ChangeLog for: 2017-02-10 22:07:35
a/aaa_elflibs-14.2-x86_64-28.txz: Rebuilt.
a/grep-2.28-x86_64-1.txz: Upgraded.
a/hdparm-9.51-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.0.2k-x86_64-1.txz: Upgraded.
a/sed-4.4-x86_64-1.txz: Upgraded.
a/util-linux-2.29.1-x86_64-1.txz: Upgraded.
ap/ddrescue-1.22-x86_64-1.txz: Upgraded.
ap/flac-1.3.2-x86_64-1.txz: Upgraded.
ap/sqlite-3.16.2-x86_64-1.txz: Upgraded.
ap/tmux-2.3-x86_64-2.txz: Rebuilt.
Recompiled against libevent-2.1.8.
d/llvm-3.9.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Added support for lldb and openmp to the package.
Thanks to Heinz Wiesinger.
d/opencl-headers-2.1-noarch-1.txz: Added.
d/scons-2.5.1-x86_64-1.txz: Upgraded.
l/ffmpeg-3.2.3-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
l/gmime-2.6.23-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.10.3-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.10.3-x86_64-1.txz: Upgraded.
l/gstreamer-1.10.3-x86_64-1.txz: Upgraded.
l/json-c-0.12-x86_64-1.txz: Removed.
This had been a required dep for PulseAudio, but has become optional. Since
being added to Slackware, a few other packages had begun to use it
(NetworkManager, BIND), but it's not really critical there either so we're
removing it from the main tree. If you require json-c for something, it is
expected that SBo will be picking it up.
l/libclc-20160921_520743b-x86_64-1.txz: Added.
This is needed by Mesa.
l/libedit-20160903_3.1-x86_64-1.txz: Added.
This is needed by lldb.
l/libevent-2.1.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libjpeg-turbo-1.5.1-x86_64-1.txz: Upgraded.
l/libnl3-3.2.29-x86_64-1.txz: Upgraded.
l/libpcap-1.8.1-x86_64-1.txz: Upgraded.
l/libvpx-1.6.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libzip-1.1.3-x86_64-1.txz: Upgraded.
l/ocl-icd-2.2.11-x86_64-1.txz: Added.
l/openjpeg-2.1.2-x86_64-1.txz: Upgraded.
l/pulseaudio-10.0-x86_64-1.txz: Upgraded.
l/python-six-1.10.0-x86_64-1.txz: Added.
This is needed by lldb.
l/rasqal-0.9.33-x86_64-1.txz: Upgraded.
l/redland-1.0.17-x86_64-1.txz: Upgraded.
l/serf-1.3.9-x86_64-1.txz: Upgraded.
n/NetworkManager-1.6.0-x86_64-1.txz: Upgraded.
n/bind-9.11.0_P3-x86_64-1.txz: Upgraded.
This update fixes a denial-of-service vulnerability. Under some conditions
when using both DNS64 and RPZ to rewrite query responses, query processing
can resume in an inconsistent state leading to either an INSIST assertion
failure or an attempt to read through a NULL pointer.
For more information, see:
https://kb.isc.org/article/AA-01453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135
(* Security fix *)
n/iproute2-4.9.0-x86_64-1.txz: Upgraded.
n/iptables-1.6.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/links-2.14-x86_64-2.txz: Rebuilt.
Recompiled against libevent-2.1.8.
n/mutt-1.7.2-x86_64-2.txz: Rebuilt.
Recompiled with --enable-sidebar option. Thanks to Corrado Franco.
n/nftables-0.7-x86_64-2.txz: Rebuilt.
Recompiled against iptables-1.6.1. Added libxtables support.
n/ntp-4.2.8p9-x86_64-3.txz: Rebuilt.
Recompiled against libevent-2.1.8.
n/openssl-1.0.2k-x86_64-1.txz: Upgraded.
This update fixes security issues:
Truncated packet could crash via OOB read (CVE-2017-3731)
BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
Montgomery multiplication may produce incorrect results (CVE-2016-7055)
For more information, see:
https://www.openssl.org/news/secadv/20170126.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
(* Security fix *)
n/php-5.6.30-x86_64-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.30
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161
(* Security fix *)
n/samba-4.5.5-x86_64-1.txz: Upgraded.
n/tcpdump-4.9.0-x86_64-1.txz: Upgraded.
Fixed bugs which allow an attacker to crash tcpdump (denial of service).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
(* Security fix *)
n/wget-1.19-x86_64-1.txz: Upgraded.
n/zd1211-firmware-1.5-fw-1.txz: Upgraded.
x/fontconfig-2.12.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
x/libdrm-2.4.75-x86_64-1.txz: Upgraded.
x/libinput-1.6.0-x86_64-1.txz: Upgraded.
x/mesa-13.0.4-x86_64-1.txz: Upgraded.
x/xf86-video-vmware-13.2.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-3.9.1.
xap/MPlayer-1.3_20170208-x86_64-1.txz: Upgraded.
Upgraded to 1.3 branch, compiled against system ffmpeg-3.2.3.
Thanks to Heinz Wiesinger.
xap/mozilla-thunderbird-45.7.1-x86_64-1.txz: Upgraded.
Fixed crash when viewing certain IMAP messages (introduced in 45.7.0)
xap/network-manager-applet-1.4.4-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.6-x86_64-10.txz: Rebuilt.
Recompiled against system ffmpeg-3.2.3.