Slackwarearm-current ChangeLog (2017-10-09)
Mon Oct 09 08:08:08 UTC 2017
The mini root filesystem for -current has been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/
Packages
Upgraded
- a/btrfs-progs-4.13.2-arm-1.txz
- ap/cups-filters-1.17.9-arm-1.txz
- ap/ghostscript-9.22-arm-1.txz
- ap/vim-8.0.1175-arm-1.txz
Compiled using libperl.so from perl-5.26.1. - d/cmake-3.9.4-arm-1.txz
- d/perl-5.26.1-arm-1.txz
Added the following perl modules to support git send-email (thanks to
Xsane): Authen-SASL-2.16, MIME-Base64-3.15, and Net-SMTP-SSL-1.04.
Replaced Net-SMTP-SSL-1.04 (deprecated upstream) with libnet-3.10.
Thanks to Matteo Bernardini.
Don't install a perllocal.pod with information on the vendor_perl bundled
modules (that file is for local additions) – ship the file as
vendor_perl.pod instead. Thanks to Robby Workman. - d/python3-3.6.3-arm-1.txz
- l/gtk+3-3.22.24-arm-1.txz
- l/imagemagick-6.9.9_18-arm-1.txz
- l/libmtp-1.1.14-arm-1.txz
- l/librsvg-2.40.19-arm-1.txz
- l/libxml2-2.9.6-arm-1.txz
- l/libxslt-1.1.31-arm-1.txz
- l/openjpeg-2.3.0-arm-1.txz
This update fixes security issues which may lead to a denial of service
or possibly remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14152
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14164
(* Security fix *) - l/vte-0.50.1-arm-1.txz
- n/curl-7.56.0-arm-1.txz
This update fixes a security issue:
libcurl may read outside of a heap allocated buffer when doing FTP.
For more information, see:
https://curl.haxx.se/docs/adv_20171004.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
(* Security fix *) - n/p11-kit-0.23.9-arm-1.txz
- x/libinput-1.8.3-arm-1.txz
- x/xorg-server-1.19.4-arm-1.txz
This update fixes two security issues:
Xext/shm: Validate shmseg resource id, otherwise it can belong to a
non-existing client and abort X server with FatalError “client not
in use”, or overwrite existing segment of another existing client.
Generating strings for XKB data used a single shared static buffer,
which offered several opportunities for errors. Use a ring of
resizable buffers instead, to avoid problems when strings end up
longer than anticipated.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
(* Security fix *) - x/xorg-server-xephyr-1.19.4-arm-1.txz
- x/xorg-server-xnest-1.19.4-arm-1.txz
- x/xorg-server-xvfb-1.19.4-arm-1.txz
- xap/mozilla-thunderbird-52.4.0-arm-1.txz
- xap/vim-gvim-8.0.1175-arm-1.txz
Compiled using libperl.so from perl-5.26.1.
Rebuilt
- ap/texinfo-6.5-arm-2.txz
Rebuilt for perl-5.26.1. - kde/perlkde-4.14.3-arm-3.txz
Recompiled using libperl.so from perl-5.26.1. - kde/perlqt-4.14.3-arm-3.txz
Recompiled using libperl.so from perl-5.26.1. - n/epic5-2.0.1-arm-2.txz
Recompiled using libperl.so from perl-5.26.1. - n/irssi-1.0.4-arm-2.txz
Recompiled using libperl.so from perl-5.26.1. - n/net-snmp-5.7.3-arm-4.txz
Recompiled using libperl.so from perl-5.26.1. - n/ntp-4.2.8p10-arm-2.txz
Recompiled using libperl.so from perl-5.26.1. - x/xf86-video-armsoc-1.4.1-arm-8.txz
- x/xf86-video-fbdev-110.e0bce0d-arm-6.txz
- x/xf86-video-fbturbo-199.f9a6ed7-arm-9.txz
- x/xf86-video-opentegra-0.7.0-arm-8.txz
- xap/hexchat-2.12.4-arm-2.txz
Recompiled using libperl.so from perl-5.26.1.
Built with –enable-python=python3. - xap/pidgin-2.12.0-arm-2.txz
Recompiled using libperl.so from perl-5.26.1.