Sat May 19 19:03:37 UTC 2012 PATCHES/packages/openssl-0.9.8x-x86_64-1.tgz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8x-x86_64-1.tgz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES/packages/php-5.3.13-x86_64-1.tgz: Upgraded. This release completes a fix for a vulnerability in CGI-based setups. Note: mod_php and php-fpm are not vulnerable to this attack. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311 [*** Security fix ***] PATCHES/packages/samba-3.0.37-x86_64-4.tgz: Rebuilt. This is a security release in order to address a vulnerability that allows remote code execution as the "root" user. All sites running a Samba server should update to the new Samba package and restart Samba. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 [*** Security fix ***] PATCHES/packages/libtiff-3.8.2-x86_64-8.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 [*** Security fix ***] PATCHES/packages/libpng-1.2.47-x86_64-1tgz: Upgraded. All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57, respectively, fail to correctly validate a heap allocation in png_decompress_chunk(), which can lead to a buffer-overrun and the possibility of execution of hostile code on 32-bit systems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 [*** Security fix ***] +--------------------------+ Sat Feb 11 12:13:25 EET 2012 PATCHES/packages/apr-util-1.4.1-x86_64-1.tgz: Upgraded. Version bump for httpd upgrade. PATCHES/packages/httpd-2.2.22-x86_64-1.txz: Upgraded. This release fixes multiple vulnerabilities. For more information, see: http://www.apache.org/dist/httpd/CHANGES_2.2.22 [*** Security fix ***] PATCHES/packages/php-5.3.10-x86_64-1.txz: Upgraded. Over 90 bug fixes, some of which are security related. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 [*** Security fix ***] PATCHES/packages/freetype-2.4.8-x86_64-1.txz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 [*** Security fix ***] PATCHES/packages/openssl-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] PATCHES/packages/proftpd-1.3.4a-x86_64-1.tgz: Upgraded. This update fixes a use-after-free() memory corruption error, and possibly other unspecified issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130 [*** Security fix ***] PATCHES/packages/vsftpd-2.3.5-x86_64-1.tgz: Upgraded. This upgrade Works around a hard to trigger heap overflow in glibc (glibc zoneinfo caching vuln). [*** Security fix ***] +--------------------------+ Mon Sep 26 13:27:42 EEST 2011 PATCHES/packages/httpd-2.2.21-x86_64-1.txz: Upgraded. SECURITY: CVE-2011-3348 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192. +--------------------------+ Sun Aug 28 11:35:53 EEST 2011 PATCHES/packages/php-5.3.8-x86_64-1.txz: Upgraded. Php 5.2 is EOL. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. BUT, before upgrade to 5.3, MAKE SURE your applications are ready for the new php. If you use Open Source apps like Joomla, e107, Drupal, Wordpress etc, check their site for php 5.3 compatibility and update them to the latest versions! !!! Once again, upgrade your applications before upgrade php !!! PASTURE/php-5.2.17-x86_64-1.txz: Moved here just in case you will need this ;). Have fun & Enjoy Bluewhite Linux! +--------------------------+ Fri Aug 19 10:09:10 EEST 2011 PATCHES/packages/bind-9.4_ESV_R5-x86_64-1.tgz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 [*** Security fix ***] PATCHES/packages/libpng-1.2.46-x86_64-1.tgz: Upgraded. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 [*** Security fix ***] +--------------------------+ Sat Jun 25 15:58:45 EEST 2011 PATCHES/packages/fetchmail-6.3.20-x86_64-1.tgz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt [*** Security fix ***] +--------------------------+ Sun May 29 21:41:10 EEST 2011 PATCHES/packages/bind-9.4_ESV_R4_P1-x86_64-1.tgz: Upgraded. This release fixes security issues: A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631].For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 [*** Security fix ***] PATCHES/packages/apr-1.4.5-x86_64-1.tgz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 [*** Security fix ***] PATCHES/packages/apr-util-1.3.12-x86_64-1.tgz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). PATCHES/packages/httpd-2.2.19-x86_64-1.tgz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. +--------------------------+ Mon May 16 12:05:24 EEST 2011 PATCHES/packages/apr-1.4.4-x86_64-1.tgz: Upgraded. This fixes a possible denial of service due to an unconstrained, recursive invocation of apr_fnmatch(). This function has been reimplemented using a non-recursive algorithm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 [*** Security fix ***] PATCHES/packages/apr-util-1.3.11-x86_64-1.tgz: Upgraded. PATCHES/packages/httpd-2.2.18-x86_64-1.tgz: Upgraded. +--------------------------+ Sun Apr 24 19:40:26 EEST 2011 PATCHES/packages/rdesktop-1.6.0-x86_64-2.tgz: Rebuilt. Patched a traversal vulnerability (disallow /.. requests). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595 [*** Security fix ***] PATCHES/packages/acl-2.2.50-x86_64-1.tgz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent symlink attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411 [*** Security fix ***] +--------------------------+ Sat Apr 9 10:55:05 EEST 2011 PATCHES/packages/libtiff-3.8.2-x86_64-7.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 [*** Security fix ***] PATCHES/packages/dhcp-3.1_ESV_R1-x86_64-1.tgz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 [*** Security fix ***] PATCHES/packages/xrdb-1.0.9-x86_64-1.tgz: Upgraded. This fixes a security issue where improperly sanitized input could lead to privilege escalation or arbitrary command execution as root. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3e-x86_64-1.tgz: Upgraded. Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137 [*** Security fix ***] +~*~*~*~*~*~*~*~*~*~*~*~*~*~+ Sat Mar 12 11:22:32 EET 2011 PATCHES/packages/pidgin-2.7.11-x86_64-1.tgz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due to improper handling of malformed YMSG packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091 [*** Security fix ***] PATCHES/packages/subversion-1.5.9-x86_64-1.tgz: Upgraded. Fixed a remotely triggerable NULL-pointer dereference in mod_dav_svn. For more information, see: http://subversion.apache.org/security/CVE-2011-0715-advisory.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 [*** Security fix ***] PATCHES/packages/samba-3.0.37-x86_64-3.tgz: Rebuilt. Fix memory corruption denial of service issue. For more information, see: http://www.samba.org/samba/security/CVE-2011-0719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719 [*** Security fix ***] +--------------------------+ Tue Feb 15 13:50:31 EET 2011 PATCHES/packages/apr-1.3.12-x86_64-1.tgz: Upgraded. PATCHES/packages/apr-util-1.3.10-x86_64-1.tgz: Upgraded. Fixes a memory leak and DoS in apr_brigade_split_line(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/expat-2.0.1-x86_64-2.tgz: Patched. Fixed various crash and hang bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 [*** Security fix ***] PATCHES/packages/httpd-2.2.17-x86_64-1.tgz: Upgraded. This fixes some denial of service bugs in the bundled libraries. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/openssl-0.9.8r-x86_64-1.tgz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20110208.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8r-x86_64-1.tgz: Upgraded. [*** Security fix ***] PATCHES/packages/sudo-1.7.4p6-x86_64-1.tgz: Upgraded. Fix Runas group password checking. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0010 [*** Security fix ***] +--------------------------+ Wed Jan 12 23:13:46 EET 2011 PATCHES/packages/pidgin-2.7.9-x86_64-1.txz: Upgraded. Fixed denial-of-service flaw in the MSN protocol. [*** Security fix ***] PATCHES/packages/php-5.2.17-x86_64-1.txz: Upgraded. This update fixes an infinite loop with conversions from string to double that may result in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3d-x86_64-1.tgz: Upgraded. This update fixes an unbounded copy operation in sql_prepare_where() that could be exploited to execute arbitrary code. [*** Security fix ***] PATCHES/packages/bind-9.4_ESV_R4-x86_64-1.txg: Upgraded. This update fixes some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 [*** Security fix ***] +--------------------------+ Fri Dec 10 13:34:11 EET 2010 PATCHES/packages/openssl-0.9.8q-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101202.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8q-x86_64-1.tgz: Upgraded. [*** Security fix ***] +--------------------------+ Wed Dec 1 10:04:11 EET 2010 PATCHES/packages/pidgin-2.7.7-x86_64-1.tgz: Upgraded. This update fixes connection issues for AIM and MSN. PATCHES/packages/cups-1.3.11-x86_64-1.tgz: Upgraded. Fixed memory corruption bugs that could lead to a denial of service or possibly execution of arbitrary code through a crafted IPP request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 [*** SECURITY FIX ***] +--------------------------+ Sat Nov 27 11:26:32 EET 2010 PATCHES/packages/openssl-0.9.8p-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101116.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 [*** SECURITY FIX ***] PATCHES/packages/openssl-solibs-0.9.8p-x86_64-1.tgz: Upgraded. [*** SECURITY FIX ***] +--------------------------+ Sun Nov 21 15:09:25 EET 2010 PATCHES/packages/xpdf-3.02pl5-x86_64-1.tgz: Upgraded. This update fixes security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** SECURITY FIX ***] PATCHES/packages/poppler-0.6.2-x86_64-3.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl5. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** SECURITY FIX ***] +--------------------------+ Mon Nov 1 13:53:11 EET 2010 PATCHES/packages/glibc-2.5-x86_64-5.tgz: Rebuilt. Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root by specifying an unsafe DSO in the library search path to be used with a setuid binary in LD_AUDIT mode. Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes). Patched "dynamic linker expands $ORIGIN in setuid library search path". This security issue allows a local attacker to gain root if they can create a hard link to a setuid root binary. Thanks to Tavis Ormandy. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://seclists.org/fulldisclosure/2010/Oct/257 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://seclists.org/fulldisclosure/2010/Oct/344 PATCHES/packages/glibc-i18n-2.5-noarch-5.tgz: Rebuilt. PATCHES/packages/glibc-profile-2.5-x86_64-5.tgz: Rebuilt. PATCHES/packages/glibc-solibs-2.5-x86_64-5.tgz: Rebuilt. PATCHES/packages/glibc-zoneinfo-2.5-noarch-5.tgz: Rebuilt. Rebuilt to tzcode2010n and tzdata2010n. +--------------------------+ Sun Sep 26 22:41:47 EEST 2010 PATCHES/packages/bzip2-1.0.6-x86_64-1.tgz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 [*** SECURITY FIX ***] +--------------------------+ Sat Sep 4 10:04:17 EEST 2010 PATCHES/packages/gnupg2-2.0.4-x86_64-2.tgz: Rebuilt. Patched to fix "Realloc Bug with X.509 certificates in GnuPG". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 [*** SECURITY FIX ***] PATCHES/packages/httpd-2.2.16-x86_64-1.tgz: Upgraded. Fix Handling of requests without a path segment. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 [*** SECURITY FIX ***] PATCHES/packages/php-5.2.14-x86_64-1.tgz: Upgraded. Fixed several security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html [*** SECURITY FIX ***] PATCHES/packages/pidgin-2.7.3-x86_64-1.tgz: Upgraded. This fixes a crash due to malformed X-Status messages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 [*** SECURITY FIX ***] PATCHES/packages/xorg-server-1.3.0.0-x86_64-3.tgz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240 [*** SECURITY FIX ***] PATCHES/packages/xorg-server-xdmx-1.3.0.0-x86_64-3.tgz: Rebuilt. PATCHES/packages/xorg-server-xnest-1.3.0.0-x86_64-3.tgz: Rebuilt. PATCHES/packages/xorg-server-xvfb-1.3.0.0-x86_64-3.tgz: Rebuilt. +--------------------------+ Mon Aug 9 20:02:59 EEST 2010 PATCHES/packages/libtiff-3.8.2-x86_64-6.tgz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 [*** Security fix ***] PATCHES/packages/libpng-1.2.44-x86_64-1.tgz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 [*** Security fix ***] +--------------------------+ Sat Jun 26 11:32:54 EEST 2010 PATCHES/packages/bind-9.4.3_P5-x86_64-1.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 [*** Security fix ***] +--------------------------+ Sat Jun 19 16:46:34 EEST 2010 PATCHES/packages/samba-3.0.37-x86_64-2.tgz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 [*** Security fix ***] PATCHES/packages/pidgin-2.7.0-x86_64-1.tgz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 [*** Security fix ***] PATCHES/packages/fetchmail-6.3.17-x86_64-1.tgz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 [*** Security fix ***] PATCHES/packages/irssi-0.8.15-x86_64-1.tgz: Upgraded. From the NEWS file: - Check if an SSL certificate matches the hostname of the server we are connecting to. - Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 [*** Security fix ***] +--------------------------+ Sun Apr 25 11:04:25 EEST 2010 PATCHES/sudo-1.7.2p6-x86_64-1.tgz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html [*** Security fix ***] +--------------------------+ Thu Apr 8 18:55:48 EEST 2010 PATCHES/packages/mozilla-thunderbird-2.0.0.24-x86_64-1.tgz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Thu Apr 1 13:19:15 EEST 2010 PATCHES/packages/openssl-0.9.8n-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8n-x86_64-1.tgz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-2.tgz: Rebuilt. PATCHES/packages/seamonkey-1.1.19-x86_64-1.tgz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Thu Mar 11 13:48:18 EET 2010 PATCHES/packages/pidgin-2.6.6-x86_64-1.tgz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 [*** Security fix ***] +--------------------------+ Wed Mar 10 14:39:47 EET 2010 PATCHES/packages/openssl-0.9.8m-x86_64-2.tgz: Rebuilt. PATCHES/packages/openssl-solibs-0.9.8m-x86_64-2.tgz: Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. PATCHES/packages/httpd-2.2.15-x86_64-1.tgz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 [*** Security fix ***] +--------------------------+ Fri Mar 5 22:56:18 EET 2010 PATCHES/packages/openssl-0.9.8m-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8m-x86_64-1.tgz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-1.tgz: Upgraded. +--------------------------+ Mon Jan 25 16:49:46 EET 2010 PATCHES/packages/httpd-2.2.14-x86_64-1.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 [*** Security fix ***] PATCHES/packages/php-5.2.12-x86_64-1.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 [*** Security fix ***] PATCHES/packages/pidgin-2.6.5-x86_64-1.tgz: Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 [*** Security fix ***] +--------------------------+ Sat Dec 12 10:14:08 EET 2009 PATCHES/packages/ntp-4.2.4p8-x86_64-1.tgz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 [*** Security fix ***] +--------------------------+ Sun Dec 6 10:31:50 EET 2009 PATCHES/packages/bind-9.4.3_P4-x86_64-1.tgz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 [*** Security fix ***] +--------------------------+ Thu Nov 19 19:18:02 EET 2009 PATCHES/packages/openssl-0.9.8h-x86_64-4.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8h-x86_64-4.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [*** Security fix ***] +--------------------------+ Tue Nov 3 10:37:25 EET 2009 PATCHES/packages/poppler-0.6.2-x86_64-2.tgz: Rebuilt. Includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] PATCHES/packages/xpdf-3.02pl4-x86_64-1.tgz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] +--------------------------+ Tue Oct 20 21:51:32 EEST 2009 PATCHES/packages/pidgin-2.6.3-x86_64-1.tgz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 [*** Security fix ***] +--------------------------+ Tue Oct 6 18:26:23 EEST 2009 PATCHES/packages/php-5.2.11-x86_64-1.tgz: Upgraded. This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 [*** Security fix ***] PATCHES/packages/samba-3.0.37-x86_64-1.tgz: Upgraded. This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. (On Bluewhite64, it was not installed setuid) Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 [*** Security fix ***] +--------------------------+ Wed Sep 16 18:55:38 EEST 2009 PATCHES/packages/seamonkey-1.1.18-x86_64-1.tgz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Sat Aug 22 16:40:01 EEST 2009 PATCHES/packages/mozilla-thunderbird-2.0.0.23-x86_64-1.tgz: This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Thu Aug 20 19:31:52 EEST 2009 PATCHES/packages/pidgin-2.5.9-x86_64-1.txz: Upgraded. This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 [*** Security fix ***] +--------------------------+ Sat Aug 15 15:42:27 EEST 2009 PATCHES/packages/kernel-huge-2.6.21.5-x86_64-4.tgz: Patched. The CVE-2009-2692 vulnerability allows regular users to get root rights on the affected systems (local only). The problem is a Linux kernel NULL pointer dereference due to incorrect proto_ops initializations. For more details please see: http://tinyurl.com/ostlja http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 [*** Security fix ***] PATCHES/packages/kernel-test26-2.6.22.9-x86_64-3.tgz: Patched. The CVE-2009-2692 vulnerability allows regular users to get root rights on the affected systems (local only). The problem is a Linux kernel NULL pointer dereference due to incorrect proto_ops initializations. For more details please see: http://tinyurl.com/ostlja http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 [*** Security fix ***] PATCHES/packages/curl-7.16.2-x86_64-3.tgz: This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 [*** Security fix ***] +--------------------------+ Sat Aug 8 18:15:21 EEST 2009 PATCHES/packages/samba-3.0.36-x86_64-1.tgz: Upgraded. This is a bugfix release. PATCHES/packages/apr-1.3.8-x86_64-1.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] PATCHES/packages/apr-util-1.3.9-x86_64-1.tgz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] PATCHES/packages/httpd-2.2.12-x86_64-2.tgz: Rebuilt. Recompiled against the new apr and apr-util. This allows external modules to be built without having to edit the new apr/apr-util version numbers into the httpd config files. PATCHES/packages/subversion-1.5.7-x86_64-1.tgz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt [*** Security fix ***] PATCHES/packages/fetchmail-6.3.11-x86_64-1.tgz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 [*** Security fix ***] +--------------------------+ Mon Aug 3 22:41:53 EEST 2009 PATCHES/packages/httpd-2.2.12-x86_64-1.tgz: Upgraded. This update fixes some security issues (from the CHANGES file): *) SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605. [Joe Orton, Ruediger Pluem] *) SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] *) SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] *) SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 [*** Security fix ***] +--------------------------+ Thu Jul 30 10:31:58 EEST 2009 PATCHES/packages/bind-9.4.3_P3-x86_64-1.tgz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 [*** Security fix ***] +--------------------------+ Fri Jul 17 09:53:47 EEST 2009 PATCHES/packages/dhcp-3.1.2p1-x86_64-1.tgz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 [*** Security fix ***] PATCHES/packages/httpd-2.2.11-x86_64-1.tgz: Upgraded. This needed a recompile against the new apr package to fix building new modules, and an upgrade to the latest stable version. PATCHES/packages/php-5.2.10-x86_64-1.tgz: Upgraded. +--------------------------+ Wed Jul 1 16:41:13 EEST 2009 PATCHES/packages/mozilla-thunderbird-2.0.0.22-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.22. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Sat Jun 27 20:41:28 EEST 2009 PATCHES/packages/samba-3.0.35-x86_64-1.tgz: This upgrade fixes the following security issue: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 [*** Security fix ***] +--------------------------+ Mon Jun 22 21:17:33 EEST 2009 PATCHES/packages/libpng-1.2.37-x86_64-1.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 [*** Security fix ***] PATCHES/packages/ruby-1.8.6_p369-x86_64-1.tgz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 [*** Security fix ***] +--------------------------+ Thu Jun 18 22:52:16 EEST 2009 PATCHES/packages/apr-1.3.5-x86_64-1.tgz: Upgraded. PATCHES/packages/apr-util-1.3.7-x86_64-1.tgz: Upgraded. Fix underflow in apr_strmatch_precompile. Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 [*** Security fix ***] +--------------------------+ Thu Jun 4 22:48:23 EEST 2009 PATCHES/packages/ntp-4.2.4p7-x86_64-1.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Bluewhite64 ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 [*** Security fix ***] +--------------------------+ Wed May 27 16:42:35 EEST 2009 PATCHES/packages/pidgin-2.5.6-x86_64-1.tgz: Upgraded to pidgin-2.5.6. This version fixes security issues that could lead to a denial of service or the execution of arbitrary code as the user running Pidgin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 [*** Security fix ***] +--------------------------+ Fri May 15 21:27:28 EEST 2009 PATCHES/packages/cyrus-sasl-2.1.23-x86_64-1.tgz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 [*** Security fix ***] +--------------------------+ Mon May 11 19:59:27 EEST 2009 PATCHES/packages/xpdf-3.02pl3-x86_64-1.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 [*** Security fix ***] PATCHES/packages/gnutls-2.6.2-x86_64-1.tgz: Upgraded to gnutls-2.6.2. This fixes the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 [*** Security fix ***] +--------------------------+ Fri May 1 17:43:09 EEST 2009 PATCHES/packages/ruby-1.8.6_p368-x86_64-1.tgz: Upgraded to ruby-1.8.6-p368. This update fixes a DoS in REXML. For details, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ [*** Security fix ***] +--------------------------+ Mon Apr 27 21:01:54 EEST 2009 PATCHES/packages/cups-1.3.10-x86_64-1.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 [*** Security fix ***] +--------------------------+ Tue Apr 21 23:57:33 EEST 2009 PATCHES/packages/udev-111-x86_64-6.tgz: This package has been patched to fix a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 [*** Security fix ***] +--------------------------+ Tue Apr 14 09:27:54 EEST 2009 PATCHES/packages/seamonkey-1.1.16-x86_64-1.tgz: Upgraded to seamonkey-1.1.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Wed Apr 8 21:11:38 EEST 2009 PATCHES/packages/openssl-0.9.8h-x86_64-3.tgz: Patched (see below). PATCHES/packages/openssl-solibs-0.9.8h-x86_64-3.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 [*** Security fix ***] PATCHES/packages/php-5.2.9-x86_64-1.tgz: Upgraded to php-5.2.9. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 [*** Security fix ***] PATCHES/packages/xine-lib-1.1.16.3-x86_64-1.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 [*** Security fix ***] +--------------------------+ Sat Mar 28 10:00:14 EET 2009 PATCHES/packages/glib2-2.12.12-x86_64-2.tgz: This library has been patched to fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 [*** Security fix ***] +--------------------------+ Wed Mar 25 20:56:06 EET 2009 PATCHES/packages/lcms-1.18-x86_64-1.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.21-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.21. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] PATCHES/packages/seamonkey-1.1.15-x86_64-1..tgz: Upgraded to seamonkey-1.1.15. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Mon Mar 9 00:00:38 CDT 2009 PATCHES//packages/curl-7.16.2-x86_64-2.tgz: Patched curl-7.16.2. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 [*** Security fix ***] PATCHES/packages/xterm-241-x86_64-1.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 [*** Security fix ***] +--------------------------+ Sat Feb 21 11:30:32 EET 2009 PATCHES/packages/git-1.6.1.3-X86_64-1.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 [*** Security fix ***] PATCHES/packages/libpng-1.2.35-x86_64-1.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt [*** Security fix ***] +--------------------------+ Thu Jan 15 22:13:18 EET 2009 PATCHES/packages/bind-9.4.3_P1-x86_64-1.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 [*** Security fix ***] PATCHES/packages/ntp-4.2.4p6-x86_64-1.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] PATCHES/packages/openssl-0.9.8h-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8h-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] +--------------------------+ Thu Jan 1 23:15:50 EET 2009 PATCHES/packages/mozilla-thunderbird-2.0.0.19-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.19. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Mon Dec 29 23:54:08 EET 2008 PATCHES/packages/seamonkey-1.1.14-x86_64-1.tgz: Upgraded to seamonkey-1.1.14. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix **] +--------------------------+ Sun Dec 21 17:16:45 EET 2008 PATCHES/packages/mozilla-firefox-2.0.0.20-x86_64-1.tgz: Upgraded to firefox-2.0.0.20. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html [*** Security fix **] +--------------------------+ Mon Dec 8 17:57:42 EET 2008 PATCHES/packages/php-5.2.8-x86_64-1.tgz: Upgraded to php-5.2.8. This is a bugfix release that reverts a change that broke magic_quotes_gpc. +--------------------------+ Fri Dec 5 18:54:28 EET 2008 PATCHES/packages/php-5.2.7-x86_64-1.tgz: Upgraded to php-5.2.7. In addition to improvements and bug fixes, this new version of PHP also addresses several security issues, including: Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660). rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829). Fixed extraction of zip files or directories when the entry name is a relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt These are the URLs to get more information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 http://www.sektioneins.de/advisories/SE-2008-06.txt [*** Security fix **] +--------------------------+ Mon Dec 1 23:57:47 EET 2008 PATCHES/packages/ruby-1.8.6_p287-x86_64-1.tgz: Upgraded to ruby-1.8.6-p287. This fixes several bugs in the previous Ruby update, including a security issue where the DNS resolver did not randomize the source port and transaction id sufficiently. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] +--------------------------+ Sat Nov 29 12:56:13 EET 2008 PATCHES/packages/samba-3.0.33-x86_64-1.tgz: Upgraded to samba-3.0.33. This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 [*** Security fix ***] +--------------------------+ Sun Nov 23 11:08:07 EET 2008 PATCHES/packages/mozilla-thunderbird-2.0.0.18-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.18. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Thu Nov 20 23:54:25 EET 2008 PATCHES/packages/libxml2-2.6.32-x86_64-1.tgz: Upgraded to libxml2-2.6.32 and patched. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 [*** Security fix ***] +--------------------------+ Sun Nov 16 23:54:31 EET 2008 PATCHES/packages/mozilla-firefox-2.0.0.18-x86_64-1.tgz: Upgraded to firefox-2.0.0.18. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html [*** Security fix ***] PATCHES/packages/net-snmp-5.4.2.1-x86_64-1.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 [*** Security fix ***] PATCHES/packages/gnutls-1.6.3-x86_64-3.tgz: Pathced to fix a flaw in cases where the certificate chain contained only one self-signed certificate. This update fixes the issue. PATCHES/packages/seamonkey-1.1.13-x86_64-1.tgz: Upgraded to seamonkey-1.1.13. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Tue Nov 11 16:33:15 EET 2008 PATCHES/packages/gnutls-1.6.3-x86_64-2.tgz: Patched to fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. For more information, see: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 [*** Security fix ***] +--------------------------+ Sun Nov 9 00:31:08 EET 2008 PATCHES/packages/cups-1.3.9-x86_64-1.tgz: Upgraded to cups-1.3.9. This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 [*** Security fix ***] +--------------------------+ Wed Oct 15 02:40:41 EEST 2008 PATCHES/packages/glibc-zoneinfo-2.5-noarch-8.tgz: Upgraded to tzdata2008h for the latest world timezone changes. +--------------------------+ Mon Sep 29 11:04:10 EEST 2008 PATCHES/packages/mozilla-thunderbird-2.0.0.17-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.17. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Fri Sep 26 13:43:03 EEST 2008 PATCHES/packages/mozilla-firefox-2.0.0.17-x86_64-1.tgz: Upgraded to firefox-2.0.0.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html [*** Security fix ***] PATCHES/seamonkey-1.1.12-x86_64-1.tgz: Upgraded to seamonkey-1.1.12. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Wed Sep 17 17:25:33 EEST 2008 PATCHES/packages/bind-9.4.2_P2-x86_64-1.tgz: Upgraded to bind-9.4.2-P2. This version has performance gains over bind-9.4.2-P1. +--------------------------+ Thu Sep 4 01:12:00 EEST 2008 PATCHES/packages/samba-3.0.32-x86_64-1.tgz: Upgraded to samba-3.0.32. This is a bugfix release. See the WHATSNEW.txt file in the Samba docs for details on what has changed. +--------------------------+ Sat Aug 30 10:17:46 EEST 2008 PATCHES/packages/amarok-1.4.10-x86_64-1.tgz: Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune online music library support which could be used by malicious local users to overwrite system files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 [*** Security fix ***] PATCHES/packages/libgpod-0.6.0-x86_64-1.tgz: Upgraded to libgpod-0.6.0. This new version of libgpod is required for amarok-1.4.10. +--------------------------+ Wed Aug 6 00:08:43 EEST 2008 PATCHES/packages/pan-0.133-x86_64-1.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 [*** Security fix ***] PATCHES/packages/python-2.5.2-x86_64-1.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 [*** Security fix ***] +--------------------------+ Wed Jul 30 19:00:03 EEST 2008 PATCHES/packages/proftpd-1.3.1-x86_64-1.tgz: Recompiled against new OpenSSL, since this evidently checks the OpenSSL version and will only run against the libraries it was compiled against. A small patch was also added due to changes in the system includes. PATCHES/packages/fetchmail-6.3.8-x86_64-3.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 [*** Security fix ***] PATCHES/packages/httpd-2.2.9-x86_64-1.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 [*** Security fix ***] PATCHES/packages/libxslt-1.1.24-x86_64-1.tgz: Upgraded to libxslt-1.1.24. A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 [*** Security fix ***] PATCHES/packages/links-2.1-x86_64-1.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.16-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.16. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] PATCHES/packages/mtr-0.73-x86_64-1.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). [*** Security fix ***] PATCHES/packages/net-snmp-5.4.1.2-x86_64-1.tgz: Upgraded to net-snmp-5.4.1.2. A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292 [*** Security fix ***] PATCHES/packages/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! PATCHES/packages/openssl-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h. The Codenomicon TLS test suite uncovered security bugs in OpenSSL. If OpenSSL was compiled using non-default options (Bluewhite64's package is not), then a malicious packet could cause a crash. Also, a malformed TLS handshake could also lead to a crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or it is possible to be unable to log back into sshd! [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h shared libraries (see above). [*** Security fix ***] PATCHES/packages/pcre-7.7-x86_64-1.tgz: Upgraded to pcre-7.7. Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 [*** Security fix ***] PATCHES/packages/vim-7.1.330-x86_64-1.tgz: Upgraded to vim-7.1.330. This fixes several security issues related to the automatic processing of untrusted files. For more information, see: http://www.rdancer.org/vulnerablevim.html [*** Security fix ***] PATCHES/packages/vim-gvim-7.1.330-x86_64-1.tgz: Upgraded to vim-gvim-7.1.330. See "vim" above for details. [*** Security fix ***] +--------------------------+ Fri Jul 25 14:43:33 EEST 2008 PATCHES/packages/dnsmasq-2.45-x86_64-1.tgz: Upgraded to dnsmasq-2.45. It was discovered that earlier versions of dnsmasq have DNS cache weaknesses that are similar to the ones recently discovered in BIND. This new release minimizes the risk of cache poisoning. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] +--------------------------+ Thu Jul 17 22:54:46 EEST 2008 PATCHES/packages/mozilla-firefox-2.0.0.16-x86_64-1.tgz: Upgraded to firefox-2.0.0.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html [*** Security fix ***] PATCHES/packages/seamonkey-1.1.11-x86_64-1.tgz: Upgraded to seamonkey-1.1.11. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] PATCHES/packages/pidgin-2.4.3-x86_64-1.tgz: Upgraded to pidgin-2.4.3. This updates pidgin to work with the changed ICQ protocol. +--------------------------+ Fri Jul 11 18:56:09 EEST 2008 PATCHES/packages/bind-9.4.2_P1-x86_64-1.tgz: Upgraded to bind-9.4.2-P1. This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache Poisoning Issue. This is the summary of the problem from the BIND site: "A weakness in the DNS protocol may enable the poisoning of caching recurive resolvers with spoofed data. DNSSEC is the only full solution. New versions of BIND provide increased resilience to the attack." It is suggested that sites that run BIND upgrade to one of the new packages in order to reduce their exposure to DNS cache poisoning attacks. For more information, see: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] PATCHES/packages/mozilla-firefox-2.0.0.15-x86_64-1.tgz: Upgraded to firefox-2.0.0.15. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] PATCHES/packages/seamonkey-1.1.10-x86_64-1.tgz: Upgraded to seamonkey-1.1.10. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Mon Jun 30 12:32:47 EEST 2008 PATCHES/packages/gnutls-1.6.3-x86_64-1.tgz: Upgraded to GnuTLS version 1.6.3 (with additional security patches). This updated package fixes bugs which can lead to a denial of service (DoS) in programs linked with GnuTLS. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 [*** Security fix ***] +--------------------------+ Sat Jun 28 11:41:24 EEST 2008 PATCHES/packages/ruby-1.8.6_p230-x86_64-1.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 [*** Security fix ***] +--------------------------+ Thu May 29 18:01:13 EEST 2008 PATCHES/packages/samba-3.0.30-x86_64-1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 [*** Security fix ***] +--------------------------+ Wed May 28 22:30:15 EEST 2008 PATCHES/packages/rdesktop-1.6.0-x86_64-1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 [*** Security fix ***] +--------------------------+ Thu May 8 15:34:02 EEST 2008 PATCHES/packages/mozilla-thunderbird-2.0.0.14-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] PATCHES/packages/php-5.2.6-x86_64-1.tgz: Upgraded to php-5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php [*** Security fix **] +--------------------------+ Tue Apr 29 14:58:16 EEST 2008 PATCHES/packages/libpng-1.2.27-x86_64-1.tgz: Upgraded to libpng-1.2.27. This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt [*** Security fix ***] +--------------------------+ Sat Apr 26 14:09:15 EEST 2008 PATCHES/packages/kdelibs-3.5.7-x86_64-4.tgz: Patched to fix a security problem. From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code." This issue affects KDE 3.5.5 through KDE 3.5.9. We recommend upgrading to the new kdelibs package as soon as possible. For more information, see: http://www.kde.org/info/security/advisory-20080426-2.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671 [*** Security fix ***] +--------------------------+ Tue Apr 22 09:37:57 EEST5 2008 PATCHES/packages/xine-lib-1.1.11.1-x86_64-3.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Bluewhite64 anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format). As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12: http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 [*** Security fix ***] +--------------------------+ Fri Apr 18 13:17:00 EEST 2008 PATCHES/packages/mozilla-firefox-2.0.0.14-x86_64-1.tgz: Upgraded to firefox-2.0.0.14. This upgrade fixes a potential security bug. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Tue Apr 8 12:28:18 EEST 2008 PATCHES/packages/xine-lib-1.1.11.1-x86_64-2.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release. PATCHES/packages/bzip2-1.0.5-x86_64-1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 [*** Security fix ***] PATCHES/packages/m4-1.4.11-x86_64-1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 [*** Security fix ***] +--------------------------+ Sat Apr 5 00:33:00 EEST 2008 PATCHES/packages/openssh-5.0p1-x86_64-1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 [*** Security fix ***] +--------------------------+ Thu Apr 3 12:13:32 EEST 2008 PATCHES/packages/cups-1.3.7-x86_64-1.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 [*** Security fix ***] +--------------------------+ Tue Apr 1 23:51:19 EEST 2008 PATCHES/packages/xine-lib-1.1.11.1-x86_64-1.tgz: Upgraded to xine-lib-1.1.11.1. Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 [*** Security fix ***] +--------------------------+ Sun Mar 30 13:15:48 EEST 2008 PATCHES/packages/mozilla-firefox-2.0.0.13-x86_64-1.tgz: Upgraded to firefox-2.0.0.13. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] PATCHES/packages/seamonkey-1.1.9-x86_64-1.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] PATCHES/packages/xine-lib-1.1.11-x86_64-1.tgz: Earlier versions of xine-lib suffer from an array index bug that may have security implications if a malicious RTSP stream is played. Playback of other media formats is not affected. If you use RTSP, you should probably upgrade xine-lib. For more information on the security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 [*** Security fix ***] +--------------------------+ Mon Mar 3 11:48:14 EET 2008 PATCHES/packages/espgs-8.15.4-x86_64-3.tgz: This patched version of ESP Ghostscript fixes a buffer overflow. For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 [*** Security fix ***] +--------------------------+ Sun Mar 2 11:01:22 EET 2008 PATCHES/packages/mozilla-thunderbird-2.0.0.12-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-01.html These are the related CVE entries: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 [*** Security fix ***] +--------------------------+ Fri Feb 15 11:13:25 EET 2008 PATCHES/packages/httpd-2.2.8-x86_64-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 [*** Security fix ***] +--------------------------+ Wed Feb 13 12:27:33 EET 2008 PATCHES/packages/mozilla-firefox-2.0.0.12-x86_64-1.tgz: Upgraded to firefox-2.0.0.12. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [** Security fix ***] PATCHES/packages/seamonkey-1.1.8-x86_64-1.tgz: Upgraded to seamonkey-1.1.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Tue Feb 12 14:29:32 EET 2008 PATCHES/packages/kernel-huge-2.6.21.5-x86_64-3.tgz: All of these kernel upgrades fix yesterday's local root exploit. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 [*** Security fix ***] TESTING/packages/linux-2.6.22.9/kernel-test26-2.6.22.9-x86_64-2.tgz. [*** Security fix ***] TESTING/packages/linux-2.6.22.9/kernel-source-2.6.22.9-noarch-2.tgz. If you use lilo, don't forget to run it again after the upgrade. +--------------------------+ Tue Jan 1 16:43:12 EET 2008 PATCHES/packages/glibc-zoneinfo-2.5-noarch-6.tgz: Upgraded to tzdata2007k. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) +--------------------------+ Sat Dec 15 12:28:22 EET 2007 PATCHES/packages/mysql-5.0.51-x86_64-1.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 [*** Security fix ***] +--------------------------+ Tue Dec 11 17:20:41 EET 2007 PATCHES/packages/samba-3.0.28-x86_64-1.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ [*** Security fix ***] +--------------------------+ Tue Dec 4 17:48:51 EET 2007 PATCHES/packages/cairo-1.4.12-x86_64-1.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 [*** Security fix ***] PATCHES/packages/samba-3.0.27a-x86_64-1.tgz: Upgraded to samba-3.0.27a. This update fixes a crash bug regression experienced by smbfs clients caused by the fix for CVE-2007-4572. +--------------------------+ Sun Dec 2 10:48:57 EET 2007 PATCHES/packages/rsync-2.6.9-x86_64-2.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html [*** Security fix ***] PATCHES/packages/mozilla-firefox-2.0.0.11-x86_64-1.tgz: Upgraded to Firefox 2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. +--------------------------+ Fri Nov 30 18:33:33 EET 2007 PATCHES/packages/seamonkey-1.1.7-x86_64-1.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] PATCHES/packages/mkinitrd-1.1.2-x86_64-7.tgz: Only one more. ;-) Fixed a missing '--parents' in a cp command. +--------------------------+ Thu Nov 29 16:48:08 EET 2007 PATCHES/packages/mkinitrd-1.1.2-x86_64-6.tgz: Fix one bug and then find another, eh? Edited two spots where grep was searching for / rather than ' on / '. +--------------------------+ Wed Nov 28 18:46:12 EET 2007 PATCHES/packages/mkinitrd-1.1.3-x86_64-5.tgz: Fixed a bug where an extra "/dev" would be prepended incorrectly to some paths. PATCHES/packages/mozilla-firefox-2.0.0.10-x86_64-1.tgz: Upgraded to firefox-2.0.0.10. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Wed Nov 21 18:32:47 EET 2007 PATCHES/packages/libpng-1.2.23-x86_64-1.tgz: Upgraded to libpng-1.2.23. Previous libpng versions may crash when loading malformed PNG files. It is not currently known if this vulnerability can be exploited to execute malicious code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.9-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.9. This update fixes the following security related issues: URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36). Crashes with evidence of memory corruption (MFSA 2007-29). OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox. JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on. For more information, see: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 [*** Security fix ***] +--------------------------+ Sat Nov 17 23:24:16 EET 2007 PATCHES/packages/samba-3.0.27-x86_64-1.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 [*** Security fix ***] +--------------------------+ Mon Nov 12 15:10:59 EET 2007 PATCHES/packages/kdegraphics-3.5.7-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] PATCHES/packages/koffice-1.6.3-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] PATCHES/packages/poppler-0.6.2-x86_64-1.tgz: Upgraded to poppler-0.6.2. This release fixes xpdf related bugs. For more information, see: http://poppler.freedesktop.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] PATCHES/packages/xpdf-3.02pl2-x86_64-1.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] +--------------------------+ Mon Nov 12 00:22:37 EET 2007 PATCHES/packages/mozilla-firefox-2.0.0.9-x86_64-1.tgz: Upgraded to firefox-2.0.0.9. This upgrade improves the stability of Firefox. For more information, see: http://tinyurl.com/ytvnfm PATCHES/packages/php-5.2.5-x86_64-1.tgz: Upgraded to php-5.2.5. This fixes bugs and security issues. For more information, see: http://www.php.net/releases/5_2_5.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 [*** Security fix ***] PATCHES/packages/seamonkey-1.1.6-x86_64-1.tgz: Upgraded to SeaMonkey 1.1.6. This upgrade fixes SeaMonkey's ability to display certain types of web pages. That's about all we could find about it here: http://www.mozilla.org/projects/seamonkey/ testing/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-2.tgz: Added libXss and libXv. +--------------------------+ Fri Nov 2 10:02:55 EET 2007 PATCHES/packages/cups-1.2.11-x86_64-2.tgz: Patched cups-1.2.11. An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 [*** Security fix ***] +--------------------------+ Thu Oct 25 17:25:25 EEST 2007 PATCHES/packages/mozilla-firefox-2.0.0.8-x86_64-1.tgz: Upgraded to firefox-2.0.0.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] PATCHES/packages/seamonkey-1.1.5-x86_64.tgz: Upgraded to seamonkey-1.1.5. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Sat Oct 13 23:45:22 EEST 2007 PATCHES/packages/glibc-zoneinfo-2.5-noarch-4.tgz: Upgraded to timezone data from tzcode2007h and tzdata2007h. This contains the latest timezone data from NIST, including some important changes to daylight savings time in Brasil and New Zealand. +--------------------------+ Wed Oct 3 12:02:34 EEST 2007 PATCHES/packages/pidgin-2.2.1-x86_64-1.tgz: Upgraded to pidgin-2.2.1. This fixes a crash that can be triggered remotely on MSN in 2.2.0. For more information, see: http://www.pidgin.im/news/security/?id=23 +--------------------------+ Tue Oct 2 17:38:18 EEST 2007 PATCHES/packages/netwatch-1.0c-x86_64-1.tgz: Upgraded to netwatch-1.0c. This upgrade fix a Segmentation Fault when netwatch is used. Thanks to Virgil Moldoveanu for the report. [*** Fix ***] +--------------------------+ Thu Sep 27 12:33:13 EEST 2007 PATCHES/packages/kernel-huge-2.6.21.5-x86_64-2.tgz: Patched a Local Privilege Escalation Vulnerability (CVE-2007-4573). Wojciech Purczynski has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to gain escalated privileges. Original Advisory: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7 [*** Security fix ***] PATCHES/packages/kernel-source-2.6.21.5-noarch-2.tgz: Patched a Local Privilege Escalation Vulnerability (CVE-2007-4573). The patch can be found here: PATCHES/source/kernel-source/ia32-patch.diff.gz [*** Security fix ***] PATCHES/kernels/huge.s/*: Patched a Local Privilege Escalation Vulnerability (CVE-2007-4573). PATCHES/kernels/test26.s/*: Upgraded to Linux Kernel 2.6.22.9 which fixes a Local Privilege Escalation Vulnerability (CVE-2007-4573). TESTING/packages/linux-2.6.22.9/kernel-test26-2.6.22.9-x86_64-1.tgz: Upgraded to Linux Kernel 2.6.22.9. Wojciech Purczynski has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to gain escalated privileges. Original Advisory: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7 [*** Security fix ***] TESTING/packages/linux-2.6.22.9/kernel-modules-2.6.22.9-x86_64-1.tgz: Upgraded to Linux Kernel modules 2.6.22.9. TESTING/packages/linux-2.6.22.9/kernel-headers-2.6.22.9-noarch-1.tgz Upgraded to Linux Kernel headers 2.6.22.9 TESTING/packages/linux-2.6.22.9/kernel-source-2.6.22.9-noarch-1.tgz Upgraded to Linux Kernel source 2.6.22.9. This fixes a Local Privilege Escalation Vulnerability (CVE-2007-4573). Original Advisory: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7 [*** Security fix ***] TESTING/packages/svgalib_helper-1.9.25_2.6.22.9-x86_64-3.tgz: Rebuilt against the Linux Kernel 2.6.22.9. +--------------------------+ Sat Sep 22 12:27:37 EEST 2007 PATCHES/packages/kdebase-3.5.7-x86_64-3.tgz: Patched Konqueror to prevent "spoofing" the URL (i.e. displaying a URL other than the one associated with the page displayed) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 Patched KDM issue: "KDM can be tricked into performing a password-less login even for accounts with a password set under certain circumstances, namely autologin to be configured and "shutdown with password" enabled." For more information, see: http://www.kde.org/info/security/advisory-20070919-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 [*** Security fix ***] PATCHES/packages/kdelibs-3.5.7-x86_64-3.tgz: Patched Konqueror's supporting libraries to prevent addressbar spoofing. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 [*** Security fix ***] PATCHES/packages/mozilla-firefox-2.0.0.7-x86_64-1.tgz: Upgraded to firefox-2.0.0.7. This upgrade fixes Code execution via QuickTime Media-link files. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox Enabled svg support. Thanks to Janusz Dziemidowicz for the report. [*** Security fix ***] +--------------------------+ Fri Sep 14 11:37:32 EEST 2007 PATCHES/packages/jre-6u2-x86_64-2.tgz: Rebuilt. Fixed /usr/lib/java -> jre1.6.0_02 symlink. [*** Fix ***] EXTRA software/jdk-6/jdk-6u2-x86_64-3.tgz: Rebuilt. Fixed /usr/lib/java -> jdk1.6.0_02 symlink. Thanks to Virgil Moldoveanu for reporting this. [*** Fix ***] +--------------------------+ Thu Sep 13 14:44:03 EEST 2007 PATCHES/packages/openssh-4.7p1-x86_64-1.tgz: Upgraded to openssh-4.7p1. From the OpenSSH release notes: "Security bugs resolved in this release: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec." While it's fair to say that we here at Bluewhite64 don't see how this could be leveraged to compromise a system, a) the OpenSSH people (who presumably understand the code better) characterize this as a security bug, b) it has been assigned a CVE entry, and c) OpenSSH is one of the most commonly used network daemons. Better safe than sorry. More information should appear here eventually: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 [*** Security fix ***] PATCHES/packages/samba-3.0.26a-x86_64-1.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: "Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin." For more information, see: http://www.samba.org/samba/security/CVE-2007-4138.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 [*** Security fix ***] PATCHES/packages/php-5.2.4-x86_64-1.tgz: Upgraded to php-5.2.4. The PHP announcement says this version fixes over 120 bugs as well as "several low priority security bugs." Read more about it here: http://www.php.net/releases/5_2_4.php [*** Security fix ***] +--------------------------+ Sun Sep 2 12:54:30 EEST 2007 EXTRA software/jdk-6/jdk-6u2-x86_64-2.tgz: Fixed a bug in the improvement to the /etc/profile.d/ scripts where it would mess up the $MANPATH. Sorry about that, folks. The JRE package was not affected. BTW, any time a security upgrade package mentioned in an advisory is "missing", it probably means a mistake like this was made. In those cases, look for a newer package, and verify the authenticity using "gpg --verify" and the .asc file. +--------------------------+ Sat Sep 1 10:55:05 EEST 2007 PATCHES/packages/jre-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. EXTRA software/jdk-6/jdk-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. +--------------------------+ Tue Aug 28 23:41:03 EEST 2007 TESTING/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-1.tgz: Added libxslt-1.1.20, libstdc++.so.5.0.7 and libutil-2.5.so from Slackware 12.0. Thanks! This libs will help you to install and run programs like ATI drivers or wine ;). [*** UPDATE ***] +--------------------------+ Fri Aug 24 22:36:50 EEST 2007 PATCHES/packages/tcpdump-3.9.7-x86_64-1.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 [*** Security fix ***] +--------------------------+ Sun Aug 12 11:36:59 EEST 2007 PATCHES/packages/gimp-2.2.17-x86_64-1.tgz: Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding certain image types. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949 [*** Security fix ***] PATCHES/packages/poppler-0.5.4-x86_64-3.tgz: Patched to fix an integer overflow in code borrowed from xpdf. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] PATCHES/packages/qt-3.3.8-x86_64-4.tgz: Patched to fix several format string bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 [*** Security fix ***] PATCHES/packages/seamonkey-1.1.4-x86_64-1.tgz: Upgraded to seamonkey-1.1.4. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] PATCHES/packages/xpdf-3.02pl1-x86_64-1.tgz: Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly be leveraged to run arbitrary code if a malicious PDF file is processed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] +--------------------------+ Sat Aug 4 14:10:07 EEST 2007 PATCHES/packages/mozilla-thunderbird-2.0.0.6-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] +--------------------------+ Thu Aug 2 11:36:32 EEST 2007 PATCHES/packages/mozilla-firefox-2.0.0.6-x86_64-1.tgz: Upgraded to firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Fri Jul 27 11:47:24 EEST 2007 PATCHES/packages/bind-9.4.1_P1-x86_64-1.tgz: Upgraded to bind-9.4.1_P1 to fix security issues. The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1. The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak. For more information on these issues, see: http://www.isc.org/index.pl?/sw/bind/bind-security.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 [*** Security fix ***] +--------------------------+ Wed Jul 25 02:49:04 EEST 2007 PATCHES/packages/mozilla-thunderbird-2.0.0.5-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine with Firefox it is susceptible to similar vulnerabilities. This update fixes the same issues fixed in the recent Firefox patch. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] PATCHES/packages/seamonkey-1.1.3-x86_64-1.tgz: Upgraded to seamonkey-1.1.3. This is presumably a security update, but the details on the net have been sparse. So far nothing has appeared at the usual URL, but I would treat this as a security update unless it is announced as otherwise. For more information (if/when it appears), see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Fri Jul 20 00:46:12 EEST 2007 PATCHES/packages/mkinitrd-1.1.3-x86_64-4.tgz: Fixed a minor bug in mkinitrd where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were not affected by this bug, so most people won't run into it (which is probably why it wasn't spotted in development here). PATCHES/packages/mozilla-firefox-2.0.0.5-x86_64-1.tgz: Upgraded to firefox-2.0.0.5. This upgrade fixes a couple of minor security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] PATCHES/packages/xf86-video-intel-2.1.0-x86_64-1.tgz: Added additional chipsets. PATCHES/packages/xf86-video-nv-2.1.2-x86_64-1.tgz: Added additional chipsets. +--------------------------+ Mon Jul 16 14:29:53 EEST 2007 PATCHES/packages/xf86-video-v4l-0.1.1-x86_64-2.tgz: Patched to fix X.org server crash (only on 64-bit arch) when xvinfo or other programs like xdtv try to use v4l driver. This is happens only if you have v4l loaded in your xorg.conf file. Thanks to Casteyde Christian for reporting this. [*** Fix ***] usb-and-pxe-installers/*: Fixed missing lib64->lib symlink in initrd.img which prevent installing Bluewhite64 12.0 from a bootable USB stick. Thanks to Bogdan Bordea for reporting and testing the new initrd.img. [*** Fix ***] +--------------------------+ Tue Jul 10 01:24:59 EEST 2007 This is Bluewhite64 Linux 12.0! THANKS to ALL for helping on this release! Don't forget to read the CHANGES_AND_HINTS.TXT file for more information about changes. I hope you find Bluewhite64 to be useful! ;) A software series/kernel-test26-2.6.22-x86_64-2.tgz: Recompiled, renamed to kernel-test26 and moved to A series. You will need to install kernel-modules-2.6.22 from the testing/packages/linux-2.6.22/ directory. Rebuilt with magic SysRQ key enabled. Added Attansic L1 Gigabit Ethernet support and removed Ext4 filesystem support. Thanks to Micsa for this suggestions ;). testing/packages/linux-2.6.22/kernel-modules-2.6.22-x86_64-2.tgz: Rebuilt. testing/packages/linux-2.6.22/kernel-headers-2.6.22-noarch-2.tgz: Rebuilt. testing/packages/linux-2.6.22/kernel-source-2.6.22-noarch-2.tgz: Rebuilt. testing/packages/svgalib_helper-1.9.25_2.6.22-x86_64-2.tgz: Rebuilt against the new kernel. isolinux/network.dsk: Updated Linux 2.6.22 kernel modules. Added Attansic L1 Gigabit Ethernet driver module. isolinux/network.dsk: Updated Linux 2.6.22 kernel modules. kernels/test26.s/*: Rebuilt. +--------------------------+ Mon Jul 9 13:20:06 EEST 2007 Please give to this kernels a test before the final release ;). testing/packages/linux-2.6.22/kernel-huge-2.6.22-x86_64-1.tgz: Added Linux 2.6.22 SMP huge.s testing kernel. testing/packages/linux-2.6.22/kernel-modules-2.6.22-x86_64-1.tgz: Added Linux 2.6.22 SMP kernel modules. testing/packages/linux-2.6.22/kernel-headers-2.6.22-noarch-1.tgz: Added Linux 2.6.22 SMP kernel headers. testing/packages/linux-2.6.22/kernel-source-2.6.22-noarch-1.tgz: Added Linux 2.6.22 SMP kernel source. testing/packages/svgalib_helper-1.9.25_2.6.22-x86_64-1.tgz: Added svgalib_helper-1.9.25 for 2.6.22 Linux kernel. isolinux/network.dsk: Added Linux 2.6.22 SMP kernel modules. isolinux/network.dsk: Added Linux 2.6.22 SMP kernel modules. kernels/test26.s/*: Added test26.s Linux 2.6.22 SMP kernel for testing. +--------------------------+ Mon Jul 2 13:18:35 EEST 2007 N software series/httpd-2.2.4-x86_64-5.tgz: Fixed a minor bug in the install script where it would try to back up website directories without checking that they existed. This was harmless (but did make an ugly error). N software series/network-scripts-12.0-noarch-4.tgz: Removed a silly "sanity check" that figured if you didn't have /bin/telnet that you must not have networking installed. +--------------------------+ Sun Jul 1 12:50:02 EEST 2007 X software series/xinit-1.0.4-x86_64-2.tgz: This package should not contain an xinitrc since in contains no window manager. But, since it's probably already installed one on any -current running machine, removing it will remove your symlink to any existing xinitrc.