SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
There is obviously a small gap between the date change and the changelog to be populate. I noticed that a couple of time
My script is based on the date change, I wait a bit before my main script part, but for bigger changelog it doesn't seem to be enough
I need to see how I can deal with that
Sun Jan 14 19:16:48 UTC 2024
a/bash-5.2.026-x86_64-1.txz: Upgraded.
a/cpio-2.15-x86_64-1.txz: Upgraded.
kde/kdeconnect-kde-23.08.4-x86_64-2.txz: Rebuilt.
Recompiled against pulseaudio-qt-1.4.0.
l/libidn-1.42-x86_64-1.txz: Upgraded.
l/libpsl-0.21.5-x86_64-1.txz: Upgraded.
12 updates (x86_64). Including a (* Security fix *)! : 12 Upgraded
Code:
Tue Jan 16 20:49:28 UTC 2024
a/attr-2.5.2-x86_64-1.txz: Upgraded.
a/shadow-4.14.3-x86_64-1.txz: Upgraded.
a/zoo-2.10_28-x86_64-1.txz: Upgraded.
Merge final patches from Debian to fix various bugs. Thanks to jayjwa.
ap/sqlite-3.45.0-x86_64-1.txz: Upgraded.
l/iso-codes-4.16.0-noarch-1.txz: Upgraded.
n/gnutls-3.8.3-x86_64-1.txz: Upgraded.
This update fixes two medium severity security issues:
Fix more timing side-channel inside RSA-PSK key exchange.
Fix assertion failure when verifying a certificate chain with a cycle of
cross signatures.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-0553
https://www.cve.org/CVERecord?id=CVE-2024-0567
(* Security fix *)
x/xorg-server-21.1.11-x86_64-1.txz: Upgraded.
This update fixes security issues:
Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
Reattaching to different master device may lead to out-of-bounds memory access.
Heap buffer overflow in XISendDeviceHierarchyEvent.
Heap buffer overflow in DisableDevice.
SELinux context corruption.
SELinux unlabeled GLX PBuffer.
For more information, see:
https://lists.x.org/archives/xorg/2024-January/061525.html
https://www.cve.org/CVERecord?id=CVE-2023-6816
https://www.cve.org/CVERecord?id=CVE-2024-0229
https://www.cve.org/CVERecord?id=CVE-2024-21885
https://www.cve.org/CVERecord?id=CVE-2024-21886
https://www.cve.org/CVERecord?id=CVE-2024-0408
https://www.cve.org/CVERecord?id=CVE-2024-0409
(* Security fix *)
x/xorg-server-xephyr-21.1.11-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.11-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.11-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-23.2.4-x86_64-1.txz: Upgraded.
This update fixes security issues:
Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
Reattaching to different master device may lead to out-of-bounds memory access.
Heap buffer overflow in XISendDeviceHierarchyEvent.
Heap buffer overflow in DisableDevice.
SELinux context corruption.
SELinux unlabeled GLX PBuffer.
For more information, see:
https://lists.x.org/archives/xorg/2024-January/061525.html
https://www.cve.org/CVERecord?id=CVE-2023-6816
https://www.cve.org/CVERecord?id=CVE-2024-0229
https://www.cve.org/CVERecord?id=CVE-2024-21885
https://www.cve.org/CVERecord?id=CVE-2024-21886
https://www.cve.org/CVERecord?id=CVE-2024-0408
https://www.cve.org/CVERecord?id=CVE-2024-0409
(* Security fix *)
xfce/xfce4-whiskermenu-plugin-2.8.3-x86_64-1.txz: Upgraded.
Wed Jan 17 21:13:27 UTC 2024
n/iputils-20240117-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.7-x86_64-1.txz: Upgraded.
x/fcitx5-table-extra-5.1.3-x86_64-1.txz: Upgraded.
x/libime-1.1.5-x86_64-1.txz: Upgraded.
xap/seamonkey-2.53.18.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.18.1
7 updates (x86_64). Including a (* Security fix *)! : 6 Upgraded, 1 Rebuilt
Code:
Sun Jan 21 20:50:08 UTC 2024
a/ed-1.20-x86_64-1.txz: Upgraded.
l/SDL2_ttf-2.22.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_27-x86_64-1.txz: Upgraded.
l/libproxy-0.5.3-x86_64-1.txz: Upgraded.
n/nghttp2-1.59.0-x86_64-1.txz: Upgraded.
x/xbiff-1.0.5-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz: Rebuilt.
Recompiled against xorg-server-21.1.11, including the latest patches for
several security issues. Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-6377
https://www.cve.org/CVERecord?id=CVE-2023-6478
https://www.cve.org/CVERecord?id=CVE-2023-6816
https://www.cve.org/CVERecord?id=CVE-2024-0229
https://www.cve.org/CVERecord?id=CVE-2024-0408
https://www.cve.org/CVERecord?id=CVE-2024-0409
https://www.cve.org/CVERecord?id=CVE-2024-21885
https://www.cve.org/CVERecord?id=CVE-2024-21886
https://www.cve.org/CVERecord?id=CVE-2024-21886
(* Security fix *)
4 updates (x86_64). Including a (* Security fix *)! : 4 Upgraded
Code:
Mon Jan 22 20:57:12 UTC 2024
l/SDL2_mixer-2.8.0-x86_64-1.txz: Upgraded.
l/glib2-2.78.4-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.97-x86_64-1.txz: Upgraded.
n/postfix-3.8.5-x86_64-1.txz: Upgraded.
Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
= normalize" (default "no" for Postfix < 3.9), the Postfix
SMTP server requires the standard End-of-DATA sequence
<CR><LF>.<CR><LF>, and otherwise allows command or message
content lines ending in the non-standard <LF>, processing
them as if the client sent the standard <CR><LF>.
The alternative setting, "smtpd_forbid_bare_newline = reject"
will reject any command or message that contains a bare
<LF>, and is more likely to cause problems with legitimate
clients.
For backwards compatibility, local clients are excluded by
default with "smtpd_forbid_bare_newline_exclusions =
$mynetworks".
For more information, see:
https://www.postfix.org/smtp-smuggling.html
(* Security fix *)
3 updates (x86_64). Including a (* Security fix *)! : 3 Upgraded
Code:
Fri Jan 26 20:59:27 UTC 2024
a/pam-1.6.0-x86_64-1.txz: Upgraded.
pam_namespace.so: fixed a possible local denial-of-service vulnerability.
For more information, see:
https://seclists.org/oss-sec/2024/q1/31
https://www.cve.org/CVERecord?id=CVE-2024-22365
(* Security fix *)
a/xz-5.4.6-x86_64-1.txz: Upgraded.
l/python-hatchling-1.21.1-x86_64-1.txz: Upgraded.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.