Wed Jun 30 04:51:49 UTC 2010

l/libpng-1.4.3-x86_64-1.txz:  Upgraded.
  Upgraded to libpng-1.2.44 and libpng-1.4.3.
  This fixes out-of-bounds memory write bugs that could lead to crashes
  or the execution of arbitrary code, and a memory leak bug which could
  lead to application crashes.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
  (* Security fix *)
l/libtiff-3.9.4-x86_64-1.txz:  Upgraded.
  This fixes image structure handling bugs that could lead to crashes or
  execution of arbitrary code if a specially-crafted TIFF image is loaded.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
  (* Security fix *)
+--------------------------+
Sun Jun 27 17:25:18 UTC 2010
xap/mozilla-firefox-3.6.6-x86_64-1.txz:  Upgraded.
  This changes the crash protection feature to increase the timeout
  before a plugin is considered non-responsive.
+--------------------------+
Sun Jun 27 03:43:13 UTC 2010
ap/ghostscript-8.71-x86_64-3.txz:  Rebuilt.
  Merged an upstream patch from Till Kamppeter to fix printing black pages
  with CUPS and certain printers.
+--------------------------+
Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-x86_64-1.txz:  Upgraded.
  Fixed a memory allocation error in texttops.
  Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote
  attacker to reconfigure or disable CUPS if a CUPS admin logged into the
  web interface visited a specially-crafted website.
  Fixed a bug where uninitialized memory from the cupsd process could
  reveal sensitive information.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
  (* Security fix *)
d/ccache-3.0-x86_64-1.txz:  Upgraded.
d/gdb-7.1-x86_64-2.txz:  Rebuilt.
  Added --with-python=no to fix errors about missing backtrace.py, which is
  not yet in stable glib.  Thanks to David Woodfall.
l/imlib-1.9.15-x86_64-7.txz:  Rebuilt.
  This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-x86_64-1.txz:  Upgraded.
n/bind-9.7.1-x86_64-1.txz:  Upgraded.
  This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
  and checking is disabled (CD).
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
  (* Security fix *)
  Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-x86_64-1.txz:  Upgraded.
  This fixes some security issues.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
  (* Security fix *)
xap/mozilla-thunderbird-3.1-x86_64-1.txz:  Upgraded.
  (* Security fix *)
xap/seamonkey-2.0.5-x86_64-1.txz:  Upgraded.
  This release fixes some more security vulnerabilities.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
  (* Security fix *)
+--------------------------+
Sat Jun 19 00:59:41 UTC 2010
testing/packages/btrfs-progs-20100618-x86_64-1.txz:
  Added btrfs-convert.  Thanks to mancha.
+--------------------------+
Fri Jun 18 18:12:04 UTC 2010
ap/alsa-utils-1.0.23-x86_64-2.txz:  Rebuilt.
  Patched alsaconf to generate /etc/modprobe.d/sound.conf.
  Thanks to Alan Hicks.
kde/kdebase-workspace-4.4.3-x86_64-2.txz:  Rebuilt.
  Patched xinitrc.kde to launch with ck-launch-session only if the
  DESKTOP_SESSION variable is empty.  This fixes a bug where a ck-aware
  login manager such as KDM may have already launched a ConsoleKit
  session, causing the xinitrc to launch another one and marking the
  first one inactive.  This can lead to auth failures.
  Thanks to Robby Workman.
n/samba-3.5.3-x86_64-1.txz:  Upgraded.
xap/xfce-4.6.1-x86_64-9.txz:  Rebuilt.
  Patched xinitrc.xfce to launch with ck-launch-session only if the
  DESKTOP_SESSION variable is empty.  Thanks to Robby Workman.
+--------------------------+
Wed May 19 08:58:23 UTC 2010
Slackware 13.1 x86_64 stable is released!
Lots of thanks are due -- see the RELEASE_NOTES and the rest of the
ChangeLog for credits.  The ISOs are on their way to replication,
a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We are taking pre-orders now at store.slackware.com, and offering
a discount if you sign up for a subscription.  Consider picking up
a copy to help support the project.  Thanks again to the Slackware
community for testing, contributing, and generally holding us to a
high level of quality.  :-)
Enjoy!

