Security fix *) - l/pcre-8.33-arm-1.tgz
Add –enable-pcre16 and –enable-pcre32 options, needed to build Qt5 with
the system PCRE library. Thanks to Larry Hajali. - n/curl-7.31.0-arm-1.tgz
This fixes a minor security issue where a decode buffer boundary flaw in
libcurl could lead to heap corruption.
For more information, see:
http://curl.haxx.se/docs/adv_20130622.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
(* Security fix *)