Slackwarearm-current ChangeLog (2017-07-21)
Fri Jul 21 08:08:08 UTC 2017
Packages
Upgraded
- a/kernel-modules-armv7-4.11.11_armv7-arm-1.txz
- a/kernel_armv7-4.11.11-arm-1.txz
- a/openssl-solibs-1.0.2l-arm-1.txz
- a/util-linux-2.30.1-arm-1.txz
- ap/gutenprint-5.2.13-arm-1.txz
- d/cmake-3.9.0-arm-1.txz
- d/kernel-headers-4.11.11-arm-1.txz
- k/kernel-source-4.11.11-arm-1.txz
- kde/kdelibs-4.14.34-arm-1.txz
- l/exiv2-0.26-arm-1.txz
Shared library .so-version bump. - l/expat-2.2.2-arm-1.txz
Fixes security issues including:
External entity infinite loop DoS
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
https://libexpat.github.io/doc/cve-2017-9233/
(* Security fix *) - l/gd-2.2.4-arm-1.txz
Linked against libwebp-0.6.0.
Fixes security issues:
gdImageCreate() doesn't check for oversized images and as such is prone to
DoS vulnerabilities. (CVE-2016-9317)
double-free in gdImageWebPtr() (CVE-2016-6912)
potential unsigned underflow in gd_interpolation.c (CVE-2016-10166)
DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
Signed Integer Overflow gd_io.c (CVE-2016-10168)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
(* Security fix *) - l/gdk-pixbuf2-2.36.7-arm-1.txz
- l/gtk+3-3.22.17-arm-1.txz
- l/harfbuzz-1.4.7-arm-1.txz
- l/imagemagick-6.9.9_0-arm-1.txz
Linked against libwebp-0.6.0.
Shared library .so-version bump. - l/lcms2-2.8-arm-1.txz
- l/libpng-1.6.30-arm-1.txz
- l/librsvg-2.40.18-arm-1.txz
- l/orc-0.4.27-arm-1.txz
- l/pango-1.40.7-arm-1.txz
- n/bluez-5.46-arm-1.txz
- n/libgcrypt-1.8.0-arm-1.txz
- n/libtirpc-1.0.2-arm-1.txz
- n/openssl-1.0.2l-arm-1.txz
- n/stunnel-5.42-arm-1.txz
- x/libinput-1.8.1-arm-1.txz
- xap/xlockmore-5.54-arm-1.txz
Linked against imagemagick-6.9.9-0. - xfce/xfce4-terminal-0.8.6-arm-1.txz
- kernels/*
Rebuilt
- a/mkinitrd-1.4.11-arm-4.txz
Support btrfs and ocfs2 volume ids in busybox. Thanks to bam80.
Handle rootflags in init script. Thanks to davjohn. - e/emacs-25.2-arm-2.txz
Linked against imagemagick-6.9.9-0. - kde/calligra-2.9.11-arm-10.txz
Linked against exiv2-0.26. - kde/gwenview-4.14.3-arm-3.txz
Linked against exiv2-0.26. - kde/kfilemetadata-4.14.3-arm-2.txz
Linked against exiv2-0.26. - kde/libkexiv2-4.14.3-arm-2.txz
Linked against exiv2-0.26. - kde/nepomuk-core-4.14.3-arm-2.txz
Linked against exiv2-0.26. - l/SDL2_image-2.0.1-arm-2.txz
Linked against libwebp-0.6.0. - l/ffmpeg-3.3.2-arm-2.txz
Linked against libwebp-0.6.0. - l/strigi-0.7.8-arm-2.txz
Linked against exiv2-0.26. - l/virtuoso-ose-6.1.8-arm-4.txz
Linked against imagemagick-6.9.9-0. - n/nfs-utils-1.3.4-arm-2.txz
Added /etc/default/nfs config file for setting additional options.
Thanks to shasta and Robby Workman. - n/openssh-7.5p1-arm-2.txz
Added /etc/default/sshd config file for setting additional options.
Thanks to shasta and Robby Workman. - n/rpcbind-0.2.4-arm-2.txz
Fixed a bug in a previous patch where a svc_freeargs() call ended up freeing
a static pointer causing rpcbind to crash. Thanks to Jonathan Woithe,
Rafael Jorge Csura Szendrodi, and Robby Workman for identifying the problem
and helping to test a fix.
Added /etc/default/rpc config file (useful for setting static port
assignments). Thanks to shasta and Robby Workman. - n/yptools-2.14-arm-2.txz
Added /etc/default/yp config file for setting additional options.
Thanks to shasta and Robby Workman. - xap/geeqie-1.3-arm-2.txz
Linked against exiv2-0.26. - xap/xine-lib-1.2.8-arm-2.txz
Linked against imagemagick-6.9.9-0. - isolinux/*
Added
- l/libwebp-0.6.0-arm-1.txz
Thanks to powtrix.