Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackwarearm-current ChangeLog (2021-06-09) ====== ====== Wed Jun 09 08:08:08 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackwarearm.current>a/hwdata-0.348-arm-1.txz]] * [[slackwarearm.current>ap/ispell-3.4.04-arm-1.txz]] * [[slackwarearm.current>ap/mpg123-1.28.0-arm-1.txz]] * [[slackwarearm.current>ap/slackpkg-15.0.5-noarch-1.txz]] \\ Add "--" option to "command cd" in bash completion file. (akinomyoga) \\ shell-completions/slackpkg.bash: add "show-changelog". \\ Import bash-completion file from upstream project. \\ Added the new-config actions for specific files. (Piter PUNK) \\ Harden slackpkg with respect to obtaining GPG key. (CRTS) * [[slackwarearm.current>d/git-2.32.0-arm-1.txz]] * [[slackwarearm.current>d/poke-1.3-arm-1.txz]] * [[slackwarearm.current>d/vala-0.52.4-arm-1.txz]] * [[slackwarearm.current>l/at-spi2-core-2.40.2-arm-1.txz]] * [[slackwarearm.current>l/libogg-1.3.5-arm-1.txz]] * [[slackwarearm.current>l/librsvg-2.50.7-arm-1.txz]] * [[slackwarearm.current>l/pipewire-0.3.29-arm-1.txz]] * [[slackwarearm.current>l/polkit-0.119-arm-1.txz]] \\ This update includes a mitigation for local privilege escalation using \\ polkit_system_bus_name_get_creds_sync(). \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560 \\ (* Security fix *) * [[slackwarearm.current>l/poppler-21.06.1-arm-1.txz]] \\ Shared library .so-version bump. * [[slackwarearm.current>l/pycairo-1.20.1-arm-1.txz]] * [[slackwarearm.current>l/qca-2.3.3-arm-1.txz]] * [[slackwarearm.current>l/vte-0.64.2-arm-1.txz]] * [[slackwarearm.current>n/epic5-2.1.5-arm-1.txz]] * [[slackwarearm.current>n/httpd-2.4.48-arm-1.txz]] \\ This release contains security fixes and improvements. \\ mod_http2: Fix a potential NULL pointer dereference. \\ Unexpected <Location> section matching with 'MergeSlashes OFF'. \\ mod_auth_digest: possible stack overflow by one nul byte while validating \\ the Digest nonce. \\ mod_session: Fix possible crash due to NULL pointer dereference, which \\ could be used to cause a Denial of Service with a malicious backend \\ server and SessionHeader. \\ mod_session: Fix possible crash due to NULL pointer dereference, which \\ could be used to cause a Denial of Service. \\ mod_proxy_http: Fix possible crash due to NULL pointer dereference, which \\ could be used to cause a Denial of Service. \\ mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end \\ negotiation. \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950 \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567 \\ (* Security fix *) * [[slackwarearm.current>n/libmbim-1.24.8-arm-1.txz]] * [[slackwarearm.current>n/libqmi-1.28.6-arm-1.txz]] * [[slackwarearm.current>n/nettle-3.7.3-arm-1.txz]] * [[slackwarearm.current>n/openldap-2.4.59-arm-1.txz]] * [[slackwarearm.current>n/p11-kit-0.24.0-arm-1.txz]] * [[slackwarearm.current>n/php-7.4.20-arm-1.txz]] * [[slackwarearm.current>n/vsftpd-3.0.4-arm-1.txz]] * [[slackwarearm.current>n/whois-5.5.10-arm-1.txz]] * [[slackwarearm.current>x/libX11-1.7.2-arm-1.txz]] \\ This is a bug fix release, correcting a regression introduced by and \\ improving the checks from the fix for CVE-2021-31535. * [[slackwarearm.current>x/libinput-1.18.0-arm-1.txz]] * [[slackwarearm.current>x/mesa-21.1.2-arm-1.txz]] * [[slackwarearm.current>xap/blueman-2.2.1-arm-1.txz]] * [[slackwarearm.current>xap/gnuplot-5.4.2-arm-1.txz]] * [[slackwarearm.current>xap/pidgin-2.14.5-arm-1.txz]] ==== Rebuilt ==== * [[slackwarearm.current>d/clisp-2.50_20191103_c26de7873-arm-4.txz]] \\ Upgraded to libffcall-2.3. * [[slackwarearm.current>kde/calligra-3.2.1-arm-11.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/cantor-21.04.1-arm-2.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/digikam-7.2.0-arm-2.txz]] \\ Recompiled against imagemagick-7.0.11_14. * [[slackwarearm.current>kde/kfilemetadata-5.82.0-arm-2.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/kile-2.9.93-arm-10.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/kitinerary-21.04.1-arm-2.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/krita-4.4.3-arm-5.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>kde/okular-21.04.1-arm-2.txz]] \\ Recompiled against poppler-21.06.1. * [[slackwarearm.current>l/alsa-lib-1.2.5-arm-2.txz]] \\ Account for unexpected packing of the conf file tarballs. We'll see if this \\ is enough to make things work well again. * [[slackwarearm.current>l/dvdauthor-0.7.2-arm-4.txz]] \\ Recompiled against imagemagick-7.0.11_14. * [[slackwarearm.current>n/network-scripts-15.0-noarch-14.txz]] \\ etc/rc.d/rc.inet1.conf.new: Set DHCP_NOIPV4LL[4]="yes" by default to \\ restore the previous behaviour in Slackware ARM. * [[slackwarearm.current>xap/xine-lib-1.2.11-arm-5.txz]] \\ Recompiled against poppler-21.06.1. {{tag>slackware changelog slackwarearm-current 2021-06}} news/2021/06/09/slackwarearm-current-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In