*. If that happens, we link to xinitrc.kde. If that is not your window manager of choice -- sorry about that. A quick run of xwmconfig as root will let you get the system wide defaults back the way you like them. N software series/network-scripts-12.0-noarch-3.tgz: Set the automatic DHCP timeout to 10 seconds. isolinux/initrd.img: Fixed parted-1.8.7 tools (libreadline was still required by the "static" binary, so we went all dynamic). usb-and-pxe-installers/: Replaced parted-1.8.7 tools with the fixed ones. N software series/inetd-1.79s-x86_64-2.tgz: Fixed a couple /opt/kde/ paths in inetd.conf. EXTRA software/checkinstall/: This had to be removed because it does not work with the latest coreutils. There is a readme in this directory with the URL to checkinstall's homepage, so if you must use checkinstall poll the site periodically to see if a version comes out that fixes this issue. EXTRA software/slacktrack/slacktrack-1.32-x86_64-1.tgz: Merged the newest version. Note that this works, but must touch all the files on the system. This is because installwatch.so does not work with the newest coreutils. However, a new version will probably be created soon that does, so check the slacktrack page (or here, on ftp sites) for possible full-functionality upgrades. +--------------------------+ Sat Jun 30 23:38:38 EEST 2007 N software series/network-scripts-12.0-noarch-2.tgz: If no explicit DCHP_TIMEOUT is set, then look in /sys to see if the interface has a connection carrier. If not, reduce the DHCP timeout to 3 seconds (which, even if the kernel is wrong, is usually more than enough time for the DHCP server to respond). EXTRA software/slackpkg/slackpkg-2.61-noarch-3.tgz: Added Bluewhite64 12.0 mirrors ;). +--------------------------+ Sat Jun 30 15:32:05 EEST 2007 D software series/pkg-config-0.21-x86_64-6.tgz: Use a symlink to fix broken packages that think /usr/share/pkgconfig is a good place for .pc files. Move any .pc files found to already exist there. D software series/mercurial-0.9.4-x86_64-1.tgz: Upgraded to mercurial-0.9.4. EXTRA softeare/xf86-video-ati-6.6.3/xf86-video-ati-6.6.3-x86_64-3.tgz: If you are getting a black screen with newer driver versions, so here is an alternate to try, just in case. +--------------------------+ Fri Jun 29 15:32:34 EEST 2007 A software series/udev-111-x86_64-5.tgz: Added some more platform rules in 50-udev-rules. D software series/git-1.5.2.2-x86_64-1.tgz: Upgraded to git-1.5.2.2, fixed .packlist paths, and got git-remote working again (Error.pm was previously missing). L software series/gd-2.0.35-x86_64-2.tgz: Fixed 640 perms on docs. N software series/php-5.2.3-x86_64-2.tgz: OK, I think we have a working combination of PHP extensions now. If you notice any problems, let me know soon (along with a fix, if possible). As it stands, everything that could be built as an extension is loaded by default, so you may want to do some extension pruning in /etc/httpd/php.ini. KDE software series/kdebase-3.5.7-x86_64-2.tgz: Fix the same kind of escaping problem as seen below in the xfce fix, also found in /etc/profile.d/kde.csh. XAP software series/xfce-4.4.1-x86_64-6.tgz: In xfce4-mixer, use --with-sound=alsa option to make sure that OSS is not used accidentally (probably more of an issue if someone rebuilds, I'm told). Use ${VAR} instead of $VAR before a : in xfce.csh. This seems cleaner than escaping the : with a \. +--------------------------+ Fri Jun 29 14:23:43 EEST 2007 A software series/hdparm-7.6-x86_64-1.tgz: Upgraded to hdparm-7.6. A software series/mkinitrd-1.1.2-x86_64-3.tgz: Fixed a cosmetic boot-time error if cryptsetup is not used in the initramfs. A software series/sysvinit-scripts-1.2-noarch-13.tgz: Mount usbfs regardless of whether udev is used. VMware and other things need this. D software series/libtool-1.5.24-x86_64-1.tgz: Upgraded to libtool-1.5.24. D software series/p2c-1.21alpha2-x86_64-3.tgz: Fixed build script to optimize properly. D software series/rcs-5.7-x86_64-2.tgz: Fixed incorrect perms (711) on binaries. L software series/librsvg-2.16.1-x86_64-1.tgz: Upgraded to librsvg-2.16.1. L software series/cairo-1.4.10-x86_64-1.tgz: Upgraded to cairo-1.4.10. L software series/hal-0.5.9.1-x86_64-1.tgz: Upgraded to hal-0.5.9.1. L software series/hal-info-20070618-noarch-1.tgz: Upgraded to hal-info-20070618. N software series/dhcp-3.0.5-x86_64-2.tgz: Patched kernel version detection in ./configure, which might make dhclient work. N software series/httpd-2.2.4-x86_64-4.tgz: Made the package install script look at the contents of /srv and take care not to wipe out any existing website there, but to back it up instead. Sorry if previous packages bit your site... N software series/iptables-1.3.8-x86_64-1.tgz: Upgraded to iptables-1.3.8. N software series/tcpdump-3.9.6-x86_64-1.tgz: Upgraded to libpcap-0.9.6 and tcpdump-3.9.6. N software series/whois-4.7.21-x86_64-1.tgz: Upgraded to whois-4.7.21. T software series/tetex-3.0-x86_64-4.tgz: Patched to create /var/lib/texmf dir in $HOME/.texmf-var. T software series/tetex-doc-3.0-x86_64-4.tgz: Rebuilt. X software series/libX11-1.1.1-x86_64-4.tgz: Patched to fix a bug introduced while converting some code from K&R to ANSI C. This should make gdk+ and GIMP a lot more stable. +--------------------------+ Thu Jun 28 00:05:14 EEST 2007 This is Bluewhite64 12.0 Release Candidate 2! No ISO at this time ;). Thanks to Alex for reporting and fixing some maketag and tagfiles in A and AP software series ;). KDE software series/kvpnc-0.8.9-x86_64-1.tgz: Removed. L software series/gd-2.0.35-x86_64-1.tgz: Upgraded to gd-2.0.35. This fixes a few possible security issues: * Possible infinite loop in the PNG reader * Possible integer overflow in gdImageCreateTrueColor * Possible crash in gdImageCreateXbm * Numerous flaws in the GIF reader [*** Security fix ***] L software series/gmime-2.2.9-x86_64-1.tgz: Upgraded to gmime-2.2.9. N software series/pssh-1.3.1-noarch-1.tgz: Added pssh-1.3.1, python scripts to run openssh tools in parallel. N software series/samba-3.0.25b-x86_64-1.tgz: Upgraded to samba-3.0.25b. X software series/xf86-video-savage-2.1.2-x86_64-2.tgz: Committed upstream patch to fix a crash of the savage_drv.so driver when respawned. isolinux/initrd.img: Updated with fixed umount. Added parted-1.8.7 tools. A software series/pkgtools-12.0.0-noarch-3.tgz: Added setup.htmlview installer script. A software series/udev-111-x86_64-4.tgz: Make the restart option more through. D software series/util-linux-2.12r-x86_64-4.tgz: Patched a problem where umounting by UUID would cause umount to segfault for non-root users. D software series/binutils-2.17.50.0.17-x86_64-1.tgz: Upgraded to binutils-2.17.50.0.17. D software series/oprofile-0.9.2-x86_64-4.tgz: Recompiled against new (binutils) libbfd. KDE software series/k3b-1.0.2-x86_64-1.tgz: Upgraded to k3b-1.0.2. KDEi software series/k3b-i18n-1.0.2-noarch-1.tgz: Upgraded to k3b-i18n-1.0.2. XAP software series/xchat-2.8.2-x86_64-2.tgz: Recompiled with official patch. extra/intel-wlan-ipw3945: Added a few missing bits and rearranged the tree a bit. Thanks to Gabriel Linder for noticing that the kernel module happens to work with the ieee80211 stack already in our kernel. That makes getting this to work quite a bit easier. :-) usb-and-pxe-installers/: Added parted-1.8.7 tools. Updated with fixed umount. EXTRA software/kernel_generic-2.6.21.5/kernel_generic-2.6.21.5-x86_64-1.tgz: Renamed to kernel_generic-2.6.21.5-x86_64-1.tgz (require initrd). EXTRA software/kernel_generic-2.6.21.5/kernel_headers-2.6.21.5-noarch-1.tgz: Renamed to kernel_headers-2.6.21.5-noarch-1.tgz. EXTRA software/kernel_generic-2.6.21.5/kernel_modules-2.6.21.5-x86_64-1.tgz: Renamed to kernel_modules-2.6.21.5-x86_64-1.tgz. EXTRA software/kernel_generic-2.6.21.5/kernel_source-2.6.21.5-noarch-1.tgz Renamed to kernel_source-2.6.21.5-noarch-1.tgz. +--------------------------+ Sat Jun 23 02:01:44 EEST 2007 A software series/aaa_elflibs-12.0.0-x86_64-2.tgz: Upgraded expat library. A software series/cryptsetup-1.0.5-x86_64-2.tgz: Fixed locale directory. A software series/gettext-0.16.1-x86_64-3.tgz: Rebuilt. A software series/pkgtools-12.0.0-noarch-2.tgz: Added rc.snmpd to the services setup menu in the installer. A software series/shadow-4.0.6-x86_64-2.tgz: Added plugdev to the list of groups that a user logging in through /bin/login at the console will automatically be added to. With a login manager such as kdm, users will still need to be added to the plugdev group manually. AP software series/vim-7.1.012-x86_64-1.tgz: Upgraded to vim-7.1.012. D software series/gettext-tools-0.16.1-x86_64-3.tgz: Added back "archive.tar.gz" which is not useless and is required in some cases by the autotools. If anyone else notices any more "useless" stuff being installed by "make install", please inquire with the developers of the upstream source before requesting that it be removed. Thanks. :-) KDE software series/amarok-1.4.6-x86_64-1.tgz: Upgraded to amarok-1.4.6. L software series/esound-0.2.38-x86_64-1.tgz: Upgraded to esound-0.2.38. L software series/expat-2.0.1-x86_64-1.tgz: Upgraded to expat-2.0.1. L software series/gamin-0.1.8-x86_64-2.tgz: Changed options to --disable-dnotify and --enable-inotify, which is a superior filesystem tracking method on 2.6.13+ kernels. L software series/libglade-2.6.1-x86_64-1.tgz: Upgraded to libglade-2.6.1. L software series/mhash-0.9.9-x86_64-1.tgz: Upgraded to mhash-0.9.9. N software seriesn/mcabber-0.9.3-x86_64-1.tgz: Upgraded to mcabber-0.9.3. N software seriesn/net-snmp-5.4-x86_64-5.tgz: Recompiled without the --enable-reentrant which was causing snmpd to not work. Added a more simple, Bluwhite64-like rc.snmpd. N software series/network-scripts-12.0-noarch-1.tgz: Rebuilt to include the better-commented rc.inet1.conf that was added to source/n/network-scripts/ back in May. XAP software series/pan-0.131-x86_64-1.tgz: Upgraded to pan-0.131. XAP software series/pidgin-2.0.2-x86_64-1.tgz: Upgraded to pidgin-2.0.2. XAP software series/vim-gvim-7.1.012-x86_64-1.tgz: Upgraded to vim-7.1.012 for GTK+. This also requires the main VIM package... testing/packages/gutenprint-5.0.1-x86_64-1.tgz: Upgraded to gutenprint-5.0.1. +--------------------------+ Sat Jun 16 14:39:07 EEST 2007 This is Bluewhite64 Linux 12.0 Release Candidate 1! A software series/aaa_base-12.0.0-noarch-1.tgz: Updated versions to 12.0. A software series/aaa_elflibs-12.0.0-x86_64-1.tgz: Updated the initial library collection. A software series/coreutils-6.9-x86_64-1.tgz: Upgraded to coreutils-6.9. A software series/cryptsetup-1.0.5-x86_64-1.tgz: Added cryptsetup-1.0.5. A software series/device-mapper-1.02.19-x86_64-2.tgz: Split udev rules out of 50-udev-rules into 64-device-mapper.rules in this package. Added a few more ./configure options to ensure that device permissions are the same as for other disk devices. Moved from AP. A software series/file-4.21-x86_64-1.tgz: Upgraded to file-4.21. A software series/findutils-4.2.31-x86_64-1.tgz: Upgraded to findutils-4.2.31. A A software series/gettext-0.16.1-x86_64-2.tgz: Recompiled. A software series/glibc-solibs-2.5-x86_64-3.tgz: Recompiled against 2.6.21.5 kernel headers. A software series/glibc-zoneinfo-2.5-noarch-3.tgz: Upgraded to tzcode/tzdata 2007f. A software series/kernel-huge-2.6.21.5-x86_64-1.tgz: Upgraded to Linux 2.6.21.5 processor huge.s (full-featured SMP) kernel. A software series/kernel-modules-2.6.21.5-x86_64-1.tgz: Upgraded to Linux 2.6.21.5 SMP kernel modules. A software series/lilo-22.8-x86_64-4.tgz: Fixed some menu formatting in liloconfig. A software series/lvm2-2.02.09-x86_64-2.tgz: Moved from AP. A software series/mdadm-2.6.1-x86_64-1.tgz: Moved from AP. A software series/mkinitrd-1.1.2-x86_64-2.tgz: Added $@ after /sbin/init in the initrd. Added additional option -C option for cryptsetup, and -L option for LVM to mkinitrd. A software series/mt-st-0.9b-x86_64-2.tgz: Moved from AP. A software series/mtx-1.3.9-x86_64-1.tgz: Moved from AP. A software series/openssl-solibs-0.9.8e-x86_64-3.tgz: Recompiled. A software series/pciutils-2.2.5-x86_64-1.tgz: Upgraded to pciutils-2.2.5. A software series/pkgtools-12.0.0-noarch-1.tgz: Bumped version number. A software series/quota-3.13-x86_64-1.tgz: Moved from AP. A software series/sdparm-1.01-x86_64-2.tgz: slack-desc typo fix. A software series/sysvinit-scripts-1.2-noarch-12.tgz: Fixed missing "start" for rc.ntpd in c.M. Fixed missing rc.bluetooth start in rc.M. Moved the LVM init block in rc.S closer to the start of the script (right after udev) to make root-on-LVM (with an appropriate initrd) more feasible. A software series/udev-111-x86_64-3.tgz: Removed device-mapper rules from 50-udev-rules. Fixed a bug in /lib/udev/modprobe.sh. AP software series/alsa-utils-1.0.14-x86_64-1.tgz: Upgraded to alsa-utils-1.0.14. AP software series/hplip-1.7.4a-x86_64-2.tgz: Changed the default mode on rc.hplip.new to 644. AP software series/lsof-4.78-x86_64-1.tgz: Upgraded to lsof-4.78. AP software series/man-pages-2.55-noarch-1.tgz: Upgraded to man-pages-2.55. AP software series/man-pages-2.55-noarch-1.tgz: Upgraded to man-pages-2.55. AP software series/vim-7.1.002-x86_64-1.tgz: Upgraded to vim-7.1.002. Fixed sh syntax highlighting. D software series/doxygen-1.5.2-x86_64-1.tgz: Upgraded to doxygen-1.5.2. D software series/gettext-tools-0.16.1-x86_64-2.tgz: Removed (probably) useless archive.tar.gz blob from the package. D software series/git-1.5.2.1-x6_64-1.tgz: Upgraded to git-1.5.2.1. D software series/kernel-headers-2.6.21.5-noarch-1.tgz: Upgraded to Linux 2.6.21.5 SMP kernel headers. D software series/p2c-1.21alpha2-x86_64-2.tgz: Recompiled. D software series/subversion-1.4.4-x86_64-1.tgz: Upgraded to subversion-1.4.4. F software series/linux-howtos-20070609-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070609. K software series/kernel-source-2.6.21.5-noarch-1.tgz: Upgraded to kernel-source-2.6.21.5. KDE software series/knemo-0.4.8-x86_64-1.tgz: Added knemo-0.4.8. KDE software series/kdesdk-3.5.7-x86_64-2.tgz: Fixed uncompressed man pages. This also seemed to pick up new support for bugzilla. KDE software series/kdelibs-3.5.7-x86_64-2.tgz: Patched to call utempter in the proper location and with the right arguments. KDE software series/koffice-1.6.3-x86_64-1.tgz: Upgraded to koffice-1.6.3. KDE software series/kvpnc-0.8.9-x86_64-1.tgz: Added kvpnc-0.8.9. KDEi software series/koffice*: Upgraded to koffice-l10n 1.6.3. L software series/alsa-lib-1.0.14a-x86_64-1.tgz: Upgraded to alsa-lib-1.0.14a. L software series/alsa-oss-1.0.14-x86_64-1.tgz: Upgraded to alsa-oss-1.0.14. L software series/cairo-1.4.8-x86_64-1.tgz: Upgraded to cairo-1.4.8. L software series/glibc-2.5-x86_64-3.tgz: Recompiled against 2.6.21.5 kernel headers. L software series/glibc-profile-2.5-x86_64-3.tgz: Recompiled against 2.6.21.5 kernel headers. L software series/gtk+2-2.10.13-x86_64-1.tgz: Upgraded to gtk+2-2.10.13. L software series/hal-0.5.9-x86_64-3.tgz: Changed the default mode on rc.hald.new to 755. L software series/mcs-0.4.1-x86_64-2.tgz: slack-desc typo fix. L software series/lzo-2.02-x86_64-1.tgz: Added lzo-2.02. L software series/svgalib_helper-1.9.25_2.6.21.5-x86_64-1.tgz: Upgraded svgalib_helper package. L software series/shared-mime-info-0.21-x86_64-2.tgz: Fixed an uncompressed man page. L software series/t1lib-5.1.0-x86_64-3.tgz: Corrected the font search path. L software series/vte-0.16.5-x86_64-1.tgz: Upgraded to vte-0.16.5. N software series/bind-9.4.1-x86_64-1.tgz: Upgraded to bind-9.4.1. N software series/httpd-2.2.4-x86_64-3.tgz: Moved the main directory to the usual Bluewhite64 location of "/var/www", which should ease transitioning existing sites as well as prevent /srv from becoming (right away) a bloated top-level directory. In /srv, make two symlinks for FHS compliance: /srv/www -> /var/www (this makes htdig with KDE work again), and /srv/httpd -> /var/www (/srv/httpd will be the default path used in the httpd.conf, and seems to me to be following the spirit behind "/srv"). Since the old apache had visible log files (in a 755 mode directory), make these visible, too. If the admin wants to lock them down, we'll make sure the chosen mode sticks. N software series/lynx-2.8.6rel.5-x86_64-1.tgz: Upgraded to lynx-2.8.6rel.5. Compiled with --with-screen=ncursesw and --enable-widec. N software series/mcabber-0.9.2-x86_64-1.tgz: Added mcabber-0.9.2. N software series/mtr-0.72-x86_64-1.tgz: Added mtr-0.72. N software series/net-snmp-5.4-x86_64-4.tgz: Fixed a few uncompressed man pages. N software series/nmap-4.20-x86_64-1.tgz: Upgraded to nmap-4.20. N software series/openssl-0.9.8e-x86_64-3.tgz: Added certwatch script. N software series/openvpn-2.0.9-x86_64-1.tgz: Added openvpn-2.0.9. N software series/sendmail-8.14.1-x86_64-1.tgz: Upgraded to sendmail-8.14.1. Changed the default mode on rc.sendmail.new to 644. N software series/sendmail-cf-8.14.1-noarch-1.tgz: Upgraded to sendmail-8.14.1 config files. N software series/tcpdump-3.9.5-x86_64-1.tgz: Upgraded to tcpdump-3.9.5. N software series/vlan-1.9-x86_64-2.tgz: Recompiled. TCL software series/tcl-8.4.15-x86_64-1.tgz: Upgraded to tcl-8.4.15. TCL software series/tk-8.4.15-x86_64-1.tgz: Upgraded to tk-8.4.15. X software series/dejavu-ttf-2.17-noarch-1.tgz: Upgraded to dejavu-ttf-2.17. X software series/xkeyboard-config-0.9-noarch-2.tgz: Make sure /etc/X11/xkb/symbols/pc is installed as a file. If not, back up /etc/X11/xkb to make way for the new structure of xkeyboard-config. Thanks to Marcelo Ossamu Honda for reporting this. XAP software series/audacious-plugins-1.3.5-x86_64-1.tgz: Upgraded to audacious-plugins-1.3.5. XAP software series/mozilla-thunderbird-2.0.0.4-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.4. This upgrade fixes two possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/pidgin-2.0.1-x86_64-1.tgz: Upgraded to pidgin-2.0.1. XAP software series/vim-gvim-7.1.002-x86_64-1.tgz: Upgraded to GTK+ vim-7.1.002 add-on. XAP software series/xfce-4.4.1-x86_64-4.tgz: Fixed uncompressed man pages. Escaped the ':'s in /etc/profile.d/xfce.csh. XAP software series/xine-lib-1.1.7-x86_64-1.tgz: Upgraded to xine-lib-1.1.7. EXTRA software/intel-wlan-ipw3945: Added kernel patches and support sources for using the Intel ipw3945 wireless drivers. Due to the need to patch the kernel for a newer ieee80211 subsystem, these are all in source form rather than as packages. Consider it an opportunity to learn. :-) EXTRA software/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-x86_64-1.tgz: Recompiled linux-wlan-ng-0.2.8 with modules for Linux 2.6.21.5 SMP. EXTRA software/slackpkg/slackpkg-2.61-noarch-2.tgz: Upgraded to slackpkg-2.61-noarch-2. Thanks to Piter Pun isolinux/initrd.img: Merged Eric Hameleers' LVM installer changes. Added cryptsetup. Updated syslinux. Added dhcpcd. Version number bump. isolinux/initrd.img: Merged Eric Hameleers' LVM installer changes. Added cryptsetup. Updated syslinux. Added dhcpcd. Version number bump. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.21.5. usb-and-pxe-installers/: Updated USB and PXE installers with merged-in (semi-DIY) LVM and crypto support. Thanks to Eric Hameleers! N software series/bluez-utils-3.9-x86_64-4.tgz: Fised /etc/bluetooth/README.BLUEWHITE64 symlink. Thanks to Facundo for reporting this :). EXTRA software/kernel-generic-2.6.21.3/kernel-generic-2.6.21.5-x86_64-1.tgz: Upgraded to kernel-generic-2.6.21.5 (requires initrd). EXTRA software/kernel-generic-2.6.21.3/kernel-headers-2.6.21.5-noarch-1.tgz: Upgraded to kernel-headers-2.6.21.5. EXTRA software/kernel-generic-2.6.21.3/kernel-modules-2.6.21.5-x86_64-1.tgz: Upgraded to kernel-modules-2.6.21.5. EXTRA software/kernel-generic-2.6.21.3/kernel-source-2.6.21.5-noarch-1.tgz: Upgraded to kernel-source-2.6.21.5. +--------------------------+ Thu Jun 14 10:56:09 EEST 2007 L software series/libexif-0.6.16-x86_64-1.tgz: Upgraded to libexif-0.6.16. An integer overflow in libexif can crash applications that use the library on malformed images. The upstream advisory indicates that this flaw could also be used to execute arbitrary code in the context of the user, but no exploit is known (by us) to exist among iDefense's researchers or in the wild. But, as a crash bug and heap overflow one must suppose that the possibility exists. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168 [*** Security fix ***] +--------------------------+ Mon Jun 4 01:52:10 EEST 2007 X software series/libSM-1.0.3-x86_64-1.tgz: Upgraded to libSM-1.0.3. X software series/xf86-video-ati-6.6.192-x86_64-1.tgz: Upgraded to xf86-video-ati-6.6.192. X software series/xf86-video-nv-2.0.96-x86_64-1.tgz: Upgraded to xf86-video-nv-2.0.96. X software series/xinit-1.0.4-x86_64-1.tgz: Upgraded to xinit-1.0.4. XAP software series/mozilla-firefox-2.0.0.4-x86_64-1.tgz: Upgraded to mozilla-firefox-2.0.0.4. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/seamonkey-1.1.2-x86_64-1.tgz: Upgraded to seamonkey-1.1.2. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Sat Jun 2 04:38:34 EEST 2007 N software series/php-5.2.3-x86_64-1.tgz: Upgraded to php-5.2.3. Here's some basic information about the release from php.net: "This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases. These regressions relate to the timeout handling over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in certain conditions. All users are encouraged to upgrade to this release." For more complete information, see: http://www.php.net/releases/5_2_3.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872 [*** Security fix ***] +--------------------------+ Fri Jun 1 12:28:41 EEST 2007 A software series/gpm-1.20.1-x86_64-4.tgz: Added exps2 to the setup.mouse menu. A software series/hdparm-7.4-x86_64-1.tgz: Upgraded to hdparm-7.4. A software series/lilo-22.8-x86_64-3.tgz: Restored device-mapper support. Made the MBR the default selection in the LILO target menu. A software series/reiserfsprogs-3.6.19-x86_64-2.tgz: Recompiled. A software series/sdparm-1.01-x86_64-1.tgz: Added sdparm-1.01. A software series/sysvinit-scripts-1.2-noarch-11.tgz: Start rc.ntpd in rc.M (if executable). A software series/udev-111-x86_64-2.tgz: Merged various changes from Piter Punk to more easily blacklist the PnP modules. AP software series/device-mapper-1.02.19-x86_64-1.tgz: Upgraded to device-mapper-1.02.19. D software series/gperf-3.0.3-x86_64-1.tgz: Upgraded to gperf-3.0.3. N software series/nfs-utils-1.1.0-x86_64-2.tgz: Removed dangling symlinks in /sbin. isolinux/initrd.img: Added libdevmapper, upgraded to the latest dmsetup. +--------------------------+ Thu May 31 21:53:46 EEST 2007 KDE software series/kdeutils-3.5.7-x86_64-2.tgz: Patched to fix a problem with the klaptopdaemon library. L software series/dbus-1.0.2-x86_64-3.tgz: Fixed startup script to avoid problems when D-Bus doesn't clean up its .pid file. L software series/hal-0.5.9-x86_64-2.tgz: Cleanups to rc.hald. Fixed the problem with these startup scripts (most obvious if one tries to go to runlevel 1 and then back to runlevel 3). +--------------------------+ Wed May 30 13:58:45 EEST 2007 bluewhite64-current-30052007.iso released for testing! (Code Name: One Year of Bluewhite64) This is 1 Year of Bluewhite64 Linux. Thanks to all for using it! A software series/dialog-1.1_20070528-x86_64-1.tgz: Upgraded to dialog-1.1_20070528. A software series/etc-11.1-noarch-6.tgz: Added power (84) group to /etc/group. Added haldaemon (82) user to /etc/passwd, group to /etc/group, and empty shadow line to /etc/shadow. A software series/pkgtools-11.0.9-noarch-3.tgz: Support making a USB boot stick during the installation process as an emergency boot device. Added more options to the setup.services menu. A software series/sysvinit-scripts-1.2-noarch-3.tgz: In rc.M, start rc.hald if executable. A software series/pkg-config-0.21-x86_64-6.tgz: Recompiled, removing /opt/kde/lib/pkgconfig from PKG_CONFIG_PATH. KDE software series/amarok-1.4.5-x86_64-6.tgz: Recompiled against new libraries. KDE software series/kdeaccessibility-3.5.7-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.7. KDE software series/kdeaddons-3.5.7-x86_64-1.tgz: Upgraded to kdeaddons-3.5.7. KDE software series/kdeadmin-3.5.7-x86_64-1.tgz: Upgraded to kdeadmin-3.5.7. KDE software series/kdeartwork-3.5.7-x86_64-1.tgz: Upgraded to kdeartwork-3.5.7. KDE software series/kdebase-3.5.7-x86_64-1.tgz: Upgraded to kdebase-3.5.7. (with HAL support) KDE software series/kdebindings-3.5.7-x86_64-1.tgz: Upgraded to kdebindings-3.5.7. KDE software series/kdeedu-3.5.7-x86_64-1.tgz: Upgraded to kdeedu-3.5.7. KDE software series/kdegames-3.5.7-x86_64-1.tgz: Upgraded to kdegames-3.5.7. KDE software series/kdegraphics-3.5.7-x86_64-1.tgz: Upgraded to kdegraphics-3.5.7. KDE software series/kdelibs-3.5.7-x86_64-1.tgz: Upgraded to kdelibs-3.5.7. KDE software series/kdemultimedia-3.5.7-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.7. KDE software series/kdenetwork-3.5.7-x86_64-1.tgz: Upgraded to kdenetwork-3.5.7. KDE software series/kdepim-3.5.7-x86_64-1.tgz: Upgraded to kdepim-3.5.7. KDE software series/kdesdk-3.5.7-x86_64-1.tgz: Upgraded to kdesdk-3.5.7. KDE software series/kdetoys-3.5.7-x86_64-1.tgz: Upgraded to kdetoys-3.5.7. KDE software series/kdeutils-3.5.7-x86_64-1.tgz: Upgraded to kdeutils-3.5.7. KDE software series/kdevelop-3.4.1-x86_64-1.tgz: Upgraded to kdevelop-3.4.1. KDE software series/kdewebdev-3.5.7-x86_64-1.tgz: Upgraded to kdewebdev-3.5.7. kdei/*: Upgraded to kde-i18n 3.5.7. L software series/arts-1.5.7-x86_64-1.tgz: Upgraded to arts-1.5.7. L software series/dbus-1.0.2-x86_64-2.tgz: Patched rc.messagebus to add a "reload" option to be used after adding users to groups such as plugdev, cdrom, etc. L