Slackwarearm-current ChangeLog (2020-04-17)

Fri Apr 17 08:08:08 UTC 2020

  • a/gawk-5.1.0-arm-1.txz
  • a/gettext-0.20.2-arm-1.txz
  • a/xfsprogs-5.6.0-arm-1.txz
  • d/gettext-tools-0.20.2-arm-1.txz
  • d/git-2.26.1-arm-1.txz
    This update fixes a security issue:
    With a crafted URL that contains a newline in it, the credential helper
    machinery can be fooled to give credential information for a wrong host.
    The attack has been made impossible by forbidding a newline character in
    any value passed via the credential protocol. Credit for finding the
    vulnerability goes to Felix Wilhelm of Google Project Zero.
    For more information, see:
    (* Security fix *)
  • l/glib-networking-2.64.2-arm-1.txz
  • l/libsecret-0.20.3-arm-1.txz
  • l/libuv-1.36.0-arm-1.txz
  • n/bind-9.16.2-arm-1.txz
    This update fixes a security issue:
    DNS rebinding protection was ineffective when BIND 9 is configured as a
    forwarding DNS server. Found and responsibly reported by Tobias Klein.
    [GL #1574]
    (* Security fix *)
  • n/dhcpcd-8.1.8-arm-1.txz
  • n/openvpn-2.4.9-arm-1.txz
    This update fixes a security issue:
    Fix illegal client float. Thanks to Lev Stipakov.
    For more information, see:
    (* Security fix *)
  • n/php-7.4.5-arm-1.txz
  • x/libvdpau-1.4-arm-1.txz
  • x/xorgproto-2020.1-arm-1.txz
  • xap/audacious-4.0.2-arm-1.txz
  • xap/audacious-plugins-4.0.2-arm-1.txz
  • ap/rpm-4.15.1-arm-3.txz
    Dropped python2 modules.
  • l/gtk+3-3.24.18-arm-2.txz
    Fixed the version number embedded in pkg-config files and elsewhere.
    Thanks to davjohn for the bug report.
  • l/libcaca-0.99.beta19-arm-7.txz
    Dropped python2 modules.
  • l/libwebp-1.1.0-arm-2.txz
    Dropped python2 modules.
  • l/python-distro-1.4.0-arm-2.txz
    Dropped python2 modules.
  • l/python-docutils-0.16-arm-2.txz
    Replace /usr/bin scripts with python3 versions.
  • l/system-config-printer-1.5.12-arm-3.txz
    Dropped python2 modules.
  • news/2020/04/17/slackwarearm-current-changelog.txt
  • Last modified: 2 years ago
  • by Giuseppe Di Terlizzi