Slackers (Slackware current journal) - Slackware – GNU/Linux per SubGeni e Fannulloni

Sat Nov 29 14:21:53 CST 2008
a/lilo-22.8-i486-14.tgz: Fixed typo in liloconfig.
a/udev-130-i486-2.tgz: Rebuilt including a new /etc/modprobe.d/uhci-hci to
make sure that the ehci-hcd module is always loaded before uhci-hci.
ap/lsscsi-0.21-i486-1.tgz: Upgraded to lsscsi-0.21.
Thanks to Darrell Anderson for pointing me to the new URL.
ap/mc-4.6.1_20070623p14-i486-2.tgz: Patched to fix a bug where moving or
copying a file could cause mc to crash. Thanks to David Somero for the patch.
d/ruby-1.8.7_p72-i486-2.tgz: Recompiled with a patch to fix short name
constants. Thanks to Marco Bonetti for pointing out the problem.
n/bridge-utils-1.2-i486-2.tgz: Patched to fix a corner case where brctl does
not work if the name of the bridge is “bridge”.
xap/audacious-plugins-1.5.1-i486-4.tgz: Patched to fix amidi-plug plugin.
Thanks to Giacomo Lozito.

Fri Nov 28 17:43:24 CST 2008
ap/cdrtools-2.01.01a53-i486-1.tgz: Upgraded to cdrtools-2.01.01a53.
ap/dmidecode-2.10-i486-1.tgz: Upgraded to dmidecode-2.10.
ap/sqlite-3.6.6.2-i486-1.tgz: Upgraded to sqlite-3.6.6.2.
l/libgsf-1.14.10-i486-1.tgz: Upgraded to libgsf-1.14.10.
n/dnsmasq-2.46-i486-1.tgz: Upgraded to dnsmasq-2.46.
n/ntp-4.2.4p5-i486-2.tgz: Edited rc.ntpd to add status support for pm-utils.
Thanks to Robby Workman.
n/samba-3.2.5-i486-1.tgz: Upgraded to samba-3.2.5.
This package fixes an important barrier against rogue clients reading from
uninitialized memory (though no proof-of-concept is known to exist).
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314

(* Security fix *)