6 files changed, 239 insertions, 0 deletions

diff --git a/slackware64-current/source/n/openssh/doinst.sh.gz b/slackware64-current/source/n/openssh/doinst.sh.gz
new file mode 100644
index 000000000..7a7e894de
--- /dev/null
+++ b/slackware64-current/source/n/openssh/doinst.sh.gz
@@ -0,0 +1 @@
+e4a4f592c8a721697008553e2763c4b597af63b8
diff --git a/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz b/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz
new file mode 100644
index 000000000..65339d110
--- /dev/null
+++ b/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz
@@ -0,0 +1 @@
+361c6335e74809b26ea096b34062ba8ff6c97cd6
diff --git a/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz.asc b/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz.asc
new file mode 100644
index 000000000..88e351ff3
--- /dev/null
+++ b/slackware64-current/source/n/openssh/openssh-5.5p1.tar.gz.asc
@@ -0,0 +1 @@
+7329ac2b5295cd49d553657353a5d969cc682829
diff --git a/slackware64-current/source/n/openssh/openssh.SlackBuild b/slackware64-current/source/n/openssh/openssh.SlackBuild
new file mode 100755
index 000000000..3d0d1a986
--- /dev/null
+++ b/slackware64-current/source/n/openssh/openssh.SlackBuild
@@ -0,0 +1,164 @@
+#!/bin/sh
+
+# Copyright 2000 BSDi, Inc. Concord, CA, USA
+# Copyright 2001, 2002, 2003, 2004  Slackware Linux, Inc. Concord, CA, USA
+# Copyright 2006, 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+# Set initial variables:
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-openssh
+
+VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+NUMJOBS=${NUMJOBS:--j6}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i486 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+elif [ "$ARCH" = "arm" ]; then
+  SLKCFLAGS="-O2 -march=armv4 -mtune=xscale"
+elif [ "$ARCH" = "armel" ]; then
+  SLKCFLAGS="-O2 -march=armv4t"
+else
+  SLKCFLAGS="-O2"
+fi
+
+# Clean target location:
+rm -rf $PKG
+mkdir -p $PKG
+
+# Prepare the framework and extract the package:
+cd $TMP
+rm -rf $PKG openssh-$VERSION
+tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || exit 1
+cd openssh-$VERSION
+chown -R root:root .
+
+# Compile package:
+CFLAGS="$SLKCFLAGS" \
+./configure \
+  --prefix=/usr \
+  --mandir=/usr/man \
+  --sysconfdir=/etc/ssh \
+  --without-pam \
+  --with-md5-passwords \
+  --with-tcp-wrappers \
+  --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \
+  --with-ipv4-default \
+  --with-privsep-path=/var/empty \
+  --with-privsep-user=sshd \
+  --build=$ARCH-slackware-linux
+
+make $NUMJOBS || make || exit 1
+
+# Install the package:
+make install DESTDIR=$PKG
+
+find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+# Compress and if needed symlink the man pages:
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1) ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
+
+# Install directory used with PrivilegeSeparation option:
+mkdir -p $PKG/var/empty
+chmod 755 $PKG/var/empty
+
+# Install docs:
+mkdir -p $PKG/usr/doc/openssh-$VERSION
+cp -a \
+  CREDITS ChangeLog INSTALL LICENCE OVERVIEW \
+  README README.privsep README.smartcard RFC.nroff TODO WARNING.RNG \
+  $PKG/usr/doc/openssh-$VERSION
+chmod 644 $PKG/usr/doc/openssh-$VERSION/*
+
+# If there's a ChangeLog, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r ChangeLog ]; then
+  DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION)
+  cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
+  touch -r ChangeLog $DOCSDIR/ChangeLog
+fi
+
+# Install also 'ssh-copy-id' and its manpage from contrib:
+( cd contrib
+  cp -a ssh-copy-id $PKG/usr/bin/ssh-copy-id
+  chmod 755 $PKG/usr/bin/ssh-copy-id
+  cat ssh-copy-id.1 | gzip -9c > $PKG/usr/man/man1/ssh-copy-id.1.gz
+)
+
+( cd $PKG
+
