Slackwarearm-current ChangeLog (2020-03-25)
Wed Mar 25 08:08:08 UTC 2020
The mini root filesystem has been updated:
ftp://ftp.arm.slackware.com/slackwarearm/slackwarearm-devtools/minirootfs/slack-current-miniroot_24Mar20.tar.xz
Episode 012 of the 'slackchat' podcast is now up, too.
https://shows.acast.com/slackchat
Packages
Rebuilt
- a/aaa_elflibs-15.0-arm-19.txz
Upgraded: libcap.so.2.33, libncurses.so.6.2, libncursesw.so.6.2,
libpcre.so.1.2.12, libpcreposix.so.0.0.7, libtinfo.so.6.2, libform.so.6.2,
libformw.so.6.2, libglib-2.0.so.0.6400.1, libgmodule-2.0.so.0.6400.1,
libgobject-2.0.so.0.6400.1, libgthread-2.0.so.0.6400.1,
liblber-2.4.so.2.10.12, libldap-2.4.so.2.10.12, libmenu.so.6.2,
libmenuw.so.6.2, libpanel.so.6.2, libpanelw.so.6.2, libstdc++.so.6.0.28. - a/tcsh-6.22.02-arm-3.txz
Actually apply the shell history patch this time. Thanks to jmccue.
Fixed merging history from multiple shells. Thanks to jmccue. - d/libtool-2.4.6-arm-14.txz
Recompiled to update embedded GCC version number. - d/scons-3.1.2-arm-2.txz
Drop python2 support and switch to python3. - l/QScintilla-2.11.4-arm-3.txz
Added PyQt5 support. Thanks to alienBOB. - l/sip-4.19.21-arm-2.txz
Recompiled to pick up Qt5 support. - n/curl-7.69.1-arm-2.txz
Removed –with-ca-bundle=/usr/share/curl/ca-bundle.crt and
added –without-ca-bundle. Thanks to drgibbon and Willy Sudiarto Raharjo. - n/dovecot-2.3.10-arm-2.txz
- n/gpgme-1.13.1-arm-4.txz
Added Qt5 bindings. Thanks to alienBOB. - xap/blueman-2.1.2-arm-2.txz
This needed a rebuild for glib2-2.64.1. Thanks to Lockywolf.
Upgraded
- a/cryptsetup-2.3.1-arm-1.txz
- a/e2fsprogs-1.45.6-arm-1.txz
- a/kernel-firmware-20200320_edf390c-noarch-1.txz
- a/openssl-solibs-1.1.1e-arm-1.txz
- a/xfsprogs-5.5.0-arm-1.txz
- a/xz-5.2.5-arm-1.txz
- ap/cups-filters-1.27.3-arm-1.txz
- ap/ghostscript-9.52-arm-1.txz
- ap/sudo-1.8.31p1-arm-1.txz
This is a bugfix release:
Sudo once again ignores a failure to restore the RLIMIT_CORE resource limit,
as it did prior to version 1.8.29. Linux containers don't allow RLIMIT_CORE
to be set back to RLIM_INFINITY if we set the limit to zero, even for root,
which resulted in a warning from sudo. - ap/vim-8.2.0418-arm-1.txz
- d/automake-1.16.2-noarch-1.txz
- d/ccache-3.7.8-arm-1.txz
- d/cmake-3.17.0-arm-1.txz
- d/gcc-9.3.0-arm-1.txz
- d/gcc-g++-9.3.0-arm-1.txz
- d/gcc-gdc-9.3.0-arm-1.txz
- d/gcc-gfortran-9.3.0-arm-1.txz
- d/gcc-gnat-9.3.0-arm-1.txz
- d/gcc-go-9.3.0-arm-1.txz
- d/gcc-objc-9.3.0-arm-1.txz
- d/git-2.26.0-arm-1.txz
- d/help2man-1.47.13-arm-1.txz
- d/parallel-20200322-noarch-1.txz
- d/perl-5.30.2-arm-1.txz
Also upgraded to Devel-CheckLib-1.14, DBI-1.643, and IO-Socket-SSL-2.067. - d/rust-1.42.0-arm-1.txz
- l/fuse3-3.9.1-arm-1.txz
- l/gd-2.3.0-arm-1.txz
This update fixes bugs and security issues:
Potential double-free in gdImage*Ptr().
gdImageColorMatch() out of bounds write on heap.
Uninitialized read in gdImageCreateFromXbm().
Double-free in gdImageBmp.
Potential NULL pointer dereference in gdImageClone().
Potential infinite loop in gdImageCreateFromGifCtx().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
(* Security fix *) - l/glibmm-2.64.2-arm-1.txz
- l/gmime-3.2.7-arm-1.txz
- l/imagemagick-7.0.10_2-arm-1.txz
- l/libbluray-1.2.0-arm-1.txz
- l/libdvdnav-6.1.0-arm-1.txz
- l/libdvdread-6.1.0-arm-1.txz
- l/libuv-1.35.0-arm-1.txz
- l/pangomm-2.42.1-arm-1.txz
- l/qt5-webkit-5.212.0_alpha4-arm-1.txz
- n/ModemManager-1.12.8-arm-1.txz
- n/NetworkManager-1.22.10-arm-1.txz
- n/bind-9.16.1-arm-1.txz
- n/bluez-5.54-arm-1.txz
- n/gnupg2-2.2.20-arm-1.txz
- n/libqmi-1.24.8-arm-1.txz
- n/openssl-1.1.1e-arm-1.txz
Fixed an overflow bug in the x64_64 Montgomery squaring procedure
used in exponentiation with 512-bit moduli.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
(* Security fix *) - n/php-7.4.4-arm-1.txz
This update fixes bugs and security issues:
Core: get_headers() silently truncates after a null byte
EXIF: Use-of-uninitialized-value in exif
MBstring: mb_strtolower: stack-buffer-overflow at php_unicode_tolower_full
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
(* Security fix *) - n/postfix-3.5.0-arm-1.txz
- x/igt-gpu-tools-1.25-arm-1.txz
- x/libinput-1.15.4-arm-1.txz
- x/mesa-20.0.2-arm-1.txz
- x/vulkan-sdk-1.2.131.2-arm-1.txz
- xap/audacious-4.0-arm-1.txz
- xap/audacious-plugins-4.0-arm-1.txz
- xap/mozilla-thunderbird-68.6.0-arm-1.txz
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.6.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
(* Security fix *) - xap/vim-gvim-8.2.0418-arm-1.txz
- xap/xaos-3.7-arm-1.txz
- xap/xscreensaver-5.44-arm-1.txz
Added
- l/PyQt5-5.13.2-arm-1.txz
- l/libcue-2.2.1-arm-1.txz
The initial use for this is adding CUE support to audacious-plugins.