Slackware64-current ChangeLog

ChangeLog for: 2016-02-23 20:31:59

a/glibc-solibs-2.23-x86_64-1.txz:  Upgraded.
a/kernel-generic-4.4.2-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.4.2-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.4.2-x86_64-1.txz:  Upgraded.
a/procps-ng-3.3.10-x86_64-5.txz:  Rebuilt.
  Restored FROM field in w.  Thanks to Stuart Winter.
ap/cups-2.1.3-x86_64-2.txz:  Rebuilt.
  Corrected CXXFLAGS to fix build for older CPUs.  Thanks to ecd102.
ap/mc-4.8.15-x86_64-2.txz:  Rebuilt.
  Patched to fix displaying man pages.  Thanks to DarkVision.
d/kernel-headers-4.4.2-x86-1.txz:  Upgraded.
k/kernel-source-4.4.2-noarch-1.txz:  Upgraded.
  Key .config changes for this kernel update:
    CHECKPOINT_RESTORE n -> y
    DEBUG_KERNEL n -> y
    EXPERT n -> y
    NR_CPUS 128 -> 256
    KALLSYMS_ALL y
    LIVEPATCH y
l/GConf-3.2.6-x86_64-3.txz:  Rebuilt.
  Patched "GConf-WARNING **: Client failed to connect to the D-BUS daemon:"
  and added a couple other patches from git.  Thanks to Robby Workman.
l/alsa-lib-1.1.0-x86_64-3.txz:  Rebuilt.
  Changed the default /etc/asound.conf.new to use a different configuration
  for PulseAudio that is less likely to cause issues than the previous one,
  especially on machines where the analog output is not recognized as card 0
  by the BIOS.  Thanks to Ryan P.C. McQuen who went above and beyond on this
  bug report by convincing upstream to recommend this on their website in
  order to convince me to make the change.  :-)
l/glibc-2.23-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  Of the security fixes, the most important and well-publicized is the
  stack-based buffer overflow in libresolv that could allow specially
  crafted DNS responses to seize control of execution flow in the DNS
  client (CVE-2015-7547).  However, due to a patch applied to Slackware's
  glibc back in 2009 (don't use the gethostbyname4() lookup method as it
  was causing some cheap routers to misbehave), we were not vulnerable to
  that issue.  The rest of the fixed security issues are less critical.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8776
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8778
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8779
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9761
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547
  (* Security fix *)
l/glibc-i18n-2.23-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.23-x86_64-1.txz:  Upgraded.
l/libproxy-0.4.12-x86_64-1.txz:  Upgraded.
n/bind-9.10.3_P3-x86_64-1.txz:  Upgraded.
  This release fixes two possible denial-of-service issues:
    render_ecs errors were mishandled when printing out a OPT record resulting
    in a assertion failure.  (CVE-2015-8705) [RT #41397]
    Specific APL data could trigger a INSIST.  (CVE-2015-8704) [RT #41396]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
  (* Security fix *)
n/libgcrypt-1.6.5-x86_64-1.txz:  Upgraded.
  Mitigate side-channel attack on ECDH with Weierstrass curves.
  For more information, see:
    http://www.cs.tau.ac.IL/~tromer/ecdh/
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511
  (* Security fix *)
n/nmap-7.01-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p6-x86_64-1.txz:  Upgraded.
  In addition to bug fixes and enhancements, this release fixes
  several low and medium severity vulnerabilities.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
  (* Security fix *)
x/xf86-video-amdgpu-1.0.1-x86_64-1.txz:  Upgraded.
xap/blueman-2.0.3-x86_64-2.txz:  Rebuilt.
  Rewrite launcher scripts to use #!/usr/bin/python2.7 rather than
  #!/usr/bin/env python.
  For details, see:  https://github.com/blueman-project/blueman/issues/435
  Thanks to zakame and Robby Workman.
extra/tigervnc/tigervnc-1.6.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.