This is an old revision of the document!
Slackwarearm-14.1 ChangeLog (2013-10-18)
Fri Oct 18 21:17:38 UTC 2013
This is Slackware ARM 14.1 release candidate 1.
Packages
Upgraded
- l/libtiff-3.9.7-arm-1.tgz
Patched overflows, crashes, and out of bounds writes.
Thanks to mancha for the backported patches.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244
(* Security fix *) - n/gnupg-1.4.15-arm-1.tgz
Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
Protect against rogue keyservers sending secret keys.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
(* Security fix *) - n/gnupg2-2.0.22-arm-1.tgz
Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
Protect against rogue keyservers sending secret keys.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
(* Security fix *) - n/openvpn-2.3.2-arm-1.tgz
Added configure option –enable-password-save. Thanks to Mario. - xap/sane-1.0.24-arm-1.tgz
Upgraded to sane-backends-1.0.24.
Rebuilt
- a/cups-1.5.4-arm-2.tgz
Use a newer backport of the USB quirks patch. Thanks to mancha.
Blacklist the usblp module just in case. - a/pkgtools-14.1-noarch-2.tgz
Removed obsolete makebootdisk script.
Added an /sbin/makebootstick symlink for making a USB boot stick. - a/shadow-4.1.5.1-arm-2.tgz
Updated crypt() patch. Thanks to mancha. - a/sysvinit-scripts-2.0-noarch-15.tgz
Clean up stale cron directories in /var/spool/cron.
Create lock/run directories for LVM.
Thanks to GazL.
Mount cgroup controllers in subfolders.
Thanks to Matteo Bernardini. - ap/mc-4.8.10-arm-2.tgz
Upstream fix for crash when moving directories.
Upstream fix for command line directory handling. - ap/slackpkg-2.82.0-noarch-10.tgz
Verified and corrected the mirrors lists for x86 and x86_64.
Changed version numbers from 14.0 to 14.1 in preparation for the upcoming
Slackware 14.1 release.
Corrected a manpage bug in the file-search section. - n/ntp-4.2.6p5-arm-4.tgz
If the hardware clock is kept in localtime, save the time to the hardware
clock after starting ntpd. This prevents the kernel from saving the system
time to the hardware clock every 11 minutes, which would cause the hardware
clock to be off by the difference between localtime and UTC.
Thanks to tux_dude. - n/yptools-2.14-arm-2.tgz
Updated yp-tools crypt() patch. Thanks to mancha. - x/xorg-server-1.14.3-arm-2.tgz
Patched a use-after-free bug that can cause an X server crash or
memory corruption.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396
(* Security fix *)
Added
- l/gc-7.2d-arm-1.tgz
New dependency for guile. - l/libunistring-0.9.3-arm-1.tgz
New dependency for guile. - extra/tigervnc/tigervnc-1.1.0-arm-1.tgz
Thanks to alienBOB.
Removed
extra/openjdk/*
This package cannot be maintained on ARMv5 hardware (I don't know why this is,
but I always get a segfault building on ARMv5) and therefore it has to go.
I've moved the previous packages to the 'unsupported' directory. They're
currently out of date and contain many known security vulnerabilities. I may
update these in the future if there's demand.
ftp://ftp.arm.slackware.com/slackwarearm/unsupported/slackwarearm-current/packages/openjdk