User Tools

Site Tools


changelog_14.2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
changelog_14.2 [2019/05/16 12:23]
connie
changelog_14.2 [2019/08/15 01:03] (current)
connie
Line 2: Line 2:
  
 Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding. Slackware upstream ChangeLog entries are courtesy of Patrick Volkerding.
 +
 +==== 2019-08-14 ====
 +
 +**linux-libre-*-4.4.189**: ​ Upgraded.
 +These updates fix various bugs and many security issues, and include the
 +Spectre v1 SWAPGS mitigations.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition. For more information,​ see:
 +
 +Fixed in 4.4.187:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-13631
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2017-18509
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-14283
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-10207
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-14284
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-13648
 +Fixed in 4.4.189:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-20856
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-1125
 +(**Security fix**)
 +
 +==== 2019-08-08 ====
 +
 +**kdelibs-4.14.38**: ​ Upgraded.
 +kconfig: malicious .desktop files (and others) would execute code.
 +For more information,​ see:
 +  * https://​mail.kde.org/​pipermail/​kde-announce/​2019-August/​000047.html
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-14744
 +(**Security fix**)
 +
 +==== 2019-07-25 ====
 +
 +**R-3.6.1**:​ Upgraded (FXP)
 +
 +==== 2019-07-22 ====
 +
 +**linux-libre-*-4.4.186**: ​ Upgraded.
 +These updates fix various bugs and many minor security issues.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information,​ see:
 +  * Fixed in 4.4.183:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11599
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-3892
 +  * Fixed in 4.4.185:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-13272
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-16597
 +  * Fixed in 4.4.186:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-10126
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-3846
 +(**Security fix**)
 +
 +**curl-7.65.3**: ​ Upgraded.
 +This is a bugfix release:
 +Fix a regression that caused the progress meter not to appear.
 +For more information,​ see:
 +  * https://​curl.haxx.se/​changes.html
 +
 +**emacs-26.2**: ​ Upgraded.
 +This is a bugfix release.
 +Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
 +bad signature from GNU ELPA for archive-contents.
 +Thanks to Stefan Monnier and Eric Lindblad.
 +
 +==== 2019-07-14 ====
 +
 +**bzip2-1.0.8**: ​ Upgraded. ​                                                                                                                                          
 +Fixes security issues: ​                                                                                                                                               ​
 +bzip2recover:​ Fix use after free issue with outFile. ​                                                                                                                 ​
 +Make sure nSelectors is not out of range. ​                                                                                                                            
 +For more information,​ see:                                                                                                                                            ​
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2016-3189 ​                                                                                                     ​
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-12900 ​                                                                                                    
 +(**Security fix**)
 +
 +**glibc-zoneinfo-2019b**: ​ Upgraded. ​                                                                                                            
 +This package provides the latest timezone updates. ​                                                                                                                   ​
 +                                                                                                                                                                      ​
 +**rust-1.36.0**: ​ Upgraded.
 +Upgraded to the latest Rust compiler for Firefox 68.0.
 +
 +**xscreensaver-5.43**: ​ Upgraded.
 +Here's an upgrade to the latest xscreensaver.
 +
 +==== 2019-07-13 ====
 +
 +**lincity-ng-2.0**:​ added (FXP). LinCity-NG is  a city simulation game.
 +It is a polished and improved
 +version of the classic LinCity game. In the game,you are required to
 +build and maintain a city. You can win the game either by building a
 +sustainable economy or by evacuating all citizens with spaceships.
 +
 +**SDL_gfx-2.0.25**:​ added (FXP). SDL graphics drawing ​ primitives
 +and other support functions. The
 +SDL_gfx ​ library ​ evolved ​ out of the SDL_gfxPrimitives code which
 +provided basic drawing routines such as lines, circles or polygons
 +and SDL_rotozoom which  implemented a interpolating rotozoomer for
