Sun Oct 21 16:12:18 EEST 2012 PATCHES/packages/bind-9.7.6_P4-x86_64-1.tgz: Upgraded. This update fixes a security issue where a certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] [*** Security fix ***] PATCHES/packages/patch-2.7-x86_64-2.tgz: Upgraded. Applied two upstream git commits to fix bugs which could cause target files to be removed or truncated. PATCHES/packages/dhcp-4.1_ESV_R7-x86_64-1.tgz: Upgraded. An issue with the use of lease times was found and fixed. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. [ISC-Bugs #30281] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 [*** Security fix ***] PATCHES/packages/php-5.3.17-x86_64-1.tgz: Upgraded. This is a bugfix release. PATCHES/packages/slocate-3.1-x86_64-2.tgz: Rebuilt. Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Patched to fix information leak of filenames in protected directories. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227 [*** Security fix ***] PATCHES/packages/dhcp-4.1_ESV_R6-x86_64-1.tgz: Upgraded. This fixes memory leaks, denial of service vulnerabilities, and disallows packets with zero length client ids (not valid according to RFC 2132 section 9.14). For more information, see: https://kb.isc.org/article/AA-00736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954 [*** Security fix ***] PATCHES/packages/t1lib-5.1.2-x86_64-1.tgz: Upgraded. Patched various overflows, crashes, and pointer bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554 [*** Security fix ***] PATCHES/packages/libpng-1.2.50-x86_64-1.tgz: Upgraded. Fixed incorrect type (int copy should be png_size_t copy) in png_inflate() (fixes CVE-2011-3045). Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386 [*** Security fix ***] PATCHES/packages/libexif-0.6.21-x86_64-1.tgz: Upgraded. This update fixes a number of remotely exploitable issues in libexif with effects ranging from information leakage to potential remote code execution. For more information, see: http://sourceforge.net/mailarchive/message.php?msg_id=29534027 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845 [*** Security fix ***] PATCHES/packages/freetype-2.4.10-x86_64-1.tgz: Upgraded. Since freetype-2.4.8 many fixes were made to better handle invalid fonts. Many of them are vulnerabilities (see CVE-2012-1126 up to CVE-2012-1144 and SA48320) so all users should upgrade. [*** Security fix ***] PATCHES/packages/libxml2-2.6.32-x86_64-2.tgz: Upgraded. Patched an off-by-one error in XPointer that could lead to a crash or possibly the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102 [*** Security fix ***] +----------------------------+ Mon May 21 14:01:34 EEST 2012 PATCHES/packages/openssl-0.9.8x-x86_64-1.tgz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8x-x86_64-1.tgz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES//packages/pidgin-2.10.4-x86_64-1.tgz: Upgraded. Fixed possible MSN remote crash. Fixed XMPP remote crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 [*** Security fix ***] PATCHES/packages/php-5.3.13-x86_64-1.tgz: Upgraded. This release completes a fix for a vulnerability in CGI-based setups. Note: mod_php and php-fpm are not vulnerable to this attack. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311 [*** Security fix ***] PATCHES/packages/samba-3.0.37-x86_64-4.tgz: Rebuilt. This is a security release in order to address a vulnerability that allows remote code execution as the "root" user. All sites running a Samba server should update to the new Samba package and restart Samba. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 [*** Security fix ***] PATCHES/packages/libtiff-3.8.2-x86_64-8.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 [*** Security fix ***] PATCHES/packages/libpng-1.2.47-x86_64-1tgz: Upgraded. All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57, respectively, fail to correctly validate a heap allocation in png_decompress_chunk(), which can lead to a buffer-overrun and the possibility of execution of hostile code on 32-bit systems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 [*** Security fix ***] PATCHES/packages/proftpd-1.3.4a-x86_64-1.tgz: Upgraded. This update fixes a use-after-free() memory corruption error, and possibly other unspecified issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130 [*** Security fix ***] PATCHES/packages/vsftpd-2.3.5-x86_64-1.tgz: Upgraded. Minor version bump, this also works around a hard to trigger heap overflow in glibc (glibc zoneinfo caching vuln). For there to be any possibility to trigger the glibc bug within vsftpd, the non-default option "chroot_local_user" must be set in /etc/vsftpd.conf. [*** Security fix ***] +--------------------------+ Mon Feb 6 21:01:18 EET 2012 PATCHES/packages/httpd-2.2.22-x86_64-1.txz: Upgraded. This release fixes multiple vulnerabilities. For more information, see: http://www.apache.org/dist/httpd/CHANGES_2.2.22 [*** Security fix ***] PATCHES/packages/php-5.3.10-x86_64-1.txz: Upgraded. Over 90 bug fixes, some of which are security related. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 [*** Security fix ***] PATCHES/packages/freetype-2.4.8-x86_64-1.txz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 [*** Security fix ***] PATCHES/packages/openssl-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] +--------------------------+ Mon Sep 26 13:27:42 EEST 2011 PATCHES/packages/httpd-2.2.21-x86_64-1.txz: Upgraded. SECURITY: CVE-2011-3348 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192. +--------------------------+ Sun Aug 28 10:26:34 EEST 2011 PATCHES/packages/php-5.3.8-x86_64-1.txz: Upgraded. Php 5.2 is EOL. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. BUT, before upgrade to 5.3, MAKE SURE your applications are ready for the new php. If you use Open Source apps like Joomla, e107, Drupal, Wordpress etc, check their site for php 5.3 compatibility and update them to the latest versions! !!! Once again, upgrade your applications before upgrade php !!! PASTURE/php-5.2.17-x86_64-1.txz: Moved here just in case you will need this ;). Have fun & Enjoy Bluewhite Linux! +--------------------------+ Fri Aug 19 10:36:55 EEST 2011 PATCHES/packages/bind-9.4_ESV_R5-x86_64-1.tgz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 [*** Security fix ***] PATCHES/packages/libpng-1.2.46-x86_64-1.tgz: Upgraded. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 [*** Security fix ***] +--------------------------+ Mon Jun 27 21:29:54 UTC 2011 PATCHES/packages/pidgin-2.9.0-x86_64-1.tgz: Upgraded. Fixed a remote denial of service. A remote attacker could set a specially crafted GIF file as their buddy icon causing vulerable versions of pidgin to crash due to excessive memory use. For more information, see: http://pidgin.im/news/security/?id=52 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 [*** Security fix ***] +--------------------------+ Sat Jun 25 15:11:04 EEST 2011 PATCHES/packages/fetchmail-6.3.20-x86_64-1.tgz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt [*** Security fix ***] +--------------------------+ Sat May 28 21:33:53 EEST 2011 PATCHES/packages/bind-9.4_ESV_R4_P1-x86_64-1.tgz: Upgraded. This release fixes security issues: A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631].For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 [*** Security fix ***] PATCHES/packages/apr-1.4.5-x86_64-1.tgz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 [*** Security fix ***] PATCHES/packages/apr-util-1.3.12-x86_64-1.tgz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). PATCHES/packages/httpd-2.2.19-x86_64-1.tgz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. +--------------------------+ Mon May 16 12:05:24 EEST 2011 PATCHES/packages/apr-1.4.4-x86_64-1.tgz: Upgraded. This fixes a possible denial of service due to an unconstrained, recursive invocation of apr_fnmatch(). This function has been reimplemented using a non-recursive algorithm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 [*** Security fix ***] PATCHES/packages/apr-util-1.3.11-x86_64-1.tgz: Upgraded. PATCHES/packages/httpd-2.2.18-x86_64-1.tgz: Upgraded. +--------------------------+ Sun Apr 24 19:40:26 EEST 2011 PATCHES/packages/rdesktop-1.6.0-x86_64-2.tgz: Rebuilt. Patched a traversal vulnerability (disallow /.. requests). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595 [*** Security fix ***] PATCHES/packages/acl-2.2.50-x86_64-1.tgz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent symlink attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411 [*** Security fix ***] +--------------------------+ Mon Apr 11 14:25:09 EEST 2011 PATCHES/packages/libtiff-3.8.2-x86_64-7.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 [*** Security fix ***] PATCHES/packages/dhcp-3.1_ESV_R1-x86_64-1.tgz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 [*** Security fix ***] PATCHES/packages/xrdb-1.0.9-x86_64-1.tgz: Upgraded. This fixes a security issue where improperly sanitized input could lead to privilege escalation or arbitrary command execution as root. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 [*** Security fix ***] +--------------------------+ Tue Apr 5 22:02:41 EEST 2011 PATCHES/packages/proftpd-1.3.3e-x86_64-1.tgz: Upgraded. Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137 +--------------------------+ Sat Mar 12 10:15:02 EET 2011 PATCHES/packages/pidgin-2.7.11-x86_64-1.tgz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due to improper handling of malformed YMSG packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091 [*** Security fix ***] PATCHES/packages/subversion-1.5.9-x86_64-1.tgz: Upgraded. Fixed a remotely triggerable NULL-pointer dereference in mod_dav_svn. For more information, see: http://subversion.apache.org/security/CVE-2011-0715-advisory.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 [*** Security fix ***] PATCHES/packages/samba-3.2.15-x86_64-3.tgz: Rebuilt. Fix memory corruption denial of service issue. For more information, see: http://www.samba.org/samba/security/CVE-2011-0719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719 [*** Security fix ***] +--------------------------+ Tue Feb 15 13:34:53 EET 2011 PATCHES/packages/apr-1.3.12-x86_64-1.tgz: Upgraded. PATCHES/packages/apr-util-1.3.10-x86_64-1.tgz: Upgraded. Fixes a memory leak and DoS in apr_brigade_split_line(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/expat-2.0.1-x86_64-2.tgz: Patched. Fixed various crash and hang bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 [*** Security fix ***] PATCHES/packages/httpd-2.2.17-x86_64-1.tgz: Upgraded. This fixes some denial of service bugs in the bundled libraries. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/openssl-0.9.8r-x86_64-1.tgz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20110208.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8r-x86_64-1.tgz: Upgraded. [*** Security fix ***] PATCHES/packages/sudo-1.7.4p6-x86_64-1.tgz: Upgraded. Fix Runas group password checking. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0010 [*** Security fix ***] +--------------------------+ Wed Jan 12 22:37:35 EET 2011 PATCHES/packages/pidgin-2.7.9-x86_64-1.txz: Upgraded. Fixed denial-of-service flaw in the MSN protocol. [*** Security fix ***] PATCHES/packages/php-5.2.17-x86_64-1.txz: Upgraded. This update fixes an infinite loop with conversions from string to double that may result in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3d-x86_64-1.tgz: Upgraded. This update fixes an unbounded copy operation in sql_prepare_where() that could be exploited to execute arbitrary code. [*** Security fix ***] PATCHES/packages/bind-9.4_ESV_R4-x86_64-1.txg: Upgraded. This update fixes some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 [*** Security fix ***] +--------------------------+ Fri Dec 10 13:34:11 EET 2010 PATCHES/packages/openssl-0.9.8q-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101202.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8q-x86_64-1.tgz: Upgraded. [*** Security fix ***] +--------------------------+ Wed Dec 1 10:04:11 EET 2010 PATCHES/packages/pidgin-2.7.7-x86_64-1.tgz: Upgraded. This update fixes connection issues for AIM and MSN. PATCHES/packages/cups-1.3.11-x86_64-1.tgz: Upgraded. Fixed memory corruption bugs that could lead to a denial of service or possibly execution of arbitrary code through a crafted IPP request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 [*** SECURITY FIX ***] +--------------------------+ Sat Nov 27 11:26:32 EET 2010 PATCHES/packages/openssl-0.9.8p-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101116.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 [*** SECURITY FIX ***] PATCHES/packages/openssl-solibs-0.9.8p-x86_64-1.tgz: Upgraded. [*** SECURITY FIX ***] +--------------------------+ Sun Nov 21 16:01:24 EET 2010 PATCHES/packages/xpdf-3.02pl5-x86_64-1.tgz: Upgraded. This update fixes security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** Security fix ***] PATCHES/packages/poppler-0.8.5-x86_64-5.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl5. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** Security fix ***] +--------------------------+ Tue Nov 2 14:46:39 EET 2010 PATCHES/packages/pidgin-2.7.5-x86_64-1.tgz: Upgraded. This update addresses some denial of service bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3c-x86_64-1.tgz: Upgraded. Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925), which can allow remote execution of arbitrary code as the user running the ProFTPD daemon. Thanks to TippingPoint and the Zero Day Initiative (ZDI). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867 [*** Security fix ***] +--------------------------+ Mon Nov 1 10:00:13 EET 2010 PATCHES/packages/glibc-2.7-x86_64-17.tgz: Rebuilt. Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root by specifying an unsafe DSO in the library search path to be used with a setuid binary in LD_AUDIT mode. Bug found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes). Patched "dynamic linker expands $ORIGIN in setuid library search path". This security issue allows a local attacker to gain root if they can create a hard link to a setuid root binary. Thanks to Tavis Ormandy. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://seclists.org/fulldisclosure/2010/Oct/344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://seclists.org/fulldisclosure/2010/Oct/257 [***Security fix ***] PATCHES/packages/glibc-i18n-2.7-noarch-17.tgz: Rebuilt. PATCHES/packages/glibc-profile-2.7-x86_64-17.tgz: Rebuilt. PATCHES/packages/glibc-solibs-2.7-x86_64-17.tgz: Upgraded. [***Security fix ***] PATCHES/packages/glibc-zoneinfo-2.7-noarch-17.tgz: Upgraded. Rebuilt to tzcode2010n and tzdata2010n. +--------------------------+ Sun Sep 26 21:08:38 EEST 2010 PATCHES/packages/bzip2-1.0.6-x86_64-1.tgz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 [*** SECURITY FIX ***] PATCHES/packages/kernel-huge-2.6.27.54-x86_64-1.tgz: Upgraded. This kernel fix the following security problems: 64-bit Compatibility Mode Stack Pointer Underflow (CVE-2010-3081). IA32 System Call Entry Point Vulnerability (CVE-2010-3301). These vulnerabilities allow local users to gain root privileges. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3301 [*** Security fix ***] PATCHES/packages/kernel-firmware-2.6.27.54-noarch-1.tgz: Upgraded. PATCHES/packages/kernel-headers-2.6.27.54-x86_64-1.tgz: Upgraded. PATCHES/packages/kernel-modules-2.6.27.54-x86_64-1.tgz: Upgraded. PATCHES/packages/kernel-source-2.6.27.54-noarch-1.tgz: Upgraded. PATCHES/packages/samba-3.2.15-x86_64-2.tgz: Patched. This upgrade fixes a buffer overflow in the sid_parse() function. For more information, see: http://www.samba.org/samba/security/CVE-2010-3069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069 [*** SECURITY FIX ***] PATCHES/packages/sudo-1.7.4p4-x86_64-1.tgz: Upgraded. This fixes a flaw that could lead to privilege escalation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956 [*** SECURITY FIX ***] +--------------------------+ Sun Sep 5 11:09:22 EEST 2010 PATCHES/packages/gnupg2-2.0.9-x86_64-2.tgz: Rebuilt. Patched to fix "Realloc Bug with X.509 certificates in GnuPG". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 [*** SECURITY FIX ***] PATCHES/packages/httpd-2.2.16-x86_64-1.tgz: Upgraded. Fix Handling of requests without a path segment. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 [*** SECURITY FIX ***] PATCHES/packages/php-5.2.14-x86_64-1.tgz: Upgraded. Fixed several security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html [*** SECURITY FIX ***] PATCHES/packages/pidgin-2.7.3-x86_64-1.tgz: Upgraded. This fixes a crash due to malformed X-Status messages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 [*** SECURITY FIX ***] +--------------------------+ Mon Aug 9 20:02:59 EEST 2010 PATCHES/packages/libtiff-3.8.2-x86_64-6.tgz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 [*** Security fix ***] PATCHES/packages/libpng-1.2.44-x86_64-1.tgz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 [*** Security fix ***] +--------------------------+ Sat Jun 26 11:32:54 EEST 2010 PATCHES/packages/bind-9.4.3_P5-x86_64-1.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 [*** Security fix ***] +--------------------------+ Sat Jun 19 19:50:07 EEST 2010 PATCHES/packages/samba-3.0.37-x86_64-2.tgz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 [*** Security fix ***] PATCHES/packages/pidgin-2.7.0-x86_64-1.tgz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 [*** Security fix ***] PATCHES/packages/fetchmail-6.3.17-x86_64-1.tgz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 [*** Security fix ***] PATCHES/packages/irssi-0.8.15-x86_64-1.tgz: Upgraded. From the NEWS file: - Check if an SSL certificate matches the hostname of the server we are connecting to. - Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 [*** Security fix ***] +--------------------------+ Sun Apr 25 11:42:16 EEST 2010 PATCHES/sudo-1.7.2p6-x86_64-1.tgz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html [*** Security fix ***] +--------------------------+ Thu Apr 8 20:23:47 EEST 2010 PATCHES/packages/mozilla-firefox-3.0.19-x86_64-1.tgz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.24-x86_64-1.tgz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] PATCHES/packages/seamonkey-1.1.19-x86_64-1.tgz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Thu Apr 1 13:19:15 EEST 2010 PATCHES/packages/openssl-0.9.8n-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8n-x86_64-1.tgz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-2.tgz: Rebuilt. +--------------------------+ Thu Mar 11 14:11:05 EET 2010 PATCHES/packages/pidgin-2.6.6-x86_64-1.tgz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 [*** Security fix ***] PATCHES/packages/openssl-0.9.8m-x86_64-2.tgz: Rebuilt. PATCHES/packages/openssl-solibs-0.9.8m-x86_64-2.tgz: Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. PATCHES/packages/httpd-2.2.15-x86_64-1.tgz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 [*** Security fix ***] +--------------------------+ Fri Mar 5 22:56:18 EET 2010 PATCHES/packages/openssl-0.9.8m-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8m-x86_64-1.tgz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-1.tgz: Upgraded. +--------------------------+ Mon Jan 25 16:49:46 EET 2010 PATCHES/packages/httpd-2.2.14-x86_64-1.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 [*** Security fix ***] PATCHES/packages/php-5.2.12-x86_64-1.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 [*** Security fix ***] PATCHES/packages/pidgin-2.6.5-x86_64-1.tgz: Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 [*** Security fix ***] +--------------------------+ Sat Dec 12 11:26:59 EET 2009 PATCHES/packages/gimp-2.4.7-x86_64-2.tgz: Rebuilt. This fixes integer overflows in the image handling plugins that could lead to the execution of arbitrary code or an application crash if a malicious image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570 PATCHES/packages/ntp-4.2.4p8-x86_64-1.tgz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 [*** Security fix ***] +--------------------------+ Sun Dec 6 13:29:39 EET 2009 PATCHES/packages/bind-9.4.3_P4-x86_64-1.tgz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 [*** Security fix ***] +--------------------------+ Thu Nov 19 21:29:19 EET 2009 PATCHES/packages/openssl-0.9.8i-x86_64-4.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8i-x86_64-4.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [*** Security fix ***] +--------------------------+ Tue Nov 3 11:24:21 EET 2009 PATCHES/packages/mozilla-firefox-3.0.15-x86_64-1.tgz: Upgraded. Upgraded to firefox-3.0.15. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] PATCHES//packages/poppler-0.8.5-x86_64-4.tgz:: Rebuilt. Includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] PATCHES/packages/xpdf-3.02pl4-x86_64-1.tgz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] +--------------------------+ Wed Oct 21 22:12:07 EEST 2009 PATCHES/packages/gnutls-2.8.4-x86_64-1.tgz: This contains a correct fix for the NUL in CN/SAN SSL vulnerability. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 [*** Security fix ***] PATCHES/packages/pidgin-2.6.3-x86_64-1.tgz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 [*** Security fix ***] +--------------------------+ Tue Oct 6 20:12:26 EEST 2009 PATCHES/packages/php-5.2.11-x86_64-1.tgz: This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 [*** Security fix ***] PATCHES/packages/samba-3.2.15-x86_64-1.tgz: This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 [*** Security fix ***] +--------------------------+ Wed Sep 16 21:30:57 EEST 2009 PATCHES/packages/mozilla-firefox-3.0.14-x86_64-1.tgz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] PATCHES/packages/seamonkey-1.1.18-x86_64-1.tgz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Sat Aug 22 16:40:01 EEST 2009 PATCHES/packages/mozilla-thunderbird-2.0.0.23-x86_64-1.tgz: This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Thu Aug 20 19:31:52 EEST 2009 PATCHES/packages/pidgin-2.5.9-x86_64-1.txz: Upgraded. This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 [*** Security fix ***] +--------------------------+ Sat Aug 15 11:37:51 EEST 2009 PATCHES/packages/kernel-huge-2.6.27.7-x86_64-3.tgz: Patched. The CVE-2009-2692 vulnerability allows regular users to get root rights on the affected systems (local only). The problem is a Linux kernel NULL pointer dereference due to incorrect proto_ops initializations. For more details please see: http://tinyurl.com/ostlja http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 [*** Security fix ***] PATCHES/packages/curl-7.19.6-x86_64-1.tgz: This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 [*** Security fix ***] +--------------------------+ Sat Aug 8 09:51:06 EEST 2009 PATCHES/packages/apr-1.3.8-x86_64-1.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] PATCHES/packages/apr-util-1.3.9-x86_64-1.tgz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] PATCHES/packages/httpd-2.2.12-x86_64-2.tgz: Rebuilt. Recompiled against the new apr and apr-util. This allows external modules to be built without having to edit the new apr/apr-util version numbers into the httpd config files. PATCHES/packages/subversion-1.5.7-x86_64-1.tgz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt [*** Security fix ***] PATCHES/packages/fetchmail-6.3.11-x86_64-1.tgz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 [*** Security fix ***] +--------------------------+ Tue Aug 4 12:47:09 EEST 2009 PATCHES/packages/mozilla-firefox-3.0.13-x86_64-1.tgz: Upgraded. This fixes a couple of security issues. For more information, see: http://www.mozilla.org/security/announce/2009/mfsa2009-42.html http://www.mozilla.org/security/announce/2009/mfsa2009-43.html [*** Security fix ***] +--------------------------+ Mon Aug 3 22:41:53 EEST 2009 PATCHES/packages/httpd-2.2.12-x86_64-1.tgz: Upgraded. This update fixes some security issues (from the CHANGES file): *) SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605. [Joe Orton, Ruediger Pluem] *) SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] *) SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] *) SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 [*** Security fix ***] +--------------------------+ Thu Jul 30 11:12:35 EEST 2009 PATCHES/packages/bind-9.4.3_P3-x86_64-1.tgz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.0.12-x86_64-1.tgz: Upgraded to firefox-3.0.12. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +--------------------------+ Fri Jul 17 10:43:54 EEST 2009 PATCHES/packages/dhcp-3.1.2p1-x86_64-1.tgz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 [*** Security fix ***] PATCHES/packages/httpd-2.2.11-x86_64-1.tgz: Upgraded. This needed a recompile against the new apr package to fix building new modules, and an upgrade to the latest stable version. PATCHES/packages/php-5.2.10-x86_64-1.tgz: Upgraded. +--------------------------+ Tue Jun 30 00:41:05 EEST 2009 PATCHES/packages/ghostscript-8.63-x86_64-3.tgz: Recompiled. Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.22-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.22. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Sat Jun 27 21:18:06 EEST 2009 PATCHES/packages/samba-3.2.13-x86_64-1.tgz: Upgraded. This upgrade fixes the following security issues: - in Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes"; - in Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886 [*** Security fix ***] +--------------------------+ Thu Jun 25 18:33:50 EEST 2009 PATCHES/packages/seamonkey-1.1.17-x86_64-1.tgz: Upgraded to seamonkey-1.1.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Mon Jun 22 23:05:17 EEST 2009 PATCHES/packages/libpng-1.2.37-x86_64-1.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 [*** Security fix ***] PATCHES/packages/ruby-1.8.7_p174-x86_64-1.tgz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 [*** Security fix ***] +--------------------------+ Thu Jun 18 21:21:18 EEST 2009 PATCHES/packages/apr-1.3.5-x86_64-1.tgz: Upgraded. PATCHES/packages/apr-util-1.3.7-x86_64-1.tgz: Upgraded. Fix underflow in apr_strmatch_precompile. Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.0.11-x86_64-1.tgz: Upgraded to firefox-3.0.11. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +--------------------------+ Thu Jun 4 23:30:09 EEST 2009 PATCHES/packages/ntp-4.2.4p7-x86_64-1.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Bluewhite64 ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 [*** Security fix ***] +--------------------------+ Wed May 27 19:56:19 EEST 2009 PATCHES/packages/pidgin-2.5.6-x86_64-1.tgz: Upgraded to pidgin-2.5.6. This version fixes security issues that could lead to a denial of service or the execution of arbitrary code as the user running Pidgin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 [*** Security fix ***] +--------------------------+ Tue May 26 19:57:30 EEST 2009 PATCHES/packages/xv-3.10a-x86_64-3.tgz: Fixed bug #10. For more details please see: http://bugzilla.bluewhite64.com/show_bug.cgi?id=10. Thanks to Andrej for reporting, sending the patch and testing the new package ;). +--------------------------+ Fri May 15 22:56:46 EEST 2009 PATCHES/packages/cyrus-sasl-2.1.23-x86_64-1.tgz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 [*** Security fix ***] +--------------------------+ Mon May 11 20:46:06 EEST 2009 PATCHES/packages/xpdf-3.02pl3-x86_64-1.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 [*** Security fix ***] PATCHES/packages/gnutls-2.6.2-x86_64-2.tgz Patched the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 [*** Security fix ***] +--------------------------+ Fri May 1 18:38:51 EEST 2009 PATCHES/packages/ruby-1.8.7_p160-x86_64-1.tgz: Upgraded to ruby-1.8.7-p160. This update fixes a DoS in REXML. For details, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ [*** Security fix ***] +---------------------------+ Wed Apr 29 09:12:47 EEST 2009 PATCHES/packages/mozilla-firefox-3.0.10-x86_64-1.tgz: Upgraded to firefox-3.0.10. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +---------------------------+ Mon Apr 27 22:24:44 EEST 2009 PATCHES/packages/cups-1.3.10-x86_64-1.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 [*** Security fix ***] +--------------------------+ Thu Apr 23 13:27:58 EEST 2009 PATCHES/packages/mozilla-firefox-3.0.9-x86_64-1.tgz: Upgraded to firefox-3.0.9. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +---------------------------+ Wed Apr 22 18:18:14 EEST 2009 PATCHES/packages/udev-141-x86_64-2.tgz: Fixed a regression with serial/dialout device ownership. Bluewhite64 12.2 uses the 'uucp' group for these devices, but the newer version of udev has changed them to 'dialout', leading to log errors and an incorrect group ownership for serial devices since the 'dialout' group does not exist. This update changes the serial device group ownership back to 'uucp'. Changed the permissions on the real time clock (/dev/rtc0) so that all users can read it. Modified rc.udev so that the /dev/root symlink is created. +---------------------------+ Tue Apr 21 23:01:38 EEST 2009 PATCHES/packages/udev-141-x86_64-1.tgz: Upgraded to udev-141. This upgrade fixes a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 [*** Security fix ***] PATCHES/packages/dhcpcd-2.0.8-x86_64-3.tgz: Fixed bug #9. For more details please see: http://bugzilla.bluewhite64.com/show_bug.cgi?id=9 Thanks to Csaba Miklos for the report and fix. PATCHES/packages/mesa-7.0.3-x86_64-2.tgz: Removed the glw.pc patch. Thanks to ALVAN for reporting. +---------------------------+ Tue Apr 14 11:37:42 EEST 2009 PATCHES/packages/seamonkey-1.1.16-x86_64-1.tgz: Upgraded to seamonkey-1.1.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +---------------------------+ Wed Apr 8 23:00:34 EEST 2009 PATCHES/packages/openssl-0.9.8i-x86_64-3.tgz: Patched (see below). PATCHES/packages/openssl-solibs-0.9.8i-x86_64-3.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 [*** Security fix ***] PATCHES/packages/php-5.2.9-x86_64-1.tgz: Upgraded to php-5.2.9. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 [*** Security fix ***] PATCHES/packages/xine-lib-1.1.16.3-x86_64-1.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 [*** Security fix ***] +---------------------------+ Sat Mar 28 10:57:56 EET 2009 PATCHES/packages/glib2-2.16.6-x86_64-2.tgz: Patched to fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.0.8-x86_64-1.tgz: Upgraded to firefox-3.0.8. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +---------------------------+ Wed Mar 25 22:52:34 EET 2009 PATCHES/packages/lcms-1.18-x86_64-1.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.21-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.21. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] PATCHES/packages/seamonkey-1.1.15-x86_64-1..tgz: Upgraded to seamonkey-1.1.15. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Mon Mar 23 17:50:17 EET 2009 PATCHES/packages/slackpkg-2.70.5-noarch-3.tgz: Fixed bug #5. More details about this can be found at: http://bugzilla.bluewhite64.com/show_bug.cgi?id=5 Thanks to Benno for the report and fix. +--------------------------+ Tue Mar 10 23:42:01 EET 2009 PATCHES/packages/curl-7.19.4-x86_64-1.tgz: Upgraded to curl-7.19.4. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.0.7-x86_64-1.tgz: Upgraded to firefox-3.0.7. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] PATCHES/packages/xterm-241-x86_64-1.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 [*** Security fix ***] +--------------------------+ Sat Feb 21 12:33:23 EET 2009 PATCHES/packages/cdrtools-2.01.01a57-x86_64-2.tgz: Fixed build script to put the charset conversion tables in /usr/lib/siconv. PATCHES/packages/git-1.6.1.3-x86_64-1.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 [*** Security fix ***] PATCHES/packages/libpng-1.2.35-x86_64-1.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt [*** Security fix ***] +--------------------------+ Wed Feb 18 10:10:40 EET 2009 PATCHES/packages/jre-6u12-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 12. This update include the highly anticipated 64-bit Java Plug-In (for 64-bit browsers only). Enjoy! PATCHES/jdk-6/jdk-6u12-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 12. This update include the highly anticipated 64-bit Java Plug-In (for 64-bit browsers only). Enjoy! +--------------------------+ Tue Feb 10 23:11:08 EET 2009 PATCHES/packages/cdrtools-2.01.01a57-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a57. Also, fixed a build script error so that the utilities look for locale files in the correct directory. Anyone who had problems with k3b previously should upgrade this package. PATCHES/packages/wicd/wicd-1.5.9-noarch-1.tgz: Upgraded to wicd-1.5.9. This fixes a security problem with the D-Bus configuration file that allows local users to intercept D-Bus messages, possibly including wireless network credentials. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0489 [*** Security fix ***] +--------------------------+ Fri Feb 6 21:21:04 EET 2009 PATCHES/packages/mozilla-firefox-3.0.6-x86_64-1.tgz: Upgraded to firefox-3.0.6. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +--------------------------+ Tue Feb 3 21:47:42 EET 2009 PATCHES/packages/xdg-utils-1.0.2-noarch-3.tgz: This update fixes two security issues. First, use of xdg-open in /etc/mailcap was found to be unsafe -- xdg-open passes along downloaded files without indicating what mime type they initially presented themselves as, leaving programs further down the processing chain to discover the file type again. This makes it rather trivial to present a script (such as a .desktop file) as a document type (like a PDF) so that it looks safe to click on in a browser, but will result in the execution of an arbitrary script. It might be safe to send files to trusted applications in /etc/mailcap, but it does not seem to be safe to send files to xdg-open in /etc/mailcap. This package will comment out calls to xdg-open in /etc/mailcap if they are determined to have been added by a previous version of this package. If you've made any local customizations to /etc/mailcap, be sure to check that there are no uncommented calls to xdg-open after installing this update. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 Another bug in xdg-open fails to sanitize input properly allowing the execution of arbitrary commands. This was fixed in the xdg-utils repository quite some time ago (prior to the inclusion of xdg-utils in Bluewhite64), but was never fixed in the official release of xdg-utils. The sources for xdg-utils in Bluewhite64 have now been updated from the repo to fix the problem. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 [*** Security fix ***] +--------------------------+ Thu Jan 15 23:25:37 EET 2009 PATCHES/packages/bind-9.4.3_P1-x86_64-1.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 [*** Security fix ***] PATCHES/packages/ntp-4.2.4p6-x86_64-1.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] PATCHES/packages/openssl-0.9.8i-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8i-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] +--------------------------+ Mon Jan 12 22:40:29 EET 2009 PATCHES/packages/iwlwifi-4965-ucode-228.57.2.23-fw-1.tgz. Upgraded to iwlwifi-4965-ucode-228.57.2.23-fw-1.tgz This upgrade fixes iwlwifi-4965-2.ucod. Thanks to Roberto Gonzalez Azevedo for reporting and for the fix. +--------------------------+ Tue Jan 6 20:20:15 EET 2009 PATCHES/packages/samba-3.2.7-x86_64-1.tgz: Upgraded to samba-3.2.7. This fixes a security issue. From the WHATSNEW.txt file: "This is a security release in order to address CVE-2009-0022. CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28). The original security announcement for this and past advisories can be found http://www.samba.org/samba/security/" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 [*** Security fix ***] +--------------------------+ Fri Jan 2 00:49:08 EET 2009 PATCHES/packages/mozilla-thunderbird-2.0.0.19-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.19. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] +--------------------------+ Tue Dec 30 01:00:10 EET 2008 PATCHES/packages/seamonkey-1.1.14-x86_64-1.tgz: Upgraded to seamonkey-1.1.14. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix **] +--------------------------+ Sun Dec 21 19:40:20 EET 2008 PATCHES/packages/mkinitrd-1.3.3-x86_64-1.tgz: Fixed a few bugs in the previous mkinitrd package: If a kernel version is requested with the -k option and modules are needed to build the initrd, exit with an error if no matching /lib/modules/ tree is present. Usually an incorrect kernel version was supplied. When adding kernel modules to the initrd, be more verbose showing success and failure copying each module. With some newer kernels, "/dev/root" might be returned by mount as the root device, but this will not work as an initrd root device. If mount returns /dev/root, look at the /dev/root symlink to determine the actual root device and use that so that the root device does not need to be supplied with -r. In the call to /sbin/modprobe used to determine module dependencies, use the option --ignore-install to avoid catching "install" lines under /etc/modprobe.d/ when modules that use these are added to the initrd. This prevents /sbin/modprobe from being copied over busybox, breaking the initrd. PATCHES/packages/mozilla-firefox-3.0.5-x86_64-1.tgz: Upgraded to firefox-3.0.5. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +--------------------------+ Fri Dec 12 23:39:17 EET 2008 Say hello to the Bluewhite64 Linux 12.2 stable version! Huge thanks to all the Bluewhite64 users who helped on this release! Enjoy! +--------------------------+ Tue Dec 9 22:56:32 EET 2008 X software series/xf86-video-intel-2.4.3-x86_64-2.tgz: Patched to fix BIOS parsing code and fix some Intel and i830 video chipsets. isolinux/initrd.img: Added missing mount.nfs. Added INSSMB, an installer script to use a Samba source. usb-and-pxe-installers/: Added missing mount.nfs. Added INSSMB, an installer script to use a Samba source. +--------------------------+ Mon Dec 8 20:04:39 EET 2008 AP software series/slackpkg-2.70.5-noarch-2.tgz: Commented all active mirrors. N software series/network-scripts-12.2-noarch-4.tgz: Patched rc.inet1 to filter output from "modprobe -c" that begins with #, preventing spurious error messages. N software series/php-5.2.8-x86_64-1.tgz: Upgraded to php-5.2.8. This is a bugfix release that reverts a change that broke magic_quotes_gpc. KDE software series/kdeadmin-3.5.10-x86_64-4.tgz: Updated the knetworkconf patch to handle the domain name better, and to retain the correct permissions on rc.samba. L software series/dbus-1.2.6-x86_64-1.tgz: Upgraded to dbus-1.2.6. L software series/dbus-glib-0.78-x86_64-1.tgz: Upgraded to dbus-glib-0.78. L software series/hal-0.5.11-x86_64-4.tgz: Modified hal.conf to use the plugdev group correctly. L software series/libgphoto2-2.4.3-x86_64-3.tgz: Added README.jl2005a. Although the driver for this proprietary chipset is not built by default, the README is useful to let people know why that is (and perhaps as a warning to steer clear of these cameras unless you happen to be an expert in reverse engineering compression formats). +--------------------------+ Sun Dec 7 13:33:03 EET 2008 A software series/hdparm-9.3-x86_64-1.tgz: Upgraded to hdparm-9.3. AP software series/man-pages-3.15-noarch-1.tgz: Upgraded to man-pages-3.15. KDE software series/kdeadmin-3.5.10-x86_64-3.tgz: Patched knetworkconf (KDE Control Center Network Settings) to be able to configure network interfaces. Added Bluewhite64 Linux 11.0, 12.0. 12.1 and 12.2 support. The utility it can strip commented out options from the rc.inet1.conf config file, and can put options into the file in a confusing order, so it is still not the optimal way to configure a network. L software series/libgphoto2-2.4.3-x86_64-2.tgz: Restore README files for camera libraries that were not previously included. A pointer to the API documentation has also been added to the docs directory. N software series/network-scripts-12.2-noarch-3.tgz: Allow rc.inet1.conf to override MAXNICS value in rc.inet1. Added rc.inet1.8 and rc.inet1.conf.5 manpages. Removed duplicated code in rc.inet1 default case. XAP software series/pidgin-2.5.2-x86_64-2.tgz: Patched to accept certificates signed with rsa-md5. Other SSL libraries accept this, so GnuTLS should as well. EXTTRA/wicd/wicd-1.5.6-noarch-2.tgz: Change usr/lib/pm-utils/sleep.d/55wicd to chmod 644 by default to avoid interference with suspend. +--------------------------+ Sat Dec 6 16:22:55 EET 2008 AP software series/ghostscript-8.63-x86_64-2.tgz: Patched to remove a dependency on the experimental cairo output driver, which brings in dependencies on many X libraries. AP software series/gutenprint-5.2.2-x86_64-2.tgz: Edited setup.06.gutenprint, which still had the old path to the PPD files. AP software series/pm-utils-1.2.3-x86_64-1.tgz: Upgraded to pm-utils-1.2.3. XAP software series/gftp-2.0.19-x86_64-1.tgz: Upgraded to gftp-2.0.19. isolinux/initrd.img: Added probe for forcedeth, e1000e and r8169 network chipsets. usb-and-pxe-installers/: Added probe for forcedeth, e1000e and r8169 network chipsets. +--------------------------+ Fri Dec 5 14:40:10 EET 2008 AP software series/slackpkg-2.70.5-noarch-1.tgz: Upgraded to slackpkg-2.70.5-noarch-1. L software series/jre-6u11-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 11. N software series/php-5.2.7-x86_64-1.tgz: Upgraded to php-5.2.7. In addition to improvements and bug fixes, this new version of PHP also addresses several security issues, including: Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660). rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829). Fixed extraction of zip files or directories when the entry name is a relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt These are the URLs to get more information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 http://www.sektioneins.de/advisories/SE-2008-06.txt [*** Security fix ***] EXTRA/jdk-6/jdk-6u11-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 11. EXTRA/wicd/wicd-1.5.6-noarch-1.tgz: Upgraded to wicd-1.5.6. Patched to work with Bluewhite64. Thanks to Cycojesus for the patch. +--------------------------+ Fri Dec 5 00:49:35 EET 2008 A software series/kernel-firmware-2.6.27.7-noarch-2.tgz: Rebuilt. A software series/kernel-huge-2.6.27.7-x86_64-2.tgz: Recompiled with RTC (Real Time Clock) built in to the kernel image. The latest udev does not load the rtc modules (works up to udev-132), so hwclock cannot work as expected. Also, if the right modules is manually loaded, after reboot, the system time is set by default to UTC. The built in RTC fixes both ;). A software series/kernel-source-2.6.27.7-noarch-2.tgz: Rebuilt. D software series/kernel-headers-2.6.27.7-x86-2.tgz: Rebuilt. K software series/kernel-modules-2.6.27.7-x86_64-2.tgz: Rebuilt. L software series/svgalib_helper-1.9.25_2.6.27.7-x86_64-2.tgz: Rebuilt. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt with newly compiled kernel modules. +--------------------------+ Thu Dec 4 21:17:57 EET 2008 A software series/udev-135-x86_64-2.tgz: Make DRI devices usable by anyone in group "video". AP software series/slackpkg-2.70.3-noarch-4.tgz: Added Bluewhite64 12.2 mirrors. D software series/oprofile-0.9.2-x86_64-5.tgz: Recompiled. N software series/netwatch-1.0a-x86_64-1.tgz: Removed. It is a old unmaintained software and not working as expected. N software series/network-scripts-12.2-noarch-2.tgz: Don't try to reset ipv4 parameters in rc.ip_forward unless /etc/sysctl.conf exists. XAP software series/mozilla-firefox-3.0.4-x86_64-2.tgz: Bumped Bluewhite64 version number in UA. XAP software series/eamonkey-1.1.13-x86_64-2.tgz: Bumped Bluewhite64 version in UA. EXTRA/jdk-6/jdk-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10. Thanks to rraptor and LukenShiro for reporting this. isolinux/initrd.img: Added lsscsi and pciutils. usb-and-pxe-installers/: Added lsscsi and pciutils. +--------------------------+ Wed Dec 3 23:54:47 EET 2008 This is Bluewhite64 Linux 12.2 Release canditate one! Right now there is no iso, still have some small issues to resolve. I'll try at the next RC to relase an iso ;). A software series/aaa_base-12.2.0-noarch-1.tgz: Bumped /etc/bluewhite64-version version number in preparation for a stable release, and updated the initial emails. A software series/aaa_elflibs-12.2.0-x86_64-1.tgz: Updated the initial "starter" library package to the latest versions in -current. A software series/genpower-1.0.5-x86_64-2.tgz: Patched genpowerfail to halt the machine during a power failure rather than causing it to reboot over and over. A software series/ntfs-3g-1.5130-x86_64-1.tgz: Upgraded to ntfs-3g-1.5130. A software series/pciutils-2.2.10-x86_64-2.tgz: Updated pci.ids. A software series/sysvinit-scripts-1.2-noarch-26.tgz: Patched rc.M to start rc.wicd and rc.snmpd if those scripts are executable, and removed the reference to the old rc.hplip script. Also, modifed rc.K to shut down acpid using rc.acpid. Changed /proc/bus/usb mounting in rc.S to use the options from /etc/fstab if there is an entry for it there. A software series/udev-135-x86_64-1.tgz: Upgraded to udev-135. A software series/usbutils-0.73-x86_64-3.tgz: Updated usb.ids. AP software seris/alsa-utils-1.0.17-x86_64-2.tgz: Patched rc.alsa to use [[:blank:]] instead of [[:space:]] with tr, since the latter removes vertical whitespace and causes everything to be incorrectly listed on one line. L software series/hal-info-20081127-noarch-1.tgz: Upgraded to hal-info-20081127. N software series/ethtool-6-x86_64-1.tgz: Upgraded to ethtool-6. N software series/network-scripts-12.2-noarch-1.tgz: Removed the automatic DHCP timeout reduction in rc.inet1, since the kernel is not reliably returning correct information about that. If the default 30 second timeout is too long, it can be shortened in rc.inet1.conf. Patched rc.ip_forward to reapply any non-default ipv4 parameters after turning ipv4 forwarding on or off, as doing that clears them. TCL software series/expect-5.44.1.11-x86_64-2.tgz: Recompiled. TCL software series/tcl-8.5.5-x86_64-1.tgz: Upgraded to tcl-8.5.5. TCL software series/tk-8.5.5-x86_64-1.tgz: Upgraded to tk-8.5.5. XAP spftware series/audacious-1.5.1-x86_64-2.tgz: Recompiled to make sure newer libraries will work as expected. extra/brltty/brltty-3.10-x86_64-1.tgz: Upgraded to brltty-3.10. EXTRA/wicd/wicd-1.5.5-noarch-1.tgz: Added wicd-1.5.5. isolinux/initrd.img: Rebuilt removing some unneeded kernel modules. usb-and-pxe-installers/: Rebuilt removing some unneeded kernel modules. +--------------------------+ Tue Dec 2 22:16:27 EET 2008 A software series/lilo-22.8-x86_64-14.tgz: Fixed typo in liloconfig. A software series/sysvinit-scripts-1.2-noarch-25.tgz: Edited rc.S to clear temporary files better. Edited rc.M, rc.6, and rc.K to not output additional information when running accton, as the new binary already does that. A software series/udev-134-x86_64-1.tgz: Upgraded to udev-134. (Remove any obsolete /etc/modprobe.d/uhci-hci config file after upgrade) AP software series/man-pages-3.14-noarch-1.tgz: Upgraded to man-pages-3.14. AP software series/pm-utils-1.2.2.1-x86_64-2.tgz: Rebuilt with a patch to properly reset acpi video flags after a resume. AP software series/radeontool-1.5-x86_64-1.tgz: Added radeontool-1.5. AP software series/lsscsi-0.21-x86_64-1.tgz: Upgraded to lsscsi-0.21. AP software series/mc-4.6.1_20070623p14-x86_64-2.tgz: Patched to fix a bug where moving or copying a file could cause mc to crash. D software series/ruby-1.8.7_p72-x86_64-2.tgz: Recompiled with a patch to fix short name constants. L software series/jre-6u10-x86_64-2.tgz: Added /usr/bin/java/jre/bin directory since the profile scripts add it to the $PATH. N software series/wireless-tools-29-x86_64-4.tgz: Patched rc.wireless to take the interface down and retry if setting the mode fails. N software series/bridge-utils-1.2-x86_64-2.tgz: Patched to fix a corner case where brctl does not work if the name of the bridge is "bridge". XAP software series/audacious-plugins-1.5.1-x86_64-4.tgz: Patched to fix amidi-plug plugin. +--------------------------+ Sat Nov 29 18:05:22 EET 2008 AP software series/cdrtools-2.01.01a53-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a53. AP software series/dmidecode-2.10-x86_64-1.tgz: Upgraded to dmidecode-2.10. AP software series/sqlite-3.6.6.2-x86_64-1.tgz: Upgraded to sqlite-3.6.6.2. L software series/libgsf-1.14.10-x86_64-1.tgz: Upgraded to libgsf-1.14.10. N software series/dnsmasq-2.46-x86_64-1.tgz: Upgraded to dnsmasq-2.46. N software series/ntp-4.2.4p5-x86_64-2.tgz: Edited rc.ntpd to add status support for pm-utils. N software series/samba-3.2.5-x86_64-1.tgz: Upgraded to samba-3.2.5. This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 [*** Security fix ***] +--------------------------+ Wed Nov 26 22:59:47 EET 2008 TESTING/packages/kde4/deps/eigen2-r888176-x86_64-1.tgz: Added eigen2-r888176. TESTING/packages/kde4/extragear/amarok-1.98-x86_64-1.tgz: Upgraded to amarok-1.98. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.3-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.3. TESTING/packages/kde4/extragear/kaudiocreator-r888119-x86_64-1.tgz: Upgraded to kaudiocreator-r888119. TESTING/packages/kde4/extragear/konq-plugins-4.1.3-x86_64-1.tgz: Added konq-plugins-4.1.3. TESTING/packages/kde4/extragear/ktorrent-3.1.5-x86_64-1.tgz: Upgraded to ktorrent-3.1.5. TESTING/packages/kde4/kde/kdeaccessibility-4.1.3-x86_64-1.tgz: Upgraded to kdeaccessibility-4.1.3. TESTING/packages/kde4/kde/kdeadmin-4.1.3-x86_64-1.tgz: Upgraded to kdeadmin-4.1.3. TESTING/packages/kde4/kde/kdeartwork-4.1.3-x86_64-1.tgz: Upgraded to kdeartwork-4.1.3. TESTING/packages/kde4/kde/kdebase-4.1.3-x86_64-1.tgz: Upgraded to kdebase-4.1.3. TESTING/packages/kde4/kde/kdebase-runtime-4.1.3-x86_64-1.tgz: Upgraded to kdebase-runtime-4.1.3. TESTING/packages/kde4/kde/kdebase-workspace-4.1.3-x86_64-1.tgz: Upgraded to kdebase-workspace-4.1.3. TESTING/packages/kde4/kde/kdebindings-4.1.3-x86_64-1.tgz: Upgraded to kdebindings-4.1.3. TESTING/packages/kde4/kde/kdeedu-4.1.3-x86_64-1.tgz: Upgraded to kdeedu-4.1.3. TESTING/packages/kde4/kde/kdegames-4.1.3-x86_64-1.tgz: Upgraded to kdegames-4.1.3. TESTING/packages/kde4/kde/kdegraphics-4.1.3-x86_64-1.tgz: Upgraded to kdegraphics-4.1.3. TESTING/packages/kde4/kde/kdelibs-4.1.3-x86_64-1.tgz: Upgraded to kdelibs-4.1.3. TESTING/packages/kde4/kde/kdemultimedia-4.1.3-x86_64-1.tgz: Upgraded to kdemultimedia-4.1.3. TESTING/packages/kde4/kde/kdenetwork-4.1.3-x86_64-1.tgz: Upgraded to kdenetwork-4.1.3. TESTING/packages/kde4/kde/kdepim-4.1.3-x86_64-1.tgz: Upgraded to kdepim-4.1.3. TESTING/packages/kde4/kde/kdepimlibs-4.1.3-x86_64-1.tgz: Upgraded to kdepimlibs-4.1.3. TESTING/packages/kde4/kde/kdeplasma-addons-4.1.3-x86_64-1.tgz: Upgraded to kdeplasma-addons-4.1.3. TESTING/packages/kde4/kde/kdesdk-4.1.3-x86_64-1.tgz: Upgraded to kdesdk-4.1.3. TESTING/packages/kde4/kde/kdetoys-4.1.3-x86_64-1.tgz: Upgraded to kdetoys-4.1.3. TESTING/packages/kde4/kde/kdeutils-4.1.3-x86_64-1.tgz: Upgraded to kdeutils-4.1.3. TESTING/packages/kde4/kde/kdewebdev-4.1.3-x86_64-1.tgz: Upgraded to kdewebdev-4.1.3. TESTING/packages/kde4/kde/koffice-1.9.98.2-x86_64-1.tgz: Upgraded to koffice-1.9.98.2. TESTING/packages/kde4/kde-l10n/kde-l10n-*.tgz: Upgraded to kde-l10n-*-4.1.3. TESTING/packages/kde4/kde-l10n/koffice-l10n-*.tgz: Added koffice-l10n-*-1.9.98.2. +--------------------------+ Mon Nov 24 16:27:29 EET 2008 TESTING/packages/kde4/deps/qt-r887099-x86_64-1.tgz: Upgraded to qt-copy-r887099. TESTING/packages/kde4/kde/kdebase-workspace-4.1.2-x86_64-2.tgz: Recompiled against lm_sensors-3.0.3. TESTING/packages/kde4/kde/kdelibs-4.1.2-x86_64-2.tgz: Included an upstream patch to fix crashes with kded. +--------------------------+ Sat Nov 22 21:12:00 EET 2008 A software series/aaa_base-12.1.0-noarch-4.tgz: Fixed an extra "../" at the beginning of the /var/X11R6 symlink A software series/glibc-solibs-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. A software series/glibc-zoneinfo-2.7-noarch-16.tgz: Rebuilt. A software series/kernel-firmware-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 firmware. A software series/kernel-huge-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. A software series/kernel-modules-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. AP software series/hplip-2.8.10-x86_64-1.tgz: Upgraded to hplip-2.8.10. AP software series/pm-utils-1.2.2.1-x86_64-1.tgz: Added pm-utils-1.2.2.1. AP software series/slackpkg-2.70.3-noarch-2.tgz: Updates mirrors list and moved here from EXTRA ;). AP software series/texinfo-4.13a-x86_64-2.tgz: Patched the install script to replace /usr/info/dir if the topmost node is missing. D software series/kernel-headers-2.6.27.7-x86-1.tgz: Upgraded to Linux 2.6.27.6 headers. E software series/emacs-22.3-x86_64-2.tgz: Rebuilt with compressed info pages and using the emacs PNG icon from the sources. K software series/kernel-source-2.6.27.7-noarch-1.tgz: Upgraded to Linux 2.6.27.6. L software series/glibc-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. L software series/glibc-i18n-2.7-noarch-16.