software series/dbus-glib-0.73-x86_64-1.tgz: Upgraded to dbus-glib-0.73. L software series/desktop-file-utils-0.12-x86_64-2.tgz: Added BLURB to setup script. L software series/hal-0.5.9-x86_64-1.tgz: Added hal-0.5.9. L software series/hal-info-20070516-noarch-1.tgz: Added hal-info-20070516. L software series/libexif-0.6.15-x86_64-1.tgz: Upgraded to libexif-0.6.15. L software series/libkarma-0.1.0-x86_64-1.tgz: Upgraded to libkarma-0.1.0. L software series/libmtp-0.1.5-x86_64-1.tgz: Upgraded to libmtp-0.1.5. L software series/libnjb-2.2.5-x86_64-4.tgz: Moved libnjb.rules to 80-libnjb.rules. Got rid of obsolete hotplug files. L software series/shared-mime-info-0.21-x86_64-1.tgz: Upgraded to shared-mime-info-0.21. Added BLURB to setup script. L software series/svgalib-1.9.25-x86_64-1.tgz: This package no longer contains the kernel modules required by svgalib, which are now packaged in a separate svgalib_helper package. L software series/svgalib_helper-1.9.25_2.6.21.3-x86_64-1.tgz: Added svgalib_helper containing the kernel helper module for svgalib. L software series/qt-3.3.8-x86_64-3.tgz: Rebuilt with the sources in /usr/lib/qt/, but using DESTDIR to create a finished package in /tmp. N software series/httpd-2.2.4-x86_64-2.tgz: Fixed recursion bug in the logrotate config file. Fixed incorrect options to rc.httpd N software series/mutt-1.4.2.3-x86_64-1.tgz: Upgraded to mutt-1.4.2.3. N software series/php-5.2.2-x86_64-3.tgz: Modularized all extensions, and fixed PEAR problems. Moved PHP session file to /var/lib/php. Show an example of how to run all .php, .html, and .htm files through PHP by default N software series/samba-3.0.25a-x86_64-1.tgz: Upgraded to samba-3.0.25a. This fixes some major (non-security) bugs in samba-3.0.25 -see the WHATSNEW.txt for details. N software series/x11-skel-7.1-noarch-5.tgz: Fixed number of lines in slack-desc. XAP software series/blackbox-0.65.0-x86_64-2.tgz: Fixed the SlackBuild to build bbkeys. XAP software series/gimp-2.2.15-x86_64-1.tgz: Upgraded to gimp-2.2.15. XAP software series/sane-1.0.18-x86_64-6.tgz: Moved libsane.rules to 80-libsane.rules. Got rid of obsolete hotplug files. XAP software series/xfce-4.4.1-x86_64-4.tgz: Recompiled against HAL. EXTRA software series/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.3-x86_64-1.tgz: Upgraded to linux-wlan-ng-0.2.8 with modules for Linux 2.6.21.3. EXTRA software/xcdroast: This has been shuffled off to unsupported, at least for now. But before moving it, it was patched for -current and rebuilt with GTK+2. isolinux/initrd.img: Comment out /dev/cdrom line in /etc/fstab, as it interferes with HAL. After installing, you'll have to decide if the machine will use HAL or not. If so, rc.hald will have been selected to run during the installation (by default it will be off), or chmoded 755 later. If HAL will not be used, the line in /etc/fstab should be uncommented. Changed timezone on the installer to GMT-12, so that when the true timezone is known at first boot, the filesystems will all have been created and last checked in the past. Added /sbin/sfdisk. isolinux/{network,pcmcia}.dsk: Upgraded to 2.6.21.3 modules. usb-and-pxe-installers/: Updated USB and PXE installers. +--------------------------+ Mon May 28 19:52:44 EEST 2007 testing/packages/ia32-emulation/ia32-lib32-0.2.1-x86_64-1.tgz: Upgraded to ia32-lib32-0.2.1 Fixed libmng.so.1 which was added as a 64-bit shared lib. Thanks to Roberto Gonzalez Azevedo for reporting this ;). +--------------------------+ Sat May 26 16:49:31 EEST 2007 K software series/kernel-source-2.6.21.3-noarch-2.tgz: Fixed doinst.sh script. +--------------------------+ Fri May 25 23:07:43 EEST 2007 A software series/kernel-huge-2.6.21.3-x86_64-1.tgz: Upgraded to kernel-huge-2.6.21.3. A software series/kernel-modules-2.6.21.3-x86_64-1.tgz: Upgraded to kernel-modules-2.6.21.3. D software series/kernel-headers-2.6.21.3-noarch-1.tgz: Upgraded to kernel-headers-2.6.21.3. K software series/kernel-source-2.6.21.3-noarch-1.tgz: Upgraded to kernel-source-2.6.21.3. kernels/huge.s/*: Upgraded to kernel 2.6.21.3. EXTRA software/kernel-generic-2.6.21.3/kernel-generic-2.6.21.3-x86_64-1.tgz: Upgraded to kernel-generic-2.6.21.3 (requires initrd). EXTRA software/kernel-generic-2.6.21.3/kernel-headers-2.6.21.3-noarch-1.tgz: Upgraded to kernel-headers-2.6.21.3. EXTRA software/kernel-generic-2.6.21.3/kernel-modules-2.6.21.3-x86_64-1.tgz: Upgraded to kernel-modules-2.6.21.3. EXTRA software/kernel-generic-2.6.21.3/kernel-source-2.6.21.3-noarch-1.tgz: Upgraded to kernel-source-2.6.21.3. A vulnerability with an unknown impact has been reported in the Linux Kernel. The vulnerability is caused due to an unspecified error related to AMD GEODE-AES cryptographic routines. For more details please see: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.3 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2451 [*** Security fix ***] L software series/svgalib-1.9.25_2.6.21.3-x86_64-1.tgz: Recompiled for Linux 2.6.21.3. +--------------------------+ Thu May 24 20:44:31 EEST 2007 A software series/kernel-huge-2.6.21.2-x86_64-1.tgz: Upgraded to kernel-huge-2.6.21.2. A software series/kernel-modules-2.6.21.2-x86_64-1.tgz: Upgraded to kernel-modules-2.6.21.2. D software series/kernel-headers-2.6.21.2-noarch-1.tgz: Upgraded to kernel-headers-2.6.21.2. K software series/kernel-source-2.6.21.2-noarch-1.tgz: Upgraded to kernel-source-2.6.21.2. kernels/huge.s/*: Upgraded to kernel 2.6.21.2. All this kernels are SMP ready, I just removed the -smp label. Also, this is the new formula of the kernels on Bluewhite64 :). EXTRA software/kernel-generic-2.6.21.2/kernel-generic-2.6.21.2-x86_64-1.tgz: Added kernel-generic-2.6.21.2 (requires initrd). EXTRA software/kernel-generic-2.6.21.2/kernel-headers-2.6.21.2-noarch-1.tgz: Added kernel-headers-2.6.21.2. EXTRA software/kernel-generic-2.6.21.2/kernel-modules-2.6.21.2-x86_64-1.tgz: Added kernel-modules-2.6.21.2. EXTRA software/kernel-generic-2.6.21.2/kernel-source-2.6.21.2-noarch-1.tgz: Added kernel-source-2.6.21.2. A software series/kernel-generic-2.6.21.1-x86_64-2.tgz: Removed. A software series/kernel-huge-2.6.21.1-x86_64-2.tgz: Removed. kernels/gensmp.s/: Removed kernels/gensmp.s/: Removed kernels/generic.s/: Removed testing/packages/ia32-emulation/ia32-lib32-0.2-x86_64-1.tgz: Upgraded to ia32-lib32-0.2. Added libgsf, libqt. Thanks to Roberto Gonzalez Azevedo for testing and suggestion! Also, upgraded libpng to version 1.2.18, added libmng, libcurl, libssl and libcrypto. +--------------------------+ Tue May 22 10:18:34 EEST 2007 X software series/compiz-0.5.0-x86_64-2.tgz: Recompiled against the new libpng package. L software series/arts-1.5.6-x86_64-4.tgz: Recompiled against the new libpng package. EXTRA software/ktorrent/ktorrent-2.1.4-x86_64-2.tgz: Recompiled against the new libpng package. XAP software series/windowmaker-0.92.0-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/k3b-1.0.1-x86_64-2.tgz: Recompiled against the new libpng package. KDE software series/amarok-1.4.5-x86_64-5.tgz: Recompiled against the new libpng package. KDE software series/kdeaccessibility-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdebindings-3.5.6-x86_64-5.tgz: Recompiled against the new libpng package. KDE software series/kdemultimedia-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdeutils-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdeaddons-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdeedu-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdenetwork-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdevelop-3.4.0-x86_64-5.tgz: Recompiled against the new libpng package. KDE software series/kdeadmin-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdegames-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdepim-3.5.6-x86_64-7.tgz: Recompiled against the new libpng package. KDE software series/kdewebdev-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdeartwork-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdegraphics-3.5.6-x86_64-5.tgz: Recompiled against the new libpng package. KDE software series/kdesdk-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdebase-3.5.6-x86_64-5.tgz: Recompiled against the new libpng package. KDE software series/kdelibs-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/kdetoys-3.5.6-x86_64-4.tgz: Recompiled against the new libpng package. KDE software series/koffice-1.6.2-x86_64-5.tgz: Recompiled against the new libpng package. +--------------------------+ Mon May 21 12:22:33 EEST 2007 A software series/etc-11.1-noarch-5.tgz: Added plugdev group (83). Added apache user and group (80). A software series/udev-111-x86_64-1.tgz: Upgraded to udev-111. D software series/subversion-1.4.3-x86_64-2.tgz: Recompiled with support for the mod_authz_svn and mod_dav_svn modules for httpd-2.2.4 (apache2). N software series/pilot-link-0.12.2-x86_64-4.tgz: Removed empty /usr/share/pilot-link/udev/. N software series/apache-1.3.37-x86_64-3.tgz: Removed. N software series/bluez-utils-3.9-x86_64-3.tgz: Added "restart" to rc.bluetooth, and rewrote it to be more like the other Bluewhite64 rc.* scripts. Chmoded /etc/bluetooth/passkeys/ to mode 700. Located the udev related files properly N software series/httpd-2.2.4-x86_64-1.tgz: The package formerly known as "apache", upgraded to httpd-2.2.4. N software series/mod_ssl-2.8.28_1.3.37-x86_64-2.tgz: Removed, as this is now built into httpd. N software series/nfs-utils-1.1.0-x86_64-1.tgz: Upgraded to nfs-utils-1.1.0. This no longer tries to use "rpc.lockd" (nor contains it), so be sure to upgrade to the new versions of the init scripts. Thanks to Jonathan Woithe for the hint about linking with -lnsl after -lwrap, and for passing along a small patch for a memory leak in mountd. N software series/obexftp-0.21-x86_64-1.tgz: Added obexftp-0.21. N software series/php-5.2.2-x86_64-2.tgz: Upgraded to php-5.2.2. N software series/portmap-6.0-x86_64-1.tgz: Upgraded to portmap-6.0. N software series/wireless-tools-28-x86_64-5.tgz: Applied a patch from Eric Hameleers to fix a problem reported by Michiel P.H. van Wessem. isolinux/initrd.img: Upgraded /sbin/mdadm to version 2.6.1. L software series/jre-6u1-x86_64-2.tgz: Fixed /usr/lib/java symlink EXTRA software/jdk-6/jdk-6u1-x86_64-2.tgz: Fixed /usr/lib/java symlink. Thanks to Virgil Moldoveanu for reporting the broken symlinks. L software series/cairo-1.4.6-x86_64-2.tgz: Recompiled against the new libpng package. We dropped the libpng12.la and linpng.la files from the latest libpng update and a lot of packages will need to be recompiled. Thanks to adscvr for this notice. L software series/libglade-2.6.0-x86_64-2.tgz: Recompiled against the new libpng package. L software series/librsvg-2.14.4-x86_64-4.tgz: Recompiled against the new libpng package. L software series/poppler-0.5.4-x86_64-2.tgz: Recompiled against the new libpng package. L software series/gd-2.0.34-x86_64-2.tgz: Recompiled against the new libpng package. L software series/gtk+2-2.10.12-x86_64-2.tgz: Recompiled against the new libpng package. L software series/libgtkhtml-2.11.0-x86_64-2.tgz: Recompiled against the new libpng package. L software series/pango-1.16.4-x86_64-2.tgz: Recompiled against the new libpng package. L software series/vte-0.16.3-x86_64-2.tgz: Recompiled against the new libpng package. L software series/imlib-1.9.15-x86_64-5.tgz: Recompiled against the new libpng package. L software series/libwmf-0.2.8.4-x86_64-6.tgz: Recompiled against the new libpng package. XAP software series/gimp-2.2.14-x86_64-2.tgz: Recompiled against the new libpng package. XAP software series/gucharmap-1.10.0-x86_64-2.tgz: Recompiled against the new libpng package. XAP software series/imagemagick-6.3.3_9-x86_64-2.tgz: Recompiled against the new libpng package. L software series/sdl-1.2.11-x86_64-5.tgz: Recompiled against the new libpng package. +--------------------------+ Thu May 17 10:49:46 EEST 2007 A software series/sysvinit-scripts-1.2-noarch-9.tgz: Many reports of problems after the last addition of the old trick for flushing disk buffers. I guess if your rc.local needs this sort of thing to avoid trouble at boot, that you'd better add it near the beginning of that script. L software series/libpng-1.2.18-x86_64-1.tgz: Upgraded to libpng-1.2.18. A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some libpng applications. This vulnerability has been assigned the identifiers CVE-2007-2445 and CERT VU#684664. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 [*** Security fix ***] +--------------------------+ Wed May 16 15:08:02 EEST 2007 A software series/etc-11.1-noarch-4.tgz: Added shadow/password entry for "messagebus". A software series/infozip-5.52-x86_64-2.tgz: Upgraded zip to version 2.32. Restored missing COPYING.OLD text file. N software series/sysvinit-2.86-x86_64-6.tgz: Removed the sysvinit runlevel directories. A software series/sysvinit-functions-8.53-x86_74-2.tgz: Moved all the non-bluewhite64-like runlevel directories, etc, into this package. If nothing on your machine uses it, it is safe to remove. A software series/sysvinit-scripts-1.2-noarch-8.tgz: Removed the sysvinit runlevel directories. Added a wait/sync/sleep before rc.local to be sure all I/O is done. A software series/udev-109-x86_64-3.tgz: Changed the following serial-type devices to use group uucp: ttyS[0-9]*, ttyUSB[0-9]*, ippp0, isdn*, dcbri*, and ircomm*. AP software series/ksh93-2007_03_28-x86_64-2.tgz: Fixed incorrect locale file permissions. If you want to recompile ksh, you will need bash version 3.2.17(2) from the testing directory. AP software series/man-pages-2.48-noarch-1.tgz: Upgraded to man-pages-2.48. AP software series/mt-st-0.9b-x86_64-2.tgz: Added mt-st.1.gz -> mt.1.gz symlink. D software series/git-1.5.1.4-x86_64-1.tgz: Upgraded to git-1.5.1.4. L software series/pilot-link-0.12.2-x86_64-3.tgz: Changed udev rules to use group "uucp", which has traditionally been the serial device group for Bluewhite64, Red Hat, and many other distributions. N software series/bluez-utils-3.9-x86_64-2.tgz: Rebuilt with suggestions and addtions from the folks at slacky.eu. N software series/netkit-rwho-0.17-x86_64-2.tgz: Fixed missing /var/spool/rwho. N software series/network-scripts-11.1-noarch-3.tgz: Changed netconfig's method of determining if it is running from the installer. N software series/openobex-1.3-x86_64-1.tgz: Added openobex-1.3. XAP software series/gnuchess-5.07-x86_64-3.tgz: Upgraded to eboard-1.0.3, and applied various other fixes. EXTRA software/ktorrent/ktorrent-2.1.4-x86_64-1.tgz: Upgraded to ktorrent-2.1.4. N software series/netatalk-2.0.3-x86_64-1.tgz: Added netatalk-2.0.3. +--------------------------+ N software series/openssl-solibs-0.9.8e-x86_64-2.tgz: Patched a small bug that could cause OpenSSL to improperly decrypt older archives. AP software series/vim-7.1.001-x86_64-1.tgz: Upgraded to vim-7.1.001. N software series/openssl-0.9.8e-x86_64-2.tgz: Patched, recompiled. N software series/samba-3.0.25-x86_64-1.tgz: Upgraded to samba-3.0.25. Security Fixes included in the Samba 3.0.25 release are: o CVE-2007-2444 Versions: Samba 3.0.23d - 3.0.25pre2 Local SID/Name translation bug can result in user privilege elevation o CVE-2007-2446 Versions: Samba 3.0.0 - 3.0.24 Multiple heap overflows allow remote code execution o CVE-2007-2447 Versions: Samba 3.0.0 - 3.0.24 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 [*** Security fix ***] XAP software series/vim-gvim-7.1.001-x86_64-1.tgz: Upgraded to vim-7.1.001 for GTK+. isolinux/initrd.img: Applied patch to /bin/pcmcia to work with Eric's new pcmcia.dsk image. +--------------------------+ Sat May 12 14:59:02 EEST 2007 A software series/bash-3.1.017-x86_64-1.tgz: Reverted back to bash-3.1.017 (recompiled). bash-3.2 was moved into /testing. Please see below for the full rationale. A software series/cups-1.2.11-x86_64-1.tgz: Upgraded to cups-1.2.11. Only link against OpenSSL, not GnuTLS (as this doesn't add any useful new functionality, only new dependencies). Install any new rc.cups (or rc.cups.new) with the same perms as the old one. A software series/mkinitrd-1.1.2-x86_64-1.tgz: Fixed a bug where modules in the initrd were not being replaced with the newer versions in /lib/modules/$(uname -r) if they existed on the initrd already. Changed the load_kernel_modules script to use $(uname -r) when loading modules so that the same initrd can be used with many different kernels. Now, -k and -m can be used to add additional modules to an initrd without disturbing existing ones. AP software series/linuxdoc-tools-0.9.21-x86_64-4.tgz: Added asciidoc-8.2.1 and xmlto-0.0.18. Upgraded to docbook-4.5 and gtk-doc-1.8. Thanks to Stuart Winter for improving Jerome Pinot's original build scripts to build from as many original sources as possible, and adding new features. L software series/aspell-0.60.5-x86_64-2.tgz: Recompiled against libncursesw to enable utf8. L software series/ncurses-5.6-x86_64-2.tgz: Added /usr/include/ncurses -> /usr/include/ncursesw symlink. N software series/epic4-2.6-x86_64-1.tgz: Upgraded to epic4-2.6. N software series/fetchmail-6.3.8-x86_64-2.tgz: Fetchmail installed a sample script in the docs world-writable. Fixed. N software series/gnupg2-2.0.4-x86_64-1.tgz: Upgraded to gnupg-2.0.4. N software series/iputils-s20070202-x86_64-2.tgz: Recompiled. The iputils SGML -> man pages will build now. N software series/network-scripts-11.1-noarch-2.tgz: Merged fixes from Eric Hameleers. Reduced the default DCHP timeout from 60 to 30 seconds. Added an example of IP aliasing setup to /etc/rc.d/rc.inet1.conf.new. Changed the default HOSTNAME from darkstar to bluewhite64 ;). N software series/wireless-tools-28-x86_64-4.tgz: Applied Eric Hameleers' patch to rc.wireless. X software series/xorg-server-1.3.0.0-x86_64-2.tgz: Recompiled with a patch found on https://bugs.freedesktop.org/show_bug.cgi?id=9758 by Iain Paton, which should fix the issues with X ignoring dpi settings. X software series/xorg-server-xdmx-1.3.0.0-x86_64-2.tgz: Recompiled. X software series/xorg-server-xnest-1.3.0.0-x86_64-2.tgz: Recompiled. X software series/xorg-server-xvfb-1.3.0.0-x86_64-2.tgz: Recompiled. XAP software series/audacious-plugins-1.3.4-x86_64-1.tgz: Upgraded to audacious-plugins-1.3.4. XAP software series/pidgin-2.0.0-x86_64-1.tgz: Moved pidgin to "unsupported" directory. XAP software series/xpaint-2.7.8.1-x86_64-2.tgz: Moved man page to the correct location. EXTRA software/parted/parted-1.8.7-x86_64-1.tgz: Upgraded to parted-1.8.7. testing/packages/bash-3.2.017-x86_64-1.tgz: Upgraded to bash-3.2.017. Moved here from bluewhite64/a. Honestly, I think /testing may be a better place for bash-3.2 for a while longer -- it's causing trouble with many old scripts. So, we'll give it a while longer to stabilize and for scripts to catch up to any syntax changes which may have occurred. The fix for 99.9% of these old scripts is to not use the deprecated `command` syntax and instead use the $(command) syntax. +--------------------------+ Fri May 11 17:49:15 EEST 2007 EXTRA software/slackpkg/slackpkg-2.60-noarch-1.tgz: Upgraded to slackpkg-2.60. Thanks to Piter Punk. A software series/gzip-1.3.12-x86_64-1.tgz: Upgraded to gzip-1.3.12. A software series/lilo-22.8-x86_64-2.tgz: Removed device-mapper/lvm2 support until we have new versions of both of these that will compile with this kernel. L software series/libxml2-2.6.28-x86_64-1.tgz: Upgraded to libxml2-2.6.28. N software series/curl-7.16.2-x86_64-1.tgz: Upgraded to curl-7.16.2. N software series/fetchmail-6.3.8-x86_64-1.tgz: Upgraded to fetchmail-6.3.8. Added "fetchmail is probably not secure" to slack-desc. When we've seldom had a Bluewhite64 release that didn't need a fetchmail security advisory before the next Bluewhite64 was out, I think that's fair to say. [*** Security fix ***] N software series/getmail-4.7.4-noarch-1.tgz: Upgraded to getmail-4.7.4. A secure python-based fetchmail alternative. N software series/gnutls-1.6.2-x86_64-1.tgz: Upgraded to gnutls-1.6.2. N software series/links-2.1pre28-x86_64-1.tgz: Upgraded to links-2.1pre28. N software series/ntp-4.2.4p0-x86_64-1.tgz: Upgraded to ntp-4.2.4p0. N software series/php-4.4.7-x86_64-1.tgz: Upgraded to php-4.4.7. This fixes bugs and improves security. For more details, see: http://www.php.net/releases/4_4_7.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 [*** Security fix ***] XAP software series/xchat-2.8.2-x86_64-1.tgz: Upgraded to xchat-2.8.2. EXTRA software/php5/php-5.2.2-x86_64-1.tgz: Upgraded to php-5.2.2. This fixes bugs and improves security. For more details, see: http://www.php.net/releases/5_2_2.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 [*** Security fix ***] EXTRA software/slacktrack/slacktrack-1.31-x86_64-2.tgz: Upgraded to slacktrack-1.31_2. A softwar series/kernel-generic-2.6.21.1-x86_64-2.tgz: Recompiled. A softwar series/kernel-generic-smp-2.6.21.1_smp-x86_64-2.tgz: Recompiled. A softwar series/kernel-huge-2.6.21.1-x86_64-2.tgz: Recompiled. A softwar series/kernel-huge-smp-2.6.21.1_smp-x86_64-2.tgz: Recompiled. A softwar series/kernel-modules-2.6.21.1-x86_64-2.tgz: Recompiled. A softwar series/kernel-modules-smp-2.6.21.1_smp-x86_64-2.tgz: Patched SiS 900 driver that was causing system crashes. A softwar series/kernel-headers-2.6.21.1_smp-x86_64-2.tgz: Rebuilt. A software series/mkinitrd-1.1.1-x86_64-1.tgz: Upgraded mkinitrd to 1.1.1. AP software series/dvd+rw-tools-7.0-x86_64-2.tgz: Applied a couple of patches needed to burn with 2.6.21.x kernels with some burners. Thanks to Fedora. AP software series/mdadm-2.6.1-x86_64-1.tgz: Upgraded to mdadm-2.6.1. K software series/kernel-source-2.6.21.1_smp-noarch-2.tgz: Patched SiS 900 driver. A software series/sysvinit-scripts-1.2-noarch-7.tgz: Added back calls to start/stop rc.pcmcia. A software series/openssl-solibs-0.9.8e-x86_64-1.tgz: Upgraded to openssl-0.9.8e. AP software series/dmidecode-2.9-x86_64-1.tgz: Added dmidecode-2.9 AP software series/hplip-1.7.4a-x86_64-1.tgz: Upgraded to hplip-1.7.4a. AP software series/lsscsi-0.19-x86_64-1.tgz: Added lsscsi-0.19 AP software series/vim-7.0.240-x86_64-1.tgz: Upgraded to vim-7.0.240. D software series/binutils-2.17.50.0.15-x86_64-1.tgz: Upgraded to binutils-2.17.50.0.15. D software series/python-2.5.1-x86_64-1.tgz: Upgraded to python-2.5.1. D software series/oprofile-0.9.2-x86_64-3.tgz: Recompiled against libbfd-2.17.50.0.15.20070418.so L software series/cairo-1.4.6-x86_64-1.tgz: Upgraded to cairo-1.4.6 L software series/glib2-2.12.12-x86_64-1.tgz: Upgraded to glib-2.12.12. L software series/gnome-icon-theme-2.14.2-noarch-2.tgz: Fixed incorrect pkgconfig path. L software series/gtk+2-2.10.12-x86_64-1.tgz: Upgraded to gtk+-2.10.12 L software series/libart_lgpl-2.3.19-x86_64-1.tgz: Upgraded to libart_lgpl-2.3.19. L software series/pango-1.16.4-x86_64-1.tgz: Upgraded to pango-1.16.4 L software series/vte-0.16.3-x86_64-1.tgz: Upgraded to vte-0.16.3. N software series/lftp-3.5.10-x86_64-1.tgz: Upgraded to lftp-3.5.10. N software series/htdig-3.2.0b6-x86_64-3.tgz: Fixed a typo in the "common_dir" path in /etc/htdig.conf. N software series/irssi-0.8.11-x86_64-2.tgz: Fixed /usr/doc/irssi-0.8.11/docs directory perms. N software series/openssl-0.9.8e-x86_64-1.tgz: Upgraded to openssl-0.9.8e. X software series/libXcomposite-0.3.2-x86_64-1.tgz: Upgraded to libXcomposite-0.3.2. X software series/xf86-video-nv-2.0.95-x86_64-1.tgz: Upgraded to xf86-video-nv-2.0.95. X software series/pidgin-2.0.0-x86_64-1.tgz: Added pidgin-2.0.0, renaming that other package and representing a major upgrade. Congratulations to the Pidgin team! XAP software series/xine-ui-0.99.5-x86_64-1.tgz: Upgraded to xine-ui-0.99.5. XAP software series/vim-gvim-7.0.240-x86_64-1.tgz: Upgraded to vim-7.0.240 for X11/GTK+. isolinux/initrd.img: Removed kernel modules. The kernels we're booting with now have these drivers built-in. +--------------------------+ Thu May 3 11:06:02 EEST 2007 A software series/glibc-solibs-2.5-x86_64-2a.tgz: Repackaged and fixed doinst.sh script to correctly link the ld-linux.so.2 to /lib32/ld-2.5.so if the lib32 directory is present. L software series/glibc-2.5-x86_64-2a.tgz: Repackaged and fixed doinst.sh script to correctly link the ld-linux.so.2 to /lib32/ld-2.5.so if the lib32 directory is present. +--------------------------+ Wed May 2 17:28:10 EEST 2007 A software series/glibc-solibs-2.5-x86_64-2.tgz: Recompiled against Linux 2.6.21.1. A software series/glibc-zoneinfo-2.5-noarch-2.tgz: Rebuilt from tzcode2007e and tzdata2007e. A software series/kernel-generic-2.6.21.1-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 single processor generic.s (requires initrd). Also, all this kernels have IA32 Emulation enabled ;). A software series/kernel-generic-smp-2.6.21.1_smp-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 generic SMP gensmp.s (requires initrd) kernel. A software series/kernel-huge-2.6.21.1-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 single processor huge.s (full-featured) kernel. A software series/kernel-huge-smp-2.6.21.1_smp-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 SMP hugesmp.s (full-featured) kernel. A software series/kernel-modules-2.6.21.1-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 single processor kernel modules. A software series/kernel-modules-smp-2.6.21.1_smp-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel modules. A software series/pkgtools-11.0.9-noarch-2.tgz: Removed the "make boot disk" menu until we have a viable replacement implemented. Link up to the install kernel automatically. Setkernel menu eliminated A software series/udev-109-x86_64-2.tgz: Fixed /sbin/scsi_id and /sbin/vol_id symlinks. D software series/kernel-headers-2.6.21.1_smp-x86_64-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel headers. K software series/kernel-source-2.6.21.1_smp-noarch-1.tgz: Upgraded to Linux 2.6.21.1 SMP kernel source. L software series/glibc-2.5-x86_64-2.tgz: Recompiled against Linux 2.6.21.1. L software series/glibc-i18n-2.5-noarch-2.tgz: Rebuilt. L software series/glibc-profile-2.5-x86_64-2.tgz: Recompiled against Linux 2.6.21.1. L software series/svgalib-1.9.25_2.6.21.1-x86_64-1.tgz: Recompiled for Linux 2.6.21.1. kernels/generic.s/*: Upgraded generic.s kernel to 2.6.21.1. kernels/gensmp.s/*: Upgraded gensmp.s kernel to 2.6.21.1 (SMP). kernels/huge.s/*: Upgraded huge.s kernel to 2.6.21.1. kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.21.1 (SMP). isolinux/network.dsk: Added 2.6.21.1 SMP and non-SMP modules. usb-and-pxe-installers/: Updated USB and PXE installers. L software series/pilot-link-0.12.2-x86_64-2.tgz: Patched /usr/share/aclocal/pilot-link.m4 to fix compilation of programs that need this file. Thanks to adscvr for reporting and sending the patch ;). TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/*: Removed all kernels. Use the above 2.6.21.1 kernel ;). +--------------------------+ Tue May 1 21:26:40 EEST 2007 A software series/pcmciautils-014-x86_64-3.tgz: Merged patches from Piter Punk. A software series/sysvinit-functions-8.53-x86_64-1.tgz: Split the RH-like functions and the supporting binaries out into a new package. /etc/init.d/functions now requires no patching to work on Bluewhite64. A software series/sysvinit-scripts-1.2-noarch-6.tgz: Removed "functions" and /etc/init.d/ symbolic link. AP software series/mc-4.6.1_20070309-x86_64-2.tgz: Changed from --with-x=no to --with-x=yes. MC can now load X support dynamically without requiring a hard link (or dependency) on any of the X packages. This gives better keyboard support in an xterm. A software series/udev-109-x86_64-1.tgz: Upgraded to udev-109. Added /dev/ttyUSB* symlinks. AP software