Mon Nov 24 17:01:15 CST 2008
testing/packages/kde4/deps/eigen2-r888176-i486-1.tgz:
Added eigen2-r888176.
testing/packages/kde4/extragear/amarok-1.98-i486-1.tgz:
Upgraded to amarok-1.98.
testing/packages/kde4/extragear/guidance-power-manager-4.1.3-i486-1.tgz:
Upgraded to guidance-power-manager-4.1.3.
testing/packages/kde4/extragear/kaudiocreator-r888119-i486-1.tgz:
Upgraded to kaudiocreator-r888119.
testing/packages/kde4/extragear/konq-plugins-4.1.3-i486-1.tgz:
Added konq-plugins-4.1.3.
testing/packages/kde4/extragear/ktorrent-3.1.5-i486-1.tgz:
Upgraded to ktorrent-3.1.5.
testing/packages/kde4/kde/kdeaccessibility-4.1.3-i486-1.tgz:
Upgraded to kdeaccessibility-4.1.3.
testing/packages/kde4/kde/kdeadmin-4.1.3-i486-1.tgz:
Upgraded to kdeadmin-4.1.3.
testing/packages/kde4/kde/kdeartwork-4.1.3-i486-1.tgz:
Upgraded to kdeartwork-4.1.3.
testing/packages/kde4/kde/kdebase-4.1.3-i486-1.tgz: Upgraded to kdebase-4.1.3.
testing/packages/kde4/kde/kdebase-runtime-4.1.3-i486-1.tgz:
Upgraded to kdebase-runtime-4.1.3.
testing/packages/kde4/kde/kdebase-workspace-4.1.3-i486-1.tgz:
Upgraded to kdebase-workspace-4.1.3.
testing/packages/kde4/kde/kdebindings-4.1.3-i486-1.tgz:
Upgraded to kdebindings-4.1.3.
testing/packages/kde4/kde/kdeedu-4.1.3-i486-1.tgz: Upgraded to kdeedu-4.1.3.
testing/packages/kde4/kde/kdegames-4.1.3-i486-1.tgz:
Upgraded to kdegames-4.1.3.
testing/packages/kde4/kde/kdegraphics-4.1.3-i486-1.tgz:
Upgraded to kdegraphics-4.1.3.
testing/packages/kde4/kde/kdelibs-4.1.3-i486-1.tgz: Upgraded to kdelibs-4.1.3.
testing/packages/kde4/kde/kdemultimedia-4.1.3-i486-1.tgz:
Upgraded to kdemultimedia-4.1.3.
testing/packages/kde4/kde/kdenetwork-4.1.3-i486-1.tgz:
Upgraded to kdenetwork-4.1.3.
testing/packages/kde4/kde/kdepim-4.1.3-i486-1.tgz: Upgraded to kdepim-4.1.3.
testing/packages/kde4/kde/kdepimlibs-4.1.3-i486-1.tgz:
Upgraded to kdepimlibs-4.1.3.
testing/packages/kde4/kde/kdeplasma-addons-4.1.3-i486-1.tgz:
Upgraded to kdeplasma-addons-4.1.3.
testing/packages/kde4/kde/kdesdk-4.1.3-i486-1.tgz: Upgraded to kdesdk-4.1.3.
testing/packages/kde4/kde/kdetoys-4.1.3-i486-1.tgz: Upgraded to kdetoys-4.1.3.
testing/packages/kde4/kde/kdeutils-4.1.3-i486-1.tgz:
Upgraded to kdeutils-4.1.3.
testing/packages/kde4/kde/kdewebdev-4.1.3-i486-1.tgz:
Upgraded to kdewebdev-4.1.3.
testing/packages/kde4/kde/koffice-1.9.98.2-i486-1.tgz:
Upgraded to koffice-1.9.98.2.
testing/packages/kde4/kde-l10n/kde-l10n-*.tgz: Upgraded to kde-l10n-*-4.1.3.
testing/packages/kde4/kde-l10n/koffice-l10n-*.tgz:
Added koffice-l10n-*-1.9.98.2.

Sat Nov 22 07:13:29 CST 2008
testing/packages/kde4/deps/qt-r887099-i486-1.tgz:
Upgraded to qt-copy-r887099.

Fri Nov 21 13:51:57 CST 2008
a/aaa_base-12.1.0-noarch-3.tgz: Fixed an extra “../” at the beginning of the
/var/X11R6 symlink. Thanks to Herbert Faleiros for pointing out the bug.
a/glibc-solibs-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.
a/glibc-zoneinfo-2.7-noarch-17.tgz: Rebuilt.
a/kernel-firmware-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7 firmware.
a/kernel-generic-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.
a/kernel-generic-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.
a/kernel-huge-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.
a/kernel-huge-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.
a/kernel-modules-2.6.27.7-i486-1.tgz: Upgraded to Linux 2.6.27.7.
a/kernel-modules-smp-2.6.27.7_smp-i686-1.tgz: Upgraded to Linux 2.6.27.7.
ap/hplip-2.8.10-i486-1.tgz: Upgraded to hplip-2.8.10.
ap/pm-utils-1.2.2.1-i486-1.tgz: Added pm-utils-1.2.2.1.
ap/slackpkg-2.70.4-noarch-1.tgz: Added slackpkg-2.70.4. Moving this into the
main tree was long overdue. Thanks to Piter Punk!
ap/texinfo-4.13a-i486-2.tgz: Patched the install script to replace
/usr/info/dir if the topmost node is missing.
d/kernel-headers-2.6.27.7_smp-x86-1.tgz: Upgraded to Linux 2.6.27.7 headers.
e/emacs-22.3-i486-2.tgz: Rebuilt with compressed info pages and using the
emacs PNG icon from the sources. Thanks to Edward Trumbo for the patch.
k/kernel-source-2.6.27.7_smp-noarch-1.tgz: Upgraded to Linux 2.6.27.7.
l/glibc-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.
l/glibc-i18n-2.7-noarch-17.tgz: Rebuilt.
l/glibc-profile-2.7-i486-17.tgz: Recompiled against Linux 2.6.27.7.
l/svgalib_helper-1.9.25_2.6.27.7-i486-1.tgz: Recompiled for Linux 2.6.27.7.
n/alpine-2.00-i486-1.tgz: Upgraded to alpine-2.00.
n/imapd-2.00-i486-1.tgz: Upgraded to imapd from alpine-2.00.
n/curl-7.19.2-i486-1.tgz: Upgraded to curl-7.19.2.
n/ntp-4.2.4p5-i486-1.tgz: Upgraded to ntp-4.2.4p5.
n/sendmail-8.14.3-i486-1.tgz: Upgraded to sendmail-8.14.3.
n/sendmail-cf-8.14.3-noarch-1.tgz: Upgraded to sendmail-8.14.3 config files.
x/scim-1.4.7-i486-7.tgz: Recompiled.
x/scim-bridge-0.4.14-i486-3.tgz: Recompiled.
xap/mozilla-thunderbird-2.0.0.18-i686-1.tgz:
Upgraded to thunderbird-2.0.0.18.
This upgrade fixes some more security bugs.
For more information, see:

http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html

(* Security fix *)
extra/linux-2.6.27.7-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/initrd.img: Rebuilt with newly compiled kernel modules.
usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled
kernel modules.

Thu Nov 20 12:15:34 CST 2008
a/acpid-1.0.8-i486-2.tgz: Fixed a bug in the build script so that
/etc/acpi/acpi_handler.sh.new is chmoded executable. If you installed the
previous package, you should chmod 755 your /etc/acpi/acpi_handler.sh.
Thanks to Stuart Winter for pointing this out.

Wed Nov 19 19:52:15 CST 2008
a/acpid-1.0.8-i486-1.tgz: Upgraded to acpid-1.0.8.
/etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades,
but since whatever version already installed on the system owns
/etc/acpi/acpi_handler.sh, it will still be overwritten one more time when
this update is installed. If you’ve customized your script, be sure to back
it up before upgrading.
a/mkinitrd-1.3.2-i486-4.tgz: Fixed a bug where unless -F was the first option
given, other command line options would not override the contents of
/etc/mkinitrd.conf as documented in the man page.
Thanks to David Somero for the patch.
l/libxml2-2.6.32-i486-2.tgz: Patched and recompiled.
This fixes vulnerabilities including denial of service, or possibly the
execution of arbitrary code as the user running a libxml2 linked application
if untrusted XML content is parsed.
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226

