Slackwarearm-current ChangeLog (2018-04-01)
Sun Apr 01 08:08:08 UTC 2018
Packages
Rebuilt
- a/bash-4.4.019.000-arm-2.txz
Fixed builtins.1 and rbash.1 manpages to work properly with strict
implementations (such as mandoc). Thanks to orbea. - a/util-linux-2.32-arm-2.txz
Add jaztool, which had failed to build on ARM many years ago and hadn't been
re-tested until now. - d/flex-2.6.4-arm-2.txz
Fix flex compiled with recent glibc. Thanks to nobodino. - d/subversion-1.9.7-arm-3.txz
Recompiled for ruby-2.5.1. - kde/korundum-4.14.3-arm-3.txz
Recompiled for ruby-2.5.1. - kde/qtruby-4.14.3-arm-4.txz
Recompiled for ruby-2.5.1. - extra/recordmydesktop/recordmydesktop-0.3.8.1-arm-2.txz
Applied bitrate patches from Arch. Thanks to USUARIONUEVO.
Upgraded
- ap/cups-2.2.7-arm-1.txz
- ap/mariadb-10.2.14-arm-1.txz
- ap/nano-2.9.5-arm-1.txz
- d/cmake-3.11.0-arm-1.txz
- d/python3-3.6.5-arm-1.txz
Refactored difflib and poplib to fix potential DoS vectors.
Thanks to Jamie Davis for the patch.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
(* Security fix *) - d/ruby-2.5.1-arm-1.txz
This release includes some bug fixes and some security fixes:
HTTP response splitting in WEBrick.
Unintentional file and directory creation with directory traversal in
tempfile and tmpdir.
DoS by large request in WEBrick.
Buffer under-read in String#unpack.
Unintentional socket creation by poisoned NUL byte in UNIXServer
and UNIXSocket.
Unintentional directory traversal by poisoned NUL byte in Dir.
Multiple vulnerabilities in RubyGems.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
(* Security fix *)
Recompiled for ruby-2.5.1. - n/dhcpcd-7.0.2-arm-1.txz
- n/dovecot-2.3.1-arm-1.txz
- x/mesa-18.0.0-arm-1.txz
- xfce/xfce4-terminal-0.8.7.3-arm-1.txz