series/nano-2.0.6-x86_64-1.tgz: Upgraded to nano-2.0.6. L software series/cairo-1.4.4-x86_64-1.tgz: Upgraded to cairo-1.4.4. N software series/biff+comsat-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/bridge-utils-1.2-x86_64-1.tgz: Split from old tcpip package. N software series/bsd-finger-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/dnsmasq-2.39-x86_64-1.tgz: Upgraded to dnsmasq-2.39. N software series/ethtool-5-x86_64-1.tgz: Split from old tcpip package. N software series/icmpinfo-1.11-x86_64-1.tgz: Split from old tcpip package. N software series/iputils-s20070202-x86_64-1.tgz: Split from old tcpip package. Upgraded to iputils-s20070202. N software series/irssi-0.8.11-x86_64-1.tgz: Upgraded to irssi-0.8.11. N software series/net-tools-1.60-x86_64-1.tgz: Split from old tcpip package. N software series/netdate-bsd4-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-bootparamd-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-ftp-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-ntalk-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-routed-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-rsh-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-rusers-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-rwall-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-rwho-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/netkit-timed-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/net-snmp-5.4-x86_64-3.tgz: Fixed a bug in the build script where cat was used instead of zcat to install a compressed config file. Oddly, the -1 package seems to be OK though (the config file is not compressed). Added --without-rpm to the ./configure list. N software series/network-scripts-11.1-noarch-1.tgz: Split from old tcpip package. N software series/netwrite-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/tcp_wrappers-7.6-x86_64-1.tgz: Split from old tcpip package. N software series/tcpip-0.17-x86_64-6.tgz: Removed. (split into tiny little pieces) N software series/telnet-0.17-x86_64-1.tgz: Split from old tcpip package. N software series/tftp-hpa-0.48-x86_64-1.tgz: Split from old tcpip package. Upgraded to tftp-hpa-0.48. X software series/bdftopcf-1.0.1-x86_64-1.tgz: Upgraded to bdftopcf-1.0.1. X software series/inputproto-1.4.2-noarch-1.tgz: Upgraded to inputproto-1.4.2. X software series/xf86-input-joystick-1.2.1-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.2.1. X software series/xf86-input-acecad-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-acecad-1.2.0. X software series/xf86-video-ati-6.6.3-x86_64-3.tgz: Dropped back to xf86-video-ati-6.6.3 XAP software series/gnuplot-4.2.0-x86_64-1.tgz: Upgraded to gnuplot-4.2.0. TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/kernel-generic-2.6.18.8_smp_ia32-x86_64-1.tgz: Added kernel-generic-2.6.18.8_smp_ia32. *** Please read the IA32-EMULATION.TXT before install his packages. *** TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/kernel-huge-2.6.18.8_smp_ia32-x86_64-1.tgz: Added kernel-huge-2.6.18.8_smp_ia32-x86_64-1.tgz. TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/kernel-source-2.6.18.8_smp_ia32-noarch-1.tgz: Added kernel-source-2.6.18.8_smp_ia32 TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/kernel-headers-2.6.18.8_smp_ia32-noarch-1.tgz: Added kernel-headers-2.6.18.8_smp_ia32. TESTING/packages/linux-kernel-2.6.18.8_smp_ia32/kernel-modules-2.6.18.8_smp_ia32-x86_64-1.tgz: Added kernel-modules-2.6.18.8_smp_ia32. TESTING/packages/ia32-emulation/ia32-glibc-2.5-x86_64-1.tgz: Added ia32-glibc-2.5. TESTING/packages/ia32-emulation/ia32-lib32asound-1.0.14rc2-x86_64-1.tgz: Added ia32-lib32asound-1.0.14rc2. TESTING/packages/ia32-emulation/ia32-lib32z-1.2.3-x86_64-1.tgz: Added ia32-lib32z-1.2.3. TESTING/packages/ia32-emulation/ia32-lib32-0.1-x86_64-1.tgz: Added ia32-lib32-0.1. TESTING/packages/ia32-emulation/ia32-lib32gtk-2.10.11-x86_64-1.tgz: Added ia32-lib32gtk-2.10.11. TESTING/packages/ia32-emulation/ia32-stdc++-6.0.8-x86_64-1.tgz: Added ia32-stdc++-6.0.8. TESTING/packages/ia32-emulation/linux32-1.0-x86_64-1.tgz: Added linux32-1.0. +--------------------------+ Tue Apr 24 13:09:14 EEST 2007 A software series/isapnptools-1.26-x86_64-1.tgz: Added isapnptools-1.26. A software series/lilo-22.8-x86_64-1.tgz: Upgraded to lilo-22.8. A software series/sysvinit-scripts-1.2-noarch-5.tgz: Make a symlink /etc/init.d -> /etc/rc.d/rc.init.d, since that's where many things expect to find the "functions" script. In rc.M, move fc-cache further up and background the process. AP software series/nano-2.0.5-x86_64-1.tgz: Upgraded to nano-2.0.5. D software series/strace-4.5.15-x86_64-1.tgz: Upgraded to strace-4.5.15. KDE software series/kdepim-3.5.6-x86_64-6.tgz: Recompiled against pilot-link-0.12.2. L software series/pilot-link-0.12.2-x86_64-1.tgz: Upgraded to pilot-link-0.12.2 compiled with support for BlueZ, or Bluetooth(TM). N software series/bluez-firmware-1.2-x86_64-1.tgz: Added bluez-firmware-1.2. N software series/bluez-hcidump-1.34-x86_64-1.tgz: Added bluez-hcidump-1.34. N software series/bluez-libs-3.9-x86_64-1.tgz: Added bluez-libs-3.9. N software series/bluez-utils-3.9-x86_64-1.tgz: Added bluez-utils-3.9. N software series/htdig-3.2.0b6-x86_64-2.tgz: Fix a couple bugs in the default config file. X software series/x11-skel-7.1-noarch-4.tgz: Removed /etc/xdg symlink. EXTRA software/parted/parted-1.8.6-x86_64-1.tgz: Upgraded to parted-1.8.6. +--------------------------+ Mon Apr 23 15:17:14 EEST 2007 KDE software series/kdepim-3.5.6-x86_64-5.tgz: Recompiled with a patch to fix utf8 password encoding in KMail. KDEi software series/koffice-l10n-km-1.6.2-noarch-1a.tgz: Fixed empty slack-desc. KDEi software series/kde-i18n-*: Fixed empty slack-desc files. KDEi software series/ttf-indic-fonts-0.4.7.4-noarch-1.tgz: Upgraded to ttf-indic-fonts-0.4.7.4. A software series/mkinitrd-1.1.0-x86_64-3.tgz: Updated README.initrd. +--------------------------+ Mon Apr 23 02:49:21 EEST 2007 A software series/etc-11.1-noarch-3.tgz: In ld.so.conf, remove /usr/X11R6/lib to prevent it from showing up in ldd paths. Removed /usr/X11R6/bin from the $PATH. L software series/freetype-2.3.4-x86_64-3.tgz: Evidently unless TT_CONFIG_OPTION_UNPATENTED_HINTING is undefined the bytecode interpreter will remain disabled even if TT_CONFIG_OPTION_BYTECODE_INTERPRETER is defined. KDE software series/amarok-1.4.5-x86_64-4.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeaccessibility-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeaddons-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeadmin-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeartwork-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdebase-3.5.6-x86_64-4.tgz: Recompiled with --sysconfdir=/etc/kde. Added a symlink from /etc/X11/kdm to /etc/kde/kdm. In /etc/profile.d/kde.*sh, set XDG_CONFIG_DIRS to contain /etc/kde/xdg (plus /etc/xdg and any previously set $XDG_CONFIG_DIRS). This avoids a problem when several desktops use /etc/xdg for XDG_CONFIG_DIRS and files may get overwritten. Although /etc/xdg is defined as the default XDG config dir, nothing should really use it or collision problems may occur. KDE software series/kdebindings-3.5.6-x86_64-4.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeedu-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdegames-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdegraphics-3.5.6-x86_64-4.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdelibs-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdemultimedia-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdenetwork-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdepim-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdesdk-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdetoys-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdeutils-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdevelop-3.4.0-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/kdewebdev-3.5.6-x86_64-3.tgz: Recompiled with --sysconfdir=/etc/kde. KDE software series/koffice-1.6.2-x86_64-4-tgz: Recompiled with --sysconfdir=/etc/kde. L software series/arts-1.5.6-x86_64-3.tgz: Recompiled. L software series/freetype-2.3.4-x86_64-2.tgz: Fixed bytecode interpreter patch and added a subpixel rendering patch. Note that these are disabled by default because they use methods which are patented by Apple and Microsoft. Do not enable them unless you have obtained the required licenses. L software series/jre-6u1-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 1. X software series/xf86-video-ati-6.6.191-x86_64-2.tgz: Reverted to xf86-video-ati-6.6.191. X software series/xf86-video-intel-2.0.0-x86_64-1.tgz: Upgraded to xf86-video-intel-2.0.0. X software series/xorg-server-1.3.0.0-x86_64-1.tgz: Upgraded to xorg-server-1.3.0.0. X software series/xorg-server-xdmx-1.3.0.0-x86_64-1.tgz: Upgraded to xorg-server-1.3.0.0. X software series/xorg-server-xnest-1.3.0.0-x86_64-1.tgz: Upgraded to xorg-server-1.3.0.0. X software series/xorg-server-xvfb-1.3.0.0-x86_64-1.tgz: Upgraded to xorg-server-1.3.0.0. XAP software series/imagemagick-6.3.3_9-x86_64-1.tgz: Upgraded to ImageMagick-6.3.3-9. XAP software series/xfce-4.4.1-x86_64-2.tgz: Recompiled with --sysconfdir=/etc/xfce. In /etc/profile.d/xfce.*sh, set XDG_CONFIG_DIRS to contain /etc/xfce/xdg (plus /etc/xdg and any previously set $XDG_CONFIG_DIRS). XAP software series/xscreensaver-5.02-x86_64-1.tgz: Upgraded to xscreensaver-5.02. EXTRA software/jdk-6/jdk-6u1-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 1. EXTRA software/slacktrack/slacktrack-1.31-x86_64-1.tgz: Upgraded to slacktrack-1.31_1. +--------------------------+ Sat Apr 21 20:32:03 EEST 2007 N software series/net-snmp-5.4-x86_64-2.tgz: Added net-snmp-5.4. It was added only in the ChangeLog and not to the main tree. Thanks to Facundo for reporting this. +--------------------------+ Fri Apr 20 14:47:56 EEST 2007 KDE software series/k3b-1.0.1-x86_64-1.tgz: Upgraded to k3b-1.0.1. Moved into main tree now that k3b is no longer trying to make cdrecord setuid root. KDEi software series/k3b-i18n-1.0.1-noarch-1.tgz: Upgraded to k3b-i18n-1.0.1. X software series/xf86-video-ati-6.6.3-x86_64-2.tgz: Rebuilt. X software series/xf86-video-nv-2.0.2-x86_64-1.tgz: Upgraded to xf86-video-nv-2.0.2. XAP software series/fluxbox-1.0rc3-x86_64-1.tgz: Upgraded to fluxbox-1.0rc3. XAP software series/gimp-2.2.14-x86_64-1.tgz: Upgraded to gimp-2.2.14. XAP software series/mozilla-thunderbird-2.0.0.0-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.0. +--------------------------+ Fri Apr 20 02:10:30 EEST 2007 A software series/mkinitrd-1.1.0-x86_64-2.tgz: Fixed sed substitutions in README.initrd. KDE software series/kdebase-3.5.6-x86_64-3.tgz: Fixed an Xsession bug when using tcsh. Patched a bug in the nsplugin keyboard handler. XAP software series/xine-lib-1.1.6-x86_64-2.tgz: Deleted extra junk from the docs directory. isolinux/initrd.img: fixed missing lib64->lib symlink. usb-and-pxe-installers/: fixed missing lib64->lib symlink from initrd.img. +--------------------------+ Thu Apr 19 01:37:53 EEST 2007 L software series/svgalib-1.9.25_2.6.18.8_smp-x86_64-3.tgz: Recompiled. EXTRA software/linux-wlan-ng/linux-wlan-ng-0.2.7_2.6.18.8_smp-x86_64-2.tgz: Recompiled. isolinux/initrd.img: Updated kernel modules. isolinux/network.dsk: Updated kernel modules. XAP software series/xine-lib-1.1.6-x86_64-1.tgz: Upgraded to xine-lib-1.1.6. A software series/dialog-1.1_20070409-x86_64-1.tgz: Upgraded to dialog-1.1-20070409. Added wide character support. A software series/kernel-generic-2.6.18.8_smp-x86_64-2.tgz: Recompiled Linux 2.6.18.8 SMP generic.s (requires initrd) kernel to use CFQ I/O scheduling by default. Also not that this kernel NO LONGER has ext2 built into it, and ext3 requires an additional module. See below in the mkinitrd comments. A software series/kernel-huge-2.6.18.8_smp-x86_64-2.tgz: Recompiled Linux 2.6.18.8 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.18.8_smp-x86_64-2.tgz Recompiled Linux 2.6.18.8 SMP kernel modules. A software series/mkinitrd-1.1.0-x86_64-1.tgz: Use an initramfs instead of an initrd. This allows making the ext2 filesystem as a module in the generic kernel. NOTE: Because of changes to the kernel options, *everyone* using an initrd must rebuild it! And, ext3 requires an additional module: mbcache:jbd:ext3 A software series/sysvinit-2.86-x86_64-5.tgz: Patched killall5 (pidof) to add feature from the RH fork... A software series/sysvinit-scripts-1.2-noarch-4.tgz: Moved /etc/init.d/functions here, as it may need work more often than originally thought. Removed /initrd directory stuff from rc.S and rc.6. AP software series/hplip-1.7.3-x86_64-3.tgz: Recompiled with net-snmp. AP software series/ksh93-2007_03_28-x86_64-1.tgz: Upgraded to ksh93-2007_03_28. D software series/kernel-headers-2.6.18.8_smp-x86_64-2.tgz: Regenerated Linux 2.6.18.8 SMP kernel headers. F software series/linux-howtos-20070412-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070412. K software series/kernel-source-2.6.18.8_smp-noarch-2.tgz: Rebuilt Linux 2.6.18.8 SMP kernel source package with new .config. KDE software series/kdegraphics-3.5.6-x86_64-3.tgz: Recompiled against poppler. KDE software series/kdepim-3.5.6-x86_64-3.tgz: Recompiled against pilot-link-0.12.1. KDE software series/koffice-1.6.2-x86_64-3.tgz: Recompiled against poppler. L software series/freetype-2.3.4-x86_64-1.tgz: Upgraded to freetype-2.3.4. Fixed an overflow parsing BDF fonts. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 [*** Security fix ***] L software series/pilot-link-0.12.1-x86_64-1.tgz: Upgraded to pilot-link-0.12.1. L software series/poppler-0.5.4-x86_64-1.tgz: Added poppler-0.5.4. L software series/poppler-data-0.1-noarch-1.tgz: Added poppler-data-0.1. L software series/sdl-1.2.11-x86_64-4.tgz: Patched SDL_ttf for new freetype. L software series/vte-0.16.1-x86_64-2.tgz: Recompiled. N software series/net-snmp-5.4-x86_64-1.tgz: Added net-snmp. This is needed for HP's network printers, but will probably find other uses as well. X software series/fontconfig-2.4.2-x86_64-2.tgz: Removed 10-autohint.conf symlink. Index all default directories in /usr/share/fonts except for 75dpi and 100dpi (as this makes X prefer bitmapped fonts in some cases where scaled fonts look much nicer). X software series/libXdamage-1.1.1-x86_64-1.tgz: Upgraded to libXdamage-1.1.1. X software series/libXi-1.0.4-x86_64-1.tgz: Upgraded to libXi-1.0.4. X software series/x11-skel-7.1-noarch-3.tgz: Added /etc/xdg -> /etc/X11/xdg symlink. X software series/xf86-input-keyboard-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-keyboard-1.2.0. XAP software series/audacious-plugins-1.3.3-x86_64-1.tgz: Upgraded to audacious-plugins-1.3.3. XAP software series/gkrellm-2.2.10-x86_64-2.tgz: Fixed /usr/local path in gkrellm.pc. XAP software series/x3270-3.3.5-x86_64-2.tgz: Moved fonts directly into /usr/share/fonts/misc. XAP software series/xfce-4.4.1-x86_64-1.tgz: Upgraded to XFce-4.4.1. XAP/xpdf-3.02-x86_64-1.tgz: Upgraded to xpdf-3.02. Removed the command-line utilities that are present in poppler. kernels/generic.s/*: Recompiled generic.s kernel to 2.6.18.8 (SMP). kernels/huge.s/*: Recompiled huge.s kernel to 2.6.18.8 (SMP). usb-and-pxe-installers/: Upgraded USB and PXE installers from Eric Hameleers. +--------------------------+ Thu Apr 12 01:49:57 EEST 2007 A software series/aaa_base-11.1.1-noarch-1.tgz: Added /srv directory. After backing up any real /usr/X11R6, create a compatibility symlink tree to support all the software out there that'll be looking for /usr/X11R6 5 years from now. A software series/cpio-2.5-x86_64-3.tgz: Recompiled. Fixed broken manpages. A software series/sysklogd-1.4.1-x86_64-2.tgz: Patched to compile with gcc4. Made the syslogd/klogd race handling script (hopefully) faster. Moved clockset to earlier in rc.S to avoid the "last mounted in the future" message from fsck seen by people keeping the local time (rather than UTC) in the hardware clock in certain timezones. A software series/sysvinit-scripts-1.2-noarch-3.tgz: Moved ldconfig up to near the top ofr m.M and '&'ed it, which should be safe enough. AP software series/bc-1.06.95-x86_64-1.tgz: Upgraded to bc-1.06.95, since the old bc won't compile with a recent flex. This version tests faster, too. AP software series/espgs-8.15.4-x86_64-2.tgz: Recompiled to let altertrack handle gziping and symlinking the manpages. AP software series/hplip-1.7.3-x86_64-1.tgz: Upgraded to hplip-1.7.3. AP software series/lm_sensors-2.10.3-x86_64-1.tgz: Upgraded to lm_sensors-2.10.3. AP software series/mc-4.6.1_20070309-x86_64-1.tgz: Patched with mc-4.6.1-2007-03-09-18 to fix various bugs. AP software series/nano-2.0.4-x86_64-1.tgz: Upgraded to nano-2.0.4. AP software series/screen-4.0.3-x86_64-1.tgz: Upgraded to screen-4.0.3. AP software series/zsh-4.3.2-x86_64-2.tgz: Don't clobber an existing /etc/zprofile. D software series/flex-2.5.33-x86_64-2.tgz: Added lex -> flex symlink. D software series/ruby-1.8.6-x86_64-1.tgz: Upgraded to ruby-1.8.6. KDE software series/kdebindings-3.5.6-x86_64-3.tgz: Fixed DCOP.3 manpage. L software series/atk-1.18.0-x86_64-1.tgz: Upgraded to atk-1.18.0. L software series/cairo-1.4.2-x86_64-1.tgz: Upgraded to cairo-1.4.2. L software series/glib2-2.12.11-x86_64-1.tgz: Upgraded to glib-2.12.11. L software series/gtk+2-2.10.11-x86_64-1.tgz: Upgraded to gtk+2-2.10.11. L software series/pango-1.16.1-x86_64-1.tgz: Upgraded to pango-1.16.1. L software series/readline-5.2-x86_64-2.tgz: Recompiled with readline52-002 patch. Added --enable-multibyte option. L software series/vte-0.16.1-x86_64-1.tgz: Upgraded to vte-0.16.1. N software series/apache-1.3.37-x86_64-3.tgz: Added /srv/www -> /var/www symlink. N software series/htdig-3.2.0b6-x86_64-1.tgz: Upgraded to htdig-3.2.0b6. X software series/libXfont-1.2.8-x86_64-1.tgz: Upgraded to libXfont-1.2.8. X software series/x11-skel-7.1-noarch-2.tgz: Fixed /usr/X11 symlink. Backup any old /usr/X11R6 and create an empty /usr/X11R6 (though there should already be one made by aaa_base and populated with backwards compatibility symlinks). A renaming of this package to "aaa_x11" is under consideration.. X software series/xf86-video-ati-6.6.191-x86_64-1.tgz: Upgraded to xf86-video-ati-6.6.191. X software series/xorg-server-1.2.99.905-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.905. X software series/xorg-server-xdmx-1.2.99.905-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.905. X software series/xorg-server-xnest-1.2.99.905-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.905. X software series/xorg-server-xvfb-1.2.99.905-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.905. XAP software series/audacious-1.3.2-x86_64-1.tgz: Upgraded to audacious-1.3.2. XAP software series/audacious-plugins-1.3.2-x86_64-1.tgz: Upgraded to audacious-plugins-1.3.2. A software series/cups-1.2.10-x86_64-2.tgz: Recompiled. Espgs won't compile if this is not recompiled ;). A software series/syslinux-3.36-x86_64-1.tgz: Upgraded to syslinux-3.36. Huge Thanks to Alex for the patch and the build script ;). XAP software series/gaim-2.0.0beta6-x86_64-2.tgz: Recompiled with --enable-nss=yes option. +--------------------------+ Fri Apr 6 00:33:45 EEST 2007 AP software series/dvd+rw-tools-7.0-x86_64-1.tgz: Upgraded to dvd+rw-tools-7.0, needed by k3b-1.0. A software series/aaa_base-11.1.0-noarch-2.tgz: Removed /usr/etc directory. A software series/cups-1.2.10-x86_64-1.tgz: Upgraded to cups-1.2.10. A software series/etc-11.1-noarch-2.tgz: Removed /usr/etc/printcap symlink. A software series/file-4.20-x86_64-1.tgz: Upgraded to file-4.20. This fixes a heap overflow that could allow code to be executed as the user running file (note that there are many scenarios where file might be used automatically, such as in virus scanners or spam filters). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 [*** Security fix ***] A software series/sysvinit-2.86-x86_64-4.tgz: In functions, change usleep calls to sleep calls. A software series/tcsh-6.15.00-x86_64-1.tgz: Upgraded to tcsh-6.15.00. AP software series/espgs-8.15.4-x86_64-1.tgz: Upgraded to espgs-8.15.4. AP software series/zsh-4.3.2-x86_64-1.tgz: Upgraded to zsh-4.3.2. D software series/gdb-6.6-x86_64-2.tgz: Recompiled against new libexpat. D software series/m4-1.4.9-x86_64-1.tgz: Upgraded to m4-1.4.9. KDE software series/kdelibs-3.5.6-x86_64-2.tgz: Recompiled with a patch to kjs. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdegraphics-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdesdk-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeedu-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdemultimedia-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/amarok-1.4.5-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdebindings-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdegames-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdetoys-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdebase-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeaccessibility-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdewebdev-3.5.6-x86_64-3.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdepim-3.5.6-x86_64-2.tgz: Patched to update timezone information for Kmail. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdenetwork-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdevelop-3.4.0-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeartwork-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeadmin-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeaddons-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/kdeutils-3.5.6-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. KDE software series/koffice-1.6.2-x86_64-2.tgz: Recompiled. Changed --sysconfdir from /usr/etc to /etc/X11. L software series/arts-1.5.6-x86_64-2.tgz: Recompiled. L software series/libmikmod-3.1.11a-x86_64-3.tgz: Removed. L software series/qt-3.3.8-x86_64-2.tgz: Patched an issue where the Qt UTF 8 decoder may in some instances fail to reject overlong sequences, possibly allowing "/../" path injection or XSS errors. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 [*** Security fix ***] Also, restored /usr/lib/qt/lib to /etc/ld.so.conf fixing "make xconfig" in the kernel. L software series/slang-2.0.7-x86_64-1.tgz: Upgraded to slang-2.0.7, moved --sysconfig to /etc. L software series/svgalib-1.9.25_2.6.18.8_smp-x86_64-2.tgz: Changed to slacktrack for build method, as the SlackBuild method was embedding some incorrect paths. N software series/openldap-client-2.3.32-x86_64-1.tgz: Upgraded to openldap-2.3.32 client libs. N software series/openssh-4.6p1-x86_64-1.tgz: Upgraded to openssh-4.6p1. Changed rc.sshd slightly to avoid the potential to be disconnected from a remote box without sshd being restarted when using "sh /etc/rc.d/rc.sshd restart". X software series/compiz-0.5.0-x86_64-1.tgz: Upgraded to compiz-0.5.0. X software series/libX11-1.1.1-x86_64-3.tgz: Restored XCB support. X software series/libxcb-1.0-x86_64-2.tgz: Patched to work around the locking problem that was affecting Java and other programs. X software series/xf86-input-joystick-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.2.0. X software series/xf86-video-intel-1.9.94-x86_64-1.tgz: Upgraded to xf86-video-intel-1.9.94. X software series/xf86-video-nv-2.0.1-x86_64-1.tgz: Upgraded to xf86-video-nv-2.0.1. X software series/xorg-server-1.2.99.903-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.903. X software series/xorg-server-xdmx-1.2.99.903-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.903. X software series/xorg-server-xnest-1.2.99.903-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.903. X software series/xorg-server-xvfb-1.2.99.903-x86_64-1.tgz: Upgraded to xorg-server-1.2.99.903. X software series/audacious-plugins-1.3.1-x86_64-3.tgz: Recompiled using --enable-chardet. X software series/audacious-1.3.1-x86_64-3.tgz: Recompiled using --enable-chardet instead of the incorrect --enable-charset. XAP software series/gqview-2.1.5-x86_64-2.tgz: Fixed slack-desc: (not 11 info lines, missing editing instructions/ruler, "GQview" improperly capitalized, top line should have the Bluewhite64 package name followed by the (description), and "empty" lines shouldn't have whitespace after the ":" :). XAP software series/pan-0.126-x86_64-1.tgz: Upgraded to pan-0.126. XAP/x3270-3.3.5-x86_74-1.tgz: Upgraded to x3270-3.3.5. Moved config file from /usr/etc/x3270/ to /etc/X11/x3270/ and added config() installation. EXTRA software/k3b/k3b-1.0-x86_64-1.tgz: Upgraded to k3b-1.0. EXTRA software/k3b/k3b-i18n-1.0-noarch-1.tgz: Upgraded to k3b-i18n-1.0. EXTRA software/ktorrent/ktorrent-2.1.3-x86_64-1.tgz: Upgraded to ktorrent-2.1.3. A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may allow remote attackers to overwrite the ktorrent user's files. A bug in chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash ktorrent and cause heap corruption by the use of an invalid idx value. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385 [*** Security fix ***] D software series/glibc-2.5-x86_64-1.tgz: Fixed ld-2.5.so -> ld-linux-so.2 simlink. Please use upgradepkg --reinstall to reinstall this packages. A software series/libc-solibs-2.5-x86_64-1.tgz: Fixed ld-2.5.so -> ld-linux-so.2 simlink. Please use upgradepkg --reinstall to reinstall this packages. +--------------------------+ Tue Mar 27 19:20:23 EEST 2007 Here are the updates for the current tree ;). Please read and follow the update process from the CHANGES_AND_HINTS.TXT file! NOTE: If you want to use nVidia drivers (www.nvidia.org) you need to pass the -x-prefix=/usr --x-module-path=/usr/lib/xorg/modules options. (sh NVIDIA-Linux-x86_64-1.0-9755-pkg2.run -x-prefix=/usr --x-module-path=/usr/lib/xorg/modules ) Thanks to Fred Emmott for this tip. Also, thanks to Eric Hameleers for helping with the new initrd. And don't forget to test and post bugs to the Bluewhite64 -current forum. Enjoy! ;) A software series/sysvinit-scripts-1.2-noarch-2.tgz: Added an '&&' in the /tmp cleanup section to avoid an (unlikely) catastrophe. Flushed out a few more X11R6 paths. X software series/compiz-0.3.6-x86_64-2.tgz: Recompiled with KDE and SVG support. XAP software series/mozilla-firefox-2.0.0.3-x86_64-1.tgz: Upgraded to firefox-2.0.0.3. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox NOTE: If a security issue affects *only* -current, the ChangeLog may be the only place an announcement is made. Just a friendly heads-up, though in this case you'll be seeing updates and an advisory due to Firefox in 11.0. [*** Security fix ***] A software series/bash-3.2.015-x86_64-1.tgz: Upgraded to bash-3.2 patchlevel 015. A software series/sysvinit-2.86-x86_64-3.tgz: Fixed /etc/rc.d/rc{0,1,2,3,4,5,6}.d directories. AP software series/mysql-5.0.37-x86_64-1.tgz: Upgraded to mysql-5.0.37. AP software series/vorbis-tools-1.1.1-x86_64-3.tgz: Recompiled against the new curl library. D software series/binutils-2.17.50.0.14-x86_64-1.tgz: Upgraded to binutils-2.17.50.0.14. D software series/cmake-2.4.6-x86_64-2.tgz: Fixed doc directory. D software series/git-1.5.0.5-x86_64-1.tgz: Upgraded to git-1.5.0.5. D software series/oprofile-0.9.2-x86_64-2.tgz: Recompiled with libbfd from new binutils. D software series/pmake-1.111-x86_64-2.tgz: Fixed perms on /usr/share/mk. L software series/libxml2-2.6.27-x86_64-2.tgz: Recompiled for Python 2.5. L software series/libxslt-1.1.20-x86_64-2.tgz: Recompiled for Python 2.5. N software series/curl-7.16.1-x86_64-1.tgz: Upgraded to curl-7.16.1. N software series/fetchmail-6.3.6-x86_64-3.tgz: Recompiled for Python 2.5. N software series/getmail-4.7.3-noarch-1.tgz: Upgraded to getmail-4.7.3. N software series/gnupg-1.4.7-x86_64-2.tgz: Recompiled against the new curl library. N software series/gnupg2-2.0.3-x86_64-3.tgz: Recompiled against the new curl library. N software series/php-4.4.6-x86_64-2.tgz: Recompiled against the new curl library. X software series/dejavu-ttf-2.15-noarch-1.tgz: Upgraded to dejavu-ttf-2.15. X software series/font-xfree86-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-winitzki-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-sun-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-sony-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-screen-cyrillic-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-schumacher-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-mutt-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-misc-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-misc-meltho-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-misc-ethiopic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-misc-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-micro-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-jis-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-isas-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-ibm-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-dec-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-daewoo-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-cursor-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-cronyx-cyrillic-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bitstream-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bitstream-speedo-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bitstream-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bitstream-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-type1-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-ttf-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-lucidatypewriter-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-lucidatypewriter-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-bh-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-arabic-misc-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-adobe-utopia-type1-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-adobe-utopia-75dpi-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-adobe-utopia-100dpi-1.0.1-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-adobe-75dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/font-adobe-100dpi-1.0.0-noarch-2.tgz: Fixed mkfont{scale,dir} order. X software series/ttf-indic-fonts-0.4.7.1-noarch-3.tgz: Fixed mkfont{scale,dir} order. X software series/libX11-1.1.1-x86_64-2.tgz: Rebuilt with --with-xcb=no. X software series/makedepend-1.0.1-x86_64-1.tgz: Upgraded to makedepend-1.0.1. X software series/mkfontdir-1.0.3-noarch-1.tgz: Upgraded to mkfontdir-1.0.3. Fixed after-fresh-install script to run mkfontscale and then mkfontdir. Moved after-fresh-install script before fc-cache. X software series/twm-1.0.3-x86_64-2.tgz: Fixed X11R6 paths in xinitrc.twm. X software series/xdpyinfo-1.0.2-x86_64-1.tgz: Upgraded to xdpyinfo-1.0.2. XAP software series/audacious-1.3.1-x86_64-2.tgz: Recompiled against the new curl library. XAP software series/audacious-plugins-1.3.1-x86_64-1.tgz: Recompiled against the new curl library. XAP software series/xine-ui-0.99.4-x86_64-6.tgz: Recompiled against the new curl library. EXTRA software/php5/php-5.2.1-x86_64-3.tgz: Recompiled against the new curl library. XAP software series/xload-1.0.2-x86_64-1.tgz: Upgraded to xload-1.0.2 +--------------------------+ Tue Mar 27 14:53:50 EEST 2007 A software series/etc-11.1-noarch-1.tgz: Added a .xsession in /etc/skel to run gpg-agent A software series/sysvinit-scripts-1.2-noarch-1.tgz: Rid rc.6 of awk usage. Fixed /etc/rc.d/rc{0,1,2,3,4,5,6}.d directories. KDE software series/amarok-1.4.5-x86_64-2.tgz: Recompiled. Now linked with libkarma, but you'll have to get the omfs kernel module. Note: KDE is now being built with --prefix=/usr, not --prefix=/opt/kde. This makes it much easier to follow freedesktop.org's recommendations for unifying the various Linux desktops. KDE software series/kdeaccessibility-3.5.6-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.6. KDE software series/kdeaddons-3.5.6-x86_64-1.tgz: Upgraded to kdeaddons-3.5.6. KDE software series/kdeadmin-3.5.6-x86_64-1.tgz: Upgraded to kdeadmin-3.5.6. KDE software series/kdeartwork-3.5.6-x86_64-1.tgz: Upgraded to kdeartwork-3.5.6. KDE software series/kdebase-3.5.6-x86_64-1.tgz: Upgraded to kdebase-3.5.6. KDE software series/kdebindings-3.5.6-x86_64-1.tgz: Upgraded to kdebindings-3.5.6. KDE software series/kdeedu-3.5.6-x86_64-1.tgz: Upgraded to kdeedu-3.5.6. KDE software series/kdegames-3.5.6-x86_64-1.tgz: Upgraded to kdegames-3.5.6. KDE software series/kdegraphics-3.5.6-x86_64-1.tgz: Upgraded to kdegraphics-3.5.6. KDE software series/kdelibs-3.5.6-x86_64-1.tgz: Upgraded to kdelibs-3.5.6. KDE software series/kdemultimedia-3.5.6-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.6. KDE software series/kdenetwork-3.5.6-x86_64-1.tgz: Upgraded to kdenetwork-3.5.6. KDE software series/kdepim-3.5.6-x86_64-1.tgz: Upgraded to kdepim-3.5.6. KDE software series/kdesdk-3.5.6-x86_64-1.tgz: Upgraded to kdesdk-3.5.6. KDE software series/kdetoys-3.5.6-x86_64-1.tgz: Upgraded to kdetoys-3.5.6. KDE software series/kdeutils-3.5.6-x86_64-1.tgz: Upgraded to kdeutils-3.5.6. KDE software series/kdevelop-3.4.0-x86_64-1.tgz: Upgraded to kdevelop-3.4.0. KDE software series/kdewebdev-3.5.6-x86_64-1.tgz: Upgraded to kdewebdev-3.5.6. KDE software series/koffice-1.6.2-x86_64-1.tgz: Upgraded to koffice-1.6.2. KDEi software series/*: Upgraded to kde-i18n 3.5.6 and koffice-l10n 1.6.2. L software series/arts-1.5.6-x86_64-1.tgz: upgraded to arts-1.5.6. L software series/dbus-1.0.2-x86_64-1.tgz: Added dbus-1.0.2. L software series/dbus-glib-0.72-x86_64-1.tgz: Added dbus-glib-0.72. L software series/dbus-qt3-0.70-x86_64-1.tgz: Added dbus-qt3-0.70 N software series/gamin-0.1.8-x86_64-1.tgz: Added gamin-0.1.8. L software series/qca-1.0-x86_64-4.tgz: Recompiled. Moved from KDE. L software series/qca-tls-1.0-x86_64-5.tgz: Recompiled. Moved from KDE. L software series/qt-3.3.8-x86_64-1.tgz: Upgraded to qt-3.3.8 and moved from KDE. N software series/gnutls-1.6.1-x86_64-1.tgz: Added gnutls-1.6.1 XAP software series/rdesktop-1.5.0-x86_64-2.tgz: Recompiled, moved from N. XAP software series/xfce-4.4.0-x86_64-2.tgz: Recompiled. XAP software series/seamonkey-1.1.1-x86_64-1.tgz: Upgraded to seamonkey-1.1.1. EXTRA software/k3b/k3b-0.12.17-x86_64-3.tgz: Recompiled with --prefix=/usr. EXTRA software/k3b/k3b-i18n-0.12.17-noarch-2.tgz: Recompiled with --prefix=/usr. EXTRA software/ktorrent/ktorrent-2.1-x86_64-1.tgz: Upgraded to ktorrent-2.1. EXTRA software/php5/php-5.2.1-x86_64-2.tgz: Recompiled. EXTRA software/slackpkg-2.52-noarch-1.tgz: Upgraded to slackpkg-2.52. isolinux/initrd.img: Removed old deprecated raidtools, added /sbin/mdadm. Generally updated everything to use -current tools. usb-and-pxe-installers/: Added updated USB and PXE installers. Thanks to Eric Hameleers! +--------------------------+ Sun Mar 25 18:57:54 EEST 2007 N software series/dirmngr-1.0.0-x86_64-1.tgz: Added dirmngr-1.0.0. N software series/gnupg2-2.0.3-x86_64-2.tgz: Added gnupg2-2.0.3. N software series/gpa-0.7.5-x86_64-1.tgz: Added gpa-0.7.5 N software series/gpgme-1.1.4-x86_64-1.tgz: Upgraded to gpgme-1.1.4 and moved here from the L software series. N software series/libassuan-1.0.1-x86_64-1.tgz: Added libassuan-1.0.1. N software series/libgcrypt-1.2.4-x86_64-1.tgz: Upgraded to libgcrypt-1.2.4 and moved here from the L software series. N software series/libgpg-error-1.5-x96_64-1.tgz: Upgraded to libgpg-error-1.5 and moved from the L software series. N software series/libksba-1.0.1-x86_64-1.tgz: Added libksba-1.0.1. N software series/pinentry-0.7.2-x86_64-1.tgz: Added pinentry-0.7.2. N software series/pth-2.0.7-x86_64-1.tgz: Added pth-2.0.7. L software series/gmime-2.2.4-x86_64-1.tgz: Added gmime-2.2.4 (used by Pan). XAP software series/gucharmap-1.10.0-x86_64-1.tgz: Upgraded to gucharmap-1.10.0. XAP software series/pan-0.125-x86_64-1.tgz: Upgraded to pan-0.125. XAP software series/sane-1.0.18-x86_64-5.tgz: Recompiled. XAP software series/xmms-1.2.10-x86_64-4.tgz: Removed. L software series/glib-1.2.10-x86_64-4.tgz: Recompiled. L software series/gtk+-1.2.10-x86_64-6.tgz: Recompiled. L software series/mcs-0.4.1-x86_64-1.tgz: Added mcs-0.4.1. Audacious needs this. XAP software series/dnsmasq-2.38-x86_64-1.tgz: Upgraded to dnsmasq-2.38. N software series/php-4.4.6-x86_64-1.tgz: Upgraded to php-4.4.6. N software series/audacious-1.3.1-x86_64-1.tgz: Added audacious-1.3.1. XAP software series/audacious-plugins-1.3.0-x86_64-1.tgz: Added audacious-plugins-1.3.0. XAP software series/gftp-2.0.18-x86_64-2.tgz: Recompiled. XAP software series/gimp-2.2.13-x86_64-4.tgz: Recompiled. XAP software series/gkrellm-2.2.10-x86_64-1.tgz: Upgraded to gkrellm-2.2.10. XAP software series/gnuplot-4.0.0-x86_64-3.tgz: Recompiled. XAP software series/xsane-0.994-x86_64-1.tgz: Upgraded to xsane-0.994. A software series/findutils-4.2.30-x86_64-1.tg: Upgraded to findutils-4.2.30. AP software series/hpijs-2.1.4-x86_64-3.tgz: Removed (replaced by hplip). AP software series/hplip-1.7.1-x86_64-1.tgz: Upgraded to hplip-1.7.1, moved from /testing. +--------------------------+ Sun Mar 25 02:23:25 EET 2007 A software series/cpio-2.5-x86_64-2.tgz: Recompiled. A software series/udev-104-x86_64-1.tgz: Upgraded to udev-104. Please be sure if you plan to use the new sysvinit, sysvinit-scripts, and udev packages that you upgradepkg all of them, and that you search-and-handle any *.new files under /etc. AP software series/cdrtools-2.01.01a23-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a23. AP software series/espgs-8.15.3-x86_64-1.tgz: Upgraded to espgs-8.15.3. AP software series/ghostscript-fonts-std-8.11-noarch-1.tgz: Added ghostscript-fonts-std-8.11, which replaces the gnu-gs-fonts package. E software series/emacs-21.4a-x86_64-3.tgz: Recompiled. E software series/emacs-nox-21.4-x86_64-2.tgz: Recompiled. L software series/libcaca-0.99.beta11-x86_64-1.tgz: Upgraded to libcaca-0.99.beta11. N software series/openssh-4.5p1-x86_64-1.tgz: Upgraded to openssh-4.5p1. T software series/transfig-3.2.4-x86_64-3.tgz: Recompiled. T software series/xfig-3.2.4-x86_64-2.tgz: Recompiled. TCL software series/tcl-8.4.14-x86_64-1.tgz: Upgraded to tcl-8.4.14. TCL software series/tk-8.4.14-x86_64-1.tgz: Upgraded to tk-8.4.14. TCL software series/tclx-8.4-x86_64-1.tgz: Upgraded to tclx-8.4. X software series/xaw3d-1.5-x86_64-4.tgz: Recompiled. Moved from L series. XAP software series/fvwm-2.4.20-x86_64-1.tgz: Upgraded to fvwm-2.4.20. XAP software series/gv-3.6.2-x86_64-1.tgz: Upgraded to gv-3.6.2. XAP software series/gqview-2.1.5-x86_64-1.tgz: Added gqview-2.1.5. XAP software series/imagemagick-6.3.2_8-x86_64-1.tgz: Upgraded to ImageMagick-6.3.2-8. XAP software series/seyon-2.20c-x86_64-1.tgz: Added seyon-2.20c. XAP software series/x3270-3.3.2p1-x86_64-2.tgz: Recompiled. XAP software series/xfractint-20.04p04-x86_64-1.tgz: Added /xfractint-20.04p04. XAP software series/xine-ui-0.99.4-x86_64-5.tgz: Recompiled. This lost libcaca support, at least for a while... XAP software series/xpdf-3.01-x86_64-3.tgz: Recompiled. XAP software series/xpaint-2.7.8.1-x86_64-1.tgz: Upgraded to xpaint-2.7.8.1. XAP software series/xxgdb-1.12-x86_64-2.tgz: Recompiled. EXTRA software/slacktrack/slacktrack-1.30-x86_64-1.tgz: Upgraded to slacktrack-1.30_1. PASTURE/gcc-3.4.6/*: Moved to pasture as some things still aren't ready for gcc-4, such as espgs. PASTURE/raidtools-1.00.3-x86_64-1.tgz: Moved to /pasture. Use mdadm. A software series/hdparm-6.9-86_64-1.tgz: Upgraded to hdparm-6.9. D software series/libtool-1.5.22-x86_64-7.tgz: Recompiled. L software series/vte-0.15.0-x86_64-1.tgz: Added vte-0.15.0. XAP software series/gxine-0.5.11-x86_64-1.tgz: Upgraded to gxine-0.5.11. XAP software series/xfce-4.4.0-x86_64-1.tgz: Upgraded to xfce-4.4.0. XAP software series/xine-lib-1.1.4-x86_64-1.tgz: Upgraded to xine-lib-1.1.4. +--------------------------+ Fri Mar 23 17:34:55 EET 2007 AP software series/alsa-utils-1.0.14rc2-x86_64-1.tgz: Upgraded to alsa-utils-1.0.14rc2. AP software series/flac-1.1.2-x86_64-4.tgz: Recompiled. AP software series/most-4.10.2-x86_64-3.tgz: Recompiled. Lsoftware series/aalib-1.4rc5-x86_64-5.tgz: Recompiled. L software series/alsa-lib-1.0.14rc2-x86_64-1.tgz: Upgraded to alsa-lib-1.0.14rc2. L software series/apr-1.2.8-x86_64-1.tgz: Upgraded to apr-1.2.8. L software series/apr-util-1.2.8-x86_64-1.tgz: Upgraded to apr-util-1.2.8. L software series/aspell-0.60.5-x86_64-1.tgz: Upgraded to aspell-0.60.5. L software series/audiofile-0.2.6-x86_64-3.tgz: Recompiled. L software series/desktop-file-utils-0.12-x86_64-1.tgz: Upgraded to desktop-file-utils-0.12. L software series/esound-0.2.36-x86_64-4.tgz: Recompiled. L software series/fribidi-0.10.7-x86_64-3.tgz: Recompiled. L software series/gdbm-1.8.3-x86_64-3.tgz: Recompiled. L software series/gdk-pixbuf-0.22.0-x86_64-4.tgz: Removed. L software series/gnet-2.0.7-x86_64-2.tgz: Removed. L software series/libao-0.8.6-x86_64-4.tgz: Recompiled. L software series/lcms-1.16-x86_64-1.tgz: Upgraded to lcms-1.16. L software series/libgsf-1.14.3-x86_64-1.tgz: Upgraded to libgsf-1.14.3. L software series/bgtkhtml-2.11.0-x86_64-1.tgz: Upgraded to libgtkhtml-2.11.0. L software series/libidn-0.6.10-x86_64-1.tgz: Upgraded to libidn-0.6.10. L software series/libieee1284-0.2.10-x86_64-3.tgz: Recompiled. L software series/libid3tag-0.15.1b-x86_64-3.tgz: Recompiled L software series/libidl-0.8.7-x86_64-1.tgz: Upgraded to libidl-0.8.7. L software series/libmad-0.15.1b-x86_64-3.tgz: Recompiled L software series/libmikmod-3.1.11a-x86_64-3.tgz: Recompiled. L software series/libmng-1.0.9-x86_64-1.tgz: Upgraded ibmng-1.0.9. L software series/libmusicbrainz-2.1.4-x86_64-3.tgz: Recompiled. L software series/libtheora-1.0alpha7-x86_64-3.tgz: Recompiled. L software series/libtunepimp-0.4.2-x86_64-5.tgz: Recompiled. L software series/libusb-0.1.12-x86_64-3.tgz: Recompiled. L software series/libvorbis-1.1.2-x86_64-3.tgz: Recompiled. L software series/libwmf-0.2.8.4-x86_64-5.tgz: Recompiled. L software series/libwmf-docs-0.2.8.4-noarch-5.tgz: Rebuilt. L software series/libwpd-0.8.9-x86_64-1.tgz: Upgraded to libwpd-0.8.9. L software series/mhash-0.9.7.1-x86-64-1.tgz: Upgraded to mhash-0.9.7.1. L software series/mpeg_lib-1.3.1-x86_64-2.tgz: Removed. L software series/mpfr-2.2.1p01-x86_64-1.tgz: Upgraded to mpfr-2.2.1p01. L software series/netpbm-10.35.22-x86_64-1.tgz: Added etpbm-10.35.22. L software series/popt-1.7-x86_64-3.tgz: Recompiled. L software series/shared-mime-info-0.20-x86_64-1.tgz: Upgraded to shared-mime-info-0.20. L software series/slang-2.0.6-x86_64-3.tgz: Recompiled. L software series/slang1-1.4.9-x86_64-2.tgz: Fixed slack-desc. L software series/startup-notification-0.8-x86_64-4.tgz: Upgraded to startup-notification-0.8. L software series/taglib-1.4-x86_64-4.tgz: Recompiled. L software series/wv2-0.2.3-x86_64-1.tgz: Upgraded to wv2-0.2.3 +--------------------------+ Fri Mar 23 01:45:09 EET 2007 AP software series/mdadm-2.6-x86_64-1.tgz: Upgraded to mdadm-2.6 AP software series/vim-7.0.195-x86_64-1.tgz: Upgraded to vim-7.0.195 D software series/gperf-3.0.2-x86_64-1.tgz: Added gperf-3.0.2. D software series/gd-2.0.34-x86_64-1.tgz: Upgraded to gd-2.0.34. L software series/imlib-1.9.15-x86_64-2.tgz: Recompiled. L software series/libexif-0.6.13-x86_64-5.tgz: Recompiled. L software series/libglade-2.6.0-x86_64-1.tgz: Upgraded to libglade-2.6.0. L software series/libkarma-0.0.6-x86_64-1.tgz: Added libkarma-0.0.6. L software series/libvisual-0.4.0-x86_64-2.tgz: Recompiled. L software series/sdl-1.2.11-x86_64-3.tgz: Recompiled. KDE software series/qca-1.0-x86_64-3.tgz: Recompiled. KDE software series/qca-tls-1.0-x86_64-4.tgz: Recompiled. KDE software series/qt-3.3.7-x86_64-3.tgz: Recompiled. N software series/irssi-0.8.10a-x86_64-6.tgz: Recompiled. X software series/appres-1.0.1-x86_64-1.tgz: Added appres-1.0.1. X software series/bdftopcf-1.0.0-x86_64-1.tgz: Added bdftopcf-1.0.0. X software series/beforelight-1.0.2-x86_64-1.tgz: Added beforelight-1.0.2. X software series/bigreqsproto-1.0.2-noarch-1.tgz: Added bigreqsproto-1.0.2. X software series/bitmap-1.0.3-x86_64-1.tgz: Added bitmap-1.0.3. X software series/compiz-0.3.6-x86_64-1.tgz: Added compiz-0.3.6. X software series/compositeproto-0.3.1-noarch-1.tgz: Added compositeproto-0.3.1. X software series/damageproto-1.1.0-noarch-1.tgz: Added damageproto-1.1.0. X software series/dejavu-ttf-2.14-noarch-1.tgz: Added dejavu-ttf-2.14. X software series/dmxproto-2.2.2-noarch-1.tgz: Added dmxproto-2.2.2. X software series/editres-1.0.3-x86_64-1.tgz: Added editres-1.0.3. X software series/encodings-1.0.2-noarch-1.tgz: Added encodings-1.0.2. X software series/evieext-1.0.2-noarch-1.tgz: Added evieext-1.0.2. X software series/fixesproto-4.0-noarch-1.tgz: Added fixesproto-4.0. X software series/font-adobe-100dpi-1.0.0-noarch-1.tgz: Added font-adobe-100dpi-1.0.0. X software series/font-adobe-75dpi-1.0.0-noarch-1.tgz: Added font-adobe-75dpi-1.0.0. X software series/font-adobe-utopia-100dpi-1.0.1-noarch-1.tgz: Added font-adobe-utopia-100dpi-1.0.1. X software series/font-adobe-utopia-75dpi-1.0.1-noarch-1.tgz: Added font-adobe-utopia-75dpi-1.0.1. X software series/font-adobe-utopia-type1-1.0.1-noarch-1.tgz: Added font-adobe-utopia-type1-1.0.1. X software series/font-alias-1.0.1-noarch-1.tgz: Added font-alias-1.0.1. X software series/font-arabic-misc-1.0.0-noarch-1.tgz: Added font-arabic-misc-1.0.0. X software series/font-bh-100dpi-1.0.0-noarch-1.tgz: Added font-bh-100dpi-1.0.0. X software series/font-bh-75dpi-1.0.0-noarch-1.tgz: Added font-bh-75dpi-1.0.0. X software series/font-bh-lucidatypewriter-100dpi-1.0.0-noarch-1.tgz: Added font-bh-lucidatypewriter-100dpi-1.0.0. X software series/font-bh-lucidatypewriter-75dpi-1.0.0-noarch-1.tgz: Added font-bh-lucidatypewriter-75dpi-1.0.0. X software series/font-bh-ttf-1.0.0-noarch-1.tgz: Added font-bh-ttf-1.0.0. X software series/font-bh-type1-1.0.0-noarch-1.tgz: Added font-bh-type1-1.0.0. X software series/font-bitstream-100dpi-1.0.0-noarch-1.tgz: Added font-bitstream-100dpi-1.0.0. X software series/font-bitstream-75dpi-1.0.0-noarch-1.tgz: Added font-bitstream-75dpi-1.0.0. X software series/font-bitstream-speedo-1.0.0-noarch-1.tgz: Added font-bitstream-speedo-1.0.0. X software series/font-bitstream-type1-1.0.0-noarch-1.tgz: Added font-bitstream-type1-1.0.0. X software series/font-cronyx-cyrillic-1.0.0-noarch-1.tgz: Added font-cronyx-cyrillic-1.0.0. X software series/font-cursor-misc-1.0.0-noarch-1.tgz: Added font-cursor-misc-1.0.0. X software series/font-daewoo-misc-1.0.0-noarch-1.tgz: Added font-daewoo-misc-1.0.0. X software series/font-dec-misc-1.0.0-noarch-1.tgz: Added font-dec-misc-1.0.0. X software series/font-ibm-type1-1.0.0-noarch-1.tgz: Added font-ibm-type1-1.0.0. X software series/font-isas-misc-1.0.0-noarch-1.tgz: Added font-isas-misc-1.0.0. X software series/font-jis-misc-1.0.0-noarch-1.tgz: Added font-jis-misc-1.0.0. X software series/font-micro-misc-1.0.0-noarch-1.tgz: Added font-micro-misc-1.0.0. X software series/font-misc-cyrillic-1.0.0-noarch-1.tgz: Added font-misc-cyrillic-1.0.0. X software series/font-misc-ethiopic-1.0.0-noarch-1.tgz: Added font-misc-ethiopic-1.0.0. X software series/font-misc-meltho-1.0.0-noarch-1.tgz: Added font-misc-meltho-1.0.0. X software series/font-misc-misc-1.0.0-noarch-1.tgz: Added font-misc-misc-1.0.0. X software series/font-mutt-misc-1.0.0-noarch-1.tgz: Added font-mutt-misc-1.0.0. X software series/font-schumacher-misc-1.0.0-noarch-1.tgz: Added font-schumacher-misc-1.0.0. X software series/font-screen-cyrillic-1.0.1-noarch-1.tgz: Added font-screen-cyrillic-1.0.1. X software series/font-sony-misc-1.0.0-noarch-1.tgz: Added font-sony-misc-1.0.0. X software series/font-sun-misc-1.0.0-noarch-1.tgz: Added font-sun-misc-1.0.0. X software series/font-util-1.0.1-x86_64-1.tgz: Added font-util-1.0.1. X software series/font-winitzki-cyrillic-1.0.0-noarch-1.tgz: Added font-winitzki-cyrillic-1.0.0. X software series/font-xfree86-type1-1.0.0-noarch-1.tgz: Added font-xfree86-type1-1.0.0. X software series/fontcacheproto-0.1.2-noarch-1.tgz: Added fontcacheproto-0.1.2. X software series/fontconfig-2.4.2-x86_64-1.tgz: Added fontconfig-2.4.2. X software series/fontsproto-2.0.2-noarch-1.tgz: Added fontsproto-2.0.2. X software series/fonttosfnt-1.0.3-x86_64-1.tgz: Added fonttosfnt-1.0.3. X software series/fslsfonts-1.0.1-x86_64-1.tgz: Added fslsfonts-1.0.1. X software series/fstobdf-1.0.2-x86_64-1.tgz: Added fstobdf-1.0.2. X software series/gccmakedep-1.0.2-noarch-1.tgz: Added gccmakedep-1.0.2. X software series/glproto-1.4.8-noarch-1.tgz: Added glproto-1.4.8. X software series/iceauth-1.0.1-x86_64-1.tgz: Added iceauth-1.0.1. X software series/ico-1.0.1-x86_64-1.tgz: Added ico-1.0.1. X software series/imake-1.0.2-x86_64-1.tgz: Added imake-1.0.2. X software series/inputproto-1.4.1-noarch-1.tgz: Added inputproto-1.4.1. X software series/kbproto-1.0.3-noarch-1.tgz: Added kbproto-1.0.3. X software series/lbxproxy-1.0.1-x86_64-1.tgz: Added lbxproxy-1.0.1. X software series/libFS-1.0.0-x86_64-1.tgz: Added libFS-1.0.0. X software series/libICE-1.0.3-x86_64-1.tgz: Added libICE-1.0.3. X software series/libSM-1.0.2-x86_64-1.tgz: Added libSM-1.0.2. X software series/libX11-1.1.1-x86_64-1.tgz: Added libX11-1.1.1. X software series/libXScrnSaver-1.1.2-x86_64-1.tgz: Added libXScrnSaver-1.1.2. X software series/libXTrap-1.0.0-x86_64-1.tgz: Added libXTrap-1.0.0. X software series/libXau-1.0.3-x86_64-1.tgz: Added libXau-1.0.3. X software series/libXaw-1.0.3-x86_64-1.tgz: Added libXaw-1.0.3. X software series/libXcomposite-0.3.1-x86_64-1.tgz: Added libXcomposite-0.3.1. X software series/libXcursor-1.1.8-x86_64-1.tgz: Added libXcursor-1.1.8. X software series/libXdamage-1.1-x86_64-1.tgz: Added libXdamage-1.1. X software series/libXdmcp-1.0.2-x86_64-1.tgz: Added libXdmcp-1.0.2. X software series/libXevie-1.0.2-x86_64-1.tgz: Added libXevie-1.0.2. X software series/libXext-1.0.3-x86_64-1.tgz: Added libXext-1.0.3. X software series/libXfixes-4.0.3-x86_64-1.tgz: Added libXfixes-4.0.3. X software series/libXfont-1.2.7-x86_64-1.tgz: Added libXfont-1.2.7. X software series/libXfontcache-1.0.4-x86_64-1.tgz: Added libXfontcache-1.0.4. X software series/libXft-2.1.12-x86_64-1.tgz: Added libXft-2.1.12. X software series/libXi-1.1.0-x86_64-1.tgz: Added libXi-1.1.0. X software series/libXinerama-1.0.2-x86_64-1.tgz: Added libXinerama-1.0.2. X software series/libXmu-1.0.3-x86_64-1.tgz: Added libXmu-1.0.3. X software series/libXp-1.0.0-x86_64-1.tgz: Added libXp-1.0.0. X software series/libXpm-3.5.6-x86_64-1.tgz: Added libXpm-3.5.6. X software series/libXprintAppUtil-1.0.1-x86_64-1.tgz: Added libXprintAppUtil-1.0.1. X software series/libXprintUtil-1.0.1-x86_64-1.tgz: Added libXprintUtil-1.0.1. X software series/libXrandr-1.2.1-x86_64-1.tgz: Added libXrandr-1.2.1. X software series/libXrender-0.9.2-x86_64-1.tgz: Added libXrender-0.9.2. X software series/libXres-1.0.3-x86_64-1.tgz: Added libXres-1.0.3. X software series/libXt-1.0.5-x86_64-1.tgz: Added libXt-1.0.5. X software series/libXtst-1.0.1-x86_64-1.tgz: Added libXtst-1.0.1. X software series/libXv-1.0.3-x86_64-1.tgz: Added libXv-1.0.3. X software series/libXvMC-1.0.4-x86_64-1.tgz: Added libXvMC-1.0.4. X software series/libXxf86dga-1.0.1-x86_64-1.tgz: Added libXxf86dga-1.0.1. X software series/libXxf86misc-1.0.1-x86_64-1.tgz: Added libXxf86misc-1.0.1. X software series/libXxf86vm-1.0.1-x86_64-1.tgz: Added libXxf86vm-1.0.1. X software series/libdmx-1.0.2-x86_64-1.tgz: Added libdmx-1.0.2. X software series/libdrm-2.3.0-x86_64-1.tgz: Added libdrm-2.3.0. X software series/libfontenc-1.0.4-x86_64-1.tgz: Added libfontenc-1.0.4. X software series/liblbxutil-1.0.1-x86_64-1.tgz: Added liblbxutil-1.0.1. X software series/liboldX-1.0.1-x86_64-1.tgz: Added liboldX-1.0.1. X software series/libpthread-stubs-0.1-noarch-1.tgz: Added libpthread-stubs-0.1. X software series/libxcb-1.0-x86_64-1.tgz: Added libxcb-1.0. X software series/libxkbfile-1.0.4-x86_64-1.tgz: Added libxkbfile-1.0.4. X software series/libxkbui-1.0.2-x86_64-1.tgz: Added libxkbui-1.0.2. X software series/listres-1.0.1-x86_64-1.tgz: Added listres-1.0.1. X software series/lndir-1.0.1-x86_64-1.tgz: Added lndir-1.0.1. X software series/luit-1.0.2-x86_64-1.tgz: Added luit-1.0.2. X software series/makedepend-1.0.0-x86_64-1.tgz: Added makedepend-1.0.0. X software series/mesa-6.5.2-x86_64-1.tgz: Added mesa-6.5.2. X software series/mkcomposecache-1.2-x86_64-1.tgz: Added mkcomposecache-1.2. X software series/mkfontdir-1.0.2-noarch-1.tgz: Added mkfontdir-1.0.2. X software series/mkfontscale-1.0.3-x86_64-1.tgz: Added mkfontscale-1.0.3. X software series/oclock-1.0.1-x86_64-1.tgz: Added oclock-1.0.1. X software series/printproto-1.0.3-noarch-1.tgz: Added printproto-1.0.3. X software series/proxymngr-1.0.1-x86_64-1.tgz: Added proxymngr-1.0.1. X software series/randrproto-1.2.1-noarch-1.tgz: Added randrproto-1.2.1. X software series/recordproto-1.13.2-noarch-1.tgz: Added recordproto-1.13.2. X software series/rendercheck-1.2-x86_64-1.tgz: Added rendercheck-1.2. X software series/renderproto-0.9.2-noarch-1.tgz: Added renderproto-0.9.2. X software series/resourceproto-1.0.2-noarch-1.tgz: Added resourceproto-1.0.2. X software series/rgb-1.0.1-x86_64-1.tgz: Added rgb-1.0.1. X software series/rstart-1.0.2-x86_64-1.tgz: Added rstart-1.0.2. X software series/scripts-1.0.1-noarch-1.tgz: Added scripts-1.0.1. X software series/scrnsaverproto-1.1.0-noarch-1.tgz: Added scrnsaverproto-1.1.0. X software series/sessreg-1.0.2-x86_64-1.tgz: Added sessreg-1.0.2. X software series/setxkbmap-1.0.3-x86_64-1.tgz: Added setxkbmap-1.0.3. X software series/showfont-1.0.1-x86_64-1.tgz: Added showfont-1.0.1. X software series/smproxy-1.0.2-x86_64-1.tgz: Added smproxy-1.0.2. X software series/trapproto-3.4.3-noarch-1.tgz: Added trapproto-3.4.3. X software series/ttf-indic-fonts-0.4.7.1-noarch-2.tgz: Added ttf-indic-fonts-0.4.7.1-noarch-2.tgz. X software series/twm-1.0.3-x86_64-1.tgz: Added twm-1.0.3. X software series/util-macros-1.1.5-noarch-1.tgz: Added util-macros-1.1.5. X software series/videoproto-2.2.2-noarch-1.tgz: Added videoproto-2.2.2. X software series/viewres-1.0.1-x86_64-1.tgz: Added viewres-1.0.1. X software series/x11-skel-7.1-noarch-2.tgz: Added X11 setup scripts from pkgtools. X software series/x11perf-1.4.1-x86_64-1.tgz: Added x11perf-1.4.1. X software series/xauth-1.0.2-x86_64-1.tgz: Added xauth-1.0.2. X software series/xbiff-1.0.1-x86_64-1.tgz: Added xbiff-1.0.1. X software series/xbitmaps-1.0.1-noarch-1.tgz: Added xbitmaps-1.0.1. X software series/xcalc-1.0.1-x86_64-1.tgz: Added xcalc-1.0.1. X software series/xcb-proto-1.0-noarch-1.tgz: Added xcb-proto-1.0. X software series/xclipboard-1.0.1-x86_64-1.tgz: Added xclipboard-1.0.1. X software series/xclock-1.0.2-x86_64-1.tgz: Added xclock-1.0.2. X software series/xcmiscproto-1.1.2-noarch-1.tgz: Added xcmiscproto-1.1.2. X software series/xcmsdb-1.0.1-x86_64-1.tgz: Added xcmsdb-1.0.1. X software series/xconsole-1.0.2-x86_64-1.tgz: Added xconsole-1.0.2. X software series/xcursor-themes-1.0.1-noarch-1.tgz: Added xcursor-themes-1.0.1. X software series/xcursorgen-1.0.1-x86_64-1.tgz: Added xcursorgen-1.0.1. X software series/xdbedizzy-1.0.2-x86_64-1.tgz: Added xdbedizzy-1.0.2. X software series/xditview-1.0.1-x86_64-1.tgz: Added xditview-1.0.1. X software series/xdm-1.1.4-x86_64-1.tgz: Added xdm-1.1.4. X software