Slackwarearm-current ChangeLog (2021-05-27)
Thu May 27 08:08:08 UTC 2021
Packages
Upgraded
- a/btrfs-progs-5.12.1-arm-1.txz
- a/dialog-1.3_20210509-arm-1.txz
- a/exfatprogs-1.1.2-arm-1.txz
- a/kmod-29-arm-1.txz
- a/logrotate-3.18.1-arm-1.txz
- a/xfsprogs-5.12.0-arm-1.txz
- ap/slackpkg-15.0.3-noarch-1.txz
Fixed 'continue' error message. Thanks to dive. - ap/vim-8.2.2876-arm-1.txz
Compiled against perl-5.34.0.
Compiled against perl-5.34.0. - d/parallel-20210522-noarch-1.txz
- d/perl-5.34.0-arm-1.txz
- d/python-pip-21.1.2-arm-1.txz
- d/python-setuptools-57.0.0-arm-1.txz
- d/sassc-3.6.2-arm-1.txz
- l/elfutils-0.185-arm-1.txz
- l/expat-2.4.1-arm-1.txz
This update provides new mitigations against the “billion laughs” denial
of service attack.
For more information, see:
https://github.com/libexpat/libexpat/blob/R_2_4_1/expat/Changes
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0340
(* Security fix *) - l/imagemagick-7.0.11_13-arm-1.txz
Built against perl-5.34.0. - l/libcap-2.50-arm-1.txz
- l/libidn-1.37-arm-1.txz
- l/libqalculate-3.19.0-arm-1.txz
- l/libsass-3.6.5-arm-1.txz
- l/libsigc++-2.10.7-arm-1.txz
- l/libsigc++3-3.0.7-arm-1.txz
- l/libusb-compat-0.1.7-arm-1.txz
- l/libxml2-2.9.12-arm-1.txz
This update fixes a denial-of-service security issue.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541
(* Security fix *) - l/mozilla-nss-3.65-arm-1.txz
- l/netpbm-10.94.04-arm-1.txz
- l/pango-1.48.5-arm-1.txz
- l/pipewire-0.3.28-arm-1.txz
Config files are now installed in the data dir, system overrides
in /etc/pipewire and $HOME are checked first. - l/zstd-1.5.0-arm-1.txz
- n/bind-9.16.16-arm-1.txz
- n/getmail-6.16-arm-1.txz
- n/gnutls-3.6.16-arm-1.txz
Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle.
In GnuTLS, as long as it is built and linked against the fixed version of
Nettle, this only affects GOST curves. [CVE-2021-20305]
Fixed potential use-after-free in sending “key_share” and “pre_shared_key”
extensions. When sending those extensions, the client may dereference a
pointer no longer valid after realloc. This happens only when the client
sends a large Client Hello message, e.g., when HRR is sent in a resumed
session previously negotiated large FFDHE parameters, because the initial
allocation of the buffer is large enough without having to call realloc
(#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305
(* Security fix *) - n/libndp-1.8-arm-1.txz
- n/libnftnl-1.2.0-arm-1.txz
- n/libqmi-1.28.4-arm-1.txz
- n/links-2.23-arm-1.txz
- x/libX11-1.7.1-arm-1.txz
This update fixes missing request length checks in libX11 that can lead to
the emission of extra X protocol requests to the X server.
For more information, see:
https://lists.x.org/archives/xorg-announce/2021-May/003088.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31535
(* Security fix *) - x/libdrm-2.4.106-arm-1.txz
- x/libepoxy-1.5.8-arm-1.txz
- x/mesa-21.1.1-arm-1.txz
- xap/rxvt-unicode-9.26-arm-1.txz
Recompiled against perl-5.34.0. - xap/vim-gvim-8.2.2876-arm-1.txz
Compiled against perl-5.34.0. - xfce/xfce4-screenshooter-1.9.9-arm-1.txz
- extra/fltk/fltk-1.3.6-arm-1.txz
Rebuilt
- ap/lxc-2.0.11_fad08f383-arm-7.txz
Add some additional required packages, run ldconfig inside the rootfs,
update the slackpkg.conf, and account for changed hostname handling.
Thanks to PiterPunk. - ap/texinfo-6.7-arm-4.txz
Recompiled against perl-5.34.0. - d/subversion-1.14.1-arm-3.txz
Recompiled against perl-5.34.0. - n/epic5-2.1.4-arm-2.txz
Recompiled against perl-5.34.0. - n/httpd-2.4.46-arm-2.txz
Fixed size syntax in logrotate config file. Thanks to ecd102. - n/irssi-1.2.3-arm-2.txz
Recompiled against perl-5.34.0. - n/net-snmp-5.9-arm-5.txz
Recompiled against perl-5.34.0. - n/ntp-4.2.8p15-arm-7.txz
Recompiled against perl-5.34.0. - n/openldap-2.4.58-arm-2.txz
Recompiled against perl-5.34.0. - xap/hexchat-2.14.3-arm-7.txz
Recompiled against perl-5.34.0.