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. L software series/svgalib_helper-1.9.25_2.6.27.7-x86_64-1.tgz: Recompiled for Linux 2.6.27.6. N software series/alpine-2.00-x86_64-1.tgz: Upgraded to alpine-2.00. N software series/imapd-2.00-x86_64-1.tgz: Upgraded to imapd from alpine-2.00. N software series/curl-7.19.2-x86_64-1.tgz: Upgraded to curl-7.19.2. N software series/ntp-4.2.4p5-x86_64-1.tgz: Upgraded to ntp-4.2.4p5. N software series/sendmail-8.14.3-x86_64-1.tgz: Upgraded to sendmail-8.14.3. N software series/sendmail-cf-8.14.3-noarch-1.tgz: Upgraded to sendmail-8.14.3 config files. X software series/scim-1.4.7-x86_64-7.tgz: Recompiled. X/software series/scim-bridge-0.4.14-x86_64-3.tgz: Recompiled. XAP software series/mozilla-thunderbird-2.0.0.18-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.18. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. +--------------------------+ Sat Nov 22 13:39:47 EET 2008 A software series/acpid-1.0.8-x86_64-1.tgz: Upgraded to acpid-1.0.8. /etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades, but since whatever version already installed on the system owns /etc/acpi/acpi_handler.sh, it will still be overwritten one more time when this update is installed. If you've customized your script, be sure to back it up before upgrading. A software series/mkinitrd-1.3.2-x86_64-4.tgz: Fixed a bug where unless -F was the first option given, other command line options would not override the contents of /etc/mkinitrd.conf as documented in the man page. L software series/libxml2-2.6.32-x86_64-2.tgz: Patched and recompiled. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 [*** Security fix ***] X software series/compiz-0.7.8-x86_64-1.tgz: Upgraded to compiz-0.7.8. X software series/dejavu-fonts-ttf-2.27-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.27. X software series/xf86-input-acecad-1.2.2-x86_64-1.tgz: Added xf86-input-acecad-1.2.2. X software series/xf86-input-calcomp-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-calcomp-1.1.2-x86_64-1.tgz. X software series/xf86-input-digitaledge-1.1.1-x86_64-2.tgz: Upgraded to xf86-input-digitaledge-1.1.1. X software series/xf86-input-dmc-1.1.2-x86_64-1.tgz: Added xf86-input-dmc-1.1.2. X software series/xf86-input-dynapro-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-dynapro-1.1.2. X software series/xf86-input-elo2300-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-elo2300-1.1.2. X software series/xf86-input-elographics-1.2.3-x86_64-1.tgz: Upgraded to xf86-input-elographics-1.2.3. X software series/xf86-input-evdev-2.0.8-x86_64-1.tgz: Upgraded to xf86-input-evdev-2.0.8. X software series/xf86-input-fpit-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-fpit-1.2.0. X software series/xf86-input-hyperpen-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-hyperpen-1.2.0. X software series/xf86-input-jamstudio-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-jamstudio-1.2.0. X software series/xf86-input-joystick-1.3.3-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.3. X software series/xf86-input-keyboard-1.3.1-x86_64-1.tgz: Upgraded to xf86-input-keyboard-1.3.1. X software series/libdrm-2.3.0-x86_64-2.tgz: Recompiled. X software series/xf86-input-magellan-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-magellan-1.2.0. X software series/xf86-input-microtouch-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-microtouch-1.2.0. X software series/xf86-input-mutouch-1.2.1-x86_64-1.tgz: Upgraded to xf86-input-mutouch-1.2.1. X software series/xf86-input-palmax-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-palmax-1.2.0. X software series/xf86-input-penmount-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-penmount-1.3.0. X software series/xf86-input-summa-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-summa-1.2.0. X software series/xf86-input-synaptics-0.15.2-x86_64-1.tgz: Added xf86-input-synaptics-0.15.2. X software series/xf86-input-tek4957-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-tek4957-1.2.0. X software series/xf86-input-vmmouse-12.5.2-x86_64-1.tgz: Upgraded to xf86-input-vmmouse-12.5.2. X software series/xf86-input-void-1.1.1-x86_64-1.tgz: Added xf86-input-void-1.1.1. X software series/xf86-video-cirrus-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-cirrus-1.2.1. X software series/xf86-video-glint-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-glint-1.2.1. X software series/xf86-video-i128-1.3.1-x86_64-1.tgz: Upgraded to xf86-video-i128-1.3.1. X software series/xf86-video-intel-2.4.3-x86_64-1.tgz: Upgraded to xf86-video-intel-2.4.3. X software series/xf86-video-mga-1.4.9-x86_64-1.tgz: Upgraded to xf86-video-mga-1.4.9. X software series/xf86-video-neomagic-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-neomagic-1.2.1. X software series/xf86-video-nv-2.1.12-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.12. X software series/xf86-video-openchrome-0.2.903-x86_64-1.tgz: Added xf86-video-openchrome-0.2.903. X software series/xf86-video-radeonhd-1.2.3-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.3. X software series/xf86-video-s3virge-1.10.1-x86_64-1.tgz: Upgraded to xf86-video-s3virge-1.10.1. X software series/xf86-video-savage-2.2.1-x86_64-1.tgz: Upgraded to xf86-video-savage-2.2.1. X software series/xf86-video-vmware-10.16.5-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.5. X software series/xkeyboard-config-1.4-noarch-1.tgz: Upgraded to xkeyboard-config-1.4. EXTRA/slacktrack/slacktrack-2.01-noarch-1.tgz: Upgraded to slacktrack-2.01. +--------------------------+ Sun Nov 16 19:06:13 EET 2008 A software series/glibc-solibs-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. A software series/glibc-zoneinfo-2.7-noarch-15.tgz: Rebuilt. A software series/kernel-firmware-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 firmware. A software series/kernel-huge-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. A software series/kernel-modules-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. D software series/kernel-headers-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 headers. K software series/kernel-source-2.6.27.6-noarch-1.tgz: Upgraded to Linux 2.6.27.6. L software series/glibc-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. L software series/glibc-i18n-2.7-noarch-15.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. L software series/svgalib_helper-1.9.25_2.6.27.6-x86_64-1.tgz: Recompiled for Linux 2.6.27.6. N software series/gnutls-2.6.2-x86_64-1.tgz: Upgraded to gnutls-2.6.2. The security fix in gnutls-2.6.1 had a flaw in cases where the certificate chain contained only one self-signed certificate. This update fixes the issue. n/net-snmp-5.4.2.1-x86_64-1.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 [*** Security fix ***] N software series/proftpd-1.3.1-x86_64-3.tgz: Recompiled against the new openssl packages. XAP software series/mozilla-firefox-3.0.4-x86_64-1.tgz: Upgraded to firefox-3.0.4. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] XAP software series/seamonkey-1.1.13-x86_64-1.tgz: Upgraded to seamonkey-1.1.13. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. +--------------------------+ Sat Nov 15 00:49:08 EET 2008 AP software series/acct-6.4pre1-X86_64-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel accounting file format (and the older log formats). KDE software series/kdepim-3.5.10-x86_64-4.tgz: Recompiled against bluez-libs and pilot-link. L software series/pilot-link-0.12.3-x86_64-6.tgz: Recompiled against bluez-libs-3.36. N software series/bluez-hcidump-1.42-x86_64-2.tgz: Recompiled against bluez-libs-3.36. N software series/bluez-libs-3.36-x86_64-2.tgz: Switched back to the BlueZ 3.x series. As the website says, "without support from the userspace these modules are useless." N software series/bluez-utils-3.36-x86_64-4.tgz: Switched back to bluez-utils-3.36, with the udev rules moved into /lib/udev/rules.d/. N software series/obexftp-0.22-x86_64-3.tgz: Recompiled against openobex-1.3. N software series/openobex-1.3-x86_64-3.tgz: Recompiled against bluez-libs-3.36. N software series/slrn-0.9.9p1-x86_64-2.tgz: Fixed slack-desc to properly note that the original author, John E. Davis, is now maintaining slrn again. +--------------------------+ Tue Nov 11 23:16:06 EET 2008 A software series/cups-1.3.9-x86_64-1.tgz: Upgraded to cups-1.3.9. This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 [*** Security fix ***] A software series/e2fsprogs-1.41.3-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.3. A software series/glibc-solibs-2.7-x86_64-14.tgz: Recompiled against Linux 2.6.27.5. A software series/glibc-zoneinfo-2.7-noarch-14.tgz: Rebuilt with tzdata2008i. A software series/kernel-firmware-2.6.27.5-x86_64-1.tgz: Added Linux 2.6.27.5 firmware (mostly for sound cards). A software series/kernel-huge-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5. A software series/kernel-modules-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5. A software series/module-init-tools-3.5-x86_64-1.tgz: Upgraded to module-init-tools-3.5. A software series/ntfs-3g-1.5012-x86_64-1.tgz: Upgraded to ntfs-3g-1.5012. A software series/openssl-solibs-0.9.8i-x86_64-1.tgz: Upgraded to openssl-0.9.8i. AP software series/cdparanoia-III_10.2-x86_64-1.tgz: Upgraded to cdparanoia-III-10.2. AP software series/gphoto2-2.4.3-x86_64-1.tgz: Upgraded to gphoto2-2.4.3. AP software series/hplip-2.8.9-x86_64-1.tgz: Upgraded to hplip-2.8.9. AP software series/lm_sensors-3.0.3-x86_64-1.tgz: Upgraded to lm_sensors-3.0.3. AP software series/rpm-4.4.2.3-x86_64-2.tgz: Recompiled against neon-0.28.3. AP software series/sqlite-3.6.4-x86_64-1.tgz: Upgraded to sqlite-3.6.4. D software series/binutils-2.18.50.0.9-x86_64-1.tgz: Upgraded to binutils-2.18.50.0.9. D software series/cmake-2.6.2-x86_64-1.tgz: Upgraded to cmake-2.6.2. D software series/git-1.6.0.3-x86_64-1.tgz: Upgraded to git-1.6.0.3. D software series/intltool-0.40.5-x86_64-1.tgz: Upgraded to intltool-0.40.5. D software series/kernel-headers-2.6.27.5_smp-x86-1.tgz: Upgraded to Linux 2.6.27.5 headers. D software series/m4-1.4.12-x86_64-1.tgz: Upgraded to m4-1.4.12. D software series/subversion-1.5.4-x86_64-1.tgz: Upgraded to subversion-1.5.4. D software series/kernel-headers-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5 headers. K software series/kernel-source-2.6.27.5-noarch-1.tgz: Upgraded to Linux 2.6.27.5. KDE software series/kdebase-3.5.10-x86_64-3.tgz: Recompiled against the new libsensors. KDE software series/kdepim-3.5.10-x86_64-3.tgz: Recompiled against the upgraded bluez and pilot-link packages. KDE software series/kdesdk-3.5.10-x86_64-3.tgz: Recompiled against apr-1.3.3 and neon-0.28.3. KDE software series/kdevelop-3.5.3-x86_64-3.tgz: Recompiled against neon-0.28.3. L software series/apr-1.3.3-x86_64-1.tgz: Upgraded to apr-1.3.3. L software series/apr-util-1.3.4-x86_64-1.tgz: Upgraded to apr-util-1.3.4. L software series/fuse-2.7.4-x86_64-2.tgz: Moved udev rules to /lib/udev/rules.d/. L software series/dbus-1.2.4-x86_64-1.tgz: Upgraded to dbus-1.2.4. L software series/glibc-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.5. L software series/glibc-i18n-2.7-noarch-15.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.5. L software series/hal-info-20081022-noarch-1.tgz: Upgraded to hal-info-20081022. L software series/hicolor-icon-theme-0.10-noarch-4.tgz: Rebuilt. L software series/jre-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 10. L software series/libcap-2.14-x86_64-1.tgz: Upgraded to libcap-2.14. L software series/libgphoto2-2.4.3-x86_64-1.tgz: Upgraded to libgphoto2-2.4.3. L software series/libmtp-0.3.3-x86_64-1.tgz: Upgraded to libmtp-0.3.3. L software series/libnjb-2.2.6-x86_64-3.tgz: Moved udev rules to /lib/udev/rules.d/. L software series/neon-0.28.3-x86_64-1.tgz: Upgraded to neon-0.28.3. L software series/pilot-link-0.12.3-x86_64-5.tgz: Moved udev rules to /lib/udev/rules.d/. Recompiled against bluez-4.17. L software series/svgalib_helper-1.9.25_2.6.27.5-x86_64-1.tgz: Recompiled for Linux 2.6.27.5. n/bluez-4.17-x86_64-1.tgz: Added bluez-4.17, which replaces the blues-libs and blues-utils packages. n/bluez-hcidump-1.42-x86_64-1.tgz: Upgraded to bluez-hcidump-1.42. n/httpd-2.2.10-x86_64-1.tgz: Upgraded to httpd-2.2.10. n/gnutls-2.6.1-x86_64-1.tgz: Upgraded to gnutls-2.6.1. From the gnutls-2.6.1 NEWS file: ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. Thanks for report and analysis from Martin von Gagern . [CVE-2008-4989] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 [*** Security fix ***] N software series/iproute2-2.6.26-x86_64-1.tgz: Upgraded to iproute2-2.6.26. N software series/iptables-1.4.2-x86_64-1.tgz: Upgraded to iptables-1.4.2. N software series/iwlwifi-3945-ucode-15.28.2.8-fw-1.tgz: Upgraded to iwlwifi-3945-ucode-15.28.2.8. N software series/iwlwifi-4965-ucode-228.57.2.21-fw-1.tgz: Upgraded to iwlwifi-4965-ucode-228.57.2.21. N software series/iwlwifi-5000-ucode-5.4.A.11-fw-1.tgz: Added iwlwifi-5000-ucode-5.4.A.11. N software series/nfs-utils-1.1.4-x86_64-1.tgz: Upgraded to nfs-utils-1.1.4. N software series/obexftp-0.22-x86_64-2.tgz: Recompiled. N software series/openobex-1.3-x86_64-2.tgz: Recompiled against bluez-4.17. N software series/openssl-0.9.8i-x86_64-1.tgz: Upgraded to openssl-0.9.8i. N software series/samba-3.2.4-x86_64-1.tgz: Upgraded to samba-3.2.4. N software series/slrn-0.9.9p1-x86_64-1.tgz: Upgraded to slrn-0.9.9p1. N software series/tcpdump-4.0.0-x86_64-1.tgz: Upgraded to libpcap-1.0.0 and tcpdump-4.0.0. TCL software series/expect-5.44.1.11-x86_64-1.tgz: Upgraded to expect-5.44.1.11. XAP software series/audacious-plugins-1.5.1-x86_64-3.tgz: Recompiled against neon-0.28.3. XAP software series/gkrellm-2.3.2-x86_64-1.tgz: Upgraded to gkrellm-2.3.2 compiled against lm_sensors-3.0.3. XAP software series/pidgin-2.5.2-x86_64-1.tgz: Upgraded to pidgin-2.5.2. XAP software series/sane-1.0.19-x86_64-3.tgz: Moved udev rules to /lib/udev/rules.d/. XAP software series/xfce-4.4.3-x86_64-1.tgz: Upgraded to xfce-4.4.3. XAP software series/xsane-0.996-x86_64-1.tgz: Upgraded to xsane-0.996. XAP software series/xscreensaver-5.07-x86_64-2.tgz: Fixed a problem that can occur when RANDR reports incorrect data. EXTRA/jdk-6/jdk-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10. EXTRA/ktorrent/ktorrent-2.2.8-x86_64-1.tgz: Upgraded to ktorrent-2.2.8. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. +--------------------------+ Tue Oct 14 20:22:00 EEST 2008 A software series/glibc-solibs-2.7-x86_64-13.tgz: Recompiled. A software series/glibc-zoneinfo-2.7-noarch-13.tgz: Rebuilt using tzdata2008h for more DST fixes. A software series/kernel-test-huge-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! A A software series/kernel-test-modules-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! D software series/kernel-test-headers-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! AP software series/rpm-4.4.2.3-x86_64-2.tgz: Recompiled to make sure that the rpm binary links correctly. Thanks to Tom Newsom for reporting. L software series/glibc-2.7-x86_64-13.tgz: Recompiled. L software series/glibc-i18n-2.7-noarch-13.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-14.tgz: Recompiled with tzcode/tzdata updates. K software series/kernel-test-source-2.6.27-noarch-1.tgz: Upgraded to Linux 2.6.27 TEST! isolinux/initrd.img: Upgraded the test kernel modules and image to Linux 2.6.27. usb-and-pxe-installers: Upgraded the test kernel modules and image to Linux 2.6.27. +--------------------------+ Sat Oct 11 14:30:44 EEST 2008 A software series/ntfs-3g-1.2918-x86_64-1.tgz: Upgraded to ntfs-3g-1.2918. A software series/reiserfsprogs-3.6.20-x86_64-1.tgz: Upgraded to reiserfsprogs-3.6.20. A software series/udev-130-x86_64-1.tgz: Upgraded to udev-130. AP software series/cdrtools-2.01.01a50-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a50. D software series/ruby-1.8.7_p72-x86_64-1.tgz: Upgraded to ruby-1.8.7-p72. L software series/desktop-file-utils-0.15-x86_64-1.tgz: Upgraded to desktop-file-utils-0.15. L software series/gst-plugins-base-0.10.21-x86_64-1.tgz: Upgraded to gst-plugins-base-0.10.21. L software series/gstreamer-0.10.21-x86_64-1.tgz: Upgraded to gstreamer-0.10.21. L software series/hal-0.5.11-x86_64-3.tgz: Rebuilt against udev. Thanks to djgera for reporting. L software series/libcap-2.11-x86_64-1.tgz: Added libcap-2.11. L software series/libglade-2.6.3-x86_64-1.tgz: Upgraded to libglade-2.6.3. L software series/librsvg-2.22.3-x86_64-1.tgz: Upgraded to librsvg-2.22.3. L software series/shared-mime-info-0.51-x86_64-1.tgz: Upgraded to shared-mime-info-0.51. N software series/mcabber-0.9.9-x86_64-1.tgz: Upgraded to mcabber-0.9.9. N software series/vsftpd-2.0.7-x86_64-1.tgz: Upgraded to vsftpd-2.0.7 (this now requires libcap). TESTING/packages/kde4/deps/libspectre-0.2.1-x86_64-1.tgz: Added libspectre-0.2.1. TESTING/packages/kde4/deps/QScintilla-2.3-x86_64-1.tgz: Upgraded to QScintilla-2.3. TESTING/packages/kde4/deps/qimageblitz-r868728-x86_64-1.tgz: Upgraded to qimageblitz-r868728. TESTING/packages/kde4/deps/qt-r869114-x86_64-1.tgz: Upgraded to qt-copy-r869114. TESTING/packages/kde4/extragear/amarok-1.92.2-x86_64-1.tgz: Upgraded to amarok-1.92.2. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.2-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.2. TESTING/packages/kde4/extragear/kaudiocreator-r869103-x86_64-1.tgz: Upgraded to kaudiocreator-r869103. TESTING/packages/kde4/extragear/ktorrent-3.1.3-x86_64-1.tgz: Upgraded to ktorrent-3.1.3. TESTING/packages/kde4/kde/*.tgz: Upgraded to KDE 4.1.2. TESTING/packages/kde4/kde-l10n/*.tgz: Upgraded to KDE 4.1.2 l10n packages. +--------------------------+ Thu Oct 9 00:04:38 EEST 2008 A software series/device-mapper-1.02.28-x86_64-1.tgz: Upgraded to device-mapper-1.02.28. A software series/e2fsprogs-1.41.2-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.2. A software series/glibc-solibs-2.7-x86_64-12.tgz: Recompiled. A software series/glibc-zoneinfo-2.7-noarch-12.tgz: Recompiled. Upgraded to tzdata2008f to keep up with more DST and other timezone changes. A software series/grep-2.5.3-x86_64-1.tgz: Upgraded to grep-2.5.3. A software series/lilo-22.8-x86_64-13.tgz: Recompiled against new device-mapper and lvm2. A software series/lvm2-2.02.40-x86_64-1.tgz: Upgraded to lvm2-2.02.40. A software series/pcmciautils-015-x86_64-1.tgz: Upgraded to pcmciautils-015. A software series/udev-128-x86_64-1.tgz: Upgraded to udev-128. A software series/xfsprogs-2.10.1_1-x86_64-1.tgz: Upgraded to xfsprogs-2.10.1-1. AP software series/mysql-5.0.67-x86_64-1.tgz: Upgraded to mysql-5.0.67. AP software series/rpm-4.4.2.3-x86_64-1.tgz: Upgraded to rpm-4.4.2.3. AP software series/sqlite-3.6.3-x86_64-1.tgz: Upgraded to sqlite-3.6.3. AP software series/texinfo-4.13a-x86_64-1.tgz: Upgraded to texinfo-4.13a. D software series/autoconf-2.63-noarch-1.tgz: Upgraded to autoconf-2.63. D software series/automake-1.10.1-noarch-1.tgz: Upgraded to automake-1.10.1. D software series/doxygen-1.5.7-x86_64-1.tgz: Upgraded to doxygen-1.5.7. D software series/libtool-1.5.26-x86_64-1.tgz: Upgraded to libtool-1.5.26. L software series/beecrypt-4.1.2-x86_64-1.tgz: Added beecrypt-4.1.2. L software series/dbus-1.2.3-x86_64-1.tgz: Upgraded to dbus-1.2.3. L software series/dbus-glib-0.76-x86_64-1.tgz: Upgraded to dbus-glib-0.76. L software series/dbus-python-0.83.0-x86_64-1.tgz: Upgraded to dbus-python-0.83.0. L software series/hal-0.5.11-x86_64-2.tgz: Rebuilt. L software series/hal-info-20081001-noarch-1.tgz: Upgraded to hal-info-20081001. L software series/glibc-2.7-x86_64-12.tgz: Recompiled. Upgraded to tzdata2008f to keep up with more DST and other timezone changes. L software series/glibc-i18n-2.7-noarch-12.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-12.tgz: Recompiled. L software series/parted-1.8.8-x86_64-2.tgz: Recompiled with LVM2 support. N software series/lftp-3.7.4-x86_64-1.tgz: Upgraded to lftp-3.7.4. N software series/links-2.2-x86_64-1.tgz: Upgraded to links-2.2. N software series/ncftp-3.2.2-x86_64-1.tgz: Upgraded to ncftp-3.2.2. N software series/nmap-4.76-x86_64-1.tgz: Upgraded to nmap-4.76. N software series/wget-1.11.4-x86_64-1.tgz: Upgraded to wget-1.11.4. X software series/xdg-utils-1.0.2-noarch-2.tgz: Do not output errors from the first install script grep -- /etc/mailcap may not exist yet. XAP software series/fluxbox-1.1.1-x86_64-1.tgz: Upgraded to fluxbox-1.1.1. XAP/imagemagick-6.4.3_10-x86_64-1.tgz: Upgraded to ImageMagick-6.4.3-10 and recompiled with --disable-openmp to fix a problem with the perl Image::Magick module. +--------------------------+ Mon Sep 29 13:24:05 EEST 2008 XAP software series/mozilla-firefox-3.0.3-x86_64-1.tgz: Upgraded to firefox-3.0.3. This fixes a bug in firefox-3.0.2 where saved passwords did not work. XAP software series/mozilla-thunderbird-2.0.0.17-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.17. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [* Security fix *] +--------------------------+ Fri Sep 26 15:45:01 EEST 2008 XAP software series/mozilla-firefox-3.0.2-x86_64-1.tgz: Upgraded to firefox-3.0.2. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [* Security fix *] XAP software series/seamonkey-1.1.12-x86_64-1.tgz: Upgraded to seamonkey-1.1.12. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [* Security fix *] +--------------------------+ Thu Sep 25 00:26:01 EEST 2008 N software series/dhcpcd-2.0.8-x86_64-2.tgz: Recompiled with -fPIC. TESTING/packages/kde4/deps/gst-plugins-base-0.10.20-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/gstreamer-0.10.20-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/libgphoto2-2.4.1-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/sqlite-3.6.1-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/xdg-utils-1.0.2-noarch-1.tgz: Removed. This packages are already in the main tree. Thanks to djgera for reporting that this packages need to be removed ;). usb-and-pxe-installers/usbboot.img: Fixed bug #3. See http://bugzilla.bluewhite64.com/show_bug.cgi?id=3. Thanks to Diego for reporting. +--------------------------+ Wed Sep 24 16:31:08 EEST 2008 L software series/gtk+2-2.12.12-x86_64-2.tgz: Recompiled. This will fix some stability problems in GTk based applications. So, upgrade if your desktop experiencing some stability problems ;). L software series/poppler-0.8.5-x86_64-3.tgz: Added back qt3 support. Now both qt versions are enabled. +--------------------------+ Wed Sep 24 14:14:20 EEST 2008 X software series/libxcb-1.1-x86_64-2.tgz: Rebuilt with the right patch, previous was not applied correctly. TESTING/packages/kde4/remove-kde4.sh: Removed enchant and libraw1394 from the removepkg list. This was merged to the main tree so, don't need to be removed ;). Thanks to djgera for reporting the problems for this TESTING packages. TESTING/packages/kde4/kdegraphics-4.1.1-x86_64-2.tgz: Rebuilt once again against poppler, previous packages was missing some files. TESTING/packages/kde4/koffice-1.9.95.10-x86_64-2.tgz: Rebuilt once again against poppler, previous packages was missing some files. TESTING/packages/kde4/kde3-compat/qca-tls1-1.0-x86_64-opt2.tgz: Fixed qt3 path. TESTING/packages/kde4/kde3-compat/kdelibs3-3.5.10-x86_64-opt4.tgz: Removed some duplicate /usr files. TESTING/packages/kde4/kde-l10n/: Upgraded to KDE 4.1.1 l10n packages. This was missed with the latest updates. +--------------------------+ Tue Sep 23 15:43:00 EEST 2008 D software series/flex-2.5.35-x86_64-1.tgz: Upgraded to flex-2.5.35. E software series/emacs-22.3-x86_64-1.tgz: Upgraded to emacs-22.3. N software series/curl-7.19.0-x86_64-1.tgz: Upgraded to curl-7.19.0. A software series/coreutils-6.12-x86_64-1.tgz: Upgraded to coreutils-6.12. EXTRA/slacktrack/slacktrack-2.00-noarch-1.tgz: Upgraded to slacktrack-2.00. L software series/libpng-1.2.32-x86_64-1.tgz: Upgraded to libpng-1.2.32. XAP software series/imagemagick-6.4.3_6-x86_64-1.tgz: Upgraded to ImageMagick-6.4.3-6. AP software series/alsa-utils-1.0.17-x86_64-1.tgz: Upgraded to alsa-utils-1.0.17. L software series/alsa-lib-1.0.17a-x86_64-1.tgz: Upgraded to alsa-lib-1.0.17a. L software series/alsa-oss-1.0.17-x86_64-1.tgz: Upgraded to alsa-oss-1.0.17. L software series/enchant-1.4.2-x86_64-1.tgz: Moved from /testing/packages/kde4/deps/. L software series/gtkspell-2.0.14-x86_64-1.tgz: Added gtkspell-2.0.14. L software series/libraw1394-2.0.0-x86_64-1.tgz: Moved from /testing/packages/kde4/deps/. L software series/liboil-0.3.15-x86_64-1.tgz: Upgraded to liboil-0.3.15. XAP software series/pidgin-2.5.1-x86_64-4.tgz: Recompiled against gtkspell-2.0.14. Added gstreamer support. XAP software series/xlockmore-5.26.1-x86_64-1.tgz: Upgraded to xlockmore-5.26.1. TESTING/packages/kde4/remove-kde4.sh: Fixed kde-l10n names (was kde-i18n). D software series/bin86-0.16.15-x86_64-1.tgz: Removed. D software series/dev86-0.16.17-x86_64-1.tgz: Added dev86-0.16.17 (replaces bin86 package). D software seriesgit-1.6.0.2-x86_64-1.tgz: Upgraded to git-1.6.0.2. D software series/intltool-0.40.3-x86_64-1.tgz: Added intltool-0.40.3. L software series/atk-1.23.5-x86_64-1.tgz: Upgraded to atk-1.23.5. L software series/cairo-1.6.4-x86_64-1.tgz: Upgraded to cairo-1.6.4. L software series/gmime-2.2.23-x86_64-1.tgz: Upgraded to gmime-2.2.23. L software series/gnome-icon-theme-2.23.92-noarch-1.tgz: Upgraded to gnome-icon-theme-2.23.92. L software series/gtk+2-2.12.12-x86_64-1.tgz: Upgraded to gtk+-2.12.12. L software series/icon-naming-utils-0.8.7-x86_64-1.tgz: Upgraded to icon-naming-utils. L software series/librsvg-2.22.2-x86_64-1.tgz: Upgraded to librsvg-2.22.2. L software series/pango-1.20.5-x86_64-1.tgz: Upgraded to pango-1.20.5. L software series/pycairo-1.6.4-x86_64-1.tgz: Upgraded to pycairo-1.6.4. L software series/pygobject-2.15.4-x86_64-1.tgz: Upgraded to pygobject-2.15.4. N software series/bluez-utils-3.36-x86_64-3.tgz: This should work now. X software series/dri2proto-1.1-x86_64-1.tgz: Added dri2proto-1.1. X software series/fontconfig-2.6.0-x86_64-1.tgz: Upgraded to fontconfig-2.6.0. X software series/inputproto-1.4.4-noarch-1.tgz: Upgraded to inputproto-1.4.4. X software series/pixman-0.12.0-x86_64-1.tgz: Upgraded to pixman-0.12.0. X software series/libX11-1.1.5-x86_64-1.tgz: Upgraded to libX11-1.1.5. X software series/libXau-1.0.4-x86_64-1.tgz: Upgraded to libXau-1.0.4. X software series/libXft-2.1.13-x86_64-1.tgz: Upgraded to libXft-2.1.13. X software series/libXrandr-1.2.3-x86_64-1.tgz: Upgraded to libXrandr-1.2.3. X software series/libXxf86vm-1.0.2-x86_64-1.tgz: Upgraded to libXxf86vm-1.0.2. X software series/libxcb-1.1-x86_64-1.tgz: Upgraded to libxcb-1.1. X software series/randrproto-1.2.2-noarch-1.tgz: Upgraded to randrproto-1.2.2. X software series/xcb-proto-1.1-noarch-1.tgz: Upgraded to xcb-proto-1.1. X software series/xextproto-7.0.3-noarch-1.tgz: Upgraded to xextproto-7.0.3. X software series/xf86driproto-2.0.4-noarch-1.tgz: Upgraded to xf86driproto-2.0.4. X software series/xproto-7.0.13-noarch-1.tgz: Upgraded to xproto-7.0.13. XAP software seriss/xmms-1.2.11-x86_64-1.tgz: Recompiled without --enable-simd. Thanks to djgera for reporting that the previouse package can't play mp3 files. XAP software series/xfce-4.4.2-x86_64-6.tgz: Fixed a misapplied memory leak patch. +--------------------------+ Fri Sep 19 23:37:45 EEST 2008 KDE software series/k3b-1.0.5-x86_64-3.tgz: Recompiled to drop libdvdread support ;). +--------------------------+ Fri Sep 19 16:00:17 EEST 2008 kernels/huge.s/*: Upgraded to Linux kernel 2.6.24.7. TESTING/packages/kde4/kde3-compat/kdelibs3-3.5.10-x86_64-opt3.tgz: Repackaged the kdelibs-3.5.10-x86_64-1.tgz to make it work in a compat mode. Successfully tested k3b-1.0.5 on KDE4 with this packages ;). +--------------------------+ Fri Sep 19 01:27:45 EEST 2008 TESTING/packages/kde4/deps/gmm-3.1-noarch-1.tgz: Upgraded to gmm-3.1. TESTING/packages/kde4/deps/clucene-0.9.21-x86_64-1.tgz: Upgraded to clucene-0.9.21. TESTING/packages/kde4/deps/soprano-2.1.1-x86_64-1.tgz: Upgraded to soprano-2.1.1. TESTING/packages/kde4/deps/sip-4.7.7-x86_64-1.tgz: Upgraded to sip-4.7.7. TESTING/packages/kde4/deps/libzip-0.9-x86_64-1.tgz: Upgraded to libzip-0.9. TESTING/packages/kde4/deps/pycups-1.9.42-x86_64-1.tgz: Upgraded to pycups-1.9.42. TESTING/packages/kde4/deps/djvulibre-3.5.21-x86_64-1.tgz: Upgraded to djvulibre-3.5.21. TESTING/packages/kde4/deps/libraw1394-2.0.0-x86_64-1.tgz: Upgraded to libraw1394-2.0.0. TESTING/packages/kde4/deps/qimageblitz-r860451-x86_64-1.tgz: Upgraded to qimageblitz r860451. TESTING/packages/kde4/deps/PyQt-4.4.3-x86_64-1.tgz: Upgraded to PyQt-4.4.3. TESTING/packages/kde4/deps/qt-r860451-x86_64-1.tgz: Upgraded to qt-copy r860451. TESTING/packages/kde4/extragear/amarok-1.90-x86_64-1.tgz: Upgraded to amarok-1.90. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.1-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.1. TESTING/packages/kde4/extragear/kaudiocreator-r860749-x86_64-1.tgz: Upgraded to kaudiocreator r860749. TESTING/packages/kde4/extragear/ktorrent-3.1.2-x86_64-2.tgz: Recompiled ktorrent-3.1.2. TESTING/packages/kde4/kde/: Upgraded to KDE 4.1.1. TESTING/packages/kde4/kde-l10n/: Upgraded to KDE 4.1.1 l10n packages. TESTING/packages/kde4/kde3-compat/: Rebuild the KDE3 compatibility packages, moved them into /opt/kde3/. +--------------------------+ Thu Sep 18 01:21:46 EEST 2008 A software series/acpid-1.0.7b1-x86_64-1.tgz: Upgraded to acpid-1.0.7b1. A software series/e2fsprogs-1.41.1-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.1. A software series/etc-12.2-noarch-1.tgz: Do not set LC_ALL POSIX in /etc/csh.login. A software series/gawk-3.1.6-x86_64-1.tgz: Upgraded to gawk-3.1.6. A software series/sysvinit-scripts-1.2-noarch-24.tgz: Shut down acpid cleanly on halt/reboot. Erase any /usr/share/icons/icon-theme.cache that should not be there. AP software series/gphoto2-2.4.2-x86_64-2.tgz: Fixed uncompressed manpage. AP software series/nano-2.0.9-x86_64-1.tgz: Upgraded to nano-2.0.9. AP software series/vim-7.2.018-x86_64-1.tgz: Upgraded to vim-7.2.018. D software series/clisp-2.46-x86_64-1.tgz: Upgraded to clisp-2.46. KDE software series/amarok-1.4.10-x86_64-3.tgz: Patched for new libmtp API. KDE software series/kdelibs-3.5.10-x86_64-1.tgz: Reverted to the earlyer package. GCC 4.2.4 did not produce good code here, so will stick the working one ;). L software series/glib2-2.16.6-x86_64-1.tgz: Upgraded to glib2-2.16.6. L software series/libmtp-0.3.1-x86_64-1.tgz: Upgraded to libmtp-0.3.1. L software series/pilot-link-0.12.3-x86_64-4.tgz: Get rid of stray perllocal.pod. N software series/bind-9.4.2_P2-x86_64-1.tgz: Upgraded to bind-9.4.2-P2. This version has performance gains over bind-9.4.2-P1. Additional BIND /patches packages are available back to Bluewhite64 11.0. N software series/bluez-libs-3.36-x86_64-1.tgz: Upgraded to bluez-libs-3.36. (Some upstream code is not yet ready for the 4.x API) N software series/bluez-utils-3.36-x86_64-1.tgz: Upgraded to bluez-utils-3.36. It seems --enable-all is no longer a valid ./configure option for this package, and everything needs to be enabled individually, so several utilities and config files were missing from the previous package. N software series/rp-pppoe-3.10-x86_64-1.tgz: Upgraded to rp-pppoe-3.10. X software series/xf86-input-joystick-1.3.2-x86_64-2.tgz: Fixed misplaced man page. XAP software series/audacious-plugins-1.5.1-x86_64-2.tgz: Patched for new libmtp API. XAP software series/vim-gvim-7.2.018-x86_64-1.tgz: Upgraded to vim-7.2.018 (GTK+ add-on package). KDE 4.1.1 coming soon, need more TESTING here ;) +--------------------------+ Sun Sep 14 12:32:57 EEST 2008 A software series/glibc-solibs-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. A software series/glibc-zoneinfo-2.7-noarch-11.tgz: Rebuild from tzcode/tzdata2008e. A software series/kernel-huge-2.6.24.7-x86_64-1.tgz: Upgraded to Linux 2.6.24.7. A software series/kernel-modules-2.6.24.7-x86_64-1.tgz: Upgraded to Linux 2.6.24.7. A software series/less-418-x86_64-1.tgz: Upgraded to less-418. A software series/ntfs-3g-1.2812-x86_64-1.tgz: Upgraded to ntfs-3g-1.2812. A software series/util-linux-ng-2.14.1-x86_64-1.tgz: Upgraded to util-linux-ng-2.14.1. AP software series/flac-1.2.1-x86_64-2.tgz: Recompiled to bring back the XMMS plugin. AP software series/gphoto2-2.4.2-x86_64-1.tgz: Added gphoto2-2.4.2. AP software series/linuxdoc-tools-0.9.21-x86_64-6.tgz: Recompiled against perl-5.10.0. AP software series/man-pages-3.08-noarch-1.tgz: Upgraded to man-pages-3.08 and man-pages-posix-2003-a. AP software series/mc-4.6.1_20070623p14-x86_64-1.tgz: Upgraded to mc-4.6.1_20070623p14. Patched to improve UTF8 support. AP software series/sqlite-3.6.2-x86_64-1.tgz: Added sqlite-3.6.2. AP software series/sox-14.1.0-x86_64-1.tgz: Upgraded to sox-14.1.0. See the documention for changes to the command-line options. D software series/cmake-2.6.1-x86_64-1.tgz: Upgraded to cmake-2.6.1. D software series/cvs-1.11.23-x86_64-1.tgz: Upgraded to cvs-1.11.23. D software series/doxygen-1.5.6-x86_64-1.tgz: Upgraded to doxygen-1.5.6. D software series/gcc-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-g++-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-gfortran-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-gnat-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-java-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-objc-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/git-1.6.0.1-x86_64-1.tgz: Upgraded to git-1.6.0.1. D software series/guile-1.8.5-x86_64-1.tgz: Upgraded to guile-1.8.5. D software series/kernel-headers-2.6.24.7_smp-x86-1.tgz: Upgraded to Linux 2.6.24.7 headers. D software series/mercurial-1.0.2-x86_64-1.tgz: Upgraded to mercurial-1.0.2. D software series/perl-5.10.0-x86_64-1.tgz: Upgraded to perl-5.10.0. D software series/python-2.5.2-x86_64-3.tgz: Recompiled against Tcl/Tk 8.5.4. D software series/subversion-1.5.2-x86_64-1.tgz: Upgraded to subversion-1.5.2. D software series/perl-5.10.0-x86_64-1.tgz: Upgraded to perl-5.10.0. K software series/kernel-source-2.6.24.7-noarch-1.tgz: Upgraded to Linux 2.6.24.7. KDE software series/amarok-1.4.10-x86_64-2.tgz: Recompiled. KDE software series/k3b-1.0.5-x86_64-2.tgz: Recompiled. KDE software series/kdeaccessibility-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeaddons-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeadmin-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeartwork-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdebase-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdebindings-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeedu-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdegames-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdegraphics-3.5.10-x86_64-2.tgz: Recompiled. This adds libgphoto2 support. KDE software series/kdelibs-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdemultimedia-3.5.10-x86_64-2.tgz: Recompiled. This adds libgstreamer support to JuK. KDE software series/kdenetwork-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdepim-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdesdk-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdetoys-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeutils-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdevelop-3.5.3-x86_64-2.tgz: Recompiled. KDE software series/kdewebdev-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/koffice-1.6.3-x86_64-7.tgz: Recompiled. L software series/arts-1.5.10-x86_64-2.tgz: Recompiled. L software series/freetype-2.3.7-x86_64-1.tgz: Upgraded to freetype-2.3.7. L software series/fuse-2.7.4-x86_64-1.tgz: Upgraded to fuse-2.7.4. L software series/glibc-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. L software series/glibc-i18n-2.7-noarch-11.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. L software series/gst-plugins-base-0.10.20-x86_64-1.tgz: Added gst-plugins-base-0.10.20. L software series/gstreamer-0.10.20-x86_64-1.tgz: Added gstreamer-0.10.20. L software series/gmp-4.2.3-x86_64-1.tgz: Upgraded to gmp-4.2.3. L software series/hal-0.5.11-x86_64-1.tgz: Upgraded to hal-0.5.11. L software series/hal-info-20080508-noarch-1.tgz: Upgraded to hal-info-20080508. L software series/libgphoto2-2.4.2-x86_64-1.tgz: Added libgphoto2-2.4.2. L software series/liboil-0.3.14-x86_64-1.tgz: Added liboil-0.3.14. L software series/libvisual-plugins-0.4.0-x86_64-1.tgz: Added libvisual-plugins-0.4.0. These create some cool special effects with Amarok. L software series/parted-1.8.8-x86_64-1.tgz: Moved from /extra (this is now a HAL dependency). L software series/pilot-link-0.12.3-x86_64-3.tgz: Recompiled against perl-5.10.0. L software series/svgalib_helper-1.9.25_2.6.24.7-x86_64-3.tgz: Recompiled for Linux 2.6.24.7. N software series/dhcpcd-2.0.8-x86_64-1.tgz: Upgraded to dhcpcd-2.0.8. N software series/iptables-1.4.1.1-x86_64-1.tgz: Upgraded to iptables-1.4.1.1. N software series/irssi-0.8.12-x86_64-2.tgz: Recompiled against perl-5.10.0. N software series/net-snmp-5.4.1.2-x86_64-2.tgz: Recompiled against perl-5.10.0. N software series/obexftp-0.22-x86_64-1.tgz: Upgraded to obexftp-0.22. Built without ruby support, it does not compile. N software series/rsync-3.0.4-x86_64-1.tgz: Upgraded to rsync-3.0.4. TCL software series/expect-5.43.0-x86_64-3.tgz: Recompiled against Tcl/Tk 8.5.4. TCL software series/hfsutils-3.2.6-x86_64-3.tgz: Recompiled against tcl-8.5.4. TCL software series/tcl-8.5.4-x86_64-1.tgz: Upgraded to tcl-8.5.4. TCL software series/tix-8.4.3-x86_64-1.tgz: Upgraded to Tix-8.4.3. tixwish is no longer supported. TCL software series/tk-8.5.4-x86_64-1.tgz: Upgraded to tk-8.5.4. X software series/xdg-utils-1.0.2-noarch-1.tgz: Added xdg-utils-1.0.2. Thanks to Erik Hanson for the build script, and thanks to Michael Wagner for the hints concerning setting up some default mailcap entries. XAP software series/audacious-1.5.1-x86_64-1.tgz: Upgraded to audacious-1.5.1. XAP software series/audacious-plugins-1.5.1-x86_64-1.tgz: Upgraded to audacious-plugins-1.5.1. XAP software series/gimp-2.4.7-x86_64-1.tgz: Upgraded to gimp-2.4.7. XAP software series/imagemagick-6.4.2_5-x86_64-2.tgz: Recompiled against perl-5.10.0. XAP software series/pidgin-2.5.1-x86_64-2.tgz: Recompiled against tcl-8.5.4 and perl-5.10.0. XAP software series/x3270-3.3.7p8-x86_64-1.tgz: Upgraded to x3270-3.3.7p8. XAP software series/xchat-2.8.6-x86_64-2.tgz: Recompiled against tcl-8.5.4. XAP software series/xine-lib-1.1.15-x86_64-1.tgz: Upgraded to xine-lib-1.1.15. XAP software seriss/xmms-1.2.11-x86_64-1.tgz: Added xmms-1.2.11. XAP software series/xscreensaver-5.07-x86_64-1.tgz: Upgraded to xscreensaver-5.07. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. +--------------------------+ Thu Sep 4 01:49:01 EEST 2008 XAP software series/pidgin-2.5.1-x86_64-1.tgz: Upgraded to pidgin-2.5.1. N software series/samba-3.2.3-x86_64-1.tgz: Upgraded to samba-3.2.3. This fixes a security issue where group_mapping.ldb was accidentally chmod 666 (only in -current, as all previous Bluewhite64 versions use the Samba 3.0.x branch which is not affected). This build also adds the mount.smbfs wrapper script for mount.cifs, and a link to the wrapper from /usr/bin/smbmount. This may fix some of the issues that people were having mounting SMB filesystems. Note that SMBFS is considered obsolete now, and using mount.smbfs really isn't any different in function using the wrapper than using mount.cifs directly. For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 [*** Security fix ***] Since this security issue only affects the unreleased development branch, (-current) this ChangeLog comment is the official notification. For those using older versions of Bluewhite64, many of them got bugfix updates to the 3.0.x branch. Check the new packages out -- they should correct some stability issues. +--------------------------+ Fri Aug 29 20:22:11 EEST 2008 Upgraded KDE version 3.x.x to 3.5.10. The announcement may be found on the KDE web site: http://kde.org/announcements/announce-3.5.10.php KDE software series/amarok-1.4.10-x86_64-1.tgz: Upgraded to amarok-1.4.10. KDE software series/k3b-1.0.5-x86_64-1.tgz: Upgraded to k3b-1.0.5. KDE software series/kdeaccessibility-3.5.10-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.10. KDE software series/kdeaddons-3.5.10-x86_64-1.tgz: Upgraded to kdeaddons-3.5.10. KDE software series/kdeadmin-3.5.10-x86_64-1.tgz: Upgraded to kdeadmin-3.5.10. KDE software series/kdeartwork-3.5.10-x86_64-1.tgz: Upgraded to kdeartwork-3.5.10. KDE software series/kdebase-3.5.10-x86_64-1.tgz: Upgraded to kdebase-3.5.10. KDE software series/kdebindings-3.5.10-x86_64-1.tgz: Upgraded to kdebindings-3.5.10. KDE software series/kdeedu-3.5.10-x86_64-1.tgz: Upgraded to kdeedu-3.5.10. KDE software series/kdegames-3.5.10-x86_64-1.tgz: Upgraded to kdegames-3.5.10. KDE software series/kdegraphics-3.5.10-x86_64-1.tgz: Upgraded to kdegraphics-3.5.10. KDE software series/kdelibs-3.5.10-x86_64-1.tgz: Upgraded to kdelibs-3.5.10. KDE software series/kdemultimedia-3.5.10-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.10. KDE software series/kdenetwork-3.5.10-x86_64-1.tgz: Upgraded to kdenetwork-3.5.10. KDE software series/kdetoys-3.5.10-x86_64-1.tgz: Upgraded to kdetoys-3.5.10. KDE software series/kdepim-3.5.10-x86_64-1.tgz: Upgraded to kdepim-3.5.10. KDE software series/kdesdk-3.5.10-x86_64-1.tgz: Upgraded to kdesdk-3.5.10. KDE software series/kdeutils-3.5.10-x86_64-1.tgz: Upgraded to kdeutils-3.5.10. KDE software series/kdevelop-3.5.3-x86_64-1.tgz: Upgraded to kdevelop-3.5.3. KDE software series/kdewebdev-3.5.10-x86_64-1.tgz: Upgraded to kdewebdev-3.5.10. KDE software series/koffice-1.6.3-x86_64-5.tgz: Recompiled and Patched KOffice to write ODT elements in the correct order according to specs. KDEi/k3b-i18n-1.0.5-noarch-1.tgz: Upgraded to k3b-i18n-1.0.5. KDEi software series/kde-i18n-*-3.5.10-noarch-1.tgz: Upgraded to kde-i18n 3.5.10. L software series/arts-1.5.10-x86_64-1.tgz: Upgraded to arts-1.5.10. +--------------------------+ Tue Aug 12 11:24:10 EEST 2008 N software series/alpine-1.10-x86_64-2.tgz: Fixed path for SSL certs. N software series/imapd-1.10-x86_64-2.tgz: Fixed path for SSL certs. X software series/m17n-lib-1.5.2-x86_64-1.tgz: Upgraded to m17n-lib-1.5.2. +--------------------------+ Fri Aug 8 00:54:49 EEST 2008 A software series/cups-1.3.8-x86_64-1.tgz: Upgraded to cups-1.3.8. AP software series/hplip-2.8.7-x86_64-1.tgz: Upgraded to hplip-2.8.7. D software series/git-1.5.6.4-x86_64-1.tgz: Upgraded to git-1.5.6.4. D software series/mercurial-1.0.1-x86_64-1.tgz: Upgraded to mercurial-1.0.1. D software series/subversion-1.5.1-x86_64-1.tgz: Upgraded to subversion-1.5.1. N software series/alpine-1.10-x86_64-1.tgz: Added alpine-1.10, a Pine replacement. N software series/imapd-1.10-x86_64-1.tgz: Upgraded to imapd/ipop3d daemons from alpine-1.10. N software series/pine-4.64-x86_64-2.tgz: Removed. (Replaced by alpine-1.10) N software series/rsync-3.0.3-x86_64-1.tgz: Upgraded to rsync-3.0.3. N software series/samba-3.2.1-x86_64-1.tgz: Upgraded to samba-3.2.1. XAP software series/xchat-2.8.6-x86_64-1.tgz: Upgraded to xchat-2.8.6. +--------------------------+ Thu Aug 7 00:35:47 EEST 2008 A software series/sysvinit-scripts-1.2-noarch-23.tgz: Removed line that wipes out /etc/motd. AP software series/ghostscript-8.63-x86_64-1.tgz: Upgraded to ghostscript-8.63. N software series/httpd-2.2.9-x86_64-2.tgz: Recompiled: Lennard reported that httpd segfaults when mod_proxy is used. The recompile fixed this issue. Thanks to Lennard for reporting and tesing the new package. +--------------------------+ Wed Aug 6 12:18:59 EEST 2008 A software series/sysvinit-scripts-1.2-noarch-22.tgz: _Really_ quieted down rc.M's mime update this time (it seems that errors are sent to stdout). If we must update icon-cache files in rc.M (which is done only if they already exist), background it so that it doesn't delay the boot as much. In rc.S, only update the kernel version in /etc/motd if the file begins with "Linux", leaving the rest of the file free to be customized. Grab some information about the root partition from /proc/mounts to initialize /etc/mtab. D software series/python-2.5.2-x86_64-2.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 [*** Security fix ***] N software series/getmail-4.8.2-noarch-1.tgz: Upgraded to getmail-4.8.2. X software series/dejavu-fonts-ttf-2.26-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.26. X software series/liberation-fonts-ttf-1.04-noarch-1.tgz: Upgraded to liberation-fonts-1.04. XAP software series/pan-0.133-x86_64-1.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 [*** Security fix ***] +--------------------------+ Fri Aug 1 12:26:20 EEST 2008 A software series/hdparm-8.9-x86_64-1.tgz: Upgraded to hdparm-8.9. KDE software series/kdegraphics-3.5.9-x86_64-3.tgz: Recompiled against poppler-0.8.5. KDE software series/koffice-1.6.3-x86_64-4.tgz: Recompiled against poppler-0.8.5. L software series/poppler-0.8.5-x86_64-1.tgz: Upgraded to poppler-0.8.5. XAP software series/gimp-2.4.6-x86_64-2.tgz: Recompiled against poppler-0.8.5. XAP software series/gxine-0.5.903-x86_64-1.tgz: Upgraded to gxine-0.5.903. XAP software series/mozilla-firefox-3.0.1-x86_64-3.tgz: Added some missing symlinks needed by gxine in order to compile. XAP software series/imagemagick-6.4.2_5-x86_64-1.tgz: Upgraded to ImageMagick 6.4.2-5. XAP software series/windowmaker-20060427cvs-x86_64-1.tgz: Switched to a patched CVS snapshot to get this compiling again with gcc 4.x (against ImageMagick 6.4.2-5). XAP software series/xine-lib-1.1.14-x86_64-1.tgz: Upgraded to xine-lib-1.1.14. N software series/proftpd-1.3.1-x86_64-2.tgz: Recompiled against new OpenSSL, since this evidently checks the OpenSSL version and will only run against the libraries it was compiled against. A small patch was also added to account for changes in the system includes. +--------------------------+ Thu Jul 31 16:00:55 EEST 2008 A software series/openssl-solibs-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h shared libraries (see below). [*** Security fix ***] A software series/sysvinit-scripts-1.2-noarch-21.tgz: For now, quiet error output from update-mime-database, since KDE4 causes some "noise". AP software series/vim-7.1.330-x86_64-1.tgz: Upgraded to vim-7.1.330. This fixes several security issues related to the automatic processing of untrusted files. For more information, see: http://www.rdancer.org/vulnerablevim.html [*** Security fix ***] L software series/libxml2-2.6.32-x86_64-1.tgz: Upgraded to libxml2-2.6.32. L software series/libxslt-1.1.24-x86_64-1.tgz: Upgraded to libxslt-1.1.24. A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 [*** Security fix ***] L software series/pcre-7.7-x86_64-1.tgz: Upgraded to pcre-7.7. Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 [*** Security fix ***] N software series/fetchmail-6.3.8-x86_64-3.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 [*** Security fix ***] N software series/httpd-2.2.9-x86_64-1.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 [*** Security fix ***] N software series/links-2.1-x86_64-1.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 [*** Security fix ***] N software series/mtr-0.73-x86_64-1.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). [*** Security fix ***] N software series/net-snmp-5.4.1.2-x86_64-1.tgz: Upgraded to net-snmp-5.4.1.2. A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292 [*** Security fix ***] N software series/openldap-client-2.3.43-x86_64-1.tgz: Upgraded to openldap-2.3.43. This release fixes a security issue in slapd (our package does not ship it.) N software series/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! N software series/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! N software series/openssl-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h. The Codenomicon TLS test suite uncovered security bugs in OpenSSL. If OpenSSL was compiled using non-default options (Bluewhite64's package is not), then a malicious packet could cause a crash. Also, a malformed TLS handshake could also lead to a crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or it is possible to be unable to log back into sshd! [*** Security fix ***] XAP software series/gimp-2.4.6-x86_64-1.tgz: Upgraded to gimp-2.4.6. XAP software series/mozilla-thunderbird-2.0.0.16-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.16. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] XAP software series/vim-gvim-7.1.330-x86_64-1.tgz: Upgraded to vim-gvim-7.1.330. See "vim" above for details. [*** Security fix ***] XAP software series/xscreensaver-5.06-x86_64-1.tgz: Upgraded to xscreensaver-5.06. +--------------------------+ Fri Jul 25 16:52:34 EEST 2008 N software series/dnsmasq-2.45-x86_64-1.tgz: Upgraded to dnsmasq-2.45. It was discovered that earlier versions of dnsmasq have DNS cache weaknesses that are similar to the ones recently discovered in BIND. This new release minimizes the risk of cache poisoning. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] TESTING/packages/jdk-6u10_beta-x86_64-1.tgz: Added Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 10 beta. If you have printing issues with CUPS and Java(TM) version 6.0 update 7 (stable), try using version 6.0 update 10 (BETA)! TESTING/packages/jre-6u10_beta-x86_64-1.tgz: Added Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10 beta. Both of these Java(TM) packages are suitable for use on Bluewhite64 12.1 and 12.0. +--------------------------+ Mon Jul 21 00:49:06 EEST 2008 L software series/jre-6u7-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 7. EXTRA software/jdk-6/jdk-6u7-x86_64-1.tgz: Upgradedto Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 7. +--------------------------+ Sat Jul 19 15:52:10 EEST 2008 XAP software series/mozilla-firefox-3.0.1-x86_64-2.tgz: Removed unused commands from doinst.sh. Thanks to rraptorr for reporting this. Sorry for any inconvenience! +--------------------------+ Fri Jul 18 11:56:12 EEST 2008 A software series/ntfs-3g-1.2712-x86_64-1.tgz: Upgraded to ntfs-3g-1.2712. This has been compiled to use the internal FUSE library rather than the system FUSE library. The benefit of this is that if /bin/ntfs-3g is make setuid root, then non-root users can use it to mount NTFS partitions if /etc/fstab allows it. Also, this version of ntfs-3g would require the CVS version of external FUSE. A software series/util-linux-ng-2.14-x86_64-1.tgz: Upgraded to util-linux-ng-2.14. X software series/mesa-7.0.3-x86_64-1.tgz: Upgraded to mesa-7.0.3. XAP software series/mozilla-firefox-3.0.1-x86_64-1.tgz: Upgraded to firefox-3.0.1 This release fixes some stability and security issues found in Firefox 3. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.1 http://www.mozilla.com/en-US/firefox/3.0.1/releasenotes/ [*** Security fix ***] XAP software series/seamonkey-1.1.11-x86_64-1.tgz: Upgraded to Seamonkey 1.1.11. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +--------------------------+ Tue Jul 15 18:44:52 EEST 2008 A software series/e2fsprogs-1.41.0-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.0. N software series/dnsmasq-2.43-x86_64-1.tgz: Upgraded to dnsmasq-2.43. +--------------------------+ Sat Jul 12 01:44:05 EEST 2008 D software series/nasm-2.03.01-x86_64-1.tgz: Upgraded to nasm-2.03.01. X software series/compiz-0.7.6-x86_64-1.tgz: Upgraded to compiz-0.7.6. X software series/xf86-video-ati-6.9.0-x86_64-1.tgz: Upgraded to xf86-video-ati-6.9.0. X software series/xf86-video-mach64-6.8.0-x86_64-1.tgz: Added xf86-video-mach64-6.8.0. This can be used alone with driver type "mach64" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. X software series/xf86-video-r128-6.8.0-x86_64-1.tgz: Added xf86-video-r128-6.8.0. This can be used alone with driver type "r128" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. X software series/xf86-video-intel-2.3.2-x86_64-1.tgz: Upgraded to xf86-video-intel-2.3.2. X software series/xf86-video-nv-2.1.10-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.10. +--------------------------+ Thu Jul 10 22:56:12 EEST 2008 N software series/bind-9.4.2_P1-x86_64-1.tgz: Upgraded to bind-9.4.2-P1. This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache Poisoning Issue. This is the summary of the problem from the BIND site: "A weakness in the DNS protocol may enable the poisoning of caching recurive resolvers with spoofed data. DNSSEC is the only full solution. New versions of BIND provide increased resilience to the attack." It is suggested that sites that run BIND upgrade to one of the new packages in order to reduce their exposure to DNS cache poisoning attacks. For more information, see: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] XAP software series/pidgin-2.4.3-x86_64-1.tgz: Upgraded to pidgin-2.4.3. This updates pidgin to work with the changed ICQ protocol. XAP software series/seamonkey-1.1.10-x86_64-1.tgz: Upgraded to seamonkey-1.1.10. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Thu Jul 3 00:14:20 EEST 2008 X software series/wqy-zenhei-font-ttf-0.6.26_0-noarch-1.tgz: Upgraded to wqy-zenhei-font-ttf-0.6.26-0. X software series/xorg-server-1.4.2-x86_64-1.tgz: Upgraded xorg-server to address denial of service and possible arbitrary code execution flaws reported in xorg-server 1.4 prior to 1.4.2. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362 [*** Security fix ***] X software series/xorg-server-xnest-1.4.2-x86_64-1.tgz: Security fixes (see CVE entries above). [*** Security fix ***] X software series/xorg-server-xvfb-1.4.2-x86_64-1.tgz: Security fixes (see CVE entries above). [*** Security fix ***] +--------------------------+ Mon Jun 30 13:27:37 EEST 2008 N software series/gnutls-2.2.5-x86_64-1.tgz: Upgraded to GnuTLS version 2.2.5. This updated package fixes bugs which can lead to a denial of service (DoS) in programs linked with GnuTLS. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 [*** Security fix ***] +--------------------------+ Sat Jun 28 12:34:11 EEST 2008 D software series/ruby-1.8.6_p230-x86_64-1.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 [*** Security fix ***] +--------------------------+ Thu Jun 26 11:15:05 EEST 2008 A software series/pciutils-2.2.10-x86_64-2.tgz: Recompiled with -fPIC. N software series/libassuan-1.0.4-x86_64-2.tgz: Recompiled with -fPIC. Thanks to Kenjiro Tanaka for reporting that this two packages need to be compiled with -fPIC for KDE 4.x ;). +--------------------------+ Fri Jun 20 23:15:58 EEST 2008 XAP software series/mozilla-firefox-3.0-x86_64-1.tgz: Upgraded to firefox-3.0. A software series/getty-ps-2.1.0b-x86_64-1.tgz: Added getty-ps-2.1.0b. Thanks to Adrian Virgil-Teaca for helping to compile this ;). +--------------------------+ Thu May 29 20:03:29 EEST 2008 N software series/samba-3.0.30-x86_64-1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 [*** Security fix ***] +--------------------------+ Thu May 29 00:28:18 EEST 2008 A software series/mkinitrd-1.3.2-x86_64-3.tgz: Initialize RAID earlier so that the combination of RAID+LUKS+LVM works. XAP software series/rdesktop-1.6.0-x86_64-1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" This package build also includes the new alsa driver (--with-sound=alsa), For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 [*** Security fix ***] EXTRA software/ktorrent/ktorrent-2.2.7-x86_64-1.tgz: Upgraded to ktorrent-2.2.7. +--------------------------+ Thu May 8 18:48:25 EEST 2008 N software series/php-5.2.6-x86_64-1.tgz: Upgraded to PHP 5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php XAP software series/mozilla-thunderbird-2.0.0.14-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] +--------------------------+ Sat May 3 09:51:15 EEST 2008 Bluewhite64 Linux 12.1 released as stable! THANKS to all for helping with this release! Don't forget to read the CHANGES_AND_HINTS.TXT file for more information about changes and hints. I hope you find Bluewhite64 12.1 to be useful! ;) EXTRA software/ia32-emulation/ia32-libX11-with-xcb/ia32-libX11-1.1.4-x86_64-1.tgz: Added libX11 compiled with xcb. Use this package only if you are having problems running 32-bit GUI applications. +--------------------------+ Fri May 2 12:07:05 EEST 2008 A software series/kernel-test-huge-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 SMP test.s (full-featured test) kernel. A software series/kernel-modules-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel modules. TESTING/packages/kernel-test/kernel-test-headers-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel headers. TESTING/packages/kernel-test/kernel-test-source-2.6.25.1-noarch-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel source package. kernels/test.s/*: Upgraded to huge.s 2.6.25.1 test kernel. isolinux/initrd.img: Replaced the test kernel modules with 2.6.25.1 version. usb-and-pxe-installers/: Replaced the test kernel modules with 2.6.25.1 version. +--------------------------+ Thu May 1 23:26:52 EEST 2008 Bluewhite64 12.1 RC4. The last RC? ;). A software series/kernel-huge-2.6.24.5-x86_64-2.tgz: Patched to fix a security issue in fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x systems) could lead to a local DoS, or possibly a local root hole. This flaw will also be addressed in the kernels for previous releases as soon as possible. The patch itself may be found in source/k/linux-2.6.24.5-CVE-2008-1375-patch/. For additional information (when the CVE candidate is opened), see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375 All the kernel packages below should also be considered security fixes. [*** Security fix ***] A software series/kernel-test-huge-2.6.25-x86_64-2.tgz: Patched and recompiled. A software series/kernel-modules-2.6.24.5-x86_64-2.tgz: Patched and recompiled. A software series/kernel-test-modules-2.6.25-x86_64-2.tgz: Patched and recompiled. D software series/kernel-headers-2.6.24.5-x86_64-2.tgz: Rebuilt from a patched source tree. K software series/kernel-source-2.6.24.5-noarch-2.tgz: Patched (leaving dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later). L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-2.tgz: Recompiled. EXTRA software/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:) TESTING/packages/kernel-test/kernel-test-headers-2.6.25-x86_64-2.tgz: Rebuilt from a patched source tree. TESTING/packages/kernel-test/kernel-test-source-2.6.25-noarch-2.tgz: Patched (leaving dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later). kernels/huge.s/*: Patched and recompiled. kernels/test.s/*: Patched and recompiled. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. +--------------------------+ Tue Apr 29 13:47:34 EEST 2008 This is Bluewhite64 12.1-RC3, no ISO for this time ;). Enjoy! A software series/cups-1.3.7-x86_64-2.tgz: Applied patch str2790 to fix crash bugs in the PNG image filter. The issues are not believed to be capable of either a DoS (at worst, it simply crashes the filter processing the current job and does not crash the scheduler daemon, which just moves on to the next job in the print queue), nor arbitrary code execution (data from the image is never stored in the affected tile array). Still, it seems to be worth fixing here just in case. The CUPS bug report may be found here: http://www.cups.org/str.php?L2790 AP software series/mysql-5.0.51b-x86_64-1.tgz: Upgraded to mysql-5.0.51b (which appears to be nothing more than a version bump...) L software series/imlib-1.9.15-x86_64-6.tgz: Patched to fix rendering issues on Intel and possibly other graphics chipsets. L software series/libmtp-0.2.6.1-x86_64-1.tgz: Upgraded to libmtp-0.2.6.1. The udev rules are now sed processed during build. L software series/libpng-1.2.27-x86_64-1.tgz: Upgraded to libpng-1.2.27. This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt [*** Security fix ***] X software series/xf86-input-joystick-1.3.2-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.2. X software series/xf86-video-vmware-10.16.1-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.1. XAP software series/mozilla-firefox-2.0.0.14-x86_64-2.tgz: Added the distribution name and version to the User Agent (UA). XAP software series/seamonkey-1.1.9-x86_64-1.tgz:Added the distribution name and version to the User Agent (UA). isolinux/initrd.img: Fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer. usb-and-pxe-installers/: In usbboot.img, fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer. +--------------------------+ Sun Apr 27 17:43:34 EEST 2008 X software series/pixman-0.10.0-x86_64-3.tgz: Restored MMX optimizations. +--------------------------+ Sat Apr 26 11:24:26 EEST 2008 A software series/aaa_base-12.1.0-noarch-3.tgz: More initial emails update. KDE software series/kdelibs-3.5.9-x86_64-4.tgz: Patched to fix a security problem. From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code." This issue affects KDE 3.5.5 through KDE 3.5.9. We recommend upgrading to the new kdelibs package as soon as possible. For more information, see: http://www.kde.org/info/security/advisory-20080426-2.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671 [*** Security fix ***] isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID. usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for formatted swap on RAID. EXTRA software/ktorrent/ktorrent-2.2.6-x86_64-1.tgz: Upgraded to ktorrent-2.2.6. EXTRA software/slackpkg/slackpkg-2.70.2-noarch-2.tgz: Added a new mirror. Thanks to Peter Polonkai for the devall.hu mirrors! +--------------------------+ Thu Apr 24 10:53:16 EEST 2008 A software series/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails. N software series/wireless-tools-29-x86_64-3.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. +--------------------------+ Tue Apr 22 14:58:42 EEST 2008 This is Bluewhite64 12.1-RC2! There is a DVD iso available for download from the primary mirror, other mirrors should be updated soon. Also, you can download through BitTorrent too (see the "Get Bluewhite64"). Please TEST, TEST and TEST as much as you can and post the possible problems to the forum ;). Enjoy! A software series/glibc-solibs-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. A software series/glibc-zoneinfo-2.7-noarch-10.tgz: Rebuilt. A software series/kernel-huge-2.6.24.5-x86_64-1.tgz: Upgraded to Linux 2.6.24.5 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.5-x86_64-1.tgz Upgraded to Linux 2.6.24.5 SMP kernel modules. A software series/pkgtools-12.1.0-noarch-7.tgz: Removed obsolete modem setup script (any /dev/modem symlink would be wiped out by udev anyway). AP software series/lm_sensors-2.10.6-x86_64-1.tgz: Upgraded to lm_sensors-2.10.6. D software series/kernel-headers-2.6.24.5-x86_64-1.tgz: Upgraded to Linux 2.6.24.5 SMP kernel headers. A software series/mkinitrd-1.3.2-x86_64-2.tgz: Updated the version numbers in README.initrd and manpage. K software series/kernel-source-2.6.24.5-noarch-1.tgz Upgraded to Linux 2.6.24.5 SMP kernel source package. L software series/glibc-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. L software series/glibc-i18n-2.7-noarch-10.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. L software series/jre-6u6-x86_64-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-1.tgz: Recompiled for Linux 2.6.24.5. N software series/mcabber-0.9.7-x86_64-1.tgz: Upgraded to mcabber-0.9.7. XAP software series/xine-lib-1.1.11.1-x86_64-3.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Bluewhite64 anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format). As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12: http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 Moving to xine-lib-1.1.12 right now doesn't seem prudent for RC2, as the diff between 1.1.11.1 and 1.1.12 is many thousands of lines long. [*** Security fix ***] EXTRA software/brltty/brltty-3.9-x86_64-1.tgz: Upgraded to brltty-3.9. EXTRA software/jdk-6/jdk-6u6-x86_64-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. isolinux/initrd.img: Replaced kernel modules with 2.6.24.5 versions. kernels/huge.s/*: Upgraded to huge.s 2.6.24.5 kernel. usb-and-pxe-installers/: Replaced kernel modules with 2.6.24.5 versions. Thanks to Amritpal Bath for writing a new README_RAID document explaining how to install Bluewhite64 using various RAID levels. +--------------------------+ Fri Apr 18 11:46:34 EEST 2008 AP software series/mysql-5.0.51a-x86_64-3.tgz: Edited rc.mysql to fix a missing '=' in the example for mysql_install_db. XAP software series/mozilla-firefox-2.0.0.14-x86_64-1.tgz: Upgraded to firefox-2.0.0.14. This upgrade fixes a potential security bug. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Fri Apr 18 00:17:29 EEST 2008 A software series/kernel-test-huge-2.6.25-x86_64-1.tgz: Added Linux 2.6.25 SMP test.s (full-featured) testing kernel! please NOTE: this kernel is only for testing! You have to install the sources and the headers if you need them from testing/packages/kernel-test/* A software series/kernel-test-modules-2.6.25-x86_64-1.tgz Added Linux 2.6.25 SMP test.s kernel modules. L software series/jre-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 6. N software series/wireless-tools-29-x86_64-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. EXTRA software/jdk-6/jdk-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 6. testing/packages/kernel-test/*: Added a testing kernel version 2.6.25. kernels/test.s: Added a test.s (huge) SMP kernel 2.6.25 for testing! isolinux/initrd.img: Updated binaries and shared libraries. Added test.s kernel modules. Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu for reporting and testing. usb-and-pxe-installers/: Added test.s kernel and modules. Updated binaries and shared libraries. Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu for reporting and testing. +--------------------------+ Tue Apr 15 17:46:44 EEST 2008 E software series/emacs-22.2-x86_64-1.tgz: Upgraded to GNU emacs-22.2. X software series/xf86-video-radeonhd-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1. EXTRA software/emacspeak/emacspeak-27.0-x86_64-1.tgz: Upgraded to emacspeak-27.0. +--------------------------+ Mon Apr 14 18:39:31 EEST 2008 A software series/smartmontools-5.38-x86_64-1.tgz: Upgraded to smartmontools-5.38. D software series/git-1.5.5-x86_64-1.tgz: Upgraded to git-1.5.5. KDE software series/amarok-1.4.9.1-x86_64-1.tgz: Upgraded to amarok-1.4.9.1. N software series/bind-9.4.2-x86_65-2.tgz: Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Upgraded to the latest named.root file. T software series/xfig-3.2.4-x86_64-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. TCL software series/tclx-8.4-x86_64-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "private", this needs -I flags to compile (for now). XAP software series/xscreensaver-5.05-x86_64-1.tgz: Upgraded to xscreensaver-5.05. +--------------------------+ Mon Apr 14 00:18:12 EEST 2008 AP software series/ghostscript-8.62-x86_64-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap to attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts). AP software series/man-1.6f-x86_64-1.tgz: Upgraded to man-1.6f. D software series/cscope-15.6-x86_64-1.tgz: Upgraded to cscope-15.6. F software series/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411. L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-2.tgz: Recompiled. N software series/iproute2-2.6.16_060323-x86_64-2.tgz: Fixed hardcoded "/usr/local/lib/iptables" path in two places within the source. N software series/sendmail-8.14.2-x86_64-2.tgz: Recompiled. Fixed issues in the install script with properly adding the smmsp user/group. When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Fixed typos at the top of example .mc files. Clamp down on security in the defaults some more by requiring authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations. N software series/sendmail-cf-8.14.2-noarch-2.tgz: Rebuilt. X software series/xf86-video-radeonhd-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.0, which adds support for RV620, RV635, and R680 chipsets, and 2D acceleration for R5xx (including RS6xx) chipsets, both XAA and EXA. This driver also enables the use of the second digital output on the RS690 chipset. +--------------------------+ Fri Apr 11 14:30:59 EEST 2008 A software series/cryptsetup-1.0.5-x86_64-4.tgz: Recompiled against static libgpg-error and got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent the error "Command failed: Key processing error: No hash backend found" when creating a new cryptographic volume. Thanks to TaQ for the heads-up. A software series/ed-0.9-x86_64-2.tgz: Fixed missing man page. D software series/guile-1.8.4-x86_64-1.tgz: Upgraded to guile-1.8.4. N software series/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the /usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware. N software series/libgcrypt-1.4.0-x86_64-2.tgz: Recompiled to include the static library. N software series/libgpg-error-1.6-X86_64-3.tgz: Recompiled to include the static library. N software series/mailx-12.3-x86_64-1.tgz: Upgraded to mailx-12.3. XAP software series/gnuplot-4.2.3-x86_64-1.tgz: Upgraded to gnuplot-4.2.3. isolinux/initrd.img: Replaced /sbin/cryptsetup.static. usb-and-pxe-installers/: Replaced /sbin/cryptsetup.static. +--------------------------+ Thu Apr 10 15:15:18 EEST 2008 The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. Like everything else, use it at your own risk. It was decided that having some driver that was tested and found to work was better than no support at all. A software series/kernel-huge-2.6.24.4-x86_64-2.tgz: Recompiled Linux 2.6.24.4 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.4-x86_64-2.tgz Recompiled Linux 2.6.24.4 SMP kernel modules. D software series/kernel-headers-2.6.24.4-x86_64-2.tgz: Rebuild Linux 2.6.24.4 SMP kernel headers. D software series/pkg-config-0.23-x86_64-2.tgz: Prevent unwanted output during package install. D software series/ruby-1.8.6_p114-x86_64-1.tgz: Upgraded to ruby-1.8.6-p114. K software series/kernel-source-2.6.24.4-noarch-2.tgz Rebuilt Linux 2.6.24.4 SMP kernel source package. L software series/libaio-0.3.106-x86_64-1.tgz: Added libaio-0.3.106 (asynchronous I/O library). L software series/glib2-2.14.6-x86_64-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to /etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run first, setting the $LANG variable which these scripts require. N software series/dhcp-3.0.6-x86_64-1.tgz: Upgraded to dhcp-3.0.6. N software series/lftp-3.7.0-x86_64-1.tgz: Upgraded to lftp-3.7.0. N software series/links-2.1pre33-x86_64-1.tgz: Upgraded to links-2.1pre33. N software series/ncftp-3.2.1-x86_64-1.tgz: Upgraded to ncftp-3.2.1. N software series/rsync-3.0.2-x86_64-1.tgz: Upgraded to rsync-3.0.2. From the NEWS file: "BUG FIXES: - Fixed a potential buffer overflow in the xattr code." This is the security advisory, as the issue was present in -current only. [*** Security fix ***) N software series/tcpdump-3.9.8-x86_64-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8. X software series/compiz-0.7.4-x86_64-1.tgz: Upgraded to compiz-0.7.4. X software series/scim-1.4.7-x86_64-6.tgz: Fixed locale example typo in profile.d scripts. X software series/xf86-input-mouse-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to fix a copy/paste bug when switching between the virtual consoles and X. EXTRA software/slackpkg/slackpkg-2.70.2-noarch-1.tgz: Upgraded to slackpkg-2.70.2-noarch-1. isolinux/initrd.img: Replaced kernel modules with recompiled versions. kernels/huge.s/*: Recompiled huge.s 2.6.24.4 kernel. usb-and-pxe-installers/: Replaced kernel modules with recompiled versions. +--------------------------+ Tue Apr 8 15:26:23 EEST 2008 D software series/cmake-2.4.8-x86_64-1.tgz: Upgraded to cmake-2.4.8. L software series/fribidi-0.10.9-x86_64-2.tgz: Recompiled. "left-to-right" was far too egregious a mistake to leave in the slack-desc. Sorry about that. X software series/pixman-0.10.0-x86_64-2.tgz: Symlink the headers into /usr/include to temporarily accommodate software that isn't yet using pixman.pc to get the -I/usr/include/pixman-1/ include path. Thanks to garry for reporting this. XAP software series/xine-lib-1.1.11.1-x86_64-2.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release. A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Added libfuse. Updated libbz2 (which still has the shared library name "libbz2.so.1.0.4"). A software series/bzip2-1.0.5-x86_64-1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 [*** Security fix ***] A software series/cryptsetup-1.0.5-x86_64-3.tgz: Make cryptsetup in /sbin and /usr/sbin both symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if someone installs only the A package series. AP software series/cdrtools-2.01.01a38-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a38. AP software series/dvd+rw-tools-7.1-x86_64-1.tgz: Upgraded to dvd+rw-tools-7.1. AP software series/ghostscript-8.62-x86_64-4.tgz: Fixed cidfmap for printing with the wqy-zenhei.ttf font. D software series/m4-1.4.11-x86_64-1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 [*** Security fix ***] N software series/iptables-1.4.0-x86_64-1.tgz: Upgraded to iptables-1.4.0. N software series/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated by netconfig. N software series/whois-4.7.26-x86_64-1.tgz: Upgraded to whois-4.7.26. XAP software series/xfce-4.4.2-x86_64-5.tgz: Fixed the build script to apply a couple of bugfix patches correctly. isolinux/initrd.img: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080 usb-and-pxe-installers/: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080 pasture/ia32-emulation/* Added the IA32 emulation found in Bluewhite64 12.0 testing. If the new packages found in extra/ia32-emulation/* not working as you expected, then you should use this one. Upgraded ia32-lib32asound-1.0.15. NOTE: use "removepkg /var/log/packages/ia32-*" to remove the existing IA32 packages and installpkg to install this ones. +--------------------------+ Sun Apr 6 09:45:42 EEST 2008 XAP software series/xfce-4.4.2-x86_64-4.tgz: Show Orage Calendar only in XFce rather than having it fall into KDE's "Lost & Found" ;). EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-2.tgz: Recompiled libX11 without xcb. Thanks to Roberto Gonzalez Azevedo for reporting and testing. +--------------------------+ Sat Apr 5 09:45:47 EEST 2008 L software series/glibc-2.7-x86_64-9a.tgz: Added /bin/sln -> /sbin/sln symlink. N software series/rsync-3.0.1-x86_64-1.tgz: Upgraded to rsync-3.0.1. TESTING/packages/bash-3.2.029-x86_64-1.tgz: Brought up to patchlevel 029. Last time we tried this as our main shell, it was still causing problems with a lot of the scripts out there, but perhaps it will be tried again in the next development cycle. isolinux/initrd.img: Added test26.s kernel support. usb-and-pxe-installers/usbboot.img: Added test26.s kernel support. +--------------------------+ Sat Apr 5 01:51:22 EEST 2008 A software series/mkinitrd-1.3.2-x86_64-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. A software series/glibc-solibs-2.7-x86_64-9.tgz: Rebuilt. A software series/glibc-zoneinfo-2.7-noarch-9.tgz: Updated timeconfig script. D software series/mercurial-1.0-x86_64-1.tgz: Upgraded to mercurial-1.0. L software series/glibc-2.7-x86_64-9.tgz: Removed /sbin/sln symlink. L software series/glibc-i18n-2.7-noarch-9.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-9.tgz: Rebuilt L software series/dbus-python-0.82.4-x86_64-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. N software series/openssh-5.0p1-x86_64-1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 [*** Security fix ***] EXTRA software/ia32-emulation/ia32-glibc-2.7-x86_64-1.tgz: Added ia32-glibc-2.7. From now one this is the place for the IA32 emulation packages for Bluewhite64. If you like to run 32-bit software then you have to install all this packages. Since the latest packages from BW64 12.0, all libraries have been updated to the versions found in the --current tree. The ia32-glibc-2.7 automatically add the /lib32 and /usr/lib32 to /etc/ld.so.conf and run ldconfig for you, so now is more easy to run 32-bit software ;). NOTE: this packages are ONLY to run 32-bit software, NOT to compile. Please test as much as you can and post success or failures to the Bluewhite64 forum. Use removepkg /var/log/packages/ia32-* to remove the old ones and use installpkg to install all this brand new ones ;). Enjoy! EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-1.tgz: Added ia32-lib32-0.3.0. EXTRA software/ia32-emulation/ia32-pango-1.20.0-x86_64-1.tgz: Added ia32-pango-1.20.0. EXTRA software/ia32-emulation/ia32-zlib-1.2.3-x86_64-1.tgz: Added ia32-zlib-1.2.3. EXTRA software/ia32-emulation/ia32-gtk+2-2.12.9-x86_64-1.tgz: Added ia32-gtk+2-2.12.9. EXTRA software/ia32-emulation/ia32-lib32asound-1.0.15-x86_64-1.tgz: Added ia32-lib32asound. EXTRA software/ia32-emulation/ia32-stdc++-6.0.9-x86_64-1.tgz: Added a32-stdc++6.0.9. EXTRA software/ia32-emulation/linux32-1.0-x86_64-1.tgz: Added linux32-1.0. testing/ia32-emulation/*: Moved to EXTRA software. +--------------------------+ Thu Apr 3 17:50:11 EEST 2008 This is Bluewhite64 12.1-rc1, though there is still some more minor work to do. No ISO for this RC, perhaps the RC2 will have one, I'm waiting for the 2.6.25 Linux kernel to integrate it as a test26.s kernel. Please help test! And if we're missing anything major, please let me know at arny at bluewhite64 dot com or post to the forum. Thank You! A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Updated the initial "starter" library package to the latest versions in -current. A software series/cups-1.3.7-x86_64-1.