Slackware-15.0 ChangeLog (2022-01-25)
Tue Jan 25 20:10:35 UTC 2022
Packages
Rebuilt
- d/icecream-1.3.1-i586-4.txz
rc.icecream.conf: generate an error message and avoid a hang when
“hostname -d” doesn't work, usually because the hostname in /etc/HOSTNAME
can't be resolved. Thanks to franzen.
Upgraded
- kde/latte-dock-0.10.8-i586-1.txz
- xap/geeqie-1.7.2-i586-1.txz
Tue Jan 25 06:16:36 UTC 2022
It may look like we're currently experiencing more stuckness, but this will
lead us to Quality. We'll have this release in the can before you know it.
Packages
Rebuilt
- a/aaa_glibc-solibs-2.33-i586-5.txz
- a/aaa_libraries-15.0-i586-16.txz
Rebuilt to pick up the patched libexpat.so.1.8.3. - a/mkinitrd-1.4.11-i586-27.txz
mkinitrd_command_generator.sh: properly detect partitions of a RAID device.
Thanks to perrin4869. - l/expat-2.4.3-i586-2.txz
Fix signed integer overflow in function XML_GetBuffer for when
XML_CONTEXT_BYTES is defined to >0 (which is both common and
default). Impact is denial of service or other undefined behavior.
While we're here, also patch a memory leak on output file opening error.
Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
(* Security fix *) - l/glibc-2.33-i586-5.txz
This update patches two security issues:
Unexpected return value from glibc's realpath().
Off-by-one buffer overflow/underflow in glibc's getcwd().
Thanks to Qualys Research Labs for reporting these issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
(* Security fix *) - l/glibc-i18n-2.33-i586-5.txz
- l/glibc-profile-2.33-i586-5.txz
- isolinux/initrd.img
- usb-and-pxe-installers/usbboot.img
Upgraded
- a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz
- a/kernel-generic-5.15.16-i586-2.txz
- a/kernel-generic-smp-5.15.16_smp-i686-2.txz
- a/kernel-huge-5.15.16-i586-2.txz
-9P_FSCACHE n
9P_FS m → y
Thanks to peake. - a/kernel-huge-smp-5.15.16_smp-i686-2.txz
-9P_FSCACHE n
9P_FS m → y
Thanks to peake. - a/kernel-modules-5.15.16-i586-2.txz
- a/kernel-modules-smp-5.15.16_smp-i686-2.txz
- a/util-linux-2.37.3-i586-1.txz
This release fixes two security mount(8) and umount(8) issues:
An issue related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Improper UID check in libmount allows an unprivileged user to unmount
FUSE filesystems of users with similar UID.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996
(* Security fix *) - ap/vim-8.2.4212-i586-1.txz
- d/git-2.35.0-i586-1.txz
- d/kernel-headers-5.15.16_smp-x86-2.txz
- k/kernel-source-5.15.16_smp-noarch-2.txz
- l/fluidsynth-2.2.5-i586-1.txz
- l/tdb-1.4.6-i586-1.txz
- x/xf86-input-libinput-1.2.1-i586-1.txz
- xap/mozilla-thunderbird-91.5.1-i686-1.txz
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/ - xap/vim-gvim-8.2.4212-i586-1.txz
- extra/linux-5.15.16-nosmp-sdk/*
- kernels/*