+  # Ditch the new host keys, since these have to be uniquely prepared on each machine:
+  rm -f etc/ssh/ssh_host_dsa_key
+  rm -f etc/ssh/ssh_host_dsa_key.pub
+  rm -f etc/ssh/ssh_host_rsa_key
+  rm -f etc/ssh/ssh_host_rsa_key.pub
+  rm -f etc/ssh/ssh_host_key
+  rm -f etc/ssh/ssh_host_key.pub
+
+  # Set up the config script installation:
+  mv etc/ssh/ssh_config etc/ssh/ssh_config.new
+  mv etc/ssh/sshd_config etc/ssh/sshd_config.new
+
+  # Add the init script:
+  mkdir -p etc/rc.d
+  cat $CWD/rc.sshd > etc/rc.d/rc.sshd.new
+  chmod 755 etc/rc.d/rc.sshd.new
+
+  # Copy runtime installation files:
+  mkdir -p install
+  zcat $CWD/doinst.sh.gz > install/doinst.sh
+  cat $CWD/slack-desc > install/slack-desc
+)
+
+# Create the package itself:
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/openssh-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/slackware64-current/source/n/openssh/rc.sshd b/slackware64-current/source/n/openssh/rc.sshd
new file mode 100644
index 000000000..8b496568e
--- /dev/null
+++ b/slackware64-current/source/n/openssh/rc.sshd
@@ -0,0 +1,53 @@
+#!/bin/sh
+# Start/stop/restart the secure shell server:
+
+sshd_start() {
+  # Create host keys if needed.
+  if [ ! -r /etc/ssh/ssh_host_key ]; then
+    /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 
+  fi
+  if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
+    /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
+  fi
+  if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+    /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+  fi
+  /usr/sbin/sshd
+}
+
+sshd_stop() {
+  killall sshd
+}
+
+sshd_restart() {
+  if [ -r /var/run/sshd.pid ]; then
+    echo "WARNING: killing listener process only.  To kill every sshd process, you must"
+    echo "         use 'rc.sshd stop'.  'rc.sshd restart' kills only the parent sshd to"
+    echo "         allow an admin logged in through sshd to use 'rc.sshd restart' without"
+    echo "         being cut off.  If sshd has been upgraded, new connections will now"
+    echo "         use the new version, which should be a safe enough approach."
+    kill `cat /var/run/sshd.pid`
+  else
+    echo "WARNING: There does not appear to be a parent instance of sshd running."
+    echo "         If you really want to kill all running instances of sshd (including"
+    echo "         any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead."
+    exit 1
+  fi
+  sleep 1
+  sshd_start
+}
+
+case "$1" in
+'start')
+  sshd_start
+  ;;
+'stop')
+  sshd_stop
+  ;;
+'restart')
+  sshd_restart
+  ;;
+*)
+  echo "usage $0 start|stop|restart"
+esac
+
diff --git a/slackware64-current/source/n/openssh/slack-desc b/slackware64-current/source/n/openssh/slack-desc
new file mode 100644
index 000000000..04277a720
--- /dev/null
+++ b/slackware64-current/source/n/openssh/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in.  You must make
+# exactly 11 lines for the formatting to be correct.  It's also customary to
+# leave one space after the ':'.
+
+       |-----handy-ruler------------------------------------------------------|
+openssh: openssh (Secure Shell daemon and clients)
+openssh:
+openssh: ssh (Secure Shell) is a program for logging into a remote machine and
+openssh: for executing commands on a remote machine.  It is intended to replace
+openssh: rlogin and rsh, and provide secure encrypted communications between
+openssh: two untrusted hosts over an insecure network.  sshd (SSH Daemon) is
+openssh: the daemon program for ssh.  OpenSSH is based on the last free version
+openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
+openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
+openssh: Dug Song.  It has a homepage at http://www.openssh.com/
+openssh: