SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Tue Jan 24 20:26:12 UTC 2023
build_installer.sh: when compressing the completed installer with xz, use
option -vv instead of -v, since the change of default verbosity level seems
to have caused just a single -v to be ignored.
Tue Jan 24 20:26:12 UTC 2023
build_installer.sh: when compressing the completed installer with xz, use
option -vv instead of -v, since the change of default verbosity level seems
to have caused just a single -v to be ignored.
8 updates (x86_64). Including a (* Security fix *)! : 8 upgraded
Code:
Thu Jan 26 00:34:41 UTC 2023
ap/cups-filters-1.28.17-x86_64-1.txz: Upgraded.
ap/vim-9.0.1241-x86_64-1.txz: Upgraded.
Fixed a security issue:
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0433
(* Security fix *)
d/guile-3.0.9-x86_64-1.txz: Upgraded.
d/poke-3.0-x86_64-1.txz: Upgraded.
l/nodejs-19.5.0-x86_64-1.txz: Upgraded.
n/bind-9.18.11-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issues:
An UPDATE message flood could cause :iscman:`named` to exhaust all
available memory. This flaw was addressed by adding a new
:any:`update-quota` option that controls the maximum number of
outstanding DNS UPDATE messages that :iscman:`named` can hold in a
queue at any given time (default: 100).
:iscman:`named` could crash with an assertion failure when an RRSIG
query was received and :any:`stale-answer-client-timeout` was set to a
non-zero value. This has been fixed.
:iscman:`named` running as a resolver with the
:any:`stale-answer-client-timeout` option set to any value greater
than ``0`` could crash with an assertion failure, when the
:any:`recursive-clients` soft quota was reached. This has been fixed.
For more information, see:
https://kb.isc.org/docs/cve-2022-3094
https://kb.isc.org/docs/cve-2022-3736
https://kb.isc.org/docs/cve-2022-3924
https://www.cve.org/CVERecord?id=CVE-2022-3094
https://www.cve.org/CVERecord?id=CVE-2022-3736
https://www.cve.org/CVERecord?id=CVE-2022-3924
(* Security fix *)
n/openvpn-2.6.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.1241-x86_64-1.txz: Upgraded.
Sun Jan 29 19:01:47 UTC 2023
l/imagemagick-7.1.0_59-x86_64-1.txz: Upgraded.
n/c-ares-1.19.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.36-x86_64-1.txz: Upgraded.
x/beforelight-1.0.6-x86_64-1.txz: Upgraded.
Mon Jan 30 21:38:07 UTC 2023
ap/sysstat-12.7.2-x86_64-1.txz: Upgraded.
kde/kimageformats-5.102.0-x86_64-2.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
kde/krita-5.1.5-x86_64-3.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
kde/kstars-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
kde/libkdcraw-22.12.1-x86_64-2.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
l/LibRaw-0.21.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/dconf-editor-43.0-x86_64-1.txz: Upgraded.
l/gegl-0.4.40-x86_64-3.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
l/imagemagick-7.1.0_60-x86_64-1.txz: Upgraded.
Compiled against LibRaw-0.21.1.
l/libhandy-1.8.0-x86_64-1.txz: Added.
This is required by dconf-editor-43.0.
xap/geeqie-2.0.1-x86_64-2.txz: Rebuilt.
Recompiled against LibRaw-0.21.1.
xap/mozilla-firefox-109.0.1-x86_64-1.txz: Upgraded.
For more information, see:
https://www.mozilla.org/en-US/firefox/109.0.1/releasenotes/
Wed Feb 1 05:29:53 UTC 2023
d/perl-5.36.0-x86_64-3.txz: Rebuilt.
Upgraded: IO-Socket-SSL-2.081, Moo-2.005005, Path-Tiny-0.144,
Sub-Quote-2.006008, Template-Toolkit-3.101, URI-5.17.
Added: JSON-4.10 (needed to build Samba with --bundled-libraries=heimdal).
kde/kstars-3.6.3-x86_64-1.txz: Upgraded.
l/gjs-1.74.1-x86_64-1.txz: Upgraded.
Compiled against mozjs102-102.7.0esr.
l/mozjs102-102.7.0esr-x86_64-1.txz: Added.
This is required by gjs-1.74.1 and polkit-122.
l/mozjs78-78.15.0esr-x86_64-1.txz: Removed.
l/polkit-122-x86_64-1.txz: Upgraded.
