|author||Adrien Nader <email@example.com>||2010-07-09 14:00:58 +0200|
|committer||Adrien Nader <firstname.lastname@example.org>||2010-07-09 14:00:58 +0200|
Wed Jun 30 04:51:49 UTC 2010
l/libpng-1.4.3-x86_64-1.txz: Upgraded. Upgraded to libpng-1.2.44 and libpng-1.4.3. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 (* Security fix *) l/libtiff-3.9.4-x86_64-1.txz: Upgraded. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 (* Security fix *) +--------------------------+ Sun Jun 27 17:25:18 UTC 2010 xap/mozilla-firefox-3.6.6-x86_64-1.txz: Upgraded. This changes the crash protection feature to increase the timeout before a plugin is considered non-responsive. +--------------------------+ Sun Jun 27 03:43:13 UTC 2010 ap/ghostscript-8.71-x86_64-3.txz: Rebuilt. Merged an upstream patch from Till Kamppeter to fix printing black pages with CUPS and certain printers. +--------------------------+ Fri Jun 25 05:28:02 UTC 2010 a/cups-1.4.4-x86_64-1.txz: Upgraded. Fixed a memory allocation error in texttops. Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote attacker to reconfigure or disable CUPS if a CUPS admin logged into the web interface visited a specially-crafted website. Fixed a bug where uninitialized memory from the cupsd process could reveal sensitive information. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748 (* Security fix *) d/ccache-3.0-x86_64-1.txz: Upgraded. d/gdb-7.1-x86_64-2.txz: Rebuilt. Added --with-python=no to fix errors about missing backtrace.py, which is not yet in stable glib. Thanks to David Woodfall. l/imlib-1.9.15-x86_64-7.txz: Rebuilt. This fixes problems linking with libpng. l/seamonkey-solibs-2.0.5-x86_64-1.txz: Upgraded. n/bind-9.7.1-x86_64-1.txz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 (* Security fix *) Thanks to Rob McGee for help with the upgrade to BIND 9.7.x. xap/mozilla-firefox-3.6.4-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html (* Security fix *) xap/mozilla-thunderbird-3.1-x86_64-1.txz: Upgraded. (* Security fix *) xap/seamonkey-2.0.5-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html (* Security fix *) +--------------------------+ Sat Jun 19 00:59:41 UTC 2010 testing/packages/btrfs-progs-20100618-x86_64-1.txz: Added btrfs-convert. Thanks to mancha. +--------------------------+ Fri Jun 18 18:12:04 UTC 2010 ap/alsa-utils-1.0.23-x86_64-2.txz: Rebuilt. Patched alsaconf to generate /etc/modprobe.d/sound.conf. Thanks to Alan Hicks. kde/kdebase-workspace-4.4.3-x86_64-2.txz: Rebuilt. Patched xinitrc.kde to launch with ck-launch-session only if the DESKTOP_SESSION variable is empty. This fixes a bug where a ck-aware login manager such as KDM may have already launched a ConsoleKit session, causing the xinitrc to launch another one and marking the first one inactive. This can lead to auth failures. Thanks to Robby Workman. n/samba-3.5.3-x86_64-1.txz: Upgraded. xap/xfce-4.6.1-x86_64-9.txz: Rebuilt. Patched xinitrc.xfce to launch with ck-launch-session only if the DESKTOP_SESSION variable is empty. Thanks to Robby Workman. +--------------------------+ Wed May 19 08:58:23 UTC 2010 Slackware 13.1 x86_64 stable is released! Lots of thanks are due -- see the RELEASE_NOTES and the rest of the ChangeLog for credits. The ISOs are on their way to replication, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. We are taking pre-orders now at store.slackware.com, and offering a discount if you sign up for a subscription. Consider picking up a copy to help support the project. Thanks again to the Slackware community for testing, contributing, and generally holding us to a high level of quality. :-) Enjoy!