series/xdpyinfo-1.0.1-x86_64-1.tgz: Added xdpyinfo-1.0.1. X software series/xdriinfo-1.0.1-x86_64-1.tgz: Added xdriinfo-1.0.1. X software series/xedit-1.0.2-x86_64-1.tgz: Added xedit-1.0.2. X software series/xev-1.0.2-x86_64-1.tgz: Added xev-1.0.2. X software series/xextproto-7.0.2-noarch-1.tgz: Added xextproto-7.0.2. X software series/xeyes-1.0.1-x86_64-1.tgz: Added xeyes-1.0.1. X software series/xf86-input-acecad-1.1.0-x86_64-1.tgz: Added xf86-input-acecad-1.1.0. X software series/xf86-input-aiptek-1.0.1-x86_64-1.tgz: Added xf86-input-aiptek-1.0.1. X software series/xf86-input-calcomp-1.1.0-x86_64-1.tgz: Added xf86-input-calcomp-1.1.0. X software series/xf86-input-digitaledge-1.1.0-x86_64-1.tgz: Added xf86-input-digitaledge-1.1.0. X software series/xf86-input-elographics-1.1.0-x86_64-1.tgz: Added xf86-input-elographics-1.1.0. X software series/xf86-input-evdev-1.1.5-x86_64-1.tgz: Added xf86-input-evdev-1.1.5. X software series/xf86-input-fpit-1.1.0-x86_64-1.tgz: Added xf86-input-fpit-1.1.0. X software series/xf86-input-hyperpen-1.1.0-x86_64-1.tgz: Added xf86-input-hyperpen-1.1.0. X software series/xf86-input-jamstudio-1.1.0-x86_64-1.tgz: Added xf86-input-jamstudio-1.1.0. X software series/xf86-input-joystick-1.1.1-x86_64-1.tgz: Added xf86-input-joystick-1.1.1. X software series/xf86-input-keyboard-1.1.1-x86_64-1.tgz: Added xf86-input-keyboard-1.1.1. X software series/xf86-input-magellan-1.1.0-x86_64-1.tgz: Added xf86-input-magellan-1.1.0. X software series/xf86-input-magictouch-1.0.0.5-x86_64-1.tgz: Added xf86-input-magictouch-1.0.0.5. X software series/xf86-input-mouse-1.2.1-x86_64-1.tgz: Added xf86-input-mouse-1.2.1. X software series/xf86-input-mutouch-1.1.0-x86_64-1.tgz: Added xf86-input-mutouch-1.1.0. X software series/xf86-input-palmax-1.1.0-x86_64-1.tgz: Added xf86-input-palmax-1.1.0. X software series/xf86-input-spaceorb-1.1.0-x86_64-1.tgz: Added xf86-input-spaceorb-1.1.0. X software series/xf86-input-summa-1.1.0-x86_64-1.tgz: Added xf86-input-summa-1.1.0. X software series/xf86-input-tek4957-1.1.0-x86_64-1.tgz: Added xf86-input-tek4957-1.1.0. X software series/xf86-input-ur98-1.1.0-x86_64-1.tgz: Added xf86-input-ur98-1.1.0. X software series/xf86-input-vmmouse-12.4.1-x86_64-1.tgz: Added xf86-input-vmmouse-12.4.1. X software series/xf86-input-void-1.1.0-x86_64-1.tgz: Added xf86-input-void-1.1.0. X software series/xf86-video-apm-1.1.1-x86_64-1.tgz: Added xf86-video-apm-1.1.1. X software series/xf86-video-ark-0.6.0-x86_64-1.tgz: Added xf86-video-ark-0.6.0. X software series/xf86-video-ast-0.81.0-x86_64-1.tgz: Added xf86-video-ast-0.81.0. X software series/xf86-video-ati-6.6.3-x86_64-1.tgz: Added xf86-video-ati-6.6.3. X software series/xf86-video-chips-1.1.1-x86_64-1.tgz: Added xf86-video-chips-1.1.1. X software series/xf86-video-cirrus-1.1.0-x86_64-1.tgz: Added xf86-video-cirrus-1.1.0. X software series/xf86-video-cyrix-1.1.0-x86_64-1.tgz: Added xf86-video-cyrix-1.1.0. X software series/xf86-video-dummy-0.2.0-x86_64-1.tgz: Added xf86-video-dummy-0.2.0. X software series/xf86-video-fbdev-0.3.1-x86_64-1.tgz: Added xf86-video-fbdev-0.3.1. X software series/xf86-video-glint-1.1.1-x86_64-1.tgz: Added xf86-video-glint-1.1.1. X software series/xf86-video-i128-1.2.1-x86_64-1.tgz: Added xf86-video-i128-1.2.1. X software series/xf86-video-i740-1.1.0-x86_64-1.tgz: Added xf86-video-i740-1.1.0. X software series/xf86-video-i810-1.7.4-x86_64-1.tgz: Added xf86-video-i810-1.7.4. X software series/xf86-video-imstt-1.1.0-x86_64-1.tgz: Added xf86-video-imstt-1.1.0. X software series/xf86-video-mga-1.4.6.1-x86_64-1.tgz: Added xf86-video-mga-1.4.6.1. X software series/xf86-video-neomagic-1.1.1-x86_64-1.tgz: Added xf86-video-neomagic-1.1.1. X software series/xf86-video-newport-0.2.1-x86_64-1.tgz: Added xf86-video-newport-0.2.1. X software series/xf86-video-nsc-2.8.2-x86_64-1.tgz: Added xf86-video-nsc-2.8.2. X software series/xf86-video-nv-1.99.1-x86_64-1.tgz: Added xf86-video-nv-1.99.1. X software series/xf86-video-rendition-4.1.3-x86_64-1.tgz: Added xf86-video-rendition-4.1.3. X software series/xf86-video-s3-0.5.0-x86_64-1.tgz: Added xf86-video-s3-0.5.0. X software series/xf86-video-s3virge-1.9.1-x86_64-1.tgz: Added xf86-video-s3virge-1.9.1. X software series/xf86-video-savage-2.1.2-x86_64-1.tgz: Added xf86-video-savage-2.1.2. X software series/xf86-video-siliconmotion-1.5.1-x86_64-1.tgz: Added xf86-video-siliconmotion-1.5.1. X software series/xf86-video-sis-0.9.3-x86_64-1.tgz: Added xf86-video-sis-0.9.3. X software series/xf86-video-sisusb-0.8.1-x86_64-1.tgz: Added xf86-video-sisusb-0.8.1. X software series/xf86-video-tdfx-1.3.0-x86_64-1.tgz: Added xf86-video-tdfx-1.3.0. X software series/xf86-video-tga-1.1.0-x86_64-1.tgz: Added xf86-video-tga-1.1.0. X software series/xf86-video-trident-1.2.3-x86_64-1.tgz: Added xf86-video-trident-1.2.3. X software series/xf86-video-tseng-1.1.1-x86_64-1.tgz: Added xf86-video-tseng-1.1.1. X software series/xf86-video-v4l-0.1.1-x86_64-1.tgz: Added xf86-video-v4l-0.1.1. X software series/xf86-video-vesa-1.3.0-x86_64-1.tgz: Added xf86-video-vesa-1.3.0. X software series/xf86-video-vga-4.1.0-x86_64-1.tgz: Added xf86-video-vga-4.1.0. X software series/xf86-video-via-0.2.2-x86_64-1.tgz: Added xf86-video-via-0.2.2. X software series/xf86-video-vmware-10.15.0-x86_64-1.tgz: Added xf86-video-vmware-10.15.0. X software series/xf86-video-voodoo-1.1.1-x86_64-1.tgz: Added xf86-video-voodoo-1.1.1. X software series/xf86bigfontproto-1.1.2-noarch-1.tgz: Added xf86bigfontproto-1.1.2. X software series/xf86dga-1.0.2-x86_64-1.tgz: Added xf86dga-1.0.2. X software series/xf86dgaproto-2.0.2-noarch-1.tgz: Added xf86dgaproto-2.0.2. X software series/xf86driproto-2.0.3-noarch-1.tgz: Added xf86driproto-2.0.3. X software series/xf86miscproto-0.9.2-noarch-1.tgz: Added xf86miscproto-0.9.2. X software series/xf86rushproto-1.1.2-noarch-1.tgz: Added xf86rushproto-1.1.2. X software series/xf86vidmodeproto-2.2.2-noarch-1.tgz: Added xf86vidmodeproto-2.2.2. X software series/xfd-1.0.1-x86_64-1.tgz: Added xfd-1.0.1. X software series/xfindproxy-1.0.1-x86_64-1.tgz: Added xfindproxy-1.0.1. X software series/xfontsel-1.0.2-x86_64-1.tgz: Added xfontsel-1.0.2. X software series/xfs-1.0.4-x86_64-1.tgz: Added xfs-1.0.4. X software series/xfsinfo-1.0.1-x86_64-1.tgz: Added xfsinfo-1.0.1. X software series/xfwp-1.0.1-x86_64-1.tgz: Added xfwp-1.0.1. X software series/xgamma-1.0.1-x86_64-1.tgz: Added xgamma-1.0.1. X software series/xgc-1.0.1-x86_64-1.tgz: Added xgc-1.0.1. X software series/xhost-1.0.1-x86_64-1.tgz: Added xhost-1.0.1. X software series/xineramaproto-1.1.2-noarch-1.tgz: Added xineramaproto-1.1.2. X software series/xinit-1.0.3-x86_64-1.tgz: Added xinit-1.0.3. X software series/xkbcomp-1.0.3-x86_64-1.tgz: Added xkbcomp-1.0.3. X software series/xkbevd-1.0.2-x86_64-1.tgz: Added xkbevd-1.0.2. X software series/xkbprint-1.0.1-x86_64-1.tgz: Added xkbprint-1.0.1. X software series/xkbutils-1.0.1-x86_64-1.tgz: Added xkbutils-1.0.1. X software series/xkeyboard-config-0.9-noarch-1.tgz: Added xkeyboard-config-0.9. X software series/xkill-1.0.1-x86_64-1.tgz: Added xkill-1.0.1. X software series/xload-1.0.1-x86_64-1.tgz: Added xload-1.0.1. X software series/xlogo-1.0.1-x86_64-1.tgz: Added xlogo-1.0.1. X software series/xlsatoms-1.0.1-x86_64-1.tgz: Added xlsatoms-1.0.1. X software series/xlsclients-1.0.1-x86_64-1.tgz: Added xlsclients-1.0.1. X software series/xlsfonts-1.0.2-x86_64-1.tgz: Added xlsfonts-1.0.2. X software series/xmag-1.0.1-x86_64-1.tgz: Added xmag-1.0.1. X software series/xman-1.0.2-x86_64-1.tgz: Added xman-1.0.2. X software series/xmessage-1.0.1-x86_64-1.tgz: Added xmessage-1.0.1. X software series/xmh-1.0.1-x86_64-1.tgz: Added xmh-1.0.1. X software series/xmodmap-1.0.2-x86_64-1.tgz: Added xmodmap-1.0.2. X software series/xmore-1.0.1-x86_64-1.tgz: Added xmore-1.0.1. X software series/xorg-cf-files-1.0.2-noarch-1.tgz: Added xorg-cf-files-1.0.2. X software series/xorg-docs-1.4-noarch-1.tgz: Added xorg-docs-1.4. X software series/xorg-server-1.2.99.901-x86_64-1.tgz: Added xorg-server-1.2.99.901. X software series/xorg-server-xdmx-1.2.99.901-x86_64-1.tgz: Added xorg-server-xdmx-1.2.99.901. X software series/xorg-server-xnest-1.2.99.901-x86_64-1.tgz: Added xorg-server-xnest-1.2.99.901. X software series/xorg-server-xvfb-1.2.99.901-x86_64-1.tgz: Added xorg-server-xvfb-1.2.99.901. X software series/xorg-sgml-doctools-1.2-noarch-1.tgz: Added xorg-sgml-doctools-1.2. X software series/xphelloworld-1.0.1-x86_64-1.tgz: Added xphelloworld-1.0.1. X software series/xplsprinters-1.0.1-x86_64-1.tgz: Added xplsprinters-1.0.1. X software series/xpr-1.0.2-x86_64-1.tgz: Added xpr-1.0.2. X software series/xprehashprinterlist-1.0.1-x86_64-1.tgz: Added xprehashprinterlist-1.0.1. X software series/xprop-1.0.2-x86_64-1.tgz: Added xprop-1.0.2. X software series/xproto-7.0.10-noarch-1.tgz: Added xproto-7.0.10. X software series/xproxymanagementprotocol-1.0.2-noarch-1.tgz: Added xproxymanagementprotocol-1.0.2. X software series/xrandr-1.2.0-x86_64-1.tgz: Added xrandr-1.2.0. X software series/xrdb-1.0.3-x86_64-1.tgz: Added xrdb-1.0.3. X software series/xrefresh-1.0.2-x86_64-1.tgz: Added xrefresh-1.0.2. X software series/xrx-1.0.1-x86_64-1.tgz: Added xrx-1.0.1. X software series/xset-1.0.2-x86_64-1.tgz: Added xset-1.0.2. X software series/xsetmode-1.0.0-x86_64-1.tgz: Added xsetmode-1.0.0. X software series/xsetpointer-1.0.1-x86_64-1.tgz: Added xsetpointer-1.0.1. X software series/xsetroot-1.0.1-x86_64-1.tgz: Added xsetroot-1.0.1. X software series/xsm-1.0.1-x86_64-1.tgz: Added xsm-1.0.1. X software series/xstdcmap-1.0.1-x86_64-1.tgz: Added xstdcmap-1.0.1. X software series/xterm-224-x86_64-1.tgz: Added xterm-224. X software series/xtrans-1.0.3-noarch-1.tgz: Added xtrans-1.0.3. X software series/xtrap-1.0.2-x86_64-1.tgz: Added xtrap-1.0.2. X software series/xvidtune-1.0.1-x86_64-1.tgz: Added xvidtune-1.0.1. X software series/xvinfo-1.0.1-x86_64-1.tgz: Added xvinfo-1.0.1. X software series/xwd-1.0.1-x86_64-1.tgz: Added xwd-1.0.1. X software series/xwininfo-1.0.2-x86_64-1.tgz: Added xwininfo-1.0.2. X software series/xwud-1.0.1-x86_64-1.tgz: Added xwud-1.0.1. XAP software series/gaim-2.0.0beta6-x86_64-1.tgz: Upgraded to gaim-2.0.0beta6. XAP software series//vim-gvim-7.0.195-x86_64-1.tgz: Upgraded to vim-7.0.195 for X11/GTK+. XAP software series/xchat-2.8.0-x86_64-1.tgz: Upgraded to xchat-2.8.0. EXTRA software/blackbox-0.70.1/blackbox-0.70.1-x86_64-3.tgz: Recompiled, changed --prefix to /usr. EXTRA software/linux-wlan-ng/linux-wlan-ng-0.2.7_2.6.18.8-x86_64-1.tgz: Added linux-wlan-ng-0.2.7 compiled for Linux 2.6.18.8. EXTRA software/mpg123/mpg123-0.65-x86_64-1.tgz: Upgraded to mpg123-0.65. EXTRA software/ntfsprogs/ntfsprogs-1.13.1-x86_64-1.tgz: Added ntfsprogs-1.13.1. EXTRA software/parted/parted-1.8.2-x86_64-1.tgz: Upgraded to parted-1.8.2. +--------------------------+ Thu Mar 22 15:19:23 EET 2007 Removed temporary packages used to bootstrap and test modular X. X software series/x11-app-i20070206-x86_64-1.tgz: Removed. X software series/x11-data-i20070201-x86_64-1.tgz: Removed. X software series/x11-doc-i20070201-x86_64-1.tgz: Removed. X software series/x11-driver-i20070201-x86_64-1.tgz: Removed. X software series/x11-font-i20070201-x86_64-1.tgz: Removed. X software series/x11-lib-i20070201-x86_64-1.tgz: Removed. X software series/x11-proto-i20070201-x86_64-1.tgz: Removed. X software series/x11-util-i20070201-x86_64-1.tgz: Removed. X software series/x11-xdmx-1.2.0-x86_64-1.tgz: Removed. X software series/x11-xnest-1.2.0-x86_64-1.tgz: Removed. X software series/x11-xorg-server-1.2.0-x86_64-1.tgz: Removed. X software series/x11-xvfb-1.2.0-x86_64-1.tgz: Removed. +--------------------------+ Thu Mar 22 14:14:16 EET 2007 A software series/aaa_base-11.1.0-noarch-1.tgz: Delete a bunch of obsolete X11/X11R6 paths. A software series/lilo-22.7.3-x86_64-1.tgz: Upgraded to lilo-22.7.3. AP software series/mtx-1.3.9-x86_64-1.tgz: Added mtx-1.3.9. AP software series/mysql-5.0.33-x86_64-1.tgz: Upgraded to mysql-5.0.33. D software series/perl-5.8.8-x86_64-7.tgz: Recompiled with thread support. Upgraded to DBD-mysql-4.001 and DBI-1.53. F software series/linux-howtos-20070211-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070211. N software series/lftp-3.5.9-x86_64-1.tgz: Upgraded to lftp-3.5.9. N software series/links-2.1pre26-x86_64-1.tgz: Upgraded to links-2.1pre26. N software series/sync-2.6.9-x86_64-1.tgz: Upgraded to rsync-2.6.9. N software series/wpa_supplicant-0.5.7-x86_64-1.tgz: Added wpa_supplicant-0.5.7. X software series/x11-xdmx-1.2.0-x86_64-1.tgz: Split from x11-xorg-server. X software series/x11-xnest-1.2.0-x86_64-1.tgz: Split from x11-xorg-server. X software series/x11-xvfb-1.2.0-x86_64-1.tgz: Split from x11-xorg-server. X software series/xterm-224-x86_64-1.tgz: Added xterm-224. +--------------------------+ Thu Mar 22 03:49:06 EET 2007 A software series/sysvinit-2.86-x86_64-1.tgz: Upgraded to sysvinit-2.86. Split the actual init scripts into a new package to avoid needlessly compiling sysvinit over and over again. A software series/sysvinit-scripts-1.0-noarch-1.tgz: Added a new package containing the system startup scripts. In rc.4, check for kdm in both /opt/kde/bin and /usr/bin. AP software series/nano-2.0.3-x86_64-1.tgz: Added nano-2.0.3. D software series/autoconf-2.61-noarch-1.tgz: Upgraded to autoconf-2.61. D software series/bison-2.3-x86_64-1.tgz: Upgraded to bison-2.3. D software series/byacc-1.9-x86_64-1.tgz: Removed. D software series/clisp-2.41a-x86_64-1.tgz: Upgraded to clisp-2.41a. D software series/cmake-2.4.6-x86_64-1.tgz: Added cmake-2.4.6. D software series/doxygen-1.5.1-x86_64-1.tgz: Upgraded to doxygen-1.5.1. D software series/flex-2.5.33-x86_64-2.tgz: Upgraded to flex-2.5.33. D software series/git-1.4.4.4-x86_64-1.tgz: Upgraded to git-1.4.4.4. D software series/mercurial-0.9.3-x86_64-1.tgz: Upgraded to mercurial-0.9.3. D software series/pkg-config-0.21-x86_64-5.tgz: Recompiled, and renamed the package from "pkgconfig", which is the correct upstream name. D software series/pmake-1.111-x86_64-1.tgz: Swiched to pmake-1.111, which seems to be a more popular version. Fixed perms on /usr/share/mk. Fixed perms on /usr/share/mk. D software series/python-2.5-x86_64-1.tgz: Upgraded to Python-2.5. D software series/ruby-1.8.5_p12-x86_64-1.tgz: Upgraded to ruby-1.8.5-p12. D software series/subversion-1.4.3-x86_64-1.tgz: Upgraded to subversion-1.4.3. L software series/glut-3.7-x86_64-2.tgz: Removed since MesaGLUT is now bundled with Mesa package. L software series/lesstif-0.95.0-x86_64-4.tgz: Recompiled, changing install prefix to /usr. L software series/libmtp-0.1.3-x86_64-2.tgz: Recompiled. L software series/libnjb-2.2.5-x86_64-3.tgz: Recompiled. L software series/neon-0.25.5-x86_64-4.tgz: Recompiled. L software series/samba-3.0.24-x86_64-2.tgz: Recompiled. XAP software series/blackbox-0.65.0-x86_64-1.tgz: Added blackbox-0.65.0. XAP software series/fluxbox-1.0rc2-x86_64-2.tgz: Recompiled to change --prefix from /usr/X11R6 (which is now deprecated) to /usr. XAP software series/rxvt-2.7.10-x86_64-2.tgz: Recompiled, changing install prefix to /usr. XAP software series/xlockmore-5.23-x86_64-1.tgz: Upgraded to xlockmore-5.23, changed --prefix to /usr. XAP software series/xv-3.10a-x86_64-2.tgz: Recompiled, changing install prefix to /usr. EXTRA software/bittornado/bittornado-0.3.18-noarch-1.tgz: Upgraded to bittornado-0.3.18, built against Python-2.5. EXTRA software/bittorrent/bittorrent-4.4.0-noarch-2.tgz: Rebuilt against Python-2.5. +--------------------------+ Wed Mar 21 21:24:09 EET 2007 X software series/dejavu-ttf-2.14-noarch-1.tgz: Upgraded to dejavu-2.14. X software series/libdrm-2.3.0-x86_64-1.tgz: Added Direct Rendering library. X software series/mesa-6.5.2-86_64-1.tgz: Added Mesa 3-D library. X software series/dejavu-ttf-2.14-noarch-1.tgz: Upgraded to dejavu-2.14. X software series/fontconfig-2.4.2-x86_64-1.tgz: Adjusted font path in /etc/fonts/fonts.conf. X software seriesx/libdrm-2.3.0-x86_64-1.tgz: Added Direct Rendering library. X software series/mesa-6.5.2-x86_64-1.tgz: Added Mesa 3-D library. X software series/ttf-indic-fonts-0.4.7.1-noarch-2.tgz: Rebuilt to put in new fonts directory. X software series/x11-app-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-data-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-doc-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-driver-i20070201-x86_64-1.tgz: New package based on recent modular code. Several of the input drivers do not compile any more (such as various tablets, touchscreens, etc). Hopefully this code will be fixed before the X.Org 7.2 release... X software series/x11-font-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-lib-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-proto-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-util-i20070201-x86_64-1.tgz: New package based on recent modular code. X software series/x11-xorg-server-1.2.0-x86_64-1.tgz: New package based on recent modular code. +--------------------------+ Wed Mar 20 18:03:56 EET 2007 L software series/atk-1.12.4-x86_64-1.tgz: Upgraded to atk-1.12.4. L software series/cairo-1.2.6-x86_64-2.tgz: Upgraded to cairo-1.2.6. L software series/db44-4.4.20-x86_64-2.tgz: Recompiled. L software series/expat-2.0.0-x86_64-1.tgz: Upgraded to expat-2.0.0. L software series/freetype-2.1.9-x86_64-4.tgz: Recompiled. L software series/glib2-2.12.9-x86_64-1.tgz: Upgraded to glib2-2.12.9. L software series/gmp-4.2.1-x86_64-5.tgz: Recompiled. L software series/gtk+2-2.10.9-x86_64-1.tgz: Upgraded to gtk+2-2.10.9. L software series/libgpod-0.4.2-x86_64-2.tgz: Recompiled. L software series/libungif-4.1.4-x86_64-4.tgz: Recompiled. L software series/libxml2-2.6.27-x86_64-1.tgz: Upgraded to libxml2-2.6.27 L software series/libxslt-1.1.20-x86_64-1.tgz: Upgraded to libxslt-1.1.20. L software series/mm-1.4.2-x86_64-2.tgz: Recompiled. L software series/pango-1.15.6-x86_64-1.tgz: Upgraded to pango-1.15.6. L software series/pcre-7.0-x86_64-1.tgz: Upgraded to pcre-7.0. L software series/svgalib-1.9.25_2.6.18.6-x86_64-1.tgz: Added svgalib-1.9.25. (with svgalib_helper kernel module for Linux 2.6.18.6) N software series/fetchmail-6.3.6-x86_64-2.tgz: Recompiled. N software series/lynx-2.8.6rel.4-x86_64-1.tgz: Upgraded to lynx-2.8.6rel.4. X software series/dejavu-ttf-2.14-noarch-1.tgz: Upgraded to dejavu-ttf-2.14. X software series/fontconfig-2.4.2-x86_64-1.tgz: Upgraded to fontconfig-2.4.2. XAP software series/xscreensaver-5.01-x86_64-1.tgz: Upgraded to xscreensaver-5.01. +--------------------------+ Tue Mar 20 04:40:48 EET 2007 A software series/aaa_terminfo-5.6-noarch-1.tgz: A subset of the terminfo database from ncurses-5.6, formerly bundled with the pkgtools package. A software series/bin-11.1-x86_64-1.tgz: Split out most of the utilities from this package. This package only contains a few loose odds and ends now, but various system scripts still need them. A software series/coreutils-6.7-x86_64-1.tgz: Upgraded to coreutils-6.7. Colorize .ram files. Use absolute path to /bin/dircolors in eval statements for /etc/profile.d/ scripts. A software series/dialog-1.0_20060221-86_64-1.tgz: Upgraded to dialog-1.0-20060221. This was formerly bundled with the pkgtools package. A software series/dosfstools-2.11-x86_64-1.tgz: Upgraded to dosfstools-2.11, split from the bin package. A software series/dcron-2.3.3-x86_64-6.tgz: Bundle the run-parts script needed by crond. A software series/ed-0.5-x86_64-1.tgz: Upgraded to ed-0.5, split from the bin package. A software series/eject-2.1.5-x86_64-1.tgz: Split eject from the bin package. A software series/file-4.19-x86_64-1.tgz: Split file from the bin package. A software series/lha-114i-x86_64-1.tgz: Split lha from the bin package. A software series/ncompress-4.2.4-x86_64-1.tgz: Split ncompress from the bin package. A software series/patch-2.5.4-x86_64-1.tgz: Split patch from the bin package. A software series/pkgtools-11.0.9-noarch-1.tgz: Removed dialog, terminfo subset, and extra copy of ipmask.c. Added rc.hplip to the setup.services menu. Moved X related files into x11-skel. A software series/rpm2tgz-1.0-x86_64-1.tgz: Split rpm2tgz from the bin package. A software series/splitvt-1.6.5-x86_64-1.tgz: Split splitvt from the bin package. A software series/time-1.7-x86_64-1.tgz: Split time from the bin package. A software series/tree-1.5.0-x86_64-1.tgz: Split tree from the bin package. A software series/unarj-265-x86_64-1.tgz: Split unarj from the bin package A software series/usbutils-0.72-x86_64-3.tgz: Recompiled, added update-usbids. A software series/which-2.16-x86_64-1.tgz: Split which from the bin package. A software series/zoo-2.10-x86_64-1.tgz: Split zoo from the bin package. D software series/m4-1.4.8-x86_64-1.tgz: Upgraded to m4-1.4.8. L software series/jre-6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0. N software series/bind-9.3.4-x86_64-2.tgz: Recompiled. N software series/iptraf-3.0.0-x86_64-1.tgz: Upgraded to iptraf-3.0.0. N software series/dhcp-3.0.5-x86_64-1.tgz: Upgraded to dhcp-3.0.5. EXTRA software/jdk-6/jdk-6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0. +--------------------------+ Mon Mar 19 16:55:54 EET 2007 A software series/acl-2.2.39_1-x86_64-3.tgz: Recompiled. A software series/apmd-3.2.2-x86_64-1.tgz: Upgraded to apmd-3.2.2. A software series/attr-2.4.32_1-86_64-3.tgz: Recompiled A software series/bash-3.2.009-x86_64-1.tgz: Upgraded to bash-3.2.009. A software series/bzip2-1.0.4-x86_64-1.tgz: Upgraded to bzip2-1.0.4. A software series/cups-1.2.8-x86_64-1.tgz: Upgraded to cups-1.2.8. A software series/cxxlibs-6.0.8-x86_64-1.tgz: Added cxxlibs-6.0.8 and libstdc++.so.6.0.8 from gcc-4.1.2. A software series/e2fsprogs-1.39-x86_64-1.tgz: Upgraded to e2fsprogs-1.39. A software series/gettext-0.16.1-x86_64-1.tgz: Upgraded to gettext-0.16.1. A software series/hotplug-2004_09_23-noarch-5.tgz: Removed. A software series/pcmcia-cs-3.2.8-x86_64-3.tgz: Removed. A software series/procps-3.2.7-x86_64-2.tgz: Upgraded to psmisc-22.3 A software series/utempter-1.1.4-x86_64-1.tgz: Upgraded to utempter-1.1.4. D software series/gettext-tools-0.16.1-x86_64-1.tgz: Upgraded to gettext-0.16.1. A software series/glibc-solibs-2.5-x86_64-1.tgz: Upgraded to glibc-2.5. Note that you must be running a 2.6+ kernel BEFORE upgrading to the glibc-2.5 packages in -current! A software series/glibc-zoneinfo-2.5-noarch-1.tgz: Upgraded to glibc-2.5, plus the (tzcode2007b and tzdata2007b) timezone packages. A software series/gpm-1.20.1-x86_64-4.tgz: Recompiled. A software series/openssl-solibs-0.9.8d-x86_64-4.tgz: Recompiled. A software series/pciutils-2.2.4-x86_64-1.tgz: Upgraded to pciutils-2.2.4 A software series/sysfsutils-2.1.0-x86_64-1.tgz: Upgraded to sysfsutils-2.1.0. A software series/tar-1.16.1-x86_64-1.tgz: Upgraded to tar-1.16.1. A software series/xfsprogs-2.8.16_1-x86_64-1.tgz: Upgraded to xfsprogs-2.8.16-1. AP software series/linuxdoc-tools-0.9.21-x86_64-3.tgz: Upgraded to OpenSP-1.5.2, rebuilt. AP software series/dmapi-2.2.5_1-86_64-3.tgz: Recompiled. D software series/binutils-2.17.50.0.12-x86_64-1.tgz: Upgraded to binutils-2.17.50.0.12. L software series/glibc-2.5-x86_64-1.tgz: Upgraded to glibc-2.5. L software series/glibc-i18n-2.5-noarch-1.tgz: Upgraded to glibc-2.5. L software series/glibc-profile-2.5-x86_64-1.tgz: Upgraded to glibc-2.5. L software series/libjpeg-6b-x86_64-5.tgz: Recompiled. L software series/libpng-1.2.16-x86_64-1.tgz: Upgraded to libpng-1.2.14. D software series/gcc-4.1.2-x86_64-1.tgz: Upgraded to gcc-4.1.2. D software series/gcc-g++-4.1.2-x86_64-1.tgz: Upgraded to gcc-4.1.2. D software series/gcc-gfortran-4.1.2-x86_64-1.tgz: Upgraded to gcc-4.1.2. This replaces the gcc-g77 package. D software series/gdb-6.6-x86_64-1.tgz: Upgraded to gdb-6.6. D software series/gcc-gnat-4.1.2-x86_64-1.tgz: Upgraded to gcc-4.1.2. D software series/gcc-java-4.1.2-x86_64.tgz: Upgraded to gcc-4.1.2. D software series/gcc-objc-4.1.2-x86_64.tgz: Upgraded to gcc-4.1.2. D software series/oprofile-0.9.2-x86_64-1.tgz: Upgraded to oprofile-0.9.2. L software series/ncurses-5.6-x86_64-2.tgz: Upgraded to ncurses-5.6. L software series/readline-5.2-x86_64-1.tgz: Upgraded to readline-5.2. L software series/libtermcap-1.2.3-x86_64-3.tgz: Recompiled. L software series/libtiff-3.8.2-x86_64-4.tgz: Recompiled. L software series/zlib-1.2.3-x86_64-3.tgz: Recompiled. N software series/openssl-0.9.8d-x86_64-4.tgz: Recompiled. A software series/iptables-1.3.7-x86_64-1.tgz: Upgraded to iptables-1.3.7. D software series/kernel-headers-2.6.18.8_smp-x86_64-1.tgz: Upgraded to Linux 2.6.18.8 SMP kernel headers. K software series/kernel-source-2.6.18.8_smp-noarch-1.tgz Upgraded to Linux 2.6.18.8 SMP kernel source. A software series/kernel-generic-2.6.18.8_smp-x86_64-1.tgz: Upgraded to Linux 2.6.18.8 SMP generic.s (requires initrd) kernel. A software series/kernel-huge-2.6.18.8_smp-x86_64-1.tgz: Upgraded to Linux 2.6.18.8 SMP huge.s (full-featured) kernel. A 2.6.18.6 Linux kernel with all of the commonly required options compiled in. A software series/kernel-modules-2.6.18.8_smp-x86_64-1.tgz Upgraded to Linux 2.6.18.8 SMP kernel modules. kernels/generic.s/*: Upgraded generic.s kernel to 2.6.18.8. kernels/huge.s/*: Added huge.s kernel 2.6.18.8. +--------------------------+ Sat Mar 10 02:38:05 EET 2007 N software series/gnupg-1.4.7-x86_64-1.tgz: Upgraded to gnupg-1.4.7. This fixes a security problem that can occur when GnuPG is used incorrectly. Newer versions attempt to prevent such misuse. For more information, see: http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html [*** Security fix ***] X software series/x11-6.9.0-x86_64-10.tgz: Patched. This update fixes overflows in the dbe and render extensions. This could possibly be exploited to overwrite parts of memory, possibly allowing malicious code to execute, or (more likely) causing X to crash. For information about some of the security fixes, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 [*** Security fix ***] XAP software series/mozilla-firefox-1.5.0.10-x86_64-1.tgz: Upgraded to firefox-1.5.0.10. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/mozilla-thunderbird-1.5.0.10-x86_64-1.tgz: Upgraded to thunderbird-1.5.0.10. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP softwares series/seamonkey-1.0.8-x86_64-1.tgz: Upgraded to seamonkey-1.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/imagemagick-6.3.3_0-x86_64-1.tgz: Upgraded to imagemagick-6.3.3-0. The original fix for PALM image handling has been corrected. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 [*** Security fix ***] EXTRA software/mozilla-firefox-2.0.0.2/mozilla-firefox-2.0.0.2-x86_64-1.tgz: Upgraded to firefox-2.0.0.2. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Mon Feb 26 10:47:20 EET 2007 N software series/php-4.4.5-x86_64-1.tgz: Upgraded to php-4.4.5 which improves stability and security. For complete details, see http://www.php.net. For imformation about some of the security fixes, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 [*** Security fix ***] EXTRA software/php5/php-5.2.1-x86_64-1.tgz: Upgraded to php-5.2.1 which improves stability and security. For imformation about some of the security fixes, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 [*** Security fix ***] KDE software series/amarok-1.4.5-x86_64-1.tgz: Upgraded to amarok-1.4.5, which fixes the last.fm stream breakage after the last upgrade to xine-lib. L software series/libgpod-0.4.2-x86_64-1: Upgraded to libgpod-0.4.2. This is needed for the amarok package. L software series/libmtp-0.1.3-x86_64-1: Upgraded to libmtp-0.1.3. This is needed for the amarok package. XAP software series/xine-lib-1.1.3-x86_64-1.tgz: Upgraded to xine-lib-1.1.3. TCL software series/tk-8.4.13-x86_64-3.tgz: Recompiled to make sure that there is no more lib64. TCL software series/expect-5.43-x86_64-3.tgz: Recompiled to make sure that there is no more lib64. XAP software series/imagemagick-6.2.8_8-x86_64-5.tgz: Patched and recompiled to make sure that there is no more lib64. A software seriesglibc-solibs-2.3.6-x86_64-7.tgz: Fixed ld-linux-x86-64.so.2 symlinks in doinst.sh. Thanks to Fluke for reporting this. L software series/glibc-2.3.6-x86_64-7.tgz: Fixed ld-linux-x86-64.so.2 symlinks in doinst.sh. Thanks to Fluke for reporting this. L software series/libtunepimp-0.4.2-x86_64-4.tgz: Recompiled to make sure that there is no more lib64. KDE software series/qt-3.3.7-x86_64-2.tgz: Recompiled to make sure that there is no more lib64. KDE software series/qca-tls-1.0-x86_64-3.tgz: Recompiled to make sure that there is no more lib64. KDE software series/qca-1.0-x86_64-2.tgz: Recompiled to make sure that there is no more lib64. +--------------------------+ Thu Feb 8 12:10:53 EET 2007 TESTING/packages/hplip-1.6.9-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. TESTING/packages/gutenprint-5.0.0-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. TESTING/packages/cups-1.2.4/cups-1.2.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. TESTING/packages/cairo-1.2.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/samba-3.0.24-x86_64-1.tgz: Upgraded to samba-3.0.24. From the WHATSNEW.txt file: "Important issues addressed in 3.0.24 include: Fixes for the following security advisories: - CVE-2007-0452 (Potential Denial of Service bug in smbd) - CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind NSS library on Solaris) - CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)" Samba is vulnerable to the first issue, which can cause smbd to enter into an infinite loop, disrupting Samba services. Bluewhite64 is not vulnerable to the second issue, and does not ship the afsacl.so VFS plugin (but it's something to be aware of if you build Samba with custom options). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454 [*** Security fix ***] +--------------------------+ Sat Jan 27 11:59:42 EET 2007 N software series/bind-9.3.4-x86_64-1.tgz: Upgraded to bind-9.3.4. This update fixes two denial of service vulnerabilities where an attacker could crash the name server with specially crafted malformed data. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494 [*** Security fix ***] N software series/fetchmail-6.3.6-x86_64-1.tgz: Upgraded to fetchmail-6.3.6. This fixes two security issues. First, a bug introduced in fetchmail-6.3.5 could cause fetchmail to crash. Second, a long standing bug (reported by Isaac Wilcox) could cause fetchmail to send a password in clear text or omit using TLS even when configured otherwise. All fetchmail users are encouraged to consider using getmail, or to upgrade to the new fetchmail packages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867 [*** Security fix ***] +--------------------------+ Fri Dec 29 00:11:59 EET 2006 EXTRA software/mozilla-firefox-2.0.0.1-x86_64-1.tgz: Added Mozilla Firefox 2.0.0.1 EXTRA software/btmgr-3.7/btmgr-3.7_1-x86_64-1.tgz: Added btmgr-3.7. XAP software series/mozilla-firefox-1.5.0.9-x86_64-1.tgz: Upgraded to firefox-1.5.0.9. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/mozilla-thunderbird-1.5.0.9-x86_64-1.tgz: Upgraded to thunderbird-1.5.0.9. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/seamonkey-1.0.7-x86_64-1.tgz: Upgraded to seamonkey-1.0.7. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/xine-lib-1.1.2-x86_64-4.tgz: Patched to fix possible security problems such as a heap overflow in libmms and a buffer overflow in the Real Media input plugin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 [*** Security fix ***] N software series/tcpip-0.17-x86_64-6.tgz: Recompiled vlan for the x86_64 architecture, it was compiled for i386. Thanks to Dragos Mihai for reporting this. +--------------------------+ Thu Dec 7 10:30:04 EET 2006 N software series/gnupg-1.4.6-x86_64-1.tgz: Upgraded to gnupg-1.4.6. This release fixes a severe and exploitable bug in earlier versions of gnupg. All gnupg users should update to the new packages as soon as possible. For details, see the information concerning CVE-2006-6235 posted on lists.gnupg.org: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235 This update also addresses a more minor security issue possibly exploitable when GnuPG is used in interactive mode. For more information about that issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169 [*** Security fix ***] +--------------------------+ Sat Dec 2 15:39:23 EET 2006 L software series/libpng-1.2.14-x86_64-1.tgz: Upgraded to libpng-1.2.14. This fixes a bug where a specially crafted PNG file could crash applications that use libpng. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 [*** Security fix ***] N software series/proftpd-1.3.0a-x86_64-1.tgz: Upgraded to proftpd-1.3.0a plus an additional security patch. Several security issues were found in proftpd that could lead to the execution of arbitrary code by a remote attacker, including one in mod_tls that does not require the attacker to be authenticated first. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 [*** Security fix ***] A software series/tar-1.16-x86_64-1.tgz: Upgraded to tar-1.16. This fixes an issue where files may be extracted outside of the current directory, possibly allowing a malicious tar archive, when extracted, to overwrite any of the user's files (in the case of root, any file on the system). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 [*** Security fix ***] +--------------------------+ Mon Nov 27 10:25:43 EET 2006 EXTRA software/11-radeon-patched/x11-radeon-patched-6.9.0-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. EXTRA software/xcdroast/xcdroast-0.98alpha15-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. EXTRA software/slacktrack/slacktrack-1.29-x86_64-2.tgz: Moved installwatch.so to /usr/lib. EXTRA software/parted/parted-1.7.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. EXTRA software/jdk-5.0_09/jdk-1_5_0_09-x86_64-2.tgz: Repackaged and fixed java plugin directory. EXTRA software/brltty/brltty-3.7.2-x86_64-2.tgz: Recompiled without --libdir=/lib64. EXTRA software/blackbox/blackbox-0.70.1-x86_64-2.tgz: Removed lib64 from xinitrc.blackbox. A software series/aaa_base-11.0-noarch-6.tgz: Added symlink /usr/lib64 -> /usr/lib isolinux/initrd.img: Reverted to busybox-0.60.5. Also, updated all binaries and libraries. A software series/aaa_elflibs-11.0.0-x86_64-10.tgz: Updated all libs with the new one from /lib and /usr/lib. N software series/autofs-3.1.7-x86_64-2.tgz: Fixed missing shared libraries. Thanks to Kenjiro Tanaka for reporting this and testing the new package. L software series/gdk-pixbuf-0.22.0-x86_64-4.tgz: Added missing /usr/bin/gdk-pixbuf-config. XAP software series/gaim-1.5.0-x86_64-4.tgz: Recompied and fixed build script to install perl modules to /usr/lib/perl5/5.8.8/x86_64-linux. XAP software series/mozilla-firefox-1.5.0.8-x86_64-1.tgz: Upgraded to firefox-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/mozilla-thunderbird-1.5.0.8-x86_64-1.tgz: Upgraded to thunderbird-1.5.0.8. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/seamonkey-1.0.6-x86_64-1.tgz: Upgraded to seamonkey-1.0.6. This upgrade fixes several possible security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +-----------------------------+ Tue Nov 14 01:22:06 EET 2006 At this stage, the all libraries from /lib64 and /usr/lib64 sould be in the new locations at /lib and /usr/lib. I have only the KDE software series to recompile against the new qt and the new libraries from /usr/lib. Test all this and send bugreports ;). KDE software series/qt-3.3.7-x86_64-1.tgz: Upgraded to qt-3.3.7. XAP software series/xfce-4.2.3.2-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib XAP software series/imagemagick-6.2.8_8-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib XAP software series/gucharmap-1.4.1-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib XAP software series/gimp-2.2.13-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. +-----------------------------+ Mon Nov 13 02:28:29 EET 2006 A software series/aaa_base-11.0-noarch-5.tgz: Added symlink /lib64->/lib. Upgrade this manually after all packages are upgraded. A software series/glibc-solibs-2.3.6-x86_64-6.tgz: Recompiled without --libdir=/usr/lib64. This should be upgraded manually after all below packages are upgraded but not after the aaa_base. A software series/tar-1.15.1-x86_64-3.tgz: Recompiled with -fPIC. A software series/sed-4.1.5-x86_64-2.tgz: Recompiled with -fPIC. A software series/grep-2.5-x86_64-3.tgz: Recompiled with -fPIC. A software series/bin-11.0-x86_64-5.tgz: Recompiled with -fPIC. A software series/gettext-0.15-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. A software series/coreutils-5.97-x86_64-2.tgz: Recompiled to link against /lib/ld-linux-x86-64.so.2. L software series/gtk+2-2.8.20-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libxml2-2.6.26-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libtunepimp-0.4.2-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/startup-notification-0.8-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/sdl-1.2.11-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/pcre-6.7-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/neon-0.25.5-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libwpd-0.8.6-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libwmf-0.2.8.4-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libusb-0.1.12-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/taglib-1.4-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libtiff-3.8.2-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libtheora-1.0alpha7-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/librsvg-2.14.4-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libnjb-2.2.5-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libmusicbrainz-2.1.4-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libmtp-0.0.18-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libgtkhtml-2.6.3-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libgsf-1.14.1-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libgpod-0.4.0-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libglade-2.5.1-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/libao-0.8.6-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/lesstif-0.95.0-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/gpgme-1.0.3-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/gmp-4.2.1-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/gdk-pixbuf-0.22.0-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/db44-4.4.20-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/atk-1.10.3-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/apr-util-1.2.7-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/perl-5.8.8-x86_64-6.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/ncurses-5.5-x86_64-2.tgz: Recompiled with --with-chtype=long. This fixes iptraf and dialog to be displayed correctly. Many thanks to Thomas Dickey. L software series/aspell-0.60.4-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. D software series/subversion-1.4.0-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. D software series/oprofile-0.9.1-x86_64-3.tgz: Recompiled against libbfd. D software series/python-2.4.3-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. D software series/pkgconfig-0.21-x86_64-4.tgz: Removed /usr/lib64/pkgconfig path from the profile.d/* scripts. D software series/gcc-3.4.6-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. D software series/gcc-g++-3.4.6-x86_64-3.tgz: Recompiled. D software series/gcc-g77-3.4.6-x86_64-3.tgz: Recompiled. D software series/gcc-java-3.4.6-x86_64-3.tgz: Recompiled. D software series/gcc-gnat-3.4.6-x86_64-3.tgz: Recompiled. D software series/gcc-objc-3.4.6-x86_64-3.tgz: Recompiled. D software series/binutils-2.15.92.0.2-x86_64-3.tgz: Recompiled with --disable-multilib. D software series/libtool-1.5.22-x86_64-5.tgz: Recompiled against the new dependency libs from /usr/lib. XAP software series/seamonkey-1.0.5-x86_64-3.tgz: Repackaged and fixed /usr/lib path in install.sh. XAP software series/packages/gaim-1.5.0-x86_64-3: Recompiled against the new dependency libs from /usr/lib. +-----------------------------+ Mon Nov 6 13:34:41 EET 2006 At this stage, all lib64 and /usr/lib64 libraries should be in /lib and /usr/lib (except qt). If you still have some libs in the old locations, then they are from the aaa_elflibs-11.0.0-x86_64-9.tgz and glibc-solibs-2.3.6-x86_64-5.tgz packages which are not yet upgraded. The aaa_elflibs package shoult be safely removed because all libs are already installed. Later, I will release the new aaa_elflibs packages when this will be ready. Some other libs will be recompiled to relink against dependency libs from /usr/lib. So, please test all this and post problems to the Bluewhite64 forum. Thank you. AP software series/apmd-3.0.2-x86_64-2.tgz: Moved libapm.a to /usr/lib. AP software series/rpm-4.2.1-x86_64-3.tgz: Recompiled and moved shared libraries to /usr/lib. L software series/libxslt-1.1.17-x86_64-3.tgz:Recompiled against libgpg-error and libgcrypt. L software series/libgcrypt-1.2.2-x86_64-3.tgz: Recompiled against libgpg-error. L software series/libgpg-error-1.3-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/imlib-1.9.15-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/gd-2.0.33-x86_64-2.tgz: Recompiled against the new dependency libs from /usr/lib. AP software series/flac-1.1.2-x86_64-3.tgz: Recompiled against the new xmms build. AP software series/normalize-0.7.6-x86_64-2.tgz: Recompiled against the new xmms build to correctly install normalize efects. L software series/libcaca-0.9-x86_64-3.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/gtk+-1.2.10-x86_64-5.tgz: Recompiled against the new dependency libs from /usr/lib. A software series/etc-11.0-noarch-3.tgz: Removed /usr/X11R6/lib64 from ld.so.conf. AP software series/espgs-8.15.3svn185-x86_64-3.tgz: Repackaged and moved pstopxl & pstoraster from /usr/lib64/cups/filter to /usr/lib/cups/filter. Thanks to Harbour for reporting this. L software series/cairo-1.0.4-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. L software series/aalib-1.4rc5-x86_64-4.tgz: Recompiled against the new dependency libs from /usr/lib. +-----------------------------+ Sat Nov 4 18:11:48 EET 2006 XAP software series/xscreensaver-5.00-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/xmms-1.2.10-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/xlockmore-5.22-x86_64-2.tgz Recompiled without --libdir=/usr/lib64. XAP software series/xine-lib-1.1.2-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. XAP XAP software series/xine-ui-0.99.4-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/xfce-4.2.3.2-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/xchat-2.6.6-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/windowmaker-0.92.0-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/seamonkey-1.0.5-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/sane-1.0.18-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/mozilla-thunderbird-1.5.0.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/mozilla-firefox-1.5.0.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/imagemagick-6.2.8_8-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/gxine-0.5.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/gucharmap-1.4.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/gkrellm-2.2.9-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/gimp-2.2.13-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. XAP software series/gaim-1.5.0-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. +-----------------------------+ Thu Nov 2 00:06:33 EET 2006 X software series/x11-6.9.0-x86_64-9.tgz: Rebuilt with #define HaveLib64 NO and bumped all x11-* packages build version to 9. After you have upgraded to this packages, edit your xorg.conf and change any lib64 directory to lib. X software series/x11-devel-6.9.0-x86_64-9.tgz: Recompiled. X software series/x11-docs-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-docs-html-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-fonts-100dpi-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-fonts-cyrillic-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-fonts-misc-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-fonts-scale-6.9.0-noarch-9.tgz: Rebuilt. X software series/x11-xdmx-6.9.0-x86_64-9.tgz: Recompiled. X software series/x11-xnest-6.9.0-x86_64-9.tgz: Recompiled. X software series/x11-xvfb-6.9.0-x86_64-9.tgz: Recompiled. X software series/fontconfig-2.2.3-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. TCL software series/tix-8.1.4-x86_64-1.tgz: Added tix-8.1.4. TCL software series/tcl-8.4.13-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. TCL software series/hfsutils-3.2.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. TCL software series/expect-5.43-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. T software series/transfig-3.2.4-x86_64-2.tgz: Removed /usr/X11R6/lib64. +-----------------------------+ Tue Oct 31 00:34:56 EET 2006 N software series/tcpip-0.17-x86_64-5.tgz: Moved libwrap.a to /usr/lib. N software series/tcpdump-3.9.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/slrn-0.9.8.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/ppp-2.4.4-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. N software series/php-4.4.4-x86_64-5.tgz: Recompiled without --libdir=/usr/lib64 N software series/openssl-0.9.8d-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. N software series/mod_ssl-2.8.28_1.3.37-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64 N software series/openssh-4.4p1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/openldap-client-2.3.27-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/lynx-2.8.5rel.5-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. N software series/curl-7.15.5-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. N software series/bind-9.3.2_P1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/mysql-5.0.24a-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/device-mapper-1.02.09-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/lvm2-2.02.09-x86_64-2.tgz: Rebuilt. AP software series/hpijs-2.1.4-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. AP software series/gimp-print-4.2.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/flac-1.1.2-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/dmapi-2.2.5_1-x86_64-2.tgz: Recompiled without --libdir=/lib64. AP software series/cdrtools-2.01-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. AP software series/cdrdao-1.2.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. +-----------------------------+ Mon Oct 30 00:10:48 EET 2006 As I promissed, the next upcoming stable release will be without lib64 directory's. So, here are the A, D and L software series rebuilt without --libdir=/usr/lib64. Please do not send bug reports until all software series will be recompiled. Thank you. L software series/xaw3d-1.5-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/wv2-0.2.2-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/taglib-1.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/startup-notification-0.8-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/slang1-1.4.9-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/readline-5.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/popt-1.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/pcre-6.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/pango-1.12.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/ncurses-5.5-x86_64-1.tgz: Upgraded to ncurses-5.5 and recompiled without --libdir=/usr/lib64. L software series/mpfr-2.2.0p10-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/mpeg_lib-1.3.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/mhash-0.9.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libxslt-1.1.17-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libxml2-2.6.26-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libwpd-0.8.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libvorbis-1.1.2-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libusb-0.1.12-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libungif-4.1.4-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/libtiff-3.8.2-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/libtermcap-1.2.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/librsvg-2.14.4-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libpng-1.2.12-x86_64-5.tgz: Recompiled without --libdir=/usr/lib64. L software series/libogg-1.1.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libmng-1.0.5-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/libmikmod-3.1.11a-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libmad-0.15.1b-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libjpeg-6b-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. L software series/libieee1284-0.2.10-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libidn-0.6.5-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libidl-0.8.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libid3tag-0.15.1b-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libgtkhtml-2.6.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libgsf-1.14.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libglade-2.5.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libgpg-error-1.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libgcrypt-1.2.2-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libexif-0.6.13-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. L software series/libcaca-0.9-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/libao-0.8.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/lcms-1.15-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/jre-1_5_0_09-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/imlib-1.9.15-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/gtk+2-2.8.20-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/gtk+-1.2.10-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. L software series/gpgme-1.0.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/gnet-2.0.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/gmp-4.2.1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/glut-3.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/glib2-2.10.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/glib-1.2.10-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/glibc-2.3.6-x86_64-6.tgz: Recompiled without --libdir=/usr/lib64. L software series/glibc-i18n-2.3.6-noarch-6.tgz: Rebuilt. L software series/glibc-profile-2.3.6-x86_64-6.tgz: Recompiled without --libdir=/usr/lib64. L software series/gdk-pixbuf-0.22.0-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/gdbm-1.8.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/fribidi-0.10.7-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/expat-1.95.8-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/freetype-2.1.9-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/esound-0.2.36-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/db44-4.4.20-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/cairo-1.0.4-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/audiofile-0.2.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/atk-1.10.3-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. L software series/alsa-oss-1.0.11-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/alsa-lib-1.0.11-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. L software series/aalib-1.4rc5-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. N software series/openssl-0.9.8d-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/openssl-solibs-0.9.8d-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/xfsprogs-2.8.10_1-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/utempter-1.1.3-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. A software series/syslinux-2.13-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. A software series/sysfsutils-2.0.0-x86_64-5.tgz: Recompiled without --libdir=/usr/lib64. A software series/smartmontools-5.36-x86_64-1.tgz: Recompiled without --libdir=/usr/lib64. A software series/gpm-1.20.1-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/glibc-zoneinfo-2.3.6-noarch-6.tgz: Rebuilt. A software series/gettext-0.15-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. A software series/e2fsprogs-1.38-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/cups-1.1.23-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/bzip2-1.0.3-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. A software series/bin-11.0-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. A software series/attr-2.4.32_1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. A software series/acl-2.2.39_1-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. A software series/aaa_base-11.0-noarch-4.tgz: Rebuilt and removed /lib64, /usr/lib64 directory's. D software series/subversion-1.4.0-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/libtool-1.5.22-x86_64-4.tgz: Recompiled without --libdir=/usr/lib64. D software series/guile-1.8.0-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gettext-tools-0.15-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gdb-6.5-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-g77-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-java-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-g++-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-gnat-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/gcc-objc-3.4.6-x86_64-2.tgz: Recompiled without --libdir=/usr/lib64. D software series/flex-2.5.4a-x86_64-3.tgz: Recompiled without --libdir=/usr/lib64. +-----------------------------+ Wed Oct 25 14:18:31 EEST 2006 A software series/bin-11.0-x86_64-4.tgz: Recompiled file-4.17, to provide magic.mgc and magic.mime.mgc. Without these files some applications (like mldonkey) can crash. Thanks to eleksir for reporting this. N software series/bitchx-1.1-x86_64-5.tgz: Fixed BitchX symlink in /usr/bin. +-----------------------------+ Sat Oct 14 21:50:59 EEST 2006 A software series/openssl-solibs-0.9.8d-x86_64-2.tgz: Recompiled. AP software series/hpijs-2.1.4-x86_64-2.tgz: Repackaged and added /usr/lib64/cups/filter path to $cupsfilterpath at the foomatic-rip script. Thanks to Cristi C. for reporting this. AP software series/espgs-8.15.3svn185-x86_64-2.tgz: Recompiled. Added missing "gs" and other binary to /usr/bin. Thanks to Cristi C. for reporting this. N software series/openssl-0.9.8d-x86_64-2.tgz: Recompiled and fixed libssl.so and libcrypt.so symlinks. Thanks to Virgil Moldoveanu for reporting this. +-----------------------------+ Mon Oct 9 09:34:55 EEST 2006 EXTRA software/slackpkg-2.09-noarch-1.tgz: Upgraded to slackpkg-2.09. Fixed "search" and "upgrade-all" functions. L software series/lesstif-0.95.0-x86_64-2.tgz: Repackaged and fixed docs directory symlink. Thanks to Cristi C. for reporting this. A software series/apmd-3.0.2-x86_64-1.tgz: Reverted to apmd-3.0.2. Recompiled and patched to correctly build the apm package binaries. Thanks to Cristi C. for reporting this. +-----------------------------+ Tue Oct 3 15:59:31 EEST 2006 Bluewhite64 Linux 11.0 released ! Thank you all who helped to make this release possible.