(* Security fix *)
x/compiz-0.7.8-i486-1.tgz: Upgraded to compiz-0.7.8.
x/dejavu-fonts-ttf-2.27-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.27.
x/xf86-input-acecad-1.2.2-i486-1.tgz: Added xf86-input-acecad-1.2.2.
x/xf86-input-calcomp-1.1.2-i486-1.tgz:
Upgraded to xf86-input-calcomp-1.1.2-i486-1.tgz.
x/xf86-input-digitaledge-1.1.1-i486-1.tgz:
Upgraded to xf86-input-digitaledge-1.1.1.
x/xf86-input-dmc-1.1.2-i486-1.tgz: Added xf86-input-dmc-1.1.2.
x/xf86-input-dynapro-1.1.2-i486-1.tgz: Upgraded to xf86-input-dynapro-1.1.2.
x/xf86-input-elo2300-1.1.2-i486-1.tgz: Upgraded to xf86-input-elo2300-1.1.2.
x/xf86-input-elographics-1.2.3-i486-1.tgz:
Upgraded to xf86-input-elographics-1.2.3.
x/xf86-input-evdev-2.0.8-i486-1.tgz: Upgraded to xf86-input-evdev-2.0.8.
x/xf86-input-fpit-1.2.0-i486-1.tgz: Upgraded to xf86-input-fpit-1.2.0.
x/xf86-input-hyperpen-1.2.0-i486-1.tgz: Upgraded to xf86-input-hyperpen-1.2.0.
x/xf86-input-jamstudio-1.2.0-i486-1.tgz:
Upgraded to xf86-input-jamstudio-1.2.0.
x/xf86-input-joystick-1.3.3-i486-1.tgz: Upgraded to xf86-input-joystick-1.3.3.
x/xf86-input-keyboard-1.3.1-i486-1.tgz: Upgraded to xf86-input-keyboard-1.3.1.
x/xf86-input-magellan-1.2.0-i486-1.tgz: Upgraded to xf86-input-magellan-1.2.0.
x/xf86-input-microtouch-1.2.0-i486-1.tgz:
Upgraded to xf86-input-microtouch-1.2.0.
x/xf86-input-mutouch-1.2.1-i486-1.tgz: Upgraded to xf86-input-mutouch-1.2.1.
x/xf86-input-palmax-1.2.0-i486-1.tgz: Upgraded to xf86-input-palmax-1.2.0.
x/xf86-input-penmount-1.3.0-i486-1.tgz: Upgraded to xf86-input-penmount-1.3.0.
x/xf86-input-summa-1.2.0-i486-1.tgz: Upgraded to xf86-input-summa-1.2.0.
x/xf86-input-synaptics-0.15.2-i486-1.tgz: Added xf86-input-synaptics-0.15.2.
x/xf86-input-tek4957-1.2.0-i486-1.tgz: Upgraded to xf86-input-tek4957-1.2.0.
x/xf86-input-vmmouse-12.5.2-i486-1.tgz: Upgraded to xf86-input-vmmouse-12.5.2.
x/xf86-input-void-1.1.1-i486-1.tgz: Added xf86-input-void-1.1.1.
x/xf86-video-cirrus-1.2.1-i486-1.tgz: Upgraded to xf86-video-cirrus-1.2.1.
x/xf86-video-glint-1.2.1-i486-1.tgz: Upgraded to xf86-video-glint-1.2.1.
x/xf86-video-i128-1.3.1-i486-1.tgz: Upgraded to xf86-video-i128-1.3.1.
x/xf86-video-intel-2.4.3-i486-1.tgz: Upgraded to xf86-video-intel-2.4.3.
x/xf86-video-mga-1.4.9-i486-1.tgz: Upgraded to xf86-video-mga-1.4.9.
x/xf86-video-neomagic-1.2.1-i486-1.tgz: Upgraded to xf86-video-neomagic-1.2.1.
x/xf86-video-nv-2.1.12-i486-1.tgz: Upgraded to xf86-video-nv-2.1.12.
x/xf86-video-openchrome-0.2.903-i486-1.tgz:
Added xf86-video-openchrome-0.2.903.
x/xf86-video-radeonhd-1.2.3-i486-1.tgz: Upgraded to xf86-video-radeonhd-1.2.3.
x/xf86-video-s3virge-1.10.1-i486-1.tgz: Upgraded to xf86-video-s3virge-1.10.1.
x/xf86-video-savage-2.2.1-i486-1.tgz: Upgraded to xf86-video-savage-2.2.1.
x/xf86-video-vmware-10.16.5-i486-1.tgz: Upgraded to xf86-video-vmware-10.16.5.
x/xkeyboard-config-1.4-noarch-1.tgz: Upgraded to xkeyboard-config-1.4.
NOTE: These are some of the more important updates for X.Org. For the last
several days we have been building and testing the very newest X updates, and
it seems that the more intrusive updates are probably best left to develop
until sometime after the coming -stable Slackware 12.2 release. Those will
require a lot of testing and some things don’t seem to be quite there yet.
“X -configure” is hanging the console, DRI is not yet working on all the
hardware tested, and the new xorg-server will render most existing xorg.conf
files non-functional until several changes are made.
extra/slacktrack/slacktrack-2.01-noarch-1.tgz: Upgraded to slacktrack-2.01.
Thanks to Stuart Winter.

