Slackware64-current ChangeLog

ChangeLog for: 2016-04-15 21:37:37

Finally got some fixes we were waiting for in this new kernel.
It's been almost a month since 14.2rc1 so we'll call this Slackware
14.2 release candidate 2.  Almost there.  Get in any last-minute
bug reports quickly.  :-)
a/kernel-generic-4.4.7-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.4.7-x86_64-1.txz:  Upgraded.
 BLK_DEV_NVME m -> y
a/kernel-modules-4.4.7-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.4.7-x86-1.txz:  Upgraded.
k/kernel-source-4.4.7-noarch-1.txz:  Upgraded.
l/alsa-lib-1.1.1-x86_64-2.txz:  Rebuilt.
  Applied upstream patch to fix error EBADFD.  Thanks to e5150.
l/glibmm-2.46.4-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.6.4-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.6.4-x86_64-1.txz:  Upgraded.
l/gstreamer-1.6.4-x86_64-1.txz:  Upgraded.
l/gtkmm3-3.18.1-x86_64-1.txz:  Upgraded.
l/qca-2.1.1-x86_64-2.txz:  Rebuilt.
  Install crypto.prf in the correct directory.  Thanks to David Spencer.
n/gnutls-3.4.11-x86_64-1.txz:  Upgraded.
n/nfs-utils-1.3.3-x86_64-2.txz:  Rebuilt.
  Fix nfsd startup on kernels without IPv6 support.  Thanks to Mario Preksavec.
n/samba-4.4.2-x86_64-1.txz:  Upgraded.
  This update fixes the security issues known as "badlock" (or "sadlock"),
  which may allow man-in-the-middle or denial-of-service attacks:
    CVE-2015-5370 (Multiple errors in DCE-RPC code)
    CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP)
    CVE-2016-2111 (NETLOGON Spoofing Vulnerability)
    CVE-2016-2112 (LDAP client and server don't enforce integrity)
    CVE-2016-2113 (Missing TLS certificate validation)
    CVE-2016-2114 ("server signing = mandatory" not enforced)
    CVE-2016-2115 (SMB IPC traffic is not integrity protected)
    CVE-2016-2118 (SAMR and LSA man in the middle attacks possible)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
  (* Security fix *)
x/xf86-video-intel-git_20160224_d167280-x86_64-1.txz:  Upgraded.
  So far, this version seems to be the most stable of the ones tested.
  Thanks to Andrzej Telszewski.
x/xf86-video-openchrome-0.4.0-x86_64-1.txz:  Upgraded.
x/xorg-server-1.18.3-x86_64-2.txz:  Rebuilt.
  Applied a patch from https://bugs.freedesktop.org/show_bug.cgi?id=49950
  to fix applying keyboard layout settings when using a keyboard/mouse combo
  device such as a Logitech wireless keyboard with the unifying receiver.
  Thanks to Jean-Philippe Guillemin.
x/xorg-server-xephyr-1.18.3-x86_64-2.txz:  Rebuilt.
x/xorg-server-xnest-1.18.3-x86_64-2.txz:  Rebuilt.
x/xorg-server-xvfb-1.18.3-x86_64-2.txz:  Rebuilt.
xap/geeqie-1.2.3-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-45.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.