Freenix Wiki

User Tools

Site Tools

Trace:
changelog_14.2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
changelog_14.2 [2019/04/26 17:32] conniechangelog_14.2 [2019/08/15 01:03] connie
Line 2: Line 2:
  
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
 +
 +==== 2019-08-14 ====
 +
 +**linux-libre-*-4.4.189**:  Upgraded.
 +These updates fix various bugs and many security issues, and include the
 +Spectre v1 SWAPGS mitigations.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition. For more information, see:
 +
 +Fixed in 4.4.187:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18509
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10207
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648
 +Fixed in 4.4.189:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20856
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125
 +(**Security fix**)
 +
 +==== 2019-08-08 ====
 +
 +**kdelibs-4.14.38**:  Upgraded.
 +kconfig: malicious .desktop files (and others) would execute code.
 +For more information, see:
 +  * https://mail.kde.org/pipermail/kde-announce/2019-August/000047.html
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744
 +(**Security fix**)
 +
 +==== 2019-07-25 ====
 +
 +**R-3.6.1**: Upgraded (FXP)
 +
 +==== 2019-07-22 ====
 +
 +**linux-libre-*-4.4.186**:  Upgraded.
 +These updates fix various bugs and many minor security issues.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information, see:
 +  * Fixed in 4.4.183:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11599
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3892
 +  * Fixed in 4.4.185:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13272
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16597
 +  * Fixed in 4.4.186:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10126
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3846
 +(**Security fix**)
 +
 +**curl-7.65.3**:  Upgraded.
 +This is a bugfix release:
 +Fix a regression that caused the progress meter not to appear.
 +For more information, see:
 +  * https://curl.haxx.se/changes.html
 +
 +**emacs-26.2**:  Upgraded.
 +This is a bugfix release.
 +Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
 +bad signature from GNU ELPA for archive-contents.
 +Thanks to Stefan Monnier and Eric Lindblad.
 +
 +==== 2019-07-14 ====
 +
 +**bzip2-1.0.8**:  Upgraded.                                                                                                                                           
 +Fixes security issues:                                                                                                                                                
 +bzip2recover: Fix use after free issue with outFile.                                                                                                                  
 +Make sure nSelectors is not out of range.                                                                                                                             
 +For more information, see:                                                                                                                                            
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189                                                                                                      
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900                                                                                                     
 +(**Security fix**)
 +
 +**glibc-zoneinfo-2019b**:  Upgraded.                                                                                                             
 +This package provides the latest timezone updates.                                                                                                                    
 +                                                                                                                                                                      
 +**rust-1.36.0**:  Upgraded.
 +Upgraded to the latest Rust compiler for Firefox 68.0.
 +
 +**xscreensaver-5.43**:  Upgraded.
 +Here's an upgrade to the latest xscreensaver.
 +
 +==== 2019-07-13 ====
 +
 +**lincity-ng-2.0**: added (FXP). LinCity-NG is  a city simulation game.
 +It is a polished and improved
 +version of the classic LinCity game. In the game,you are required to
 +build and maintain a city. You can win the game either by building a
 +sustainable economy or by evacuating all citizens with spaceships.
 +
 +**SDL_gfx-2.0.25**: added (FXP). SDL graphics drawing  primitives
 +and other support functions. The
 +SDL_gfx  library  evolved  out of the SDL_gfxPrimitives code which
 +provided basic drawing routines such as lines, circles or polygons
 +and SDL_rotozoom which  implemented a interpolating rotozoomer for
 +SDL surfaces.
 +  * homepage: http://www.ferzkopp.net/Software/SDL_gfx-2.0/
 +
 +**jam-2.5**: added (FXP).
 +Jam is a program construction tool, like make(1). Jam recursively
 +builds target files from source files, using dependency information
 +and updating actions expressed in the Jambase file, which is written
 +in jam's own interpreted language. The default Jambase is compiled
 +into jam and provides a boilerplate for common use, relying on a
 +user-provide file "Jamfile" to enumerate actual targets and sources.
 +  * http://public.perforce.com/public/jam/src/Jam.html
 +
 +==== 2019-07-02 ====
 +
 +**icecat-60.7.0**: Upgraded (FXP). This update includes upstream features and patches.
 +  * https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/
 +
 +(**Security fix**)
 +
 +==== 2019-07-01 ====
 +
 +**linux-libre-*-4.4.182**:  Upgraded.
 +These updates fix various bugs and many security issues, including the
 +"SACK Panic" remote denial-of-service issue.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information, see:
 +
 +Fixed in 4.4.174:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391
 +Fixed in 4.4.175:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7222
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7221
 +Fixed in 4.4.176:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6974
 +Fixed in 4.4.177:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213
 +Fixed in 4.4.178:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3459
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3460
 +Fixed in 4.4.179:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11486
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11810
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11815
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11190
 +Fixed in 4.4.180:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11884
 +Fixed in 4.4.181:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11833
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20510
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000026
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503
 +Fixed in 4.4.182:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479
 +(**Security fix**)
 +
 +**irssi-1.1.3**:  Upgraded.
 +This update fixes a security issue: Use after free when sending SASL login
 +to the server found by ilbelkyr. May affect the stability of Irssi. SASL
 +logins may fail, especially during (manual and automated) reconnect.
 +For more information, see:
 +  * https://irssi.org/2019/06/29/irssi-1.2.1-1.1.3-1.0.8-released/
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045
 +(**Security fix**)
 +
 +==== 2019-06-20 ====
 +
 +**bind-9.11.8**:  Upgraded.
 +Fixed a race condition in dns_dispatch_getnext() that could cause an
 +assertion failure if a significant number of incoming packets were rejected.
 +For more information, see:
 +  * https://kb.isc.org/docs/cve-2019-6471
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471
 +(**Security fix**)
 +
 +**ca-certificates-20190617**:  Upgraded.
 +This update provides the latest CA certificates to check for the
 +authenticity of SSL connections.
 +
 +==== 2019-06-16 ====
 +
 +**curl-7.65.1**:  Upgraded.
 +This is a bugfix release.
 +For more information, see:
 +  * https://curl.haxx.se/changes.html
 +
 +**openssl-1.0.2s**:  Upgraded.
 +This is a bugfix release:
 +Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
 +This changes the size when using the genpkey app when no size is given.
 +It fixes an omission in earlier changes that changed all RSA, DSA and DH
 +generation apps to use 2048 bits by default.  [Kurt Roeckx]
 +
 +**openssl-solibs-1.0.2s**:  Upgraded.
 +
 +**rdesktop-1.8.6**:  Upgraded.
 +This is a small bug fix release for rdesktop 1.8.5. An issue was discovered
 +soon after release where it was impossible to connect to some servers. This
 +issue has now been fixed, but otherwise this release is identical to 1.8.5.
 +
 +==== 2019-05-23 ====
 +
 +**curl-7.65.0**:  Upgraded.
 +This release fixes the following security issues:
 +Integer overflows in curl_url_set
 +tftp: use the current blksize for recvfrom()
 +For more information, see:
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
 +  * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
 +(**Security fix**)
 +
 +==== 2019-05-16 ====
 +
 +**rdesktop-1.8.5**:  Upgraded.
 +This update fixes security issues:
 +Add bounds checking to protocol handling in order to fix many
 +security problems when communicating with a malicious server.
 +(**Security fix**)
  
 ==== 2019-04-26 ==== ==== 2019-04-26 ====
changelog_14.2.txt · Last modified: 2023/12/23 13:40 by connie