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 [*** Security fix ***] A software series/cxxlibs-6.0.9-x86_64-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3. A software series/mdadm-2.6.4-x86_64-1.tgz: Upgraded to mdadm-2.6.4. A software series/pciutils-2.2.10-x86_64-1.tgz: Upgraded to pciutils-2.2.10. A software series/sysvinit-2.86-x86_64-7.tgz: Fixed the /sbin/initscript path to match the man pages. Thanks to Michiel Broek for the patch. AP software series/hplip-2.8.4-x86_64-1.tgz: Upgraded to hplip-2.8.4. AP software series/zsh-4.3.6-x86_64-1.tgz: Upgraded to zsh-4.3.6. D software series/gdb-6.8-x86_64-1.tgz: Upgraded to gdb-6.8. L software series/hal-0.5.10-x86_64-2.tgz: Recompiled with --enable-umount-helper, which allows non-root users to umount hotplugged devices from the command line. L software/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317. N software/bind-9.4.2-x86_64-1.tgz: Upgraded to bind-9.4.2. N software/wpa_supplicant-0.5.10-x86_64-1.tgz: Upgrade/d to wpa_supplicant-0.5.10. X software series/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23. X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Reverted to xf86-video-intel-2.2.1. We suspected that might be needed, given the version number and development status of the newer driver we tried, but gave it a try anyway. Probably there will be no more driver updates at this point unless bugs are reported that newer drivers fix. XAP software series/pidgin-2.4.1-x86_64-1.tgz: Upgraded to pidgin-2.4.1. +--------------------------+ Tue Apr 1 22:45:27 EEST 2008 A software series/acl-2.2.47_1-x86_64-1.tgz: Upgraded to acl-2.2.47_1. A software series/attr-2.4.41_1-x86_64-1.tgz: Upgraded to attr-2.4.41_1. A software series/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell". A software series/lilo-22.8-x86_64-10.tgz: Fixed a bug where liloconfig might not properly determine the root directory where /boot is found. A software series/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make rescan-scsi-bus unneccessary). Keep /usr/share/mime's mime.cache file updated. A software series/util-linux-2.12r-x86_64-4.tgz: Removed. See below. A software series/util-linux-ng-2.13.1-x86_64-1.tgz: Added util-linux-ng-2.13.1, which replaces the old util-linux package. To install, either use upgradepkg with the "%" option, or do this: installpkg util-linux-ng-2.13.1-x86_64-1.tgz ; removepkg util-linux ; installpkg util-linux-ng-2.13.1-x86_64-1.tgz A software series/xfsprogs-2.9.7_1-x86_64-1.tgz: Upgraded to xfsprogs-2.9.7_1. AP software series/alsa-utils-1.0.15-x86_64-3.tgz: Don't load the mixer settings until after the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using sed and tr instead. AP software series/dmapi-2.2.8_1-x86_64-1.tgz: Upgraded to dmapi-2.2.8_1. AP software series/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the POSIX pthread_* man pages this time. AP software series/mysql-5.0.51a-x86_64-2.tgz: Modified /etc/rc.d/rc.mysqld's database installation instructions to take into consideration that the mysql user no longer has a login shell. In addition, the admin is told to consider locking the database server down even further (if possible) by using the mysql_secure_installation utility. AP software series/xfsdump-2.2.48_1-x86_64-1.tgz: Upgraded to xfsdump-2.2.48_1. L software series/libgsf-1.14.8-x86_64-1.tgz: Upgraded to libgsf-1.14.8. N software series/net-tools-1.60-x86_64-2.tgz: Recompiled with latest Debian patch. N software series/nfs-utils-1.1.2-x86_64-1.tgz: Upgraded to nfs-utils-1.1.2. N software series/nmap-4.60-x86_64-3.tgz: Fixed the build script (third time's the charm?) to use DESTDIR and remove the one item (useless, IMHO, within a package system) that still can't get DESTDIR right: uninstall_zenmap. N software series/openssh-4.9p1-x86_64-1.tgz: Upgraded to openssh-4.9p1. N software series/wget-1.11.1-x86_64-1.tgz: Upgraded to wget-1.11.1. X software series/scim-1.4.7-x86_64-5.tgz: Fixed scim.desktop to have more information, and to place the SCIM startup utility in the "Utilities" menu rather than having it fall into "Lost & Found". X software series/xf86-video-intel-2.2.99.902-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.99.902. XAP software series/xine-lib-1.1.11.1-x86_64-1.tgz: Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 [*** Security fix ***] isolinux/initrd.img: Patched to have /etc/fstab mount /dev/shm. Updated XFS utilities. usb-and-pxe-installers/: Patched to have /etc/fstab mount /dev/shm. Updated XFS utilities. +--------------------------+ Sun Mar 30 18:53:02 EEST 2008 A software series/glibc-solibs-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. A software series/glibc-zoneinfo-2.7-noarch-8.tgz: Upgraded to tzdata2008b. L software series/glibc-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. Upgraded to tzdata2008b. L software series/glibc-i18n-2.7-noarch-8.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. A software series/lilo-22.8-x86_64-9.tgz: Fixed reversed vt.default_utf8 kernel parameter (0 <-> 1) in /etc/lilo.conf. Fxed liloconfig to at least create an empty message file in /boot if none exists. A software series/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this seems to be a de-facto standard directory and (for example) XFce will give an error if it is missing and one tries to change the desktop image. Bumped version number of package, and of /etc/bluewhite64-version. A software series/etc-12.1-noarch-4.tgz: Installed root into the audio, cdrom, video, plugdev, and floppy groups _correctly_ :). A software series/sysvinit-scripts-1.2-noarch-19.tgz: Keep any icon-theme.cache files updated. A software series/kernel-huge-2.6.24.4-x86_64-1.tgz: Upgraded to Linux 2.6.24.4 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.4-x86_64-1.tgz Upgraded to Linux 2.6.24.4 uniprocessor kernel modules. AP software series/vim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285. D software series/kernel-headers-2.6.24.4-x86_64-1.tgz: Upgraded to Linux 2.6.24.4 SMP kernel headers. K software series/kernel-source-2.6.24.4-noarch-1.tgz Upgraded to Linux 2.6.24.4 SMP kernel source. L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-1.tgz: Recompiled for Linux 2.6.24.4. N software series/gnupg-1.4.9-x86_64-1.tgz: Upgraded to gnupg-1.4.9. N software series/gnupg2-2.0.9-x86_64-1.tgz: Upgraded to gnupg-2.0.9. N software series/nmap-4.60-x86_64-2.tgz: Recompiled. Some files were missing due to an incompletely removed previous compile. It may also be necessary to reinstall python after upgrading from -1. TCL software series/tcl-8.4.18-x86_64-1.tgz: Upgraded to tcl8.4.18. TCL software series/tk-8.4.18-x86_64-1.tgz: Upgraded to tk8.4.18. X software series/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0. X software series/pixman-0.10.0-x86_64-1.tgz: Upgraded to pixman-0.10.0. XAP software series/mozilla-firefox-2.0.0.13-x86_64-1.tgz: Upgraded to firefox-2.0.0.13. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/seamonkey-1.1.9-x86_64-1.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/xine-lib-1.1.11-x86_64-1.tgz: Earlier versions of xine-lib suffer from an array index bug that may have security implications if a malicious RTSP stream is played. Playback of other media formats is not affected. If you use RTSP, you should probably upgrade xine-lib. For more information on the security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 [*** Security fix ***] XAP software series/vim-gvim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285. This is the GTK+ version of vim (gvim). The normal vim package is also required. XAP software series/windowmaker-0.92.0-x86_64-5.tgz: Repackaged to fix WPrefs missing icons. Thanks to Garry for reporting this. isolinux/initrd.img: Fixed huge.s kernel installation bug. kernels/huge.s/*: Upgraded huge.s SMP kernel to 2.6.24.4. pasture/gcc-3.4.6/: Removed, since this has gone unchanged since Bluewhite64 12.0. I'm not sure if the one in 12.0's pasture still works, but if it does, and you need it for something, that's where to find it. usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.4 modules. +--------------------------+ Wed Mar 26 23:19:18 EET 2008 A software series/etc-12.1-noarch-3.tgz: Add root to the groups audio, cdrom, video, plugdev, and floppy. Root already has access to most of these devices, but it doesn't hurt to provide an example for people who edit /etc/groups manually. A software series/shadow-4.0.6-x86_64-3.tgz: Took plugdev out of CONSOLE_GROUPS in /etc/login.defs, since DBUS doesn't know about group memberships added that way. Users not actually listed in /etc/groups as part of groups such as plugdev wouldn't be able to use those devices even at the console when logging in through a graphical login manager such as XDM, KDM, or GDM. Stuart Winter enhanced the command-line adduser tool. Quote from the adduser program history: "* To facilitate use of the automatic mounting features of HAL, allow the admin to easily add users to the default groups: audio,cdrom,video,plugdev,floppy. The default is not to add new users to these groups. And by the way, this script is "adduser from Slackware" not "superadduser from Gentoo" ;-)" If you trust your users, this is the correct way to give them access to these devices. adduser will automatically edit /etc/groups for you. If you do not trust your users and you give them access to these groups, they may create mischief from afar with this access, so be aware of the security implications. A software series/udev-118-x86_64-3.tgz: Fixed two broken symbolic links in /sbin. AP software series/ntfsprogs-2.0.0-x86_64-2.tgz: Added back ntfsprogs-2.0.0, using (for now) --disable-ntfsmount. It is still needed to manage NTFS partitions even if we use the kernel driver or NTFS-3G to mount them. N software series/epic4-2.8-x86_64-1.tgz: Upgraded to epic4-2.8. N software series/irssi-0.8.12-x86_64-1.tgz: Upgraded to irssi-0.8.12. N software series/nmap-4.60-x86_64-1.tgz: Upgraded to nmap-4.60. Zenmap still isn't working because we don't include sqlite, but a zenmap .desktop file was added anyway, and some paths in a script were fixed. XAP software series/gimp-2.4.5-x86_64-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK. isolinux/initrd.img: Fixed Speakup kernel detection. Added LVM swap partition detection. usb-and-pxe-installers/: Fixed Speakup kernel detection. Added LVM swap partition detection. +--------------------------+ Sun Mar 23 11:59:21 EET 2008 A software series/pkgtools-12.1.0-noarch-6.tgz: Fixed bogus bad gzipped file warnings. AP software series/ghostscript-8.62-x86_64-3.tgz: Fixed default cidfmap installation. N software series/mcabber-0.9.6-x86_64-1.tgz: Upgraded to mcabber-0.9.6. XAP software series/audacious-1.5.0-x86_64-2.tgz: Don't use opcodes that break older computers. XAP software series/audacious-plugins-1.5.0-x86_64-2.tgz: Recompiled. +--------------------------+ Fri Mar 21 15:06:38 EET 2008 Is this Bluewhite64 12.1 RC 1 yet? It has to be close. A software series/e2fsprogs-1.40.8-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.8. A software series/gpm-1.20.1-x86_64-7.tgz: Default item to imps2, which works well with KVM boxes. If you use a Synaptics pad with the third party driver, you may have to change this setting. A software series/inotify-tools-3.13-x86_64-1.tgz: Upgraded to inotify-tools-3.13. A software series/kernel-huge-2.6.24.3-x86_64-2.tgz: Recompiled with CONFIG_SCSI_MULTI_LUN. A software series/kernel-modules-2.6.24.3-x86_64-2.tgz: Recompiled. A software series/ntfs-3g-1.2310-x86_64-1.tgz: Added ntfs-3g-1.2310. A software series/pkgtools-12.1.0-noarch-5.tgz: Default making a USB boot stick to off. A software series/sysvinit-scripts-1.2-noarch-18.tgz: Removed /etc/rc.d/rc.scanluns. A software series/udev-118-x86_64-2.tgz: Blacklist old bcm43xx driver (b43 and b43legacy are the recommended drivers now). AP software series/alsa-utils-1.0.15-x86_64-2.tgz: Set reasonable volume defaults if there are none in /etc/asound.state. AP software series/gutenprint-5.0.2-x86_64-1.tgz: Upgraded to gutenprint-5.0.2. AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Removed (for now). D software series/m4-1.4.10-x86_64-1.tgz: Upgraded to m4-1.4.10. D software series/pkg-config-0.23-x86_64-1.tgz: Upgraded to pkg-config-0.23. K software series/kernel-source-2.6.24.3-noarch-2.tgz: CONFIG_SCSI_MULTI_LUN is now the default in the supplied Bluewhite64 huge .config. L software series/atk-1.22.0-x86_64-1.tgz: Upgraded to atk-1.22.0. L software series/dbus-1.1.20-x86_64-1.tgz: Upgraded to dbus-1.1.20. L software series/dbus-glib-0.74-x86_64-2.tgz: Rebuilt. L software series/dbus-qt3-0.70-x86_64-2.tgz: Rebuilt. L software series/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0. L software series/glib2-2.14.6-x86_64-3.tgz: Set G_BROKEN_FILENAMES=1, and if the locale is UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the G_BROKEN_FILENAMES setting). This should get us a little closer with UTF. L software series/gtk+2-2.12.9-x86_64-1.tgz: Upgraded to gtk+-2.12.9. L software series/hal-info-20080313-noarch-1.tgz: Upgraded to hal-info-20080313. L software series/hicolor-icon-theme-0.10-noarch-3.tgz: Don't make an icon-theme.cache file in /usr/share/icons. L software series/lcms-1.17-x86_64-1.tgz: Upgraded to lcms-1.17. L software series/libart_lgpl-2.3.20-x86_64-1.tgz: Upgraded to libart_lgpl-2.3.20. L software series/pango-1.20.0-x86_64-1.tgz: Upgraded to pango-1.20.0. L software series/pygtk-2.12.1-x86_64-2.tgz: Robby said it would help to recompile this. L software series/wavpack-4.41.0-x86_64-1.tgz: Added wavpack-4.41.0. This is needed for audacious WAV format support. N software series/gnupg2-2.0.8-x86_64-1.tgz: Upgraded to gnupg2-2.0.8. N software series/gnutls-2.2.2-x86_64-1.tgz: Upgraded to gnutls-2.2.2. N software series/gpgme-1.1.6-x86_64-1.tgz: Upgraded to gpgme-1.1.6. N software series/libassuan-1.0.4-x86_64-1.tgz: Upgraded to libassuan-1.0.4. N software series/libksba-1.0.3-x86_64-1.tgz: Upgraded to libksba-1.0.3. N software series/libgcrypt-1.4.0-x86_64-1.tgz: Upgraded to libgcrypt-1.4.0. N software series/libgpg-error-1.6-x86_64-2.tgz: Recompiled. N software series/pinentry-0.7.5-x86_64-1.tgz: Upgraded to pinentry-0.7.5. N software series/samba-3.0.28a-x86_64-1.tgz: Upgraded to samba-3.0.28a. N software series/wireless-tools-29-x86_64-1.tgz: Upgraded to wireless-tools-29. X software series/libXScrnSaver-1.1.3-x86_64-1.tgz: Upgraded to libXScrnSaver-1.1.3. X software series/libXv-1.0.4-x86_64-1.tgz: Upgraded to libXv-1.0.4. X software series/libxkbfile-1.0.5-x86_64-1.tgz: Upgraded to libxkbfile-1.0.5. X software series/xf86-video-amd-2.7.7.7-x86_64-1.tgz: Upgraded to xf86-video-amd-2.7.7.7. X software series/xf86-video-apm-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-apm-1.2.0. X software series/xf86-video-ark-0.7.0-x86_64-1.tgz: Upgraded to xf86-video-ark-0.7.0. X software series/xf86-video-ast-0.85.0-x86_64-1.tgz: Upgraded to xf86-video-ast-0.85.0. X software series/xf86-video-chips-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-chips-1.2.0. X software series/xf86-video-cirrus-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-cirrus-1.2.0. X software series/xf86-video-dummy-0.3.0-x86_64-1.tgz: Upgraded to xf86-video-dummy-0.3.0. X software series/xf86-video-fbdev-0.4.0-x86_64-1.tgz: Upgraded to xf86-video-fbdev-0.4.0. X software series/xf86-video-glint-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-glint-1.2.0. X software series/xf86-video-i128-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-i128-1.3.0. X software series/xf86-video-i740-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-i740-1.2.0. X software series/xf86-video-neomagic-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-neomagic-1.2.0. X software series/xf86-video-rendition-4.2.0-x86_64-1.tgz: Upgraded to xf86-video-rendition-4.2.0. X software series/xf86-video-s3-0.6.0-x86_64-1.tgz: Upgraded to xf86-video-s3-0.6.0. X software series/xf86-video-s3virge-1.10.0-x86_64-1.tgz: Upgraded to xf86-video-s3virge-1.10.0. X software series/xf86-video-savage-2.2.0-x86_64-1.tgz: Upgraded to xf86-video-savage-2.2.0. X software series/xf86-video-siliconmotion-1.6.0-x86_64-1.tgz: Upgraded to xf86-video-siliconmotion-1.6.0. X software series/xf86-video-sis-0.10.0-x86_64-1.tgz: Upgraded to xf86-video-sis-0.10.0. X software series/xf86-video-sisusb-0.9.0-x86_64-1.tgz: Upgraded to xf86-video-sisusb-0.9.0. X software series/xf86-video-tdfx-1.4.0-x86_64-1.tgz: Upgraded to xf86-video-tdfx-1.4.0. X software series/xf86-video-trident-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-trident-1.3.0. X software series/xf86-video-tseng-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-tseng-1.2.0. X software series/xf86-video-v4l-0.2.0-x86_64-1.tgz: Upgraded to xf86-video-v4l-0.2.0. X software series/xf86-video-vmware-10.16.0-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.0. X software series/xf86-video-voodoo-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-voodoo-1.2.0. XAP software series/audacious-1.5.0-x86_64-1.tgz: Upgraded to audacious-1.5.0. XAP software series/audacious-plugins-1.5.0-x86_64-1.tgz: Upgraded to audacious-plugins-1.5.0. XAP software series/gkrellm-2.3.1-x86_64-2.tgz: Recompiled against gnutls-2.2.2. XAP software series/pidgin-2.4.0-x86_64-2.tgz: Recompiled against gnutls-2.2.2. XAP software series/xfce-4.4.2-x86_64-3.tgz: Patched two Thunar bugs. XAP oftware series/xpdf-3.02pl2-x86_64-3.tgz: Rebuilt adding an icon and .desktop file. EXTAR/parted/parted-1.8.8-x86_64-1.tgz: Upgraded to parted-1.8.8. EXTRA/slackpkg/slackpkg-2.70.1-noarch-1.tgz: Upgraded to slackpkg-2.70.1-noarch-1. isolinux/initrd.img: Offer ntfs-3g read-write mounts for NTFS partitions. Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8. kernels/huge.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN. usb-and-pxe-installers/: Offer ntfs-3g read-write mounts for NTFS partitions. Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8. +--------------------------+ Fri Mar 14 13:44:51 EET 2008 A software series/gettext-0.17-x86_64-2.tgz: Compressed the man pages. D software series/gettext-tools-0.17-x86_64-2.tgz: Compressed the man pages. L software series/sdl-1.2.13-x86_64-2.tgz: SDL_mixer looks for timidity files in /usr/lib/timidity rather than /usr/local/lib/timidity. N software series/zd1211-firmware-1.4-fw-1.tgz: Added ZD1211 USB WLAN firmware. X software series/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.24. isolinux/initrd.img: Updated dropbear version. More dropbear adjustments from Eric Hameleers. usb-and-pxe-installers/: Updated dropbear version. More dropbear adjustments from Eric Hameleers. +--------------------------+ Wed Mar 12 19:20:47 EET 2008 A software series/glibc-solibs-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. A software series/glibc-zoneinfo-2.7-noarch-7.tgz: Upgraded to tzdata2008a. A software series/gettext-0.17-x86_64-1.tgz: Upgraded to gettext-0.17. A software series/sysvinit-scripts-1.2-noarch-17.tgz: Update gtk.immodules from rc.M at boot. AP software series/flac-1.2.1-x86_64-1.tgz: Upgraded to flac-1.2.1. AP software series/vorbis-tools-1.2.0-x86_64-1.tgz: Upgraded to vorbis-tools-1.2.0. D software series/gettext-tools-0.17-x86_64-1.tgz: Upgraded to tools for gettext-0.17. KDE software series/k3b-1.0.4-x86_64-3.tgz: Recompiled against flac-1.2.1. KDE software series/kdemultimedia-3.5.9-x86_64-3.tgz: Recompiled against flac-1.2.1. L software series/glibc-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. L software series/glibc-i18n-2.7-noarch-7.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. L software series/jre-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 5. L software series/libcddb-1.3.0-x86_64-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins) L software series/libcdio-0.79-x86_64-1.tgz: Added libcdio-0.79. (needed by audacious-plugins) N software series/ipw2100-fw-1.3-fw-1.tgz: Added ipw2100-fw-1.3. N software series/ipw2200-fw-3.0-fw-1.tgz: Added ipw2200-fw-3.0. N software series/rt61-firmware-1.2-fw-1.tgz: Added rt61-firmware-1.2. N software series/rt71w-firmware-1.8-fw-1.tgz: Added rt71w-firmware-1.8. X software series/compiz-0.7.2-x86_64-1.tgz: Upgraded to compiz-0.7.2. X software series/font-xfree86-type1-1.0.1-noarch-1.tgz: Upgraded to font-xfree86-type1-1.0.1. X software series/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3. X software series/libX11-1.1.4-x86_64-1.tgz: Upgraded to libX11-1.1.4. X software series/libXfont-1.3.2-x86_64-1.tgz: Upgraded to libXfont-1.3.2. X software series/libXinerama-1.0.3-x86_64-1.tgz: Upgraded to libXinerama-1.0.3. X software series/libpciaccess-0.10-x86_64-1.tgz: Added libpciaccess-0.10. X software series/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4. X software series/mkfontscale-1.0.4-x86_64-1.tgz: Upgraded to mkfontscale-1.0.4. X software series/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4. X software series/rendercheck-1.3-x86_64-1.tgz: Upgraded to rendercheck-1.3. X software series/twm-1.0.4-x86_64-1.tgz: Upgraded to twm-1.0.4. X software series/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6. X software series/x11perf-1.5-x86_64-1.tgz: Upgraded to x11perf-1.5. X software series/xauth-1.0.3-x86_64-1.tgz: Upgraded to xauth-1.0.3. X software series/xcompmgr-1.1.4-x86_64-1.tgz: Added xcompmgr-1.1.4. X software series/xdm-1.1.7-x86_64-1.tgz: Upgraded to xdm-1.1.7. X software series/xev-1.0.3-x86_64-1.tgz: Upgraded to xev-1.0.3. X software series/xf86-input-aiptek-1.1.1-x86_64-1.tgz: Upgraded to xf86-input-aiptek-1.1.1. X software series/xf86-video-nv-2.1.8-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.8. X software series/xfs-1.0.6-x86_64-1.tgz: Upgraded to xfs-1.0.6. X software series/xinit-1.0.8-x86_64-1.tgz: Upgraded to xinit-1.0.8. X software series/xkbcomp-1.0.4-x86_64-1.tgz: Upgraded to xkbcomp-1.0.4. X software series/xprop-1.0.4-x86_64-1.tgz: Upgraded to xprop-1.0.4. X software series/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12. X software series/xrandr-1.2.3-x86_64-1.tgz: Upgraded to xrandr-1.2.3. X software series/xrdb-1.0.5-x86_64-1.tgz: Upgraded to xrdb-1.0.5. X software series/xset-1.0.4-x86_64-1.tgz: Upgraded to xset-1.0.4. X software series/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1. XAP software series/audacious-plugins-1.4.5-x86_64-2.tgz: Recompiled against flac-1.2.1. XAP software series/pidgin-2.4.0-x86_64-1.tgz: Upgraded to pidgin-2.4.0 and pidgin-encryption-3.0 EXTRA software/jdk-6/jdk-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 5. isolinux/initrd.img: Made some dropbear changes. Thanks, Eric. usb-and-pxe-installers/: Made some dropbear changes. Thanks, Eric. +--------------------------+ Sat Mar 8 21:10:09 EET 2008 A software series/kernel-huge-2.6.24.3-x86_64-1.tgz: Upgraded to Linux 2.6.24.3 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.3-x86_64-1.tgz Upgraded to Linux 2.6.24.3 SMP kernel modules. A software series/lilo-22.8-x86_64-8.tgz: If the kernel is >= 2.6.24, then ask the user if they want to override the kernel's new default to UTF-8 on the text consoles. Most users will not want UTF-8 yet until all applications have been fixed to work with it. This option will not affect the use of UTF-8 locales in X. A software series/pcmciautils-014-x86_64-4.tgz: Improved the default configuration to work with more hardware. Thanks to Piter Punk. A software series/pkgtools-12.1.0-noarch-4.tgz: Added fuse to the installer's boot-start (setup.services) menu. Patched makepkg to test gzipped files properly. A software series/sysvinit-scripts-1.2-noarch-16.tgz: Modified rc.S to start FUSE. A software series/udev-118-x86_64-1.tgz: Upgraded to udev-118. AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Moved from /extra. ntfsprogs now includes full read-write support when the NFTS filesystem is mounted with ntfsmount or -t ntfs.fuse. This feature requires the new fuse package. D software series/kernel-headers-2.6.24.3-x86_64-1.tgz: Upgraded to Linux 2.6.24.3 SMP kernel headers. K software series/kernel-source-2.6.24.3-noarch-1.tgz Upgraded to Linux 2.6.24.3 SMP kernel source. KDE software series/kdelibs-3.5.9-x86_64-3.tgz: Patched a problem with Kate mislocating the cursor after a block paste. L software series/fuse-2.7.3-x86_64-1.tgz: Added FUSE, a userspace filesystem interface. Thanks to Antonio Hernández Blas for submitting the build script. L software series/gtk+2-2.12.8-x86_64-3.tgz: Don't run gtk-query-immodules-2.0 from the installer, because some of the libraries it needs would not yet be on the machine. The SCIM scripts should pick this up later on. L software series/hal-info-20080215-noarch-1.tgz: Upgraded to hal-info-20080215. L software series/svgalib_helper-1.9.25_2.6.24.3-x86_64-1.tgz: Recompiled for Linux 2.6.24.3. N software series/iwlwifi-3945-ucode-2.14.1.5-fw-1.tgz: Added Intel 3945 wireless firmware. N software series/iwlwifi-4965-ucode-4.44.1.20-fw-1.tgz: Added Intel 4965 wireless firmware. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.3. isolinux/initrd.img: Merged new dropbear and patches from Eric Hameleers. usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.3 modules. +--------------------------+ Thu Mar 6 18:21:31 EET 2008 A software series/usbutils-0.73-x86_64-2.tgz: Don't compress usb.ids (this breaks HAL). L software series/glib2-2.14.6-x86_64-2.tgz: Added /etc/profile.d/ scripts so that GTK+ will use the $LANG variable instead of forcing UTF-8. N software series/rsync-3.0.0-x86_64-1.tgz: Upgraded to rsync-3.0.0. X software series/libXext-1.0.4-x86_64-1.tgz: Upgraded to libXext-1.0.4. X software series/xf86-video-mga-1.4.8-x86_64-1.tgz: Upgraded to xf86-video-mga-1.4.8. +--------------------------+ Tue Mar 4 23:06:56 EET 2008 AP software series/ghostscript-8.62-x86_64-2.tgz: Fixed the gs_res.ps file for CJK. +--------------------------+ Mon Mar 3 02:45:53 EET 2008 AP software series/ghostscript-8.62-x86_64-1.tgz: Upgraded to ghostscript-8.62. This new release of GPL Ghostscript fixes a buffer overflow. For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 [*** Security fix ***] L software series/gtk+2-2.12.8-x86_64-2.tgz: Patched to fix Flash in Konqueror. L software series/hicolor-icon-theme-0.10-noarch-2.tgz: Since XFce adds a few hicolor icons of its own, make sure the hicolor icon-cache is updated at the end of the installation. XAP software series/xpdf-3.02pl2-x86_64-2.tgz: Added support for Arabic, simplified and traditional Chinese, Hebrew, Japanese, Korean, Thai, and Turkish (in addition to the Cyrillic, Greek, and Latin2 support that had already been included). D software series/python-2.5.2-x86_64-1.tgz: Upgraded to Python-2.5.2. XAP software series/mozilla-thunderbird-2.0.0.12-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-01.html These are the related CVE entries: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 [*** Security fix ***] A software series/ed-0.9-x86_64-1.tgz: Upgraded to ed-0.9. World's greatest line editor. A software series/hdparm-8.6-x86_64-1.tgz: Upgraded to hdparm-8.6. A software series/lilo-22.8-x86_64-7.tgz: Patched liloconfig to make using the boot splash screen an expert option as well. Fixed a bug using append= in the expert menu. A software series/pkgtools-12.1.0-noarch-3.tgz: Have makepkg warn of two more common mistakes -- dropping man pages in /usr/share/man, or (now) using site_perl in a non-local package. A software series/usbutils-0.73-x86_64-1.tgz: Upgraded to usbutils-0.73 with fresh usb.ids. AP software series/cdrtools-2.01.01a37-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a37. AP software series/linuxdoc-tools-0.9.21-x86_64-5.tgz: Upgraded to asciidoc-8.2.5, docbook-utils-0.6.14-13.fc9, docbook-xsl-1.73.2, docbook-xsl-doc-1.73.2, gtk-doc-1.9, libsgmls-perl_1.03ii-32.diff, linuxdoc-tools_0.9.21-0.11, sgml-common-0.6.3-23.fc9, and xmlto-0.0.20. AP software series/lm_sensors-2.10.5-x86_64-1.tgz: Upgraded to lm_sensors-2.10.5. D software series/binutils-2.17.50.0.17-x86_64-1.tgz: Reverted to binutils-2.17.50.0.17. D software series/doxygen-1.5.5-x86_64-1.tgz: Upgraded to doxygen-1.5.5. D software series/git-1.5.4.3-x86_64-1.tgz: Upgraded to git-1.5.4.3. Switched to vendor_perl for the Git perl module. D software series/oprofile-0.9.2-x86_64-4.tgz: Reverted to oprofile-0.9.2 compiled against binutils-2.17.50.0.17. D software series/perl-5.8.8-x86_64-9.tgz: Use vendor_perl for Bluewhite64-added Perl modules, not site_perl. Really, I think perl's handling of this (and other issues like the registry-like handling of perllocal.pod) is flawed, but this is better than nothing. IMHO, something like /usr/local/lib/perl5/site_perl/ would fit much better with the FHS's recommendations. Try not to clobber an existing perllocal.pod (hard to do after the fact, so make backups if you care...) F software series/linux-howtos-20080227-noarch-1.tgz: Upgraded to Linux-HOWTOs-20080227. Recompiled all Qt things, since /usr/lib/qt-3.3.8/lib (no longer a valid path) was turning up in .la files. KDE software series/amarok-1.4.8-x86_64-2.tgz: Recompiled. KDE software series/k3b-1.0.4-x86_64-2.tgz: Recompiled. KDE software series/kdeaccessibility-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeaddons-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeadmin-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeartwork-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdebase-3.5.9-x86_64-2.tgz: Patched a bug with lm_sensors. KDE software series/kdebindings-3.5.9-x86_64-2.tgz: Recompiled. Use vendor_perl dir. KDE software series/kdeedu-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdegames-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdegraphics-3.5.9-x86_64-2.tgz: Recompiled. Patched with a fix for kdvi. KDE software series/kdelibs-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdemultimedia-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdenetwork-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdepim-3.5.9-x86_64-2.tgz: Recompiled (against new pilot-link). KDE software series/kdesdk-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdetoys-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeutils-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdevelop-3.5.1-x86_64-2.tgz: Recompiled with official bugfix patch. KDE software series/kdewebdev-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/knemo-0.4.8-x86_64-2.tgz: Recompiled. KDE software series/koffice-1.6.3-x86_64-3.tgz: Recompiled. L software series/arts-1.5.9-x86_64-2.tgz: Recompiled. L software series/fribidi-0.10.9-x86_64-1.tgz: Upgraded to fribidi-0.10.9 L software series/gmime-2.2.17-x86_64-1.tgz: Upgraded to gmime-2.2.17. L software series/gmp-4.2.2-x86_64-1.tgz: Upgraded to gmp-4.2.2. L software series/jre-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 4. L software series/libglade-2.6.2-x86_64-1.tgz: Upgraded to libglade-2.6.2. L software series/libgtkhtml-2.11.1-x86_64-1.tgz: Upgraded to libgtkhtml-2.11.1 L software series/libidl-0.8.10-x86_64-1.tgz: Upgraded to libIDL-0.8.10. L software series/libidn-1.5-x86_64-1.tgz: Upgraded to libidn-1.5. L software series/libieee1284-0.2.11-x86_64-1.tgz: Upgraded to libieee1284-0.2.11. L software series/libmng-1.0.10-x86_64-1.tgz: Upgraded to libmng-1.0.10. L software series/libmcs-0.7.0-x86_64-1.tgz: Added libmcs-0.7.0 (replaces mcs package). L software series/libpng-1.2.25-x86_64-1.tgz: Upgraded to libpng-1.2.25. L software series/librsvg-2.22.1-x86_64-1.tgz: Upgraded to librsvg-2.22.1. L software series/libtheora-1.0beta2-x86_64-1.tgz: Upgraded to libtheora-1.0beta2. L software series/libwpd-0.8.14-x86_64-1.tgz: Upgraded to libwpd-0.8.14. L software series/libxml2-2.6.31-x86_64-2.tgz: Moved the man pages to the right location. L software series/mcs-0.4.1-x86_64-2.tgz: Removed. L software series/mpfr-2.3.1-x86_64-1.tgz: Upgraded to mpfr-2.3.1. L software series/pango-1.19.4-x86_64-1.tgz: Upgraded to pango-1.19.4. L software series/pcre-7.6-x86_64-1.tgz: Upgraded to pcre-7.6 L software series/pilot-link-0.12.3-x86_64-1.tgz: Upgraded to pilot-link-0.12.3 L software series/qca-1.0-x86_64-5.tgz: Recompiled. L software series/qca-tls-1.0-x86_64-7.tgz: Recompiled. L software series/qt-3.3.8b-x86_64-2.tgz: Recompiled against gcc-4.2.3. L software series/readline-5.2-x86_64-3.tgz: Applied all official patches L software series/sdl-1.2.13-x86_64-1.tgz: Upgraded to SDL-1.2.13, SDL_image-1.2.6, SDL_mixer-1.2.8, SDL_net-1.2.7, and SDL_ttf-2.0.9. L software series/slang-2.1.3-x86_64-1.tgz: Upgraded to slang-2.1.3. L software series/startup-notification-0.9-x86_64-1.tgz: Upgraded to startup-notification-0.9. L software series/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme. L software series/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added Tango theme extra icons. L software series/vte-0.16.12-x86_64-1.tgz: Upgraded to vte-0.16.12. N software series/dnsmasq-2.41-x86_64-1.tgz: Upgraded to dnsmasq-2.41. N software series/iptraf-3.0.0-x86_64-2.tgz: Absorbed the latest Debian patch. (thanks! :-) Add support for the legacy Ralink 2500 driver. N software series/net-snmp-5.4-x86_64-6.tgz: Recompiled to use vendor_perl. N software series/obexftp-0.21-x86_64-2.tgz: Recompiled to use vendor_perl. N software series/wget-1.11-x86_64-1.tgz: Upgraded to wget-1.11. N software series/wpa_supplicant-0.5.9-x86_64-1.tgz: Upgraded to wpa_supplicant-0.5.9. X software series/compiz-0.7.0-x86_64-1.tgz: Upgraded to compiz-0.7.0. X software series/luit-1.0.3-x86_64-1.tgz: Upgraded to luit-1.0.3. X software series/scim-1.4.7-x86_64-4.tgz: Default profile.d scripts to executable. X software series/xf86-video-trident-1.2.4-x86_64-1.tgz: Upgraded to xf86-video-trident-1.2.4. X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.1. X software series/xf86-video-ati-6.8.0-x86_64-1.tgz: Upgraded to xf86-video-ati-6.8.0. XAP software series/imagemagick-6.3.7_10-x86_64-1.tgz: Upgraded to ImageMagick-6.3.7-10. Changed build script to install Perl modules under vendor_perl. XAP software series/sane-1.0.19-x86_64-2.tgz: Fixed /var/lock permissions. XAP software series/xfce-4.4.2-x86_64-2.tgz: Patched a memory leak. The recompile also seemed to pick up new exo and pygtk features. EXTRA software/intel-wlan-iwlwifi/*: This replaces the older ipw3945 driver and daemon (no daemon required now). Support was also added for more chipsets, such as the ipw4965 series. EXTRA software/jdk-6/jdk-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 4. EXTRA software/ktorrent/ktorrent-2.2.5-x86_64-1.tgz: Upgraded to ktorrent-2.2.5. +--------------------------+ Mon Feb 25 19:44:53 EET 2008 A software series/mkinitrd-1.3.1-x86_64-3.tgz: Fixed a patch glitch glitch. +--------------------------+ Sun Feb 24 16:56:50 EET 2008 A software series/mkinitrd-1.3.1-x86_64-2.tgz: Make sure to copy both devices and symlinks to /dev in the initrd. Fixed a patch glitch. AP software series/hplip-2.8.2-x86_64-2.tgz: Fixed udev rules. X software series/m17n-lib-1.5.0-x86_64-2.tgz: Fixed --mandir. Thanks to Kris Karas. X software series/scim-1.4.7-x86_64-3.tgz: Make the library links first in the install script. isolinux/initrd.img: Made a minor cosmetic fix to the network script. Fixed an installer patch that caused preformatted filesystems to be misdetected in some cases. usb-and-pxe-installers/: Rebuilt. +--------------------------+ Sat Feb 23 20:39:08 EET 2008 A software series/kernel-huge-2.6.23.16-x86_64-2.tgz: Recompiled. A software series/kernel-modules-2.6.23.16-x86_64-2.tgz: Recompiled. D software series/binutils-2.18.50.0.4-x86_64-1.tgz: Upgraded to binutils-2.18.50.0.4. D software series/gcc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCC). D software series/gcc-g++-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (C++). D software series/gcc-gfortran-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (FORTRAN). D software series/gcc-gnat-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Ada). D software series/gcc-java-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCJ). D software series/gcc-objc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Objective-C). D software series/kernel-headers-2.6.23.16-x86_64-2.tgz: Rebuilt. D software series/oprofile-0.9.2-x86_64-6.tgz: Recompiled. K software series/kernel-source-2.6.23.16-noarch-2.tgz: Recompiled. L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-2.tgz: Rebuilt. L software series/qca-tls-1.0-x86_64-6.tgz: Rebuilt for Qt 3.3.8b. N software series/bluez-hcidump-1.41-x86_64-1.tgz: Upgraded to bluez-hcidump-1.41. N software series/bluez-libs-3.26-x86_64-1.tgz: Upgraded to bluez-libs-3.26. N software series/bluez-utils-3.26-x86_64-1.tgz: Upgraded to bluez-utils-3.26. isolinux/initrd.img: Rebuilt. kernels/huge.s/*: Rebuilt. usb-and-pxe-installers/: Updated. +--------------------------+ Fri Feb 22 14:57:08 EET 2008 A software series/cups-1.3.6-x86_64-1.tgz: Upgraded to cups-1.3.6. A software series/lilo-22.8-x86_64-6.tgz: Fixed some trivial bugs. AP software series/foomatic-filters-3.0_20080211-x86_64-1.tgz: Upgraded to foomatic-filters-3.0_20080211. AP software series/hplip-2.8.2-x86_64-1.tgz: Upgraded to hplip-2.8.2. D software series/git-1.5.4.2-x86_64-1.tgz: Upgraded to git-1.5.4.2. D software series/perl-5.8.8-x86_64-8.tgz: Added XML::Simple perl module for icon-naming-utils. L software series/cairo-1.4.14-x86_64-1.tgz: Upgraded to cairo-1.4.14. L software series/desktop-file-utils-0.14-x86_64-1.tgz: Upgraded to desktop-file-utils-0.14. L software series/gnome-icon-theme-2.20.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.20.0. L software series/gtk+2-2.12.8-x86_64-1.tgz: Upgraded to gtk+-2.12.8. L software series/hicolor-icon-theme-0.10-noarch-1.tgz: Upgraded to hicolor-icon-theme-0.10. L software series/icon-naming-utils-0.8.6-x86_64-1.tgz: Added utilities for naming icons. L software series/librsvg-2.20.0-x86_64-1.tgz: Upgraded to librsvg-2.20.0. L software series/ncurses-5.6-x86_64-3.tgz: Applied all official patches. L software series/taglib-1.5-x86_64-1.tgz: Upgraded to taglib-1.5. L software series/poppler-0.6.4-x86_64-1.tgz: Upgraded to poppler-0.6.4. Activated --enable-xpdf-headers option. L software series/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0. L software series/qt-3.3.8b-x86_64-1.tgz: Upgraded to qt-x11-free-3.3.8b. L software series/shared-mime-info-0.23-x86_64-1.tgz: Upgraded to shared-mime-info-0.23. X software series/xterm-232-x86_64-1.tgz: Upgraded to xterm-232. XAP software series/sane-1.0.19-x86_64-1.tgz: Upgraded sane-backends to version 1.0.19. Merged HAL/DBUS/udev fixes from Robby Workman. +--------------------------+ Thu Feb 21 22:39:42 EET 2008 A software series/lilo-22.8-x86_64-5.tgz: Added a simple splash screen ;). A software series/mkinitrd-1.3.1-x86_64-1.tgz: Merged patches for LVM/LUKS, hibernate, and RAID. Fixed a bug using -o with a relative path. A software series/sysvinit-scripts-1.2-noarch-15.tgz: Patched /etc/rc.d/rc.S for some of Eric's changes to LUKS handling in the initrd. A software series/etc-12.1-noarch-2.tgz: Fixed shared libs PATH in ld.so.conf. Thanks to Artur for reporting this. KDE software series/k3b-1.0.4-x86_64-1.tgz: Upgraded to k3b-1.0.4. KDE software series/kdeaccessibility-3.5.9-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.9. KDE software series/kdeaddons-3.5.9-x86_64-1.tgz: Upgraded to kdeaddons-3.5.9. KDE software series/kdeadmin-3.5.9-x86_64-1.tgz: Upgraded to kdeadmin-3.5.9. KDE software series/kdeartwork-3.5.9-x86_64-1.tgz: Upgraded to kdeartwork-3.5.9. KDE software series/kdebase-3.5.9-x86_64-1.tgz: Upgraded to kdebase-3.5.9. KDE software series/kdebindings-3.5.9-x86_64-1.tgz: Upgraded to kdebindings-3.5.9. KDE software series/kdeedu-3.5.9-x86_64-1.tgz: Upgraded to kdeedu-3.5.9. KDE software series/kdegames-3.5.9-x86_64-1.tgz: Upgraded to kdegames-3.5.9. KDE software series/kdegraphics-3.5.9-x86_64-1.tgz: Upgraded to kdegraphics-3.5.9. KDE software series/kdelibs-3.5.9-x86_64-1.tgz: Upgraded to kdelibs-3.5.9. KDE software series/kdemultimedia-3.5.9-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.9. KDE software series/kdenetwork-3.5.9-x86_64-1.tgz: Upgraded to kdenetwork-3.5.9. KDE software series/kdepim-3.5.9-x86_64-1.tgz: Upgraded to kdepim-3.5.9. KDE software series/kdesdk-3.5.9-x86_64-1.tgz: Upgraded to kdesdk-3.5.9. KDE software series/kdetoys-3.5.9-x86_64-1.tgz: Upgraded to kdetoys-3.5.9. KDE software series/kdeutils-3.5.9-x86_64-1.tgz: Upgraded to kdeutils-3.5.9. KDE software series/kdevelop-3.5.1-x86_64-1.tgz: Upgraded to kdevelop-3.5.1. KDE software series/kdewebdev-3.5.9-x86_64-1.tgz: Upgraded to kdewebdev-3.5.9. KDEi software series/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4. KDEi software series/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9. L software series/arts-1.5.9-x86_64-1.tgz: Upgraded to arts-1.5.9. L software series/libmad-0.15.1b-x86_64-3.tgz: Added mad.pc. L software series/libmusicbrainz-2.1.4-x86_64-2.tgz: Removed. L software series/libtunepimp-0.4.2-x86_64-3.tgz: Removed. X software series/scim-1.4.7-x86_64-2.tgz: Don't try to use SCIM as the input method if the package has been removed, or use scim-bridge if that package is not installed. Remove the LANG variables and give a pointer to the lang.* scripts. Install script bugfix. X software series/scim-bridge-0.4.14-x86_64-2.tgz: Install script bugfix. X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Removed. x/wqy-zenhei-font-ttf-0.4.23-noarch-1.tgz: Switched from Arphic to wqy-zenhei. isolinux/initrd.img: Added network install patches from Eric Hameleers. usb-and-pxe-installers/: Rebuilt with new patches. +--------------------------+ Sun Feb 17 19:46:08 EET 2008 AP software series/mysql-5.0.51a-x86_64-1.tgz: Upgraded to mysql-5.0.51a. X software series/anthy-9100e-x86_64-1.tgz: Added anthy-9100e. X software series/dejavu-fonts-ttf-2.23-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.23. X software series/libhangul-0.0.7-x86_64-1.tgz: Added libhangul-0.0.7. X software series/m17n-lib-1.5.0-x86_64-1.tgz: Added m17n-lib-1.5.0. X software series/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629. X software series/scim-1.4.7-x86_64-1.tgz: Added scim-1.4.7. X software series/scim-anthy-1.2.4-x86_64-1.tgz: Added scim-anthy-1.2.4. X software series/scim-bridge-0.4.14-x86_64-1.tgz: Added scim-bridge-0.4.14. X software series/scim-hangul-0.3.2-x86_64-1.tgz: Added scim-hangul-0.3.2. X software seriesx/scim-m17n-0.2.2-x86_64-1.tgz: Added scim-m17n-0.2.2. X software series/scim-pinyin-0.5.91-x86_64-1.tgz: Added scim-pinyin-0.5.91. X software series/scim-tables-0.5.7-x86_64-1.tgz: Added scim-tables-0.5.7. X software series/sinhala_lklug-font-ttf-20060929-noarch-1.tgz: Added sinhala_lklug-font-ttf-20060929. X software series/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901. X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Added ttf-arphic-uming-0.1.20060928. +--------------------------+ Fri Feb 15 11:32:37 EET 2008 N software series/httpd-2.2.8-x86_64-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 [*** Security fix ***] +--------------------------+ Wed Feb 13 09:42:39 EET 2008 XAP software series/mozilla-firefox-2.0.0.12-x86_64-1.tgz: Upgraded to firefox-2.0.0.12. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [** Security fix ***] XAP software series/seamonkey-1.1.8-x86_64-1.tgz: Upgraded to seamonkey-1.1.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Tue Feb 12 17:59:48 EET 2008 A software series/kernel-huge-2.6.23.16-x86_64-1.tgz: Upgraded to Linux 2.6.23.16 SMP huge.s (full-featured) kernel. This kernel upgrade fix yesterday's local root exploit. The kernel headers did not change, so a glibc rebuild is not required. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 [*** SECURITY FIX ***] If you use lilo, don't forget to run it again after the upgrade. A software series/kernel-modules-2.6.23.16-x86_64-1.tgz Upgraded to Linux 2.6.23.16 SMP kernel modules. D software series/kernel-headers-2.6.23.16-x64_64-1.tgz: Upgraded to Linux 2.6.23.16 SMP kernel headers. K software series/kernel-source-2.6.23.16-noarch-1.tgz Upgraded to Linux 2.6.23.16 SMP kernel source. [*** SECURITY FIX ***] L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-1.tgz: Rebuilt for 2.6.23.16 kernels. isolinux/initrd.img: Upgraded modules to 2.6.23.16. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.16 (SMP). [*** SECURITY FIX ***] usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.23.16 modules. +--------------------------+ Mon Feb 11 18:30:16 EET 2008 A software series/cups-1.3.5-x86_64-1.tgz: Upgraded to cups-1.3.5. A software series/e2fsprogs-1.40.6-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.6. L software series/glib2-2.14.6-x86_64-1.tgz: Upgraded to glib-2.14.6. XAP oftware series/gimp-2.4.4-x86_64-1.tgz: Upgraded to gimp-2.4.4. isolinux/initrd.img: Upgraded libraries and utilities to e2fsprogs-1.40.6. usb-and-pxe-installers/: Updated libraries and utilities to e2fsprogs-1.40.6. +--------------------------+ Sun Feb 10 13:42:01 EET 2007 K software series/kernel-source-2.6.23.15-noarch-2.tgz: Fixed /usr/src/linux symlink. usb-and-pxe-installers/*: Upgraded to Linux 2.6.23.15 SMP kernel modules. isolinux/initrd.img: Fixed some text in /etc/issue. +--------------------------+ Sun Feb 10 02:16:11 EET 2008 A software series/device-mapper-1.02.24-x86_64-1.tgz: Upgraded to device-mapper.1.02.24. A software series/glibc-solibs-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. Bumped everything to -6 since glibc-zoneinfo has been at -5 already. A software series/glibc-zoneinfo-2.7-noarch-6.tgz: Rebuilt. A software series/kernel-huge-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel modules. D software series/kernel-headers-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel headers. K software series/kernel-source-2.6.23.15-noarch-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel source. A software series/lvm2-2.02.33-x86_64-1.tgz: Upgraded to LVM2.2.02.33. L software series/glibc-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. L software series/glibc-i18n-2.7-noarch-6.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. L software series/svgalib_helper-1.9.25_2.6.23.15-x86_64-1.tgz: Rebuilt for 2.6.23.15 kernels. XAP software series/xine-lib-1.1.10.1-x86_64-1.tgz: Upgraded to xine-lib-1.1.10.1. isolinux/initrd.img: Massive overhaul, primarily the work and initiative of Eric Hameleers. Work above and beyond the call of duty. If we gave out medals of honor, this would deserve one. :-) The installer now supports network installs from not just NFS, but also HTTP and FTP. Please be nice to our mirrors -- this feature is _intended_ for use within private networks from your own "site". Work is also underway to fully support unattended/remote installs. The installer has both a small ssh and sshd (dropbear). Thanks again Eric! This is something that's been on the drawing board for many years. isolinux/network.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules. isolinux/pcmcia.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.15. usb-and-pxe-installers/: usbboot.img: Converted to FAT (16 bit) FS. Thanks to Gerardo Exequiel Pozzi for reporting that usbboot.img uses ext2fs. +--------------------------+ Wed Feb 6 12:19:42 EET 2008 E software series/emacs-info-21.4a-x86_64-1.tgz: Renamed to emacs-info-21.4a. E software series/emacs-leim-21.4a-x86_64-1.tgz: Renamed to emacs-leim-21.4a. E software series/emacs-lisp-21.4a-x86_64-1.tgz: Renamed to emacs-lisp-21.4a. E software series/emacs-nox-21.4a-x86_64-2.tgz: Renamed to emacs-nox-21.4a. E software series/emacs-misc-21.4a-x86_64-1.tgz: Renamed to emacs-misc-21.4a. Thanks to Gerardo Exequiel for pointing out that this emacs packages has a wrong version name. Only the packages, the software itself is 21.4a ;). L software series/arts-1.5.8-x86_64-1.tgz: Upgraded to arts-1.5.8. Thanks to Gerardo Exequiel Pozzi for reporting this. KDEi/software series/k3b-i18n-1.0.3-noarch-1.tgz: Upgraded to /k3b-i18n-1.0.3. Thanks to Gerardo Exequiel Pozzi for reporting this. This two upgrades was unintentionally missed ;). +--------------------------+ Sat Feb 2 11:07:31 EET 2008 A software series/e2fsprogs-1.40.5-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.5. D software series/subversion-1.4.6-x86_64-1.tgz: Upgraded to subversion-1.4.6. KDE software series/kdesdk-3.5.8-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs. A couple of bugzilla-related files have now appeared in the package. KDE software series/kdevelop-3.5.0-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs. L software series/apr-1.2.12-x86_64-1.tgz: Upgraded to apr-1.2.12. L software series/apr-util-1.2.12-x86_64-1.tgz: Upgraded to apr-util-1.2.12. L software series/neon-0.26.4-x86_64-1.tgz: Upgraded to neon-0.26.4. There are newer versions, but this is newer than what we had and allows everything to work for now. XAP software series/audacious-1.4.6-x86_64-1.tgz: Upgraded to audacious-1.4.6. XAP software series/audacious-plugins-1.4.5-x86_64-1.tgz: Upgraded to audacious-plugins-1.4.5. Now with an upgraded neon library, this uses neon for http/https transport. +--------------------------+ Fri Feb 1 18:27:07 EET 2008 AP software series/alsa-utils-1.0.15-x86_64-1.tgz: Upgraded to alsa-utils-1.0.15. L software series/alsa-lib-1.0.15-x86_64-1.tgz: Upgraded to alsa-lib-1.0.15. L software series/alsa-oss-1.0.15-x86_64-1.tgz: Upgraded to alsa-oss-1.0.15. X software series/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias. The install scripts will make it. X software series/libXmu-1.0.4-x86_64-1.tgz: Upgraded to libXmu-1.0.4. X software series/xf86-video-nv-2.1.7-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.7. X software series/xinput-1.3.0-x86_64-1.tgz: Added xinput-1.3.0. +--------------------------+ Thu Jan 31 18:29:59 EET 2008 D software series/ruby-1.8.6_p111-x86_64-2.tgz: Moved some comments out of the ./configure part of the build script to fix a couple of missed options. KDE software series/amarok-1.4.8-x86_64-1.tgz: Upgraded to amarok-1.4.8. L software series/atk-1.21.5-x86_64-1.tgz: Upgraded to atk-1.21.5. L software series/gtk+2-2.12.7-x86_64-1.tgz: Upgraded to gtk+-2.12.7. L software series/libmowgli-0.6.0-x86_64-1.tgz: Added libmowgli-0.6.0, which is needed by Audacious. L software series/libmtp-0.2.5-x86_64-1.tgz: Upgraded to libmtp-0.2.5. L software series/libgpod-0.6.0-x86_64-1.tgz: Upgraded to libgpod-0.6.0 (major version bump). L software series/pango-1.19.3-x86_64-1.tgz: Upgraded to pango-1.19.3. XAP software series/audacious-1.4.5-x86_64-1.tgz: Upgraded to audacious-1.4.5. XAP software series/audacious-plugins-1.4.4-x86_64-1.tgz: Upgraded to audacious-plugins-1.4.4-x86_64-1.tgz. XAP software series/xine-lib-1.1.10-x86_64-1.tgz: Upgraded to xine-lib-1.1.10. EXTRA software/slackpkg/slackpkg-2.70-noarch-1.tgz: Upgraded to slackpkg-2.70. +--------------------------+ Wed Jan 9 21:24:05 EET 2008 AP software series/nano-2.0.7-x86_64-1.tgz: Upgraded to nano-2.0.7. D software series/mercurial-0.9.5-x86_64-1.tgz: Upgraded to mercurial-0.9.5. D software series/ruby-1.8.6_p111-x86_64-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111. L software series/atk-1.20.0-x86_64-1.tgz: Upgraded to atk-1.20.0. L software series/glib2-2.14.5-x86_64-1.tgz: Upgraded to glib-2.14.5. L software series/gtk+2-2.12.4-x86_64-1.tgz: Upgraded to gtk+-2.12.4. L software series/libxml2-2.6.30-x86_64-1.tgz: Upgraded to libxml2-2.6.30. L software series/libxslt-1.1.22-x86_64-1.tgz: Upgraded to libxslt-1.1.22. L software series/pango-1.19.2-x86_64-1.tgz: Upgraded to pango-1.19.2. L software series/pycairo-1.4.12-x86_64-1.tgz: Added pycairo-1.4.12. L software series/pygobject-2.14.1-x86_64-1.tgz: Added pygobject-2.14.1. L software series/pygtk-2.12.1-x86_64-1.tgz: Added pygtk-2.12.1. L software series/pyrex-0.9.6.4-x86_64-1.tgz: Added Pyrex-0.9.6.4. X software series/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE** Upgraded to version 2.22. X software series/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3. X software series/xf86-video-ati-6.7.197-x86_64-1.tgz: Upgraded to xf86-video-ati-6.7.197. X software series/xf86-video-radeonhd-1.1.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.1.0. XAP software series/seamonkey-1.1.7-x86_64-2.tgz: Use the system cairo to avoid a compile error. Patched a Makefile.in to avoid another compile error with the new GTK+. +--------------------------+ Tue Jan 1 15:57:16 EET 2008 A software series/glibc-zoneinfo-2.7-noarch-5.tgz: Upgraded to tzdata2007k. