Sunday, 16 September 2018

Last Week's Security Updates, Fixes and Upgrades in Slackware Current

A whole slew of updates again and Linux kernel 4.14.69 has landed in Slackware Current. We can keep going like this forever. Also Samba, with a new dependency on lmdb, has been upgraded to 4.9.0. Whether that's a good thing? You might want to keep the old one around for some testing of the new package if really relying on Samba and running current. Rock on!

Fri Sep 14 23:06:26 UTC 2018
ap/hplip-3.18.7-x86_64-3.txz: Rebuilt.
       Throw away the broken and ill-advised libImageProcessor closed-source blob.
       Thanks to Matteo Bernardini.
ap/zsh-5.6.2-x86_64-1.txz: Upgraded.
d/rust-1.29.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.22-x86_64-1.txz: Added.
       This is a new dependency of Samba.
n/php-7.2.10-x86_64-1.txz: Upgraded.
       This is a security release which also contains several minor bug fixes.
       For more information, see:
       https://php.net/ChangeLog-7.php#7.2.10
       (* Security fix *)
n/samba-4.9.0-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-18.1.0-x86_64-1.txz: Upgraded.
x/xf86-video-ati-18.1.0-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Sep 13 21:41:51 UTC 2018
a/sysvinit-scripts-2.1-noarch-20.txz: Rebuilt.
       rc.6: it was reported by birdboy that JFS is not properly unmounted unless
       the order of unmounting local filesystems followed by remounting the root
       filesystem read-only is inverted. I tried that, and although it did get rid
       of a "/ filesystem is busy" error during shutdown, the JFS / filesystem was
       still checked at boot (and found to be clean). I believe that the existing
       order of unmounting non-root filesystems followed by remounting the root
       filesystem as read-only is the correct order, and found that putting
       another sync between these also gets rid of the error on shutdown, so I've
       done that. When using JFS as the root filesystem there's still another
       similar error message that's generated earlier in the boot, though. I'm
       unable to find any way to shut down a JFS root partition in a way that
       leaves it clean enough that fsck will not check it at boot, but it is always
       found to be clean so this should only be cosmetic. I recall this behavior of
       JFS going all the way back to when it was first added to the kernel. If
       anyone has a better fix, I'll take a look at it, but in my opinion it's not
       really anything to worry about.
ap/ghostscript-9.25-x86_64-1.txz: Upgraded.
       This release fixes problems with argument handling, some unintended
       results of the security fixes to the SAFER file access restrictions
       (specifically accessing ICC profile files), and some additional
       security issues over the recent 9.24 release.
       For more information, see:
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16509
       (* Security fix *)
ap/squashfs-tools-20180612_6e242dc-x86_64-1.txz: Upgraded.
       Linked against libzstd.so.1. Thanks to alienBOB.
ap/sudo-1.8.25p1-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-4.txz: Rebuilt.
       Since baldzhang has pointed out a valid use case for windres on Linux,
       we are restoring the "Windows only" utilities, as none of them are
       very large and there may be valid uses for the other ones as well.
l/freetype-2.9.1-x86_64-2.txz: Rebuilt.
       Patched to build properly if windres is present on the machine.
l/sg3_utils-1.44-x86_64-1.txz: Upgraded.
l/zstd-1.3.5-x86_64-1.txz: Added.
       Thanks to alienBOB.
xfce/tumbler-0.2.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
       Use the ter-114v terminus font. It has been reported that the font we were
       using (ter-v14v) restricts the available console colors from 16 to 8 due
       to needing an extra bit for the higher number of available glyphs (though
       in testing here I couldn't see any difference). The new font covers
       ISO8859-1, ISO8859-15, and Windows-1252 codepages. I'm still not sure it's
       the best choice, so additional input is welcomed.
       Thanks to bormant.
usb-and-pxe-installers/usbboot.img: Rebuilt.
       Use the ter-114v terminus font.
+--------------------------+
Wed Sep 12 21:19:38 UTC 2018
a/elilo-3.16-x86_64-8.txz: Rebuilt.
       eliloconfig: this was occasionally failing and the issue was traced to the
       script's use of tr (not sure why still). Replaced the construct with sed
       and the issue seems to have gone away.
a/openssl-solibs-1.1.1-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-3.txz: Rebuilt.
       Do not install the Windows-specific tools. Not only are these useless on
       Linux, but the presence of windres fools freetype into thinking that it is
       on a Windows system, leading to a build failure.
d/git-2.19.0-x86_64-1.txz: Upgraded.
l/freetype-2.9.1-x86_64-1.txz: Upgraded.
l/harfbuzz-1.9.0-x86_64-1.txz: Upgraded.
l/media-player-info-24-noarch-1.txz: Upgraded.
l/pcre2-10.32-x86_64-1.txz: Upgraded.
l/sg3_utils-1.43-x86_64-1.txz: Upgraded.
n/openssl-1.1.1-x86_64-1.txz: Upgraded.
x/fontconfig-2.13.1-x86_64-1.txz: Upgraded.
       We had problem reports with fontconfig-2.13.0 which led to it being reverted
       but we'll try it again. Please let me know if the issues (with Wine iirc)
       persist.
x/libinput-1.12.0-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Sep 10 21:00:00 UTC 2018
a/kernel-generic-4.14.69-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.69-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.69-x86_64-1.txz: Upgraded.
a/xfsprogs-4.18.0-x86_64-1.txz: Upgraded.
ap/nano-3.0-x86_64-1.txz: Upgraded.
d/cmake-3.12.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.69-x86-1.txz: Upgraded.
k/kernel-source-4.14.69-noarch-1.txz: Upgraded.
       Config changes since 4.14.68:
       CRYPTO_LZO m -> y
       FRONTSWAP n -> y
       ZBUD n -> m
       ZPOOL m -> y
       +ZSWAP y
       Thanks to Darth Vader.
l/glib2-2.56.2-x86_64-2.txz: Rebuilt.
       Make links in the documentation directory to all of the API documentation
       found under /usr/share/gtk-doc/html. Thanks to Didier Spaier.
l/libarchive-3.3.3-x86_64-1.txz: Upgraded.
n/links-2.17-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.

