Slackwarearm-current ChangeLog (2021-09-29)

Wed Sep 29 08:08:08 UTC 2021

  • a/coreutils-9.0-arm-1.txz
    DIR_COLORS: Support .tzst, .zst, .flv, and .m2t extensions.
    Thanks to regdub.
    Support .webm and .webp extensions. Thanks to madridsecreto.
    Thanks to GazL for helping the traditional (for us, anyway) ls quoting
    style.
    Applied upstream patch:
    [PATCH] chmod: fix exit status when ignoring symlinks
  • a/kernel-modules-armv7-5.14.8_armv7-arm-1.txz
  • a/kernel_armv7-5.14.8-arm-1.txz
  • ap/ghostscript-9.55.0-arm-1.txz
  • ap/i2c-tools-4.3-arm-1.txz
    Thanks to Exaga for the reminder.
  • ap/itstool-2.0.7-arm-1.txz
  • ap/vim-8.2.3458-arm-1.txz
  • d/bison-3.8.2-arm-1.txz
  • d/kernel-headers-5.14.8-arm-1.txz
  • d/meson-0.59.1-arm-1.txz
  • d/vala-0.54.1-arm-1.txz
  • k/kernel-source-5.14.8-arm-1.txz
  • l/at-spi2-core-2.42.0-arm-1.txz
  • l/fribidi-1.0.11-arm-1.txz
  • l/gexiv2-0.14.0-arm-1.txz
  • l/gjs-1.70.0-arm-1.txz
  • l/glib-networking-2.70.0-arm-1.txz
  • l/glib2-2.70.0-arm-1.txz
  • l/gobject-introspection-1.70.0-arm-1.txz
  • l/gtk4-4.4.0-arm-1.txz
  • l/harfbuzz-3.0.0-arm-1.txz
  • l/libcap-2.59-arm-1.txz
  • l/libmtp-1.1.19-arm-1.txz
  • l/librsvg-2.52.0-arm-1.txz
  • l/libsoup-2.74.0-arm-1.txz
  • l/libssh2-1.10.0-arm-1.txz
  • l/pygobject3-3.42.0-arm-1.txz
  • n/ModemManager-1.18.2-arm-1.txz
  • n/NetworkManager-1.32.12-arm-1.txz
  • n/ca-certificates-20210924-noarch-1.txz
    Removed DST_Root_CA_X3.crt.
  • n/cifs-utils-6.14-arm-1.txz
  • n/getmail-6.18.4-arm-1.txz
  • n/lynx-2.9.0dev.9-arm-1.txz
    Based on testing here, this seems stable enough to include. Please let me
    know if there are any new problems.
    lynx.cfg: Add ASSUME_CHARSET:utf-8. Thanks to usr345.
    Removed CHANGES.orig. Thanks to ctrlaltca.
  • n/openssh-8.8p1-arm-1.txz
    Please note “Potentially-incompatible changes” from the release notes:
    This release disables RSA signatures using the SHA-1 hash algorithm
    by default. This change has been made as the SHA-1 hash algorithm is
    cryptographically broken, and it is possible to create chosen-prefix
    hash collisions for <USD$50K [1]
    For most users, this change should be invisible and there is
    no need to replace ssh-rsa keys. OpenSSH has supported RFC8332
    RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys
    will automatically use the stronger algorithm where possible.
    Incompatibility is more likely when connecting to older SSH
    implementations that have not been upgraded or have not closely tracked
    improvements in the SSH protocol. For these cases, it may be necessary
    to selectively re-enable RSA/SHA1 to allow connection and/or user
    authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
    options. For example, the following stanza in ~/.ssh/config will enable
    RSA/SHA1 for host and user authentication for a single destination host:
    Host old-host
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa
    We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
    implementations can be upgraded or reconfigured with another key type
    (such as ECDSA or Ed25519).
    [1] “SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
    Application to the PGP Web of Trust” Leurent, G and Peyrin, T
    (2020) https://eprint.iacr.org/2020/014.pdf
  • n/php-7.4.24-arm-1.txz
    This update fixes bugs and a security issue:
    Zip: ZipArchive::extractTo extracts outside of destination.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21706
    (* Security fix *)
  • n/pinentry-1.2.0-arm-1.txz
  • n/tin-2.6.0-arm-1.txz
  • x/libinput-1.19.1-arm-1.txz
  • xap/vim-gvim-8.2.3458-arm-1.txz
  • xap/x3270-4.0ga14-arm-1.txz
  • extra/php8/php8-8.0.11-arm-1.txz
    This update fixes bugs and a security issue:
    Zip: ZipArchive::extractTo extracts outside of destination.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21706
    (* Security fix *)
  • kernels/*
  • a/elvis-2.2_0-arm-6.txz
    Removed elvis.clr.orig. Thanks to ctrlaltca.
  • d/subversion-1.14.1-arm-4.txz
    Added compile options –with-kwallet and –with-gnome-keyring (the latter was
    already used by default). Thanks to rsts and Windu.
  • kde/knewstuff-5.86.0-arm-2.txz
    [PATCH] Fix crash in DownloadWidget.
  • kde/plasma-desktop-5.22.5-arm-2.txz
    Removed main.xml.orig. Thanks to ctrlaltca.
  • n/bind-9.16.21-arm-3.txz
    Clean this up a little more… for consistency, make all three variables
    set in /etc/default/named start with NAMED_. Likewise, make sure that all
    uses of them in rc.bind start with NAMED_ (fixes a mismatch discovered by
    Nobby6). For anyone wishing to run BIND as root, it seems to accept -u root
    just fine, but if you really don't want a -u option, just set NAMED_OPTIONS
    to “ ” to avoid triggering the fallback.
  • n/nftables-1.0.0-arm-2.txz
    Added options –with-json and –enable-python needed for firewalld.
    Thanks to stormtracknole.
  • xap/xpdf-4.03-arm-3.txz
    Removed .orig files. Thanks to ctrlaltca.
  • isolinux/*
  • l/gst-plugins-bad-free-1.18.5-arm-1.txz
    These are the “bad” GStreamer plugins that have free enough licenses to ship.
    Thanks to Heinz Wiesinger.
  • x/xdg-desktop-portal-1.10.1-arm-1.txz
    This is needed by the xdg-desktop-portal-kde backend.
    Thanks to Vincent Batts.
  • news/2021/09/29/slackwarearm-current-changelog.txt
  • Last modified: 2 weeks ago
  • by Giuseppe Di Terlizzi