Slackware-current ChangeLog (2021-09-17)
Fri Sep 17 17:22:57 UTC 2021
Packages
Rebuilt
- kde/plasma-workspace-5.22.5-i586-2.txz
Patched to fix USB storage devices detected only once per session.
Thanks to ctrlaltca. - n/NetworkManager-1.32.10-i586-4.txz
Patched to shut down dhcpcd gracefully, and restored dhcpcd as the default
client when using NetworkManager on Slackware. In this case I'll swim
upstream if it means better security. Who knows what your DHCP server might
attempt when it comes to public WiFi?
Thanks to Roy Marples and marav.
Upgraded
Fri Sep 17 04:17:57 UTC 2021
Packages
Upgraded
- n/httpd-2.4.49-i586-1.txz
This release contains security fixes and improvements.
mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic]
core: ap_escape_quotes buffer overflow
mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic]
core: null pointer dereference on malformed request
mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing]
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
(* Security fix *) - xap/mozilla-thunderbird-91.1.1-i686-1.txz
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.1.1/releasenotes/
Rebuilt
- a/sysvinit-scripts-15.0-noarch-5.txz
Stop D-Bus after NFS partitions are unmounted to avoid a hang.
Thanks to vulcan59 and bassmadrigal. - n/dhcpcd-9.4.0-i586-2.txz
Applied upstream patch:
DHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages.
Thanks to marav.