Sat Nov 15 18:33:27 CST 2008
a/glibc-solibs-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.
a/glibc-zoneinfo-2.7-noarch-16.tgz: Rebuilt.
a/kernel-firmware-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6 firmware.
a/kernel-generic-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.
a/kernel-generic-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.
a/kernel-huge-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.
a/kernel-huge-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.
a/kernel-modules-2.6.27.6-i486-1.tgz: Upgraded to Linux 2.6.27.6.
a/kernel-modules-smp-2.6.27.6_smp-i686-1.tgz: Upgraded to Linux 2.6.27.6.
d/kernel-headers-2.6.27.6_smp-x86-1.tgz: Upgraded to Linux 2.6.27.6 headers.
k/kernel-source-2.6.27.6_smp-noarch-1.tgz: Upgraded to Linux 2.6.27.6.
l/glibc-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.
l/glibc-i18n-2.7-noarch-16.tgz: Rebuilt.
l/glibc-profile-2.7-i486-16.tgz: Recompiled against Linux 2.6.27.6.
l/svgalib_helper-1.9.25_2.6.27.6-i486-1.tgz: Recompiled for Linux 2.6.27.6.
n/gnutls-2.6.2-i486-1.tgz: Upgraded to gnutls-2.6.2. The security fix in
gnutls-2.6.1 had a flaw in cases where the certificate chain contained only
one self-signed certificate. This update fixes the issue.
n/net-snmp-5.4.2.1-i486-1.tgz: Upgraded to net-snmp-5.4.2.1.
This fixes a problem where a user with read access could cause snmpd to
crash, resulting in a denial of service.
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309

(* Security fix *)
n/proftpd-1.3.1-i486-3.tgz: Recompiled. This seems to be picky about having
an exact version of OpenSSL. Thanks to Adam Kennedy for the bug report.
xap/mozilla-firefox-3.0.4-i686-1.tgz:
Upgraded to firefox-3.0.4.
This fixes some security issues:
For more information, see:

http://www.mozilla.org/security/known-vulnerabilities/firefox30.html

(* Security fix *)
xap/seamonkey-1.1.13-i486-1.tgz:
Upgraded to seamonkey-1.1.13.
This release fixes some more security vulnerabilities.
For more information, see:

http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html

(* Security fix *)
extra/linux-2.6.27.6-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
isolinux/initrd.img: Rebuilt with newly compiled kernel modules.
usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled
kernel modules.

Thu Nov 13 11:46:26 CST 2008
ap/acct-6.4pre1-i486-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel
accounting file format (and the older log formats). Thanks to Jan Rafaj for
letting me know this needed an update and where to find it.
ap/madplay-0.15.2b-i486-2.tgz: Recompiled. This fixes a problem (endian
issue?) where madplay just outputs noise.
Thanks to Jan Rafaj for the bug report.
kde/kdepim-3.5.10-i486-4.tgz: Recompiled against bluez-libs and pilot-link.
l/pilot-link-0.12.3-i486-6.tgz: Recompiled against bluez-libs-3.36.
n/bluez-hcidump-1.42-i486-2.tgz: Recompiled against bluez-libs-3.36.
n/bluez-libs-3.36-i486-2.tgz: Switched back to the BlueZ 3.x series. As the
website says, “without support from the userspace these modules are useless.”
Well, it seems as if the userspace support for BlueZ 3.x is still much better
than the support for 4.x, so we’ll move back to these packages (recompiled)
until the situation changes. Thanks to Tom Nardi for the detailed report
concerning the usability of BlueZ 3.x versus BlueZ 4.x.
n/bluez-utils-3.36-i486-4.tgz: Switched back to bluez-utils-3.36, with the
udev rules moved into /lib/udev/rules.d/.
n/obexftp-0.22-i486-3.tgz: Recompiled against openobex-1.3.
n/openobex-1.3-i486-3.tgz: Recompiled against bluez-libs-3.36.
n/slrn-0.9.9p1-i486-2.tgz: Fixed slack-desc to properly note that the original
author, John E. Davis, is now maintaining slrn again.
Thanks to Andrew Strong for pointing out this error.

Mon Nov 10 19:19:50 CST 2008
n/gnutls-2.6.1-i486-1.tgz: Upgraded to gnutls-2.6.1.
From the gnutls-2.6.1 NEWS file:
** libgnutls: Fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle
attackers (i.e., active attackers) to assume any name and trick GNU TLS
clients into trusting that name. Thanks for report and analysis from
Martin von Gagern . [CVE-2008-4989]
For more information, see:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989

(* Security fix *)
xap/pidgin-2.5.2-i486-2.tgz: Recompiled against gnutls-2.6.1.
extra/ktorrent/ktorrent-2.2.8-i486-1.tgz: Upgraded to ktorrent-2.2.8.