Friday, 24 August 2018

Last Week's Slackware Current Upgrades in Retrospect

Loads of upgrades in the current branch again, notably a security updates for samba and, perhaps less important, of ntp were issued. Also more updates to the kernel-firmware again and no less than three kernel upgrades in three days which brought the kernel version up to 4.14.65, but of course another upgrade has been issued since. Blimey. Also noteworthy is that LibreOffice has now been recompiled against the latest boost update in current last week and LibreOffice 6.1.0 is now, although unannounced, available in AlienBobs' repository.

Sun Aug 19 23:59:17 UTC 2018
a/e2fsprogs-1.44.4-x86_64-1.txz: Upgraded.
a/kernel-generic-4.14.65-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.65-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.65-x86_64-1.txz: Upgraded.
ap/jove-4.16.0.73-x86_64-6.txz: Rebuilt.
       Fixed getline() namespace collision patch.
ap/sudo-1.8.24-x86_64-1.txz: Upgraded.
d/icecream-20180808-x86_64-1.txz: Upgraded.
       Use sources from git, which avoids timeouts and hangs that have been
       observed with version 1.1, and adds additional support for clang.
d/kernel-headers-4.14.65-x86-1.txz: Upgraded.
k/kernel-source-4.14.65-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Sat Aug 18 02:09:51 UTC 2018
a/kernel-generic-4.14.64-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.64-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.64-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.64-x86-1.txz: Upgraded.
k/kernel-source-4.14.64-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Fri Aug 17 16:52:04 UTC 2018
a/kernel-firmware-20180814_f1b95fe-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.63-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.63-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.63-x86_64-1.txz: Upgraded.
ap/jove-4.16.0.73-x86_64-5.txz: Rebuilt.
       Avoid a namespace conflict with glibc's getline() function.
       Increase some hardcoded buffer sizes.
       Thanks to TTK.
ap/mariadb-10.3.9-x86_64-1.txz: Upgraded.
       This update fixes bugs and security issues.
       For more information, see:
       https://mariadb.com/kb/en/mariadb-1039-release-notes/
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3060
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3064
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3063
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3058
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066
       (* Security fix *)
d/kernel-headers-4.14.63-x86-1.txz: Upgraded.
k/kernel-source-4.14.63-noarch-1.txz: Upgraded.
       EFI_VARS m -> y
       EFI_VARS_PSTORE m -> y
       +HOTPLUG_SMT y
l/expat-2.2.6-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p12-x86_64-1.txz: Upgraded.
       This release improves on one security fix in ntpd:
       LOW/MEDIUM: Sec 3012: Sybil vulnerability: ephemeral association attack
       While fixed in ntp-4.2.8p7 and with significant additional protections for
       this issue in 4.2.8p11, ntp-4.2.8p12 includes a fix for an edge case in
       the new noepeer support. Originally reported by Matt Van Gundy of Cisco.
       Edge-case hole reported by Martin Burnicki of Meinberg.
       And fixes another security issue in ntpq and ntpdc:
       LOW: Sec 3505: The openhost() function used during command-line hostname
       processing by ntpq and ntpdc can write beyond its buffer limit, which
       could allow an attacker to achieve code execution or escalate to higher
       privileges via a long string as the argument for an IPv4 or IPv6
       command-line parameter. NOTE: It is unclear whether there are any common
       situations in which ntpq or ntpdc is used with a command line from an
       untrusted source. Reported by Fakhri Zulkifli.
       For more information, see:
       http://support.ntp.org/bin/view/Main/SecurityNotice#August_2018_ntp_4_2_8p12_NTP_Rel
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12327
       (* Security fix *)
n/samba-4.8.4-x86_64-1.txz: Upgraded.
       This is a security update in order to patch the following defects:
       Weak authentication protocol allowed.
       Denial of Service Attack on DNS and LDAP server.
       Insufficient input validation on client directory listing in libsmbclient.
       Denial of Service Attack on AD DC DRSUAPI server.
       Confidential attribute disclosure from the AD LDAP server.
       For more information, see:
       https://www.samba.org/samba/security/CVE-2018-1139.html
       https://www.samba.org/samba/security/CVE-2018-1140.html
       https://www.samba.org/samba/security/CVE-2018-10858.html
       https://www.samba.org/samba/security/CVE-2018-10918.html
       https://www.samba.org/samba/security/CVE-2018-10919.html
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919
       (* Security fix *)
x/xf86-video-v4l-0.3.0-x86_64-1.txz: Upgraded.
x/xterm-335-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Aug 14 22:56:09 UTC 2018
a/kernel-firmware-20180814_fdd3468-noarch-1.txz: Upgraded.
a/openssl-solibs-1.1.0i-x86_64-1.txz: Upgraded.
d/strace-4.24-x86_64-1.txz: Upgraded.
l/harfbuzz-1.8.8-x86_64-1.txz: Upgraded.
n/iproute2-4.18.0-x86_64-1.txz: Upgraded.
n/openssl-1.1.0i-x86_64-1.txz: Upgraded.
       This update fixes two low severity security issues:
       Client DoS due to large DH parameter.
       Cache timing vulnerability in RSA Key Generation.
       For more information, see:
       https://www.openssl.org/news/secadv/20180612.txt
       https://www.openssl.org/news/secadv/20180416.txt
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0737
       (* Security fix *)
x/mesa-18.1.6-x86_64-1.txz: Upgraded.
xap/xscreensaver-5.40-x86_64-1.txz: Upgraded.
+--------------------------+
Tue Aug 14 00:10:54 UTC 2018
a/etc-15.0-x86_64-8.txz: Rebuilt.
       /etc/passwd: Added icecc (UID 49).
       /etc/group: Added icecc (GID 49).
a/pciutils-3.6.2-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-17.txz: Rebuilt.
       rc.M: start rc.icecc-scheduler and rc.iceccd.
d/icecream-1.1-x86_64-1.txz: Added.
       Thanks to Heinz Wiesinger for the SBo reference build script.
n/libmbim-1.16.2-x86_64-1.txz: Upgraded.
n/libqmi-1.20.2-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.13-x86_64-1.txz: Upgraded.
x/xterm-334-x86_64-1.txz: Upgraded.