Labels

12.04 LTS (1) 1280x1024 (2) 14.1 (1) absolute (6) accessibility (6) administration (2) afterstep (1) android (3) announcements (14) anonymity (5) anonymous (1) anonymous browsing (1) anti-malware (1) anti-virus (1) antiX (2) applications (1) arch (9) archbang (11) archone (1) authentication (1) backports (1) bash (2) bittorrent (2) block-this (1) bodhi (1) books (1) browsers (5) browsing (1) bsd (3) bug (2) bugs (3) calculate (1) centos (1) certification (1) chakra (2) changelog (22) chat (1) chatzilla (1) chromebook (1) chromium (2) click (1) commodore 64 (1) crunchbang (5) crux (1) ctkarch (1) cyber war (1) debian (22) desktop (55) devuan (3) digital certificates (1) digital memories (1) distributions (72) documentaries (1) documentation (2) dr. web (1) drivers (1) duo (1) e17 (1) email (1) encryption (3) enlightenment (1) events (1) exit nodes (1) ext4 (1) fake (1) fallout (1) fallout 4 (1) fedora (6) file systems (1) firefox (3) flash (1) flush (1) fluxbox (6) fluxflux (1) FPS (2) free software (2) frugalware (1) FSF (1) fusion (1) fvwm (1) fvwm-crystal (1) games (11) gaming (10) gentoo (2) gnome (8) gnome shell (4) gnu/linux (4) google (2) google-chrome (3) graphics (1) grml (1) hangouts (1) hardcore punk (1) hardware (3) how-to (22) humor (2) icewm (5) init (3) init freedom (4) interview (1) introduction (1) jibbed (1) jwm (1) kanotix (2) kde (17) kde3 (2) kernel (6) knoppix (1) kongoni (2) kubuntu (1) LAS (1) libtorrent-rasterbar (1) linux (18) linux light (15) live (40) live medium (14) live system (8) liveslak (2) lxde (12) lxqt (1) mageia (1) mandriva (2) marine life (1) mate (1) media center (4) mepis (2) mint (2) mobile (2) mobile security (1) movies (5) mozilla (3) music (1) netbook (2) networking (4) news (3) nvidia (1) open source (1) openbox (14) openSUSE (2) opinion (12) other (5) overclockix (1) packages (1) pclinuxos (2) perl (1) poll (2) porteus (3) privacy (5) privoxy (1) programming (1) proxy (2) puppy (3) qbittorrent (1) qt (1) quick look (10) ratpoison (1) red hat (7) relax (1) release (1) reviews (50) rhythmbox (1) RPG (2) rpm (1) sabayon (5) salix (15) scientific (7) screenshots (2) scripts (3) security (3) semplice (1) server (3) shell (1) shooter (4) siduction (1) slackel (1) slackware (65) slackware 14.2 (2) slackware 15.0 (6) slackware-current (33) slax (7) slitaz (1) smart phones (2) sms (1) south africa (2) specialist (1) spoof (1) surfing (1) systemd (2) table mountain (1) TDE (1) tegra k1 (1) themes (1) tinyme (2) tips (1) tor (3) torrenting (1) torrents (1) traffic analysis (2) trinity (2) trisquel (1) ubuntu (4) unity (2) unity linux (4) unix (1) upgrade (5) vector (2) video (3) vinux (2) virtualbsd (1) visual impairment (5) voip (1) vpn (2) wallpapers (3) window maker (4) window managers (1) wireless (10) xfce (16) youtube (1) zenwalk (3) zoo (1)