Slackware64-current ChangeLog

ChangeLog for: 2023-03-31 19:01:09

a/kernel-generic-6.1.22-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.22-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.22-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-32.txz:  Rebuilt.
  Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha.
d/cmake-3.26.2-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.22-x86-1.txz:  Upgraded.
d/llvm-16.0.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Thanks to Heinz Wiesinger for the assistance.
  Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON
  -DCLANG_LINK_CLANG_DYLIB=ON.
  I think we'll get 16.0.1 next week if we need to make any adjustments.
d/ruby-3.2.2-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  ReDoS vulnerability in URI.
  ReDoS vulnerability in Time.
  For more information, see:
    https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
    https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
    https://www.cve.org/CVERecord?id=CVE-2023-28755
    https://www.cve.org/CVERecord?id=CVE-2023-28756
  (* Security fix *)
k/kernel-source-6.1.22-noarch-1.txz:  Upgraded.
kde/kdevelop-22.12.3-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-16.0.0.
l/openexr-3.1.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz:  Upgraded.
  Compiled against llvm-16.0.0.
l/spirv-llvm-translator-16.0.0-x86_64-1.txz:  Upgraded.
  Compiled against llvm-16.0.0.
  Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON.
n/pssh-2.3.5-x86_64-1.txz:  Upgraded.
n/samba-4.18.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  An incomplete access check on dnsHostName allows authenticated but otherwise
  unprivileged users to delete this attribute from any object in the directory.
  The Samba AD DC administration tool, when operating against a remote LDAP
  server, will by default send new or reset passwords over a signed-only
  connection.
  The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential
  attribute disclosure via LDAP filters was insufficient and an attacker may
  be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
  Installations with such secrets in their Samba AD should assume they have
  been obtained and need replacing.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2023-0225.html
    https://www.samba.org/samba/security/CVE-2023-0922.html
    https://www.samba.org/samba/security/CVE-2023-0614.html
    https://www.cve.org/CVERecord?id=CVE-2023-0225
    https://www.cve.org/CVERecord?id=CVE-2023-0922
    https://www.cve.org/CVERecord?id=CVE-2023-0614
  (* Security fix *)
x/mesa-23.0.1-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0.
xap/seamonkey-2.53.16-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.16
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/rust-1.68.2-x86_64-2.txz:  Rebuilt.
  Use the bundled LLVM rather than the system LLVM.
  This version of Rust actually does compile with llvm-16.0.0, but since it
  bundles LLVM 15 let's let it use that for now.
usb-and-pxe-installers/usbboot.img:  Rebuilt.