 +SDL surfaces.
 +  * homepage: http://​www.ferzkopp.net/​Software/​SDL_gfx-2.0/​
 +
 +**jam-2.5**:​ added (FXP).
 +Jam is a program construction tool, like make(1). Jam recursively
 +builds target files from source files, using dependency information
 +and updating actions expressed in the Jambase file, which is written
 +in jam's own interpreted language. The default Jambase is compiled
 +into jam and provides a boilerplate for common use, relying on a
 +user-provide file "​Jamfile"​ to enumerate actual targets and sources.
 +  * http://​public.perforce.com/​public/​jam/​src/​Jam.html
 +
 +==== 2019-07-02 ====
 +
 +**icecat-60.7.0**:​ Upgraded (FXP). This update includes upstream features and patches.
 +  * https://​www.mozilla.org/​en-US/​firefox/​60.7.0/​releasenotes/​
 +
 +(**Security fix**)
 +
 +==== 2019-07-01 ====
 +
 +**linux-libre-*-4.4.182**: ​ Upgraded.
 +These updates fix various bugs and many security issues, including the
 +"SACK Panic" remote denial-of-service issue.
 +Be sure to upgrade your initrd after upgrading the kernel packages.
 +If you use lilo to boot your machine, be sure lilo.conf points to the correct
 +kernel and initrd and run lilo as root to update the bootloader.
 +If you use elilo to boot your machine, you should run eliloconfig to copy the
 +kernel and initrd to the EFI System Partition.
 +For more information,​ see:
 +
 +Fixed in 4.4.174:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-5391
 +Fixed in 4.4.175:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-7222
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-7221
 +Fixed in 4.4.176:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-6974
 +Fixed in 4.4.177:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-9213
 +Fixed in 4.4.178:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-3459
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-3460
 +Fixed in 4.4.179:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11486
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11810
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11815
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11190
 +Fixed in 4.4.180:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-20836
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-3882
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11884
 +Fixed in 4.4.181:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11833
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-20510
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2018-1000026
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-9503
 +Fixed in 4.4.182:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11477
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11478
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-11479
 +(**Security fix**)
 +
 +**irssi-1.1.3**: ​ Upgraded.
 +This update fixes a security issue: Use after free when sending SASL login
 +to the server found by ilbelkyr. May affect the stability of Irssi. SASL
 +logins may fail, especially during (manual and automated) reconnect.
 +For more information,​ see:
 +  * https://​irssi.org/​2019/​06/​29/​irssi-1.2.1-1.1.3-1.0.8-released/​
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-13045
 +(**Security fix**)
 +
 +==== 2019-06-20 ====
 +
 +**bind-9.11.8**: ​ Upgraded.
 +Fixed a race condition in dns_dispatch_getnext() that could cause an
 +assertion failure if a significant number of incoming packets were rejected.
 +For more information,​ see:
 +  * https://​kb.isc.org/​docs/​cve-2019-6471
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-6471
 +(**Security fix**)
 +
 +**ca-certificates-20190617**: ​ Upgraded.
 +This update provides the latest CA certificates to check for the
 +authenticity of SSL connections.
 +
 +==== 2019-06-16 ====
 +
 +**curl-7.65.1**: ​ Upgraded.
 +This is a bugfix release.
 +For more information,​ see:
 +  * https://​curl.haxx.se/​changes.html
 +
 +**openssl-1.0.2s**: ​ Upgraded.
 +This is a bugfix release:
 +Change the default RSA, DSA and DH size to 2048 bit instead of 1024.
 +This changes the size when using the genpkey app when no size is given.
 +It fixes an omission in earlier changes that changed all RSA, DSA and DH
 +generation apps to use 2048 bits by default. ​ [Kurt Roeckx]
 +
 +**openssl-solibs-1.0.2s**: ​ Upgraded.
 +
 +**rdesktop-1.8.6**: ​ Upgraded.
 +This is a small bug fix release for rdesktop 1.8.5. An issue was discovered
 +soon after release where it was impossible to connect to some servers. This
 +issue has now been fixed, but otherwise this release is identical to 1.8.5.
 +
 +==== 2019-05-23 ====
 +
 +**curl-7.65.0**: ​ Upgraded.
 +This release fixes the following security issues:
 +Integer overflows in curl_url_set
 +tftp: use the current blksize for recvfrom()
 +For more information,​ see:
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-5435
 +  * https://​cve.mitre.org/​cgi-bin/​cvename.cgi?​name=CVE-2019-5436
 +(**Security fix**)
  
 ==== 2019-05-16 ==== ==== 2019-05-16 ====
changelog_14.2.1558023803.txt.gz ยท Last modified: 2019/05/16 12:23 by connie