Wed Jun 30 04:51:49 UTC 2010

l/libpng-1.4.3-x86_64-1.txz:  Upgraded.
  Upgraded to libpng-1.2.44 and libpng-1.4.3.
  This fixes out-of-bounds memory write bugs that could lead to crashes
  or the execution of arbitrary code, and a memory leak bug which could
  lead to application crashes.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
  (* Security fix *)
l/libtiff-3.9.4-x86_64-1.txz:  Upgraded.
  This fixes image structure handling bugs that could lead to crashes or
  execution of arbitrary code if a specially-crafted TIFF image is loaded.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
  (* Security fix *)
+--------------------------+
Sun Jun 27 17:25:18 UTC 2010
xap/mozilla-firefox-3.6.6-x86_64-1.txz:  Upgraded.
  This changes the crash protection feature to increase the timeout
  before a plugin is considered non-responsive.
+--------------------------+
Sun Jun 27 03:43:13 UTC 2010
ap/ghostscript-8.71-x86_64-3.txz:  Rebuilt.
  Merged an upstream patch from Till Kamppeter to fix printing black pages
  with CUPS and certain printers.
+--------------------------+
Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-x86_64-1.txz:  Upgraded.
  Fixed a memory allocation error in texttops.
  Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote
  attacker to reconfigure or disable CUPS if a CUPS admin logged into the
  web interface visited a specially-crafted website.
  Fixed a bug where uninitialized memory from the cupsd process could
  reveal sensitive information.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
  (* Security fix *)
d/ccache-3.0-x86_64-1.txz:  Upgraded.
d/gdb-7.1-x86_64-2.txz:  Rebuilt.
  Added --with-python=no to fix errors about missing backtrace.py, which is
  not yet in stable glib.  Thanks to David Woodfall.
l/imlib-1.9.15-x86_64-7.txz:  Rebuilt.
  This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-x86_64-1.txz:  Upgraded.
n/bind-9.7.1-x86_64-1.txz:  Upgraded.
  This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
  and checking is disabled (CD).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
  (* Security fix *)
  Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-x86_64-1.txz:  Upgraded.
  This fixes some security issues.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
  (* Security fix *)
xap/mozilla-thunderbird-3.1-x86_64-1.txz:  Upgraded.
  (* Security fix *)
xap/seamonkey-2.0.5-x86_64-1.txz:  Upgraded.
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
  (* Security fix *)
+--------------------------+
Sat Jun 19 00:59:41 UTC 2010
testing/packages/btrfs-progs-20100618-x86_64-1.txz:
  Added btrfs-convert.  Thanks to mancha.
+--------------------------+
Fri Jun 18 18:12:04 UTC 2010
ap/alsa-utils-1.0.23-x86_64-2.txz:  Rebuilt.
  Patched alsaconf to generate /etc/modprobe.d/sound.conf.
  Thanks to Alan Hicks.
kde/kdebase-workspace-4.4.3-x86_64-2.txz:  Rebuilt.
  Patched xinitrc.kde to launch with ck-launch-session only if the
  DESKTOP_SESSION variable is empty.  This fixes a bug where a ck-aware
  login manager such as KDM may have already launched a ConsoleKit
  session, causing the xinitrc to launch another one and marking the
  first one inactive.  This can lead to auth failures.
  Thanks to Robby Workman.
n/samba-3.5.3-x86_64-1.txz:  Upgraded.
xap/xfce-4.6.1-x86_64-9.txz:  Rebuilt.
  Patched xinitrc.xfce to launch with ck-launch-session only if the
  DESKTOP_SESSION variable is empty.  Thanks to Robby Workman.
+--------------------------+
Wed May 19 08:58:23 UTC 2010
Slackware 13.1 x86_64 stable is released!
Lots of thanks are due -- see the RELEASE_NOTES and the rest of the
ChangeLog for credits.  The ISOs are on their way to replication,
a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We are taking pre-orders now at store.slackware.com, and offering
a discount if you sign up for a subscription.  Consider picking up
a copy to help support the project.  Thanks again to the Slackware
community for testing, contributing, and generally holding us to a
high level of quality.  :-)
Enjoy!

