Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-current ChangeLog (2020-05-24) ====== ====== Sun May 24 08:08:08 UTC 2020 ====== > \\ Hello! With this update, PAM has been merged into the main tree. \\ When updating, be sure to install the new pam, cracklib, and \\ libpwquality packages or you may find yourself locked out of your machine. \\ Otherwise, these changes should be completely transparent and you shouldn't \\ notice any obvious operational differences. Be careful if you make any changes \\ in /etc/pam.d/ - leaving an extra console logged in while testing PAM config \\ changes is a recommended standard procedure. Thanks again to Robby Workman, \\ Vincent Batts, Phantom X, and ivandi for help implementing this. \\ It's expected that there will be some more fine-tuning of the config files, but \\ for now it's good to go! \\ ===== Packages ===== ==== Added ==== * [[slackwarearm.current>a/cracklib-2.9.7-arm-1.txz]] * [[slackwarearm.current>a/libpwquality-1.4.2-arm-1.txz]] * [[slackwarearm.current>a/pam-1.3.1-arm-1.txz]] * [[slackwarearm.current>n/nss-pam-ldapd-0.9.11-arm-1.txz]] * [[slackwarearm.current>n/pam-krb5-4.9-arm-1.txz]] * [[slackwarearm.current>x/xisxwayland-1-arm-1.txz]] ==== Upgraded ==== * [[slackwarearm.current>a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz]] * [[slackwarearm.current>a/utempter-1.2.0-arm-1.txz]] * [[slackwarearm.current>a/util-linux-2.35.2-arm-1.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/soma-3.3.0-noarch-1.txz]] \\ Thanks to David Woodfall. * [[slackwarearm.current>ap/vim-8.2.0788-arm-1.txz]] * [[slackwarearm.current>d/Cython-0.29.19-arm-1.txz]] * [[slackwarearm.current>d/bison-3.6.2-arm-1.txz]] * [[slackwarearm.current>d/meson-0.54.2-arm-1.txz]] * [[slackwarearm.current>d/python-pip-20.1.1-arm-1.txz]] * [[slackwarearm.current>d/python-setuptools-46.4.0-arm-1.txz]] * [[slackwarearm.current>d/vala-0.48.6-arm-1.txz]] * [[slackwarearm.current>l/ffmpeg-4.2.3-arm-1.txz]] * [[slackwarearm.current>l/glib2-2.64.3-arm-1.txz]] * [[slackwarearm.current>l/icu4c-67.1-arm-1.txz]] \\ Shared library .so-version bump. * [[slackwarearm.current>l/imagemagick-7.0.10_13-arm-1.txz]] * [[slackwarearm.current>l/iso-codes-4.5.0-arm-1.txz]] * [[slackwarearm.current>l/libarchive-3.4.3-arm-1.txz]] * [[slackwarearm.current>l/libexif-0.6.22-arm-1.txz]] \\ This update fixes bugs and security issues: \\ CVE-2018-20030: Fix for recursion DoS \\ CVE-2020-13114: Time consumption DoS when parsing canon array markers \\ CVE-2020-13113: Potential use of uninitialized memory \\ CVE-2020-13112: Various buffer overread fixes due to integer overflows \\ in maker notes \\ CVE-2020-0093: read overflow \\ CVE-2019-9278: replaced integer overflow checks the compiler could \\ optimize away by safer constructs \\ CVE-2020-12767: fixed division by zero \\ CVE-2016-6328: fixed integer overflow when parsing maker notes \\ CVE-2017-7544: fixed buffer overread \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544 \\ (* Security fix *) * [[slackwarearm.current>l/libuv-1.38.0-arm-1.txz]] * [[slackwarearm.current>l/mozilla-nss-3.52.1-arm-1.txz]] * [[slackwarearm.current>l/python-packaging-20.4-arm-1.txz]] * [[slackwarearm.current>l/python-six-1.15.0-arm-1.txz]] * [[slackwarearm.current>l/v4l-utils-1.20.0-arm-1.txz]] * [[slackwarearm.current>l/zstd-1.4.5-arm-1.txz]] * [[slackwarearm.current>n/bind-9.16.3-arm-1.txz]] \\ This update fixes a security issue: \\ A malicious actor who intentionally exploits the lack of effective \\ limitation on the number of fetches performed when processing referrals \\ can, through the use of specially crafted referrals, cause a recursing \\ server to issue a very large number of fetches in an attempt to process \\ the referral. This has at least two potential effects: The performance of \\ the recursing server can potentially be degraded by the additional work \\ required to perform these fetches, and the attacker can exploit this \\ behavior to use the recursing server as a reflector in a reflection attack \\ with a high amplification factor. \\ For more information, see: \\ https://kb.isc.org/docs/cve-2020-8616 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616 \\ (* Security fix *) * [[slackwarearm.current>n/dovecot-2.3.10.1-arm-1.txz]] \\ Rebuilt to add PAM support. \\ Compiled against icu4c-67.1. \\ This update fixes several denial-of-service vulnerabilities. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967 \\ (* Security fix *) * [[slackwarearm.current>n/mutt-1.14.1-arm-1.txz]] * [[slackwarearm.current>n/postfix-3.5.2-arm-1.txz]] \\ Compiled against icu4c-67.1. * [[slackwarearm.current>n/samba-4.12.3-arm-1.txz]] \\ Rebuilt to add PAM support. \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>x/fontconfig-2.13.92-arm-1.txz]] * [[slackwarearm.current>x/vulkan-sdk-1.2.135.0-arm-1.txz]] * [[slackwarearm.current>x/xf86-input-libinput-0.30.0-arm-1.txz]] * [[slackwarearm.current>xap/mozilla-thunderbird-68.8.1-arm-1.txz]] \\ This is a bugfix release. \\ For more information, see: \\ https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/ * [[slackwarearm.current>xap/sane-1.0.30-arm-1.txz]] \\ This update fixes several security issues. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864 \\ (* Security fix *) * [[slackwarearm.current>xap/vim-gvim-8.2.0788-arm-1.txz]] ==== Rebuilt ==== * [[slackwarearm.current>a/libcgroup-0.41-arm-7.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>a/shadow-4.8.1-arm-8.txz]] \\ Rebuilt to add PAM support. \\ It seems that /etc/suauth is not supported when PAM is in use, so \\ the man pages for it have been removed. \\ Use 'sudo' as a replacement. * [[slackwarearm.current>a/xfsprogs-5.6.0-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>ap/at-3.2.1-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/cups-2.3.3-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/hplip-3.20.5-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/mariadb-10.4.13-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/screen-4.8.0-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>ap/sqlite-3.31.1-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>ap/sudo-1.9.0-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>kde/calligra-2.9.11-arm-35.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>kde/kde-workspace-4.11.22-arm-7.txz]] \\ Rebuilt to add PAM support. \\ Added /etc/pam.d/kde-np to fix KDM autologin. \\ Thanks to USUARIONUEVO for the bug report. \\ kde-np: by default, do not restrict passwordless login for UIDs below 1000, \\ but keep the option to do so in the file commented out. * [[slackwarearm.current>l/ConsoleKit2-1.2.1-arm-4.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>l/boost-1.73.0-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/gnome-keyring-3.36.0-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>l/harfbuzz-2.6.6-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/libcap-2.34-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>l/libical-3.0.8-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/libvisio-0.1.7-arm-3.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/oniguruma-6.9.5_rev1-arm-2.txz]] \\ Rebuilt with --enable-posix-api. Thanks to MisterL. * [[slackwarearm.current>l/polkit-0.116-arm-3.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>l/qt-4.8.7-arm-10.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/qt5-5.13.2-arm-3.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/qt5-webkit-5.212.0_alpha4-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/raptor2-2.0.15-arm-8.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>l/system-config-printer-1.5.12-arm-4.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>l/vte-0.60.2-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>n/cifs-utils-6.10-arm-4.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/cyrus-sasl-2.1.27-arm-5.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/netatalk-3.1.12-arm-3.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/netkit-rsh-0.17-arm-4.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/openssh-8.2p1-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/openvpn-2.4.9-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/php-7.4.6-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>n/popa3d-1.0.3-arm-5.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/ppp-2.4.8-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/proftpd-1.3.6c-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>n/tin-2.4.4-arm-2.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>n/vsftpd-3.0.3-arm-5.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>t/texlive-2019.190626-arm-5.txz]] \\ Recompiled against icu4c-67.1. * [[slackwarearm.current>x/xdm-1.1.11-arm-4.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>xap/xlockmore-5.63-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>xap/xscreensaver-5.44-arm-2.txz]] \\ Rebuilt to add PAM support. * [[slackwarearm.current>extra/brltty/brltty-6.1-arm-2.txz]] \\ Recompiled against icu4c-67.1. {{tag>slackware changelog slackwarearm-current 2020/05}} news/2020/05/24/slackwarearm-current-changelog.txt Last modified: 4 years agoby Giuseppe Di Terlizzi Log In