Slackware64-current ChangeLog (2021-02-18)
Thu Feb 18 20:47:35 UTC 2021
Packages
Upgraded
- xap/mozilla-firefox-78.7.1esr-x86_64-1.txz
It looks like rebuilding Firefox with Rust 1.50.0 causes it to crash on
HTML5 streams, so let's drop back to this build. 78.8.0 is coming soon
and hopefully it'll fix this.
Thu Feb 18 19:29:30 UTC 2021
Packages
Upgraded
- d/llvm-11.1.0-x86_64-1.txz
Shared library .so-version bump. - n/bind-9.16.12-x86_64-1.txz
This update fixes a security issue:
When tkey-gssapi-keytab or tkey-gssapi-credential was configured, a
specially crafted GSS-TSIG query could cause a buffer overflow in the
ISC implementation of SPNEGO (a protocol enabling negotiation of the
security mechanism to use for GSSAPI authentication). This flaw could
be exploited to crash named. Theoretically, it also enabled remote code
execution, but achieving the latter is very difficult in real-world
conditions.
For more information, see:
https://kb.isc.org/docs/cve-2020-8625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625
(* Security fix *)
Rebuilt
- a/pkgtools-15.0-noarch-37.txz
installpkg: in –terse mode, fix formatting for the uncommon situation
where numfmt produces a 5 character output e.g. 1000K.
Thanks to Karl Magnus Kolstø. - kde/kdevelop-5.6.2-x86_64-3.txz
Recompiled against llvm-11.1.0. - l/qt5-5.15.2-x86_64-5.txz
Recompiled against llvm-11.1.0. - n/s-nail-14.9.21-x86_64-3.txz
The dotlock utility doesn't work with glibc-2.33 (another case where changes
to sandboxed functions are needed), but we really don't need it anyway so
just rebuild without it. Thanks to Paulo2. - x/mesa-20.3.4-x86_64-3.txz
Recompiled against llvm-11.1.0.