1 files changed, 62 insertions, 0 deletions

diff --git a/slackware64-current/source/l/readline/readline-5.2-patches/readline52-006 b/slackware64-current/source/l/readline/readline-5.2-patches/readline52-006
new file mode 100644
index 000000000..d7391438d
--- /dev/null
+++ b/slackware64-current/source/l/readline/readline-5.2-patches/readline52-006
@@ -0,0 +1,62 @@
+			   READLINE PATCH REPORT
+			   =====================
+
+Readline-Release: 5.2
+Patch-ID: readline52-006
+
+Bug-Reported-by:        Peter Volkov <torre_cremata@mail.ru>
+Bug-Reference-ID:       <1178376645.9063.25.camel@localhost>
+Bug-Reference-URL:      http://bugs.gentoo.org/177095
+
+Bug-Description:
+
+The readline display code miscalculated the screen position when performing
+a redisplay in which the new text occupies more screen space that the old,
+but takes fewer bytes to do so (e.g., when replacing a shorter string
+containing multibyte characters with a longer one containing only ASCII).
+
+Patch:
+
+*** ../readline-5.2/display.c	Thu Apr 26 11:38:22 2007
+--- display.c	Thu Jul 12 23:10:10 2007
+***************
+*** 1519,1527 ****
+        /* Non-zero if we're increasing the number of lines. */
+        int gl = current_line >= _rl_vis_botlin && inv_botlin > _rl_vis_botlin;
+        /* Sometimes it is cheaper to print the characters rather than
+  	 use the terminal's capabilities.  If we're growing the number
+  	 of lines, make sure we actually cause the new line to wrap
+  	 around on auto-wrapping terminals. */
+!       if (_rl_terminal_can_insert && ((2 * col_temp) >= col_lendiff || _rl_term_IC) && (!_rl_term_autowrap || !gl))
+  	{
+  	  /* If lendiff > prompt_visible_length and _rl_last_c_pos == 0 and
+--- 1568,1596 ----
+        /* Non-zero if we're increasing the number of lines. */
+        int gl = current_line >= _rl_vis_botlin && inv_botlin > _rl_vis_botlin;
++       /* If col_lendiff is > 0, implying that the new string takes up more
++ 	 screen real estate than the old, but lendiff is < 0, meaning that it
++ 	 takes fewer bytes, we need to just output the characters starting
++ 	 from the first difference.  These will overwrite what is on the
++ 	 display, so there's no reason to do a smart update.  This can really
++ 	 only happen in a multibyte environment. */
++       if (lendiff < 0)
++ 	{
++ 	  _rl_output_some_chars (nfd, temp);
++ 	  _rl_last_c_pos += _rl_col_width (nfd, 0, temp);
++ 	  /* If nfd begins before any invisible characters in the prompt,
++ 	     adjust _rl_last_c_pos to account for wrap_offset and set
++ 	     cpos_adjusted to let the caller know. */
++ 	  if (current_line == 0 && wrap_offset && ((nfd - new) <= prompt_last_invisible))
++ 	    {
++ 	      _rl_last_c_pos -= wrap_offset;
++ 	      cpos_adjusted = 1;
++ 	    }
++ 	  return;
++ 	}
+        /* Sometimes it is cheaper to print the characters rather than
+  	 use the terminal's capabilities.  If we're growing the number
+  	 of lines, make sure we actually cause the new line to wrap
+  	 around on auto-wrapping terminals. */
+!       else if (_rl_terminal_can_insert && ((2 * col_temp) >= col_lendiff || _rl_term_IC) && (!_rl_term_autowrap || !gl))
+  	{
+  	  /* If lendiff > prompt_visible_length and _rl_last_c_pos == 0 and