Last Week's Updates and Upgrades in the Current Branch

Last week brought us the Linux kernel 4.14.68 in Slackware Current, as well as an update to Mozilla's Firefox ESR which is now at 60.2.0 plus a whole raft of other upgrades and security or bug fixes to curl, ghostscript, sysvinit, tar and pkgtools. See the detailed changelog from the Slackware page below. Apart from this, an update for Chromium is also in the pipeline over at AlienBob's, as indicated in his blog post dated 8th September.


Fri Sep 7 23:00:06 UTC 2018
x/mesa-18.2.0-x86_64-1.txz: Upgraded.
+--------------------------+
Fri Sep 7 20:02:52 UTC 2018
ap/ghostscript-9.24-x86_64-3.txz: Rebuilt.
       Added two upstream patches to fix PDF printing. Thanks to Petri Kaukasoina.
l/librsvg-2.44.2-x86_64-1.txz: Upgraded.
+--------------------------+
Thu Sep 6 23:22:45 UTC 2018
a/pkgtools-15.0-noarch-23.txz: Rebuilt.
       Removed stray cat and loop kludges for lack of reported size, since this
       is fixed now in tar.
a/tar-1.30-x86_64-3.txz: Rebuilt.
       Fixed a bug in the nolonezero patch that was evidently causing all of the
       issues in installpkg that we'd been kludging around (e.g. the "stray cat").
       Thanks *very* much to NonNonBa for the patch, and to SeB for the initial
       analysis of the problem.
ap/ghostscript-9.24-x86_64-2.txz: Rebuilt.
       Applied upstream patch to fix "Filter failed". Thanks to th_r and bamunds.
d/gdb-8.2-x86_64-1.txz: Upgraded.
d/indent-2.2.12-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Thu Sep 6 06:15:46 UTC 2018
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
       Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
       installpkg: prevent noise from the "stray cat" if tar hands it a broken
       pipe. Thanks to ivandi.
       Also (in the comments) provide a possibly better but untested solution.
       Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
       sysvinit-2.90 added an undocumented feature that tries to spawn agetty
       if it sees console= in the kernel command line. Avoiding the debate about
       whether this code belongs in init at all, at least such a change should
       be documented, and probably made opt-in. This patch disables the new
       behavior unless "sysvinit_agetty" is also seen in the kernel command line.
       It seems like this might have been something added for Hurd, and it might
       be wise to stick to what we've got rather than following upstream on this
       particular package. If anyone notices any other odd behavior, please let
       me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
       When checking for intel_pstate, direct the stderr to /dev/null in case
       the file doesn't exist in /sys. Thanks to ivandi.
       Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
       Patched multiple -dSAFER sandbox bypass vulnerabilities.
       Thanks to Tavis Ormandy.
       For more information, see:
       https://www.ghostscript.com/doc/9.24/News.htm
       https://www.kb.cert.org/vuls/id/332928
       (* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
       elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for
       corrupt symbol version info.
       elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
       when overriding a dynamic definition.
       Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
       Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
       OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
       This update fixes an NTLM password overflow via integer overflow.
       For more information, see:
       https://curl.haxx.se/docs/CVE-2018-14618.html
       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
       (* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
       rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
       This release contains security fixes and improvements.
       For more information, see:
       https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
       (* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.