Compiled against mozjs102-102.7.0esr.
Wed Feb 1 05:29:53 UTC 2023
d/perl-5.36.0-x86_64-3.txz: Rebuilt.
Upgraded: IO-Socket-SSL-2.081, Moo-2.005005, Path-Tiny-0.144,
Sub-Quote-2.006008, Template-Toolkit-3.101, URI-5.17.
Added: JSON-4.10 (needed to build Samba with --bundled-libraries=heimdal).
kde/kstars-3.6.3-x86_64-1.txz: Upgraded.
l/gjs-1.74.1-x86_64-1.txz: Upgraded.
Compiled against mozjs102-102.7.0esr.
l/mozjs102-102.7.0esr-x86_64-1.txz: Added.
This is required by gjs-1.74.1 and polkit-122.
l/mozjs78-78.15.0esr-x86_64-1.txz: Removed.
l/polkit-122-x86_64-1.txz: Upgraded.
Compiled against mozjs102-102.7.0esr.
14 updates (x86_64). Including a (* Security fix *)! : 12 upgraded, 2 rebuilt
Code:
Wed Feb 1 22:27:31 UTC 2023
a/kernel-firmware-20230125_5c11a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.9-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.9-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.9-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.9-x86-1.txz: Upgraded.
k/kernel-source-6.1.9-noarch-1.txz: Upgraded.
l/apr-1.7.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
Integer Overflow or Wraparound vulnerability in apr_encode functions of
Apache Portable Runtime (APR) allows an attacker to write beyond bounds
of a buffer. (CVE-2022-24963)
Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
(This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
later 1.6.x releases, but was missing in 1.7.0.) (CVE-2021-35940)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-24963
https://www.cve.org/CVERecord?id=CVE-2021-35940
https://www.cve.org/CVERecord?id=CVE-2017-12613
(* Security fix *)
l/apr-util-1.6.3-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Integer Overflow or Wraparound vulnerability in apr_base64 functions
of Apache Portable Runtime Utility (APR-util) allows an attacker to
write beyond bounds of a buffer. (CVE-2022-25147)
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-25147
(* Security fix *)
l/libhandy-1.8.1-x86_64-1.txz: Upgraded.
l/libjpeg-turbo-2.1.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.7.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.7.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-04/
https://www.cve.org/CVERecord?id=CVE-2023-0430
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
10 updates (x86_64). Including a (* Security fix *)! : 5 upgraded, 5 rebuilt
Code:
Fri Feb 3 20:04:33 UTC 2023
a/aaa_glibc-solibs-2.37-x86_64-2.txz: Rebuilt.
a/e2fsprogs-1.46.6-x86_64-1.txz: Upgraded.
a/hwdata-0.367-noarch-1.txz: Upgraded.
l/glibc-2.37-x86_64-2.txz: Rebuilt.
[PATCH] Account for grouping in printf width (bug 23432).
This issue could cause a overflow with sprintf in the corner case where an
application computes the size of buffer to be exactly enough to fit the
digits in question, but sprintf ends up writing a couple of extra bytes.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-25139
(* Security fix *)
l/glibc-i18n-2.37-x86_64-2.txz: Rebuilt.
l/glibc-profile-2.37-x86_64-2.txz: Rebuilt.
l/libcap-2.67-x86_64-1.txz: Upgraded.
l/poppler-data-0.4.12-noarch-1.txz: Upgraded.
extra/php81/php81-8.1.15-x86_64-1.txz: Upgraded.
testing/packages/samba-4.17.5-x86_64-2.txz: Rebuilt.
Build with the bundled Heimdal instead of the system MIT Kerberos, since MIT
Kerberos has more issues when Samba is used as an AD DC. I'd appreciate any
feedback on the "Samba on Slackware 15" thread on LQ about how well this
works. Although it's not the sort of change I'd normally make in a -stable
release such as Slackware 15.0, in this case I'm considering it if it can
be done painlessly for any existing users... but I'll need to see some
reports about this. I'd like to note that yes, of course we saw the
"experimental" label in the configure flag we used to build Samba, but we
also saw another prominent Linux distribution go ahead and use it anyway. :)
And the Samba package built against MIT Kerberos cooked in the previous
-current development cycle for a couple of years without any objections.
Anyway, hopefully we'll get some testing from folks out there with networks
that use AD and go from there.
Thanks to Rowland Penny of the Samba team for clarifying this situation.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
