SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
8 updates (x86_64). Including a (* Security fix *)! : 7 upgraded, 1 rebuilt
Code:
Mon Dec 20 19:41:32 UTC 2021
a/pkgtools-15.0-noarch-42.txz: Rebuilt.
setup.services: list rc.nfsd. Suggested by alienBOB.
l/expat-2.4.2-x86_64-1.txz: Upgraded.
l/gegl-0.4.34-x86_64-1.txz: Upgraded.
n/httpd-2.4.52-x86_64-1.txz: Upgraded.
SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
Credits: ae 1/4*a-o(R)e 1/4
TengMA(@Te3t123)
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
(* Security fix *)
xap/gimp-2.10.30-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.4.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.4.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
(* Security fix *)
xap/xlockmore-5.68-x86_64-1.txz: Upgraded.
xap/xsnow-3.4.2-x86_64-1.txz: Upgraded.
Tue Dec 21 19:04:03 UTC 2021
ap/vim-8.2.3868-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.89.0-noarch-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] improve installation of light fallback icons
[PATCH] Include "*@*" in the icon_files list for installation
Thanks to Heinz Wiesinger.
l/gtk+3-3.24.31-x86_64-1.txz: Upgraded.
l/zstd-1.5.1-x86_64-1.txz: Upgraded.
n/net-snmp-5.9.1-x86_64-4.txz: Rebuilt.
Moved options for snmpd from rc.snmpd to /etc/default/snmpd.
Thanks to Jakub 'shasta' Jankowski.
xap/vim-gvim-8.2.3868-x86_64-1.txz: Upgraded.
Mon Dec 27 23:06:00 UTC 2021
The --enable-systemd-logind change to xorg-server that caused resume from
suspend regressions (and others) has been reverted, and in retrospect it was
a bad idea to take it at that point, but it had appeared as if it wouldn't
cause problems in the case where Xorg was running as root. Oh well, lesson
learned. But the build script has been enhanced to make it easy to build
rootless versions of the xorg-server packages. Just do this:
ROOTLESSX=YES ./x11.SlackBuild xserver xorg-server
Depending on your GPU, this could work for your use case with no problems.
Also, I've gone ahead and taken a couple of shared library version bumps since
the projects (opencv and poppler) have decent track records as far as not
introducing regressions, and if there are any, we've got time to test and fix.
I'm still avoiding some things that aren't as trusted in that regard, and will
likely continue to do so. :-)
ap/cups-filters-1.28.10-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/ark-21.12.0-x86_64-2.txz: Rebuilt.
Applied upstream patches:
[PATCH] Fix extraction "Dolphin Actions" not abiding "Open destination
folder after extracting" setting.
[PATCH] Do not highlight file after compression.
Thanks to ctrlaltca.
kde/calligra-3.2.1-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/cantor-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/digikam-7.4.0-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.5.5.
kde/kfilemetadata-5.89.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kile-2.9.93-x86_64-15.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/kitinerary-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/krita-5.0.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
kde/okular-21.12.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gegl-0.4.34-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
l/gst-plugins-bad-free-1.18.5-x86_64-3.txz: Rebuilt.
Recompiled against opencv-4.5.5.
l/imagemagick-7.1.0_19-x86_64-1.txz: Upgraded.
l/mlt-7.4.0-x86_64-1.txz: Upgraded.
l/opencv-4.5.5-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-21.12.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/fetchmail-6.4.26-x86_64-1.txz: Upgraded.
n/tin-2.6.1-x86_64-1.txz: Upgraded.
x/ibus-anthy-1.5.14-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.14-x86_64-2.txz: Rebuilt.
Recompiled using these options:
--enable-suid-wrapper --enable-install-setuid --disable-systemd-logind.
x/xorg-server-xephyr-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.14-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.14-x86_64-2.txz: Rebuilt.
xap/geeqie-1.6-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xap/gimp-2.10.30-x86_64-2.txz: Rebuilt.
Recompiled against poppler-21.12.0.
xfce/tumbler-4.16.0-x86_64-4.txz: Rebuilt.
Recompiled against poppler-21.12.0.
extra/rust-for-mozilla/rust-1.54.0-x86_64-3.txz: Added.
This is an alternate version of Rust that may be useful for compiling
software from Mozilla since using the very latest Rust often won't
compile, or produces an unstable build.
4 updates (x86_64). Including a (* Security fix *)! : 3 upgraded, 1 rebuilt
Code:
Wed Dec 29 02:42:32 UTC 2021
l/libgsf-1.14.48-x86_64-1.txz: Upgraded.
l/netpbm-10.97.00-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt.
This update fixes the following security issues:
AP mode PMF disconnection protection bypass.
UPnP SUBSCRIBE misbehavior in hostapd WPS AP.
P2P group information processing vulnerability.
P2P provision discovery processing vulnerability.
ASN.1: Validate DigestAlgorithmIdentifier parameters.
Flush pending control interface message for an interface to be removed.
These issues could result in a denial-of-service, privilege escalation,
arbitrary code execution, or other unexpected behavior.
Thanks to nobodino for pointing out the patches.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004
(* Security fix *)
xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10.2
(* Security fix *)
Fri Dec 31 19:44:41 UTC 2021
a/e2fsprogs-1.46.5-x86_64-1.txz: Upgraded.
ap/sqlite-3.37.1-x86_64-1.txz: Upgraded.
n/mutt-2.1.5-x86_64-1.txz: Upgraded.
n/yptools-4.2.3-x86_64-4.txz: Rebuilt.
Added /usr/sbin/yp_dump_binding and /usr/sbin/yptest.
Add a hint about adding "nis" in /etc/pam.d/system-auth to /etc/default/yp.
Sun Jan 2 01:25:29 UTC 2022
a/mdadm-4.2-x86_64-1.txz: Upgraded.
ap/usbmuxd-20210925_e3a3180-x86_64-1.txz: Upgraded.
Updated to fix mounting devices with iOS 15.1. Thanks to qunying.
l/libimobiledevice-20211124_2c6121d-x86_64-1.txz: Upgraded.
l/libimobiledevice-glue-20211125_3cb687b-x86_64-1.txz: Added.
l/xapian-core-1.4.19-x86_64-1.txz: Upgraded.
x/mesa-21.3.3-x86_64-1.txz: Upgraded.
Sun Jan 2 01:25:29 UTC 2022
a/mdadm-4.2-x86_64-1.txz: Upgraded.
ap/usbmuxd-20210925_e3a3180-x86_64-1.txz: Upgraded.
Updated to fix mounting devices with iOS 15.1. Thanks to qunying.
l/libimobiledevice-20211124_2c6121d-x86_64-1.txz: Upgraded.
l/libimobiledevice-glue-20211125_3cb687b-x86_64-1.txz: Added.
l/xapian-core-1.4.19-x86_64-1.txz: Upgraded.
x/mesa-21.3.3-x86_64-1.txz: Upgraded.
All --
Installed Sun Jan 2 01:25:29 UTC 2022 Update at runlevel 3 due to MESA upgrade ; rebuilt NVidia and VMWare Workstation 16.2.1 ; rebooted.
Sun Jan 2 20:40:21 UTC 2022
d/doxygen-1.9.3-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-18.txz: Rebuilt.
netconfig: when DHCP configuration is selected, also add hostname labeled
loopback entries to /etc/hosts. We don't want to have to rely on something
else providing correct name service in order to be able to reach our
machine through its own hostname. This was a regression since the netconfig
shipped with Slackware 14.2.
Thanks to Zexuo.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
