Slackware64-14.2 ChangeLog (2016-02-23)
Tue Feb 23 19:31:59 UTC 2016
Packages
Upgraded
- a/glibc-solibs-2.23-x86_64-1.txz
- a/kernel-generic-4.4.2-x86_64-1.txz
- a/kernel-huge-4.4.2-x86_64-1.txz
- a/kernel-modules-4.4.2-x86_64-1.txz
- d/kernel-headers-4.4.2-x86-1.txz
- k/kernel-source-4.4.2-noarch-1.txz
Key .config changes for this kernel update:
CHECKPOINT_RESTORE n → y
DEBUG_KERNEL n → y
EXPERT n → y
NR_CPUS 128 → 256
KALLSYMS_ALL y
LIVEPATCH y - l/glibc-2.23-x86_64-1.txz
This update contains security fixes and improvements.
Of the security fixes, the most important and well-publicized is the
stack-based buffer overflow in libresolv that could allow specially
crafted DNS responses to seize control of execution flow in the DNS
client (CVE-2015-7547). However, due to a patch applied to Slackware's
glibc back in 2009 (don't use the gethostbyname4() lookup method as it
was causing some cheap routers to misbehave), we were not vulnerable to
that issue. The rest of the fixed security issues are less critical.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547
(* Security fix *) - l/glibc-i18n-2.23-x86_64-1.txz
- l/glibc-profile-2.23-x86_64-1.txz
- l/libproxy-0.4.12-x86_64-1.txz
- n/bind-9.10.3_P3-x86_64-1.txz
This release fixes two possible denial-of-service issues:
render_ecs errors were mishandled when printing out a OPT record resulting
in a assertion failure. (CVE-2015-8705) [RT #41397]
Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
(* Security fix *) - n/libgcrypt-1.6.5-x86_64-1.txz
Mitigate side-channel attack on ECDH with Weierstrass curves.
For more information, see:
http://www.cs.tau.ac.IL/~tromer/ecdh/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511
(* Security fix *) - n/nmap-7.01-x86_64-1.txz
- n/ntp-4.2.8p6-x86_64-1.txz
In addition to bug fixes and enhancements, this release fixes
several low and medium severity vulnerabilities.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
(* Security fix *) - x/xf86-video-amdgpu-1.0.1-x86_64-1.txz
- extra/tigervnc/tigervnc-1.6.0-x86_64-1.txz
- kernels/*
Rebuilt
- a/procps-ng-3.3.10-x86_64-5.txz
Restored FROM field in w. Thanks to Stuart Winter. - ap/cups-2.1.3-x86_64-2.txz
Corrected CXXFLAGS to fix build for older CPUs. Thanks to ecd102. - ap/mc-4.8.15-x86_64-2.txz
Patched to fix displaying man pages. Thanks to DarkVision. - l/GConf-3.2.6-x86_64-3.txz
Patched “GConf-WARNING **: Client failed to connect to the D-BUS daemon:”
and added a couple other patches from git. Thanks to Robby Workman. - l/alsa-lib-1.1.0-x86_64-3.txz
Changed the default /etc/asound.conf.new to use a different configuration
for PulseAudio that is less likely to cause issues than the previous one,
especially on machines where the analog output is not recognized as card 0
by the BIOS. Thanks to Ryan P.C. McQuen who went above and beyond on this
bug report by convincing upstream to recommend this on their website in
order to convince me to make the change. - xap/blueman-2.0.3-x86_64-2.txz
Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than
#!/usr/bin/env python.
For details, see: https://github.com/blueman-project/blueman/issues/435
Thanks to zakame and Robby Workman. - isolinux/initrd.img
- usb-and-pxe-installers/usbboot.img