Labels

12.04 LTS (1) 1280x1024 (2) 14.1 (1) absolute (6) accessibility (6) administration (2) afterstep (1) android (3) announcements (14) anonymity (5) anonymous (1) anonymous browsing (1) anti-malware (1) anti-virus (1) antiX (2) applications (1) arch (9) archbang (11) archone (1) authentication (1) backports (1) bash (2) bittorrent (2) block-this (1) bodhi (1) books (1) browsers (5) browsing (1) bsd (3) bug (2) bugs (3) calculate (1) centos (1) certification (1) chakra (2) changelog (16) chat (1) chatzilla (1) chromebook (1) chromium (2) click (1) commodore 64 (1) crunchbang (5) crux (1) ctkarch (1) cyber war (1) debian (22) desktop (55) devuan (3) digital certificates (1) digital memories (1) distributions (72) documentaries (1) documentation (2) dr. web (1) drivers (1) duo (1) e17 (1) email (1) encryption (3) enlightenment (1) events (1) exit nodes (1) ext4 (1) fake (1) fallout (1) fallout 4 (1) fedora (6) file systems (1) firefox (3) flash (1) flush (1) fluxbox (6) fluxflux (1) FPS (2) free software (2) frugalware (1) FSF (1) fusion (1) fvwm (1) fvwm-crystal (1) games (11) gaming (10) gentoo (2) gnome (8) gnome shell (4) gnu/linux (4) google (2) google-chrome (3) graphics (1) grml (1) hangouts (1) hardcore punk (1) hardware (3) how-to (22) humor (2) icewm (5) init (3) init freedom (4) interview (1) introduction (1) jibbed (1) jwm (1) kanotix (2) kde (17) kde3 (2) kernel (6) knoppix (1) kongoni (2) kubuntu (1) LAS (1) libtorrent-rasterbar (1) linux (18) linux light (15) live (40) live medium (14) live system (8) liveslak (2) lxde (12) lxqt (1) mageia (1) mandriva (2) marine life (1) mate (1) media center (4) mepis (2) mint (2) mobile (2) mobile security (1) movies (5) mozilla (3) music (1) netbook (2) networking (4) news (3) nvidia (1) open source (1) openbox (14) openSUSE (2) opinion (12) other (5) overclockix (1) packages (1) pclinuxos (2) perl (1) poll (2) porteus (3) privacy (5) privoxy (1) programming (1) proxy (2) puppy (3) qbittorrent (1) qt (1) quick look (10) ratpoison (1) red hat (6) relax (1) release (1) reviews (50) rhythmbox (1) RPG (2) rpm (1) sabayon (5) salix (15) scientific (7) screenshots (2) scripts (3) security (3) semplice (1) server (3) shell (1) shooter (4) siduction (1) slackel (1) slackware (63) slackware 14.2 (2) slackware 15.0 (3) slackware-current (27) slax (7) slitaz (1) smart phones (2) sms (1) south africa (2) specialist (1) spoof (1) surfing (1) systemd (2) table mountain (1) TDE (1) tegra k1 (1) themes (1) tinyme (2) tips (1) tor (3) torrenting (1) torrents (1) traffic analysis (2) trinity (2) trisquel (1) ubuntu (4) unity (2) unity linux (4) unix (1) upgrade (5) vector (2) video (3) vinux (2) virtualbsd (1) visual impairment (5) voip (1) vpn (2) wallpapers (3) window maker (4) window managers (1) wireless (10) xfce (16) youtube (1) zenwalk (3) zoo (1)