Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-current ChangeLog (2019-02-06) ====== ====== Wed Feb 6 22:44:32 UTC 2019 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>a/hwdata-0.320-noarch-1.txz]] * [[slackware.current>a/kernel-generic-4.19.20-i586-1.txz]] * [[slackware.current>a/kernel-generic-smp-4.19.20_smp-i686-1.txz]] * [[slackware.current>a/kernel-huge-4.19.20-i586-1.txz]] * [[slackware.current>a/kernel-huge-smp-4.19.20_smp-i686-1.txz]] * [[slackware.current>a/kernel-modules-4.19.20-i586-1.txz]] * [[slackware.current>a/kernel-modules-smp-4.19.20_smp-i686-1.txz]] * [[slackware.current>a/mcelog-162-i586-1.txz]] * [[slackware.current>d/kernel-headers-4.19.20_smp-x86-1.txz]] * [[slackware.current>k/kernel-source-4.19.20_smp-noarch-1.txz]] * [[slackware.current>l/libvpx-1.8.0-i586-1.txz]] \\ Shared library .so-version bump. * [[slackware.current>n/curl-7.64.0-i586-1.txz]] \\ This release fixes the following security issues: \\ NTLM type-2 out-of-bounds buffer read. \\ NTLMv2 type-3 header stack buffer overflow. \\ SMTP end-of-response out-of-bounds read. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823 \\ (* Security fix *) * [[slackware.current>extra/linux-4.19.20-nosmp-sdk/*]] * [[slackware.current>kernels/*]] ==== Rebuilt ==== * [[slackware.current>d/opencl-headers-2.2-noarch-2.txz]] \\ Don't trigger "#pragma message" in cl_version.h when falling back on a \\ default version of OpenCL to target. Applications such as ffmpeg detect \\ this as an error and fail to compile. * [[slackware.current>l/ffmpeg-3.4.5-i586-2.txz]] \\ Recompiled against libvpx-1.8.0. \\ Reenabled libsmbclient support. * [[slackware.current>l/gst-plugins-good-1.14.4-i586-2.txz]] \\ Recompiled against libvpx-1.8.0. * [[slackware.current>n/samba-4.9.4-i586-2.txz]] \\ Added time.h to libsmbclient.h to fix ffmpeg compatibility. \\ Thanks to USUARIONUEVO. * [[slackware.current>xap/xine-lib-1.2.9-i586-4.txz]] \\ Recompiled against libvpx-1.8.0. * [[slackware.current>isolinux/initrd.img]] * [[slackware.current>usb-and-pxe-installers/usbboot.img]] ====== Wed Feb 6 00:29:25 UTC 2019 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.current>ap/linuxdoc-tools-0.9.73-i586-1.txz]] \\ Upgraded to gtk-doc-1.29. \\ Upgraded to asciidoc-8.6.10. \\ Upgraded to perl-XML-SAX-1.00. \\ Thanks to Stuart Winter. * [[slackware.current>d/meson-0.49.2-i586-1.txz]] * [[slackware.current>d/python-setuptools-40.8.0-i586-1.txz]] * [[slackware.current>d/slacktrack-2.19-i586-1.txz]] \\ Thanks to Stuart Winter. * [[slackware.current>l/imagemagick-6.9.10_26-i586-1.txz]] * [[slackware.current>n/dovecot-2.3.4.1-i586-1.txz]] \\ This update addresses security issues: \\ CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted \\ certificate with missing username field (ssl_cert_username_field), under \\ some configurations Dovecot mistakenly trusts the username provided via \\ authentication instead of failing. \\ ssl_cert_username_field setting was ignored with external SMTP AUTH, \\ because none of the MTAs (Postfix, Exim) currently send the cert_username \\ field. This may have allowed users with trusted certificate to specify any \\ username in the authentication. This bug didn't affect Dovecot's \\ Submission service. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3814 \\ (* Security fix *) {{tag>slackware changelog slackware-current 2019/02}} news/2019/02/06/slackware-current-changelog.txt Last modified: 5 years agoby Giuseppe Di Terlizzi Log In