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) +--------------------------+ Mon Dec 24 12:56:19 EET 2007 isolinux/network.dsk, pcmcia.dsk: Recreated to reflect the current changes. usb-and-pxe-installers/usboot.img: Recreated to reflect the current changes. +--------------------------+ Sun Dec 23 17:55:14 EET 2007 L software series/libgsf-1.14.7-x86_64-1.tgz: Upgraded to libgsf-1.14.7. A software series/glibc-solibs-2.7-x86_64-4.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.12 kernel headers. A software series/glibc-zoneinfo-2.7-noarch-4.tgz: Upgraded to tzdata2007j. A software series/kernel-huge-2.6.23.12-x86_64-1.tgz: Upgraded to Linux 2.6.23.12 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.12-x86_64-1.tgz Upgraded to Linux 2.6.23.12 SMP kernel modules. D software series/kernel-headers-2.6.23.12-x86_64-1.tgz: Upgraded to Linux 2.6.23.12 SMP kernel headers. D software series/kernel-source-2.6.23.12-noarch-1.tgz Upgraded to Linux 2.6.23.12 SMP kernel source. L software series/glibc-2.7-x86_64-4.tgz: Rebuilt against Linux 2.6.23.12 kernel headers. L software series/glibc-i18n-2.7-noarch-4.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-4.tgz: Rebuilt against Linux 2.6.23.12 headers. L software series/svgalib_helper-1.9.25_2.6.23.12-x86_64-1.tgz: Recompiled for Linux 2.6.23.12. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.12. usb-and-pxe-installers/: Updated USB and PXE installers. A software series/pkgtools-12.1.0-noarch-2.tgz: Fixed a regex bug in a grep in installpkg that could cause packages that do not conform to the FHS (those containing single- character top-level directories) to not be removable or upgradeable through the pkgtools. Made the top-line with -infobox more terse since some of the package names have become too long to fit, and were disturbing the infobox's formatting. isolinux/initrd.img: Upgraded to the latest installpkg. +--------------------------+ Sat Dec 15 13:40:34 EET 2007 A software series/mkinitrd-1.3.0-x86_64-4.tgz: Fixed a bug that could cause modprobe to attempt to load the same module more than once (due to whitespace differences in the initramfs's load_kernel_modules script). AP software series/mysql-5.0.51-x86_64-1.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 [*** Security fix *** F software series/linux-howtos-20071214-noarch-1.tgz: Upgraded to linux-howtos-20071214. L software series/hal-info-20071212-noarch-1.tgz: Upgraded to hal-info-20071212. L software series/libpng-1.2.24-x86_64-1.tgz: Upgraded to libpng-1.2.24. N software series/nmap-4.50-x86_64-1.tgz: Upgraded to nmap-4.50. X software series/xf86-input-joystick-1.3.1-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.1. X software series/xf86-video-radeonhd-1.0.0-x86_64-1.tgz: Added xf86-video-radeonhd-1.0.0. X software series/xorg-server-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-1.4.0.90. X software series/xorg-server-xnest-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-xnest-1.4.0.90. X software series/xorg-server-xvfb-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-xvfb-1.4.0.90. XAP software series/imagemagick-6.3.7_4-x86_64-1.tgz: Upgraded to ImageMagick-6.3.7-4. +--------------------------+ Tue Dec 11 21:52:51 EET 2007 L software series/vte-0.16.10-x86_64-1.tgz: Upgraded to vte-0.16.10. N software series/proftpd-1.3.1-x86_64-1.tgz: Upgraded to proftpd-1.3.1. N software series/samba-3.0.28-x86_64-1.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ [*** Security fix ***] XAP software series/gkrellm-2.3.1-x86_64-1.tgz: Upgraded to gkrellm-2.3.1. XAP software series/pidgin-2.3.1-x86_64-1.tgz: Upgraded to pidgin-2.3.1. XAP software series/xchat-2.8.4-x86_64-1.tgz: Upgraded to xchat-2.8.4. EXTRA/ktorrent/ktorrent-2.2.4-x86_64-1.tgz: Upgraded to ktorrent-2.2.4. +--------------------------+ Thu Dec 6 11:02:11 EET 2007 A software series/hdparm-7.7-x86_64-1.tgz: Upgraded to hdparm-7.7. Moved hdparm binary to /sbin. A software series /kernel-huge-2.6.23.9-x86_64-2.tgz: Rebuilt. A software series/kernel-modules-2.6.23.9-x86_64-2.tgz Added JFFS2 modules. D software series/kernel-headers-2.6.23.9-x86_64-2.tgz: Rebuilt. K software series/kernel-source-2.6.23.9-noarch-2.tgz: Reconfigured to include the option for JFFS2, a journalling flash file system. L software series/svgalib_helper-1.9.25_2.6.23.9-x86_64-2.tgz: Recompiled. XAP software series/gimp-2.4.2-x86_64-1.tgz: Upgraded to gimp-2.4.2. isolinux/network.dsk, pcmcia.dsk; Upgraded kernel modules. kernels/huge.s/*: Upgraded huge.s kernel. usb-and-pxe-installers/: Updated USB and PXE installers. +--------------------------+ Tue Dec 4 23:53:02 EET 2007 A software series/inotify-tools-3.12-x86_64-1.tgz: Added inotify-tools-3.12. AP software series/cdparanoia-III10pre0-x86_64-1.tgz: Upgraded to cdparanoia-III-10pre0. AP software series/hplip-2.7.10-x86_64-2.tgz: Rebuilt with some fixes to the build script. KDE software series/amarok-1.4.7-x86_64-2.tgz: Recompiled against libmtp-0.2.4. L software series/cairo-1.4.12-x86_64-1.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 [*** Security fix ***] L software series/libmtp-0.2.4-x86_64-1.tgz: Upgraded to libmtp-0.2.4. L software series/libnjb-2.2.6-x86_64-2.tgz: Updated udev rules. N software series/bluez-hcidump-1.40-x86_64-1.tgz: Upgraded to bluez-hcidump-1.40. N software series/bluez-libs-3.22-x86_64-1.tgz: Upgraded to bluez-libs-3.22. N software series/bluez-utils-3.22-x86_64-1.tgz: Upgraded to bluez-utils-3.22. N software series/gnupg2-2.0.7-x86_64-1.tgz: Upgraded to gnupg2-2.0.7. N software series/gnutls-2.0.4-x86_64-1.tgz: Upgraded to gnutls-2.0.4. N software series/gpgme-1.1.5-x86_64-1.tgz: Upgraded to gpgme-1.1.5. N software series/libassuan-1.0.3-x86_64-1.tgz: Upgraded to libassuan-1.0.3. N software series/libgpg-error-1.6-x86_64-1.tgz: Upgraded to libgpg-error-1.6. N software series/libksba-1.0.2-x86_64-1.tgz: Upgraded to libksba-1.0.2. N software series/mcabber-0.9.5-x86_64-1.tgz: Upgraded to mcabber-0.9.5. N software series/pinentry-0.7.4-x86_64-1.tgz: Upgraded to pinentry-0.7.4. N software series/samba-3.0.27a-x86_64-1.tgz: Upgraded to samba-3.0.27a. This update fixes a crash bug regression experienced by smbfs clients caused by the fix for CVE-2007-4572. XAP software/xfce-4.4.2-x86_64-1.tgz: Upgraded to xfce-4.4.2. Thanks to Robby Workman for the build script. This fixes a minor security bug in Terminal: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 [*** Security fix ***] +--------------------------+ Sun Dec 2 11:48:09 EET 2007 N software series/rsync-2.6.9-x86_64-2.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html [*** Security fix ***] XAP software series/mozilla-firefox-2.0.0.11-x86_64-1.tgz: Upgraded to Firefox 2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. +--------------------------+ Fri Nov 30 20:16:36 EET 2007 XAP software series/seamonkey-1.1.7-x86_64-1.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] A software series/mkinitrd-1.3.0-x86_64-3.tgz: Fixed a missing '--parents' in a cp command. A software series/glibc-solibs-2.7-x86_64-3.tgz: Fixed incorrect version numbers in the install script. A software series/glibc-zoneinfo-2.7-noarch-3.tgz: Rebuilt. L software series/glibc-2.7-x86_64-3.tgz: Fixed incorrect version numbers in the install script. L software series/glibc-i18n-2.7-noarch-3.tgz: Rebuilt. L software series/glibc-profile-2.7-x86_64-3.tgz: Rebuilt. +--------------------------+ Thu Nov 29 22:18:43 EET 2007 AP software series/cdrtools-2.01.01a36-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a36. A software series/glibc-solibs-2.7-x86_64-2.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.9 kernel headers. A software series/glibc-zoneinfo-2.7-noarch-2.tgz: Upgraded to tzdata2007i. A software series/kernel-huge-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel modules. AP software series/ghostscript-8.61-x86_64-1.tgz: Upgraded to ghostscript-8.61. This is still under the GPL -- just FYI, I do not know why the package name changed. This package replaces gnu-ghostscript-8.60.0-x86_64-2. D software series/kernel-headers-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel headers. K software series/kernel-source-2.6.23.9-noarch-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel source. L software series/gamin-0.1.9-x86_64-1.tgz: Upgraded to gamin-0.1.9. L software series/glibc-2.7-x86_64-2.tgz: Upgraded to glibc-2.7, built against Linux 2.6.23.9 kernel headers. * NOTE: Packages for -current built after this batch of packages (up to * the datestamp above) will be linked against glibc-2.7 and _may_ not work * on systems running earlier versions of glibc (such as Bluewhite64 12.0 * systems running glibc-2.5). L software series/glibc-i18n-2.7-noarch-2.tgz: Upgraded to glibc-2.7 locale files. L software series/glibc-profile-2.7-x86_64-2.tgz: Upgraded to glibc-2.7 profile libs. L software series/svgalib_helper-1.9.25_2.6.23.9-x86_64-1.tgz: Recompiled for Linux 2.6.23.9. isolinux/initrd.img: Upgraded to glibc-2.7. Added dmidecode. isolinux/network.dsk, pcmcia.dsk; Upgraded to 2.6.23.9 kernel modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.9. usb-and-pxe-installers/: Updated USB and PXE installers. +--------------------------+ Wed Nov 28 23:13:59 EET 2007 A software series/mkinitrd-1.3.0-x86_64-2.tgz: Edited two spots where grep was searching for / rather than ' on / '. +--------------------------+ Wed Nov 28 20:40:53 EET 2007 A software series/mkinitrd-1.3.0-x86_64-1.tgz: Upgraded to mkinitrd-1.3.0. This fixes a bug where some module options could be ignored. XAP software series/mozilla-firefox-2.0.0.10-x86_64-1.tgz: Upgraded to firefox-2.0.0.10. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] +--------------------------+ Wed Nov 21 22:12:46 EET 2007 A software series/kernel-huge-2.6.23.8-x86_64-1.tgz: Upgraded to Linux 2.6.23.8 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.8-x86_64-1.tgz Upgraded to Linux 2.6.23.8 SMP kernel modules. D software series/kernel-headers-2.6.23.8-x86_64-1.tgz: Upgraded to Linux 2.6.23.8 SMP kernel headers. K software series/kernel-source-2.6.23.8-noarch-1.tgz Upgraded to Linux 2.6.23.8 SMP kernel source. L software series/libpng-1.2.23-x86_64-1.tgz: Upgraded to libpng-1.2.23. Previous libpng versions may crash when loading malformed PNG files. It is not currently known if this vulnerability can be exploited to execute malicious code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 [*** Security fix ***] L software series/svgalib_helper-1.9.25_2.6.23.8-x86_64-1.tgz: Recompiled for Linux 2.6.23.8. isolinux/network.dsk, pcmcia.dsk; upgraded to 2.6.23.8 kernel modules. initrd.img: Upgraded to hdparm-7.6. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.8. usb-and-pxe-installers/: Updated USB and PXE installers. XAP software series/mozilla-thunderbird-2.0.0.9-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.9. This update fixes the following security related issues: URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36). Crashes with evidence of memory corruption (MFSA 2007-29). OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox. JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on. For more information, see: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 [*** Security fix ***] +--------------------------+ Sun Nov 18 00:36:19 EET 2007 AP software series/cdparanoia-IIIalpha9.8-x86_64-4.tgz: Recompiled with SG_IO patch. This didn't seem to make a noticable difference, but to someone it might. X software series/xf86-video-intel-2.2.0-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.0 X software series/xf86-video-sis-0.9.4-x86_64-1.tgz: Upgraded to xf86-video-sis-0.9.4. OK, now that that Samba fix is done, we can give you a working X server. :-) Evidently, the HAL/D-Bus enabled X server, xf86-input-evdev, and one of HAL's .fdi files aren't playing well together. After considering three possible workarounds, it was decided to disable D-Bus/HAL support in the X server for now. If you really want to play with X input hotplugging, it's easy enough to modify the source/x/x11/configure xorg-server configure file to enable D-Bus and HAL and run: ./x11.SlackBuild xserver xorg-server Xdmx remains gone per X build recommendations. X software series/xorg-server-1.4-x86_64-4.tgz: Recompiled without input hotplugging support. X software series/xorg-server-xnest-1.4-x86_64-4.tgz: Rebuilt. X software series/xorg-server-xvfb-1.4-x86_64-4.tgz: Rebuilt. XAP software series/xscreensaver-5.04-x86_64-1.tgz: Upgraded to xscreensaver-5.04. N software series/samba-3.0.27-x86_64-1.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 [*** Security fix ***] +--------------------------+ Thu Nov 15 13:58:13 EET 2007 X software series/xf86-input-evdev-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-evdev-1.2.0. X software series/xf86-input-joystick-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.0. X software series/mesa-7.0.2-x86_64-1.tgz: Upgraded to mesa-7.0.2. X software series/xf86-video-ati-6.7.196-x86_64-1.tgz: Upgraded to xf86-video-ati-6.7.196. X software series/xf86-video-intel-2.1.99-x86_64-1.tgz: Upgraded to xf86-video-intel-2.1.99. X software series/xorg-server-1.4-x86_64-2.tgz: Rebuilt against Mesa 7.0.2. Removed support for XDMX, as the code is not maintained and interferes with input hotplug support. X software series/xorg-server-xdmx-1.4-x86_64-1.tgz: Removed. X software series/xorg-server-xnest-1.4-x86_64-2.tgz: Rebuilt. X software series/xorg-server-xvfb-1.4-x86_64-2.tgz: Rebuilt. +--------------------------+ Mon Nov 12 22:23:43 EET 2007 KDE software series/kdegraphics-3.5.8-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] KDE software series/koffice-1.6.3-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] L software series/pcre-7.4-x86_64-1.tgz: Upgraded to pcre-7.4. L software series/poppler-0.6.2-x86_64-1.tgz: Upgraded to poppler-0.6.2. This release fixes xpdf related bugs. For more information, see: http://poppler.freedesktop.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] XAP software series/xpdf-3.02pl2-x86_64-1.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] +--------------------------+ Mon Nov 12 01:22:25 EET 2007 N software series/php-5.2.5-x86_64-1.tgz: Upgraded to php-5.2.5. This fixes bugs and security issues. For more information, see: http://www.php.net/releases/5_2_5.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 [** Security fix ***] +--------------------------+ Sat Nov 10 16:48:47 EET 2007 AP software series/gnu-ghostscript-8.60.0-x86_64-2.tgz: ./configured with --disable-compile-inits option, which disables a new default of compiling in various configuration values (such as paper size) rather than reading them from the traditional config file. XAP software series/mozilla-firefox-2.0.0.9-x86_64-1.tgz: Upgraded to firefox-2.0.0.9. This upgrade improves the stability of Firefox. For more information, see: http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/ XAP software series/seamonkey-1.1.6-x86_64-1.tgz: Upgraded to SeaMonkey 1.1.6. This upgrade fixes SeaMonkey's ability to display certain types of web pages. That's about all we could find about it here: http://www.mozilla.org/projects/seamonkey/ testing/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-2.tgz: Added libXss and libXv. +--------------------------+ Mon Nov 5 12:15:39 EET 2007 X software series/libXft-2.1.12-x86_64-2.tgz: Recompiled to fix issues with bold font rendering. +--------------------------+ Fri Nov 2 10:39:15 EET 2007 A software series/cups-1.3.4-x86_64-1.tgz: Upgraded to cups-1.3.4. An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 [*** Security fix ***] +--------------------------+ A software series/pkgtools-12.1.0-noarch-1.tgz: Upgraded to pkgtools-12.1.0-noarch-1. Fixed the following issues with removepkg: Fix problem removing packages with a large number of fields. Thanks to Niki Kovacs for noticing this, and to Piter Punk for the patch. Use LC_ALL=C locale, which is much faster with "sort". Thanks to Tsomi. Don't try to remove any package that starts with '-'. This is not a proper package name (usually a typo), and results in the package database being broken as the "package" beginning with '-' is passed along as an option to a command later in the script. Thanks to Jef Oliver. Patched cat_except() to allow the last Bluewhite64 package on a partition to be removed (using ROOT=, of course). Thanks to Selkfoster for the patch, and to everyone else who proposed solutions before. This issue really wasn't given the highest priority before, but as long as I was here... Fixed pkgtool to handle much larger numbers of installed packages. Thanks to Gabriele Inghirami for the patch. NOTE: If you upgrade to the glibc packages below, be sure you are really wishing to test them, because reverting to the old version is not easy. However, these packages have (so far) passed the tests done here. testing/packages/glibc-2.7-x86_64-1.tgz: Added glibc-2.7. testing/packages/glibc-i18n-2.7-noarch-1.tgz: Added glibc-i18n-2.7. testing/packages/glibc-profile-2.7-x86_64-1.tgz: Added glibc-profile-2.7. testing/packages/glibc-solibs-2.7-x86_64-1.tgz: Added glibc-solibs-2.7. testing/packages/glibc-zoneinfo-2.7-noarch-1.tgz: Added glibc-zoneinfo-2.7. +--------------------------+ Sun Oct 28 23:47:43 EET 2007 X software series/xf86-video-nv-2.1.6-x86_64-1.tgz: Upgraded to xf86-video-nv. X software series/compiz-0.6.2-x86_64-1.tgz: Upgraded to compiz-0.6.2. X software series/pixman-0.9.6-x86_64-1.tgz: Upgraded to pixman-0.9.6. X software series/glproto-1.4.9-noarch-1.tgz: Upgraded to glproto-1.4.9. +--------------------------+ Thu Oct 25 20:19:54 EEST 2007 L software series/librsvg-2.18.2-x86_64-1.tgz: Upgraded to librsvg-2.18.2. XAP software series/gimp-2.4.0-x86_64-1.tgz: Upgraded to gimp-2.4.0. XAP software series/mozilla-firefox-2.0.0.8-x86_64-1.tgz: Upgraded to firefox-2.0.0.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/seamonkey-1.1.5-x86_54-1.tgz: Upgraded to seamonkey-1.1.5. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] +--------------------------+ Sun Oct 21 00:30:32 EEST 2007 AP software series/hplip-2.7.10-x86_64-1.tgz: Upgraded to hplip-2.7.10. A software series/libpng-1.2.22-x86_64-1.tgz: Upgraded to libpng-1.2.22. A software series/openssl-solibs-0.9.8g-x86_64-1.tgz: Upgraded to openssl-solibs-0.9.8g. N software series/openssh-4.7p1-x86_64-2.tgz: Recompiled against openssl-0.9.8g. N software series/openssl-0.9.8g-x86_64-1.tgz: Upgraded to openssl-0.9.8g. L software series/poppler-0.6.1-x86_64-1.tgz: Upgraded to poppler-0.6.1. L software series/poppler-data-0.1.1-noarch-1.tgz: Upgraded to poppler-data-0.1.1. A software series/cups-1.3.3-x86_64-1.tgz: Upgraded to cups-1.3.3. A software series/dialog-1.1_20070930-x86_64-1.tgz: Upgraded to dialog-1.1-20070930 A software series/etc-12.1-noarch-1.tgz: Added "tape" group. A software series/glibc-solibs-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. A software series/glibc-zoneinfo-2.5-noarch-4.tgz: Upgraded to tzcode2007h and tzdata2007h. A software series/jfsutils-1.1.12-x86_64-1.tgz: Upgraded to jfsutils-1.1.12. A software series/kernel-huge-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP kernel modules. A software series/kernel-test26-2.6.22-x86_64-1.tgz: Removed. A software series/module-init-tools-3.4-x86_64-1.tgz: Upgraded to module-init-tools-3.4. A software series/mkinitrd-1.2.0-x86_64-1.tgz: Updated to busybox-1.7.2 and dialog-1.1-20070930. A software series/openssl-solibs-0.9.8f-x86_64-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Bluewhite64 is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) [*** Security fix ***] A software series/syslinux-3.52-x86_64-1.tgz: Upgraded to syslinux-3.52. A software series/sysvinit-scripts-1.2-noarch-14.tgz: In rc.M, execute "mount -a" to mount any filesystems not already mounted. A software series/udev-116-x86_64-1.tgz: Upgraded to udev-116. AP software series/espgs-8.15.4-x86_64-2.tgz: Removed. This is replaced by gnu-ghostscript. AP software series/foomatic-filters-3.0_20070919-x86_64-1.tgz: Added. This is a printer filter required to use Gutenprint or HPLIP with CUPS. AP software series/gutenprint-5.0.1-x86_64-2.tgz: Added gutenprint-5.0.1, which is the new version of (and name for) gimp-print. AP software series/gnu-ghostscript-8.60.0-x86_64-1.tgz: Added gnu-ghostscript-8.60.0. This replaces the espgs (ESP Ghostscript) package. AP software series/hplip-2.7.9-x86_64-1.tgz: Upgraded to hplip-2.7.9. Note that this no longer requires daemons to be started at boot time, so any /etc/rc.d/rc.hplip script can be removed. AP software series/mysql-5.0.45-x86_64-1.tgz: Upgraded to mysql-5.0.45. AP software series/vim-7.1.138-x86_64-1.tgz: Upgraded to vim-7.1.138. D software series/git-1.5.3.3-x86_64-1.tgz: Upgraded to git-1.5.3.3. D software series/kernel-headers-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP kernel headers. K software series/kernel-source-2.6.23.1-noarch-1.tgz Upgraded to Linux 2.6.23.1 SMP kernel source. KDE software series/amarok-1.4.7-x86_64-1.tgz: Upgraded to amarok-1.4.7. KDE software series/k3b-1.0.3-x86_64-1.tgz: Upgraded to k3b-1.0.3. KDE software series/kdeaccessibility-3.5.8-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.8. KDE software series/kdeaddons-3.5.8-x86_64-1.tgz: Upgraded to kdeaddons-3.5.8. KDE software series/kdeadmin-3.5.8-x86_64-1.tgz: Upgraded to kdeadmin-3.5.8. KDE software series/kdeartwork-3.5.8-x86_64-1.tgz: Upgraded to kdeartwork-3.5.8. KDE software series/kdebase-3.5.8-x86_64-1.tgz: Upgraded to kdebase-3.5.8. KDE software series/kdeedu-3.5.8-x86_64-1.tgz: Upgraded to kdeedu-3.5.8. KDE software series/kdegames-3.5.8-x86_64-1.tgz: Upgraded to kdegames-3.5.8. KDE software series/kdegraphics-3.5.8-x86_64-1.tgz: Upgraded to kdegraphics-3.5.8. KDE software series/kdelibs-3.5.8-x86_64-1.tgz: Upgraded to kdelibs-3.5.8. KDE software series/kdemultimedia-3.5.8-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.8. KDE software series/kdenetwork-3.5.8-x86_64-1.tgz: Upgraded to kdenetwork-3.5.8. KDE software series/kdepim-3.5.8-x86_64-1.tgz: Upgraded to kdepim-3.5.8. KDE software series/kdesdk-3.5.8-x86_64-1.tgz: Upgraded to kdesdk-3.5.8. KDE software series/kdetoys-3.5.8-x86_64-1.tgz: Upgraded to kdetoys-3.5.8. KDE software series/kdeutils-3.5.8-x86_64-1.tgz: Upgraded to kdeutils-3.5.8. KDE software series/kdevelop-3.5.0-x86_64-1.tgz: Upgraded to kdevelop-3.5.0. KDE software series/kdewebdev-3.5.8-x86_64-1.tgz: Upgraded to kdewebdev-3.5.8. KDEi software series/kde-i18n-*-3.5.8-noarch-1.tgz: Upgraded to kde-i18n-3.5.8. L software series/dbus-glib-0.74-x86_64-1.tgz: Upgraded to dbus-glib-0.74. L software series/freetype-2.3.5-x86_64-1.tgz: Upgraded to freetype-2.3.5. L software series/glib2-2.12.13-x86_64-1.tgz: Upgraded to glib-2.12.13. L software series/glibc-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. L software series/glibc-i18n-2.5-noarch-5.tgz: Rebuilt. L software series/glibc-profile-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. L software series/gtk+2-2.10.14-x86_64-1.tgz: Upgraded to gtk+-2.10.14. L software series/hal-0.5.10-x86_64-1.tgz: Upgraded to hal-0.5.10. L software series/hal-info-20071011-noarch-1.tgz: Upgraded to hal-info-20071011. L software series/libao-0.8.8-x86_64-1.tgz: Upgraded to libao-0.8.8. L software series/libgpod-0.5.2-x86_64-1.tgz: Upgraded to libgpod-0.5.2. L software series/libnjb-2.2.6-x86_64-1.tgz: Upgraded to libnjb-2.2.6. L software series/libpng-1.2.21-x86_64-1.tgz: Upgraded to libpng-1.2.21. L software series/libtheora-1.0beta1-x86_64-1.tgz: Upgraded to libtheora-1.0beta1. L software series/libvorbis-1.2.0-x86_64-1.tgz: Upgraded to libvorbis-1.2.0. L software series/libwnck-2.18.3-x86_64-1.tgz: Added libwnck-2.18.3. This is needed by compiz to compile gtk-window-decorator. L software series/pcre-7.3-x86_64-1.tgz: Upgraded to pcre-7.3. L software series/poppler-0.6-x86_64-1.tgz: Upgraded to poppler-0.6. L software series/qt-3.3.8-x86_64-5.tgz: Added back the library symlinks into /usr/lib, without which kdelibs does not compile. L software series/svgalib_helper-1.9.25_2.6.23.1-x86_64-1.tgz: Recompiled for Linux 2.6.23.1. L software series/vte-0.16.8-x86_64-1.tgz: Upgraded to vte-0.16.8. N software series/httpd-2.2.6-x86_64-1.tgz: Upgraded to httpd-2.2.6. N software series/network-scripts-12.0-noarch-5.tgz: Mount CIFS partitions N software series/openssh-4.7p1-x86_64-1.tgz: Upgraded to openssh-4.7p1. From the OpenSSH release notes: "Security bugs resolved in this release: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec." While it's fair to say that we here at Bluewhite64 don't see how this could be leveraged to compromise a system, a) the OpenSSH people (who presumably understand the code better) characterize this as a security bug, b) it has been assigned a CVE entry, and c) OpenSSH is one of the most commonly used network daemons. Better safe than sorry. More information should appear here eventually: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 [*** Security fix ***] N software series/openssl-0.9.8f-x86_64-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Bluewhite64 is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) [*** Security fix ***] N software series/php-5.2.4-x86_64-1.tgz: Upgraded to php-5.2.4. The PHP announcement says this version fixes over 120 bugs as well as "several low priority security bugs." Read more about it here: http://www.php.net/releases/5_2_4.php [*** Security fix ***] N software series/samba-3.0.26a-x86_64-1.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: "Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin." For more information, see: http://www.samba.org/samba/security/CVE-2007-4138.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 [*** Security fix ***] N software series/wpa_supplicant-0.5.8-x86_64-1.tgz: Upgraded to wpa_supplicant-0.5.8. TCL software series/expect-5.43.0-x86_64-4.tgz: Rebuilt against tcl-8.4.16. TCL software series/tcl-8.4.16-x86_64-1.tgz: Upgraded to tcl-8.4.16. TCL software series/tk-8.4.16-x86_64-1.tgz: Upgraded to tk-8.4.16. X software series/dejavu-ttf-2.20-noarch-1.tgz: Upgraded to dejavu-ttf-2.20. X software series/mesa-7.0.1-x86_64-1.tgz: Upgraded to Mesa 7.0.1. Upgraded to X.Org 7.3: PLEASE NOTE: There are a few known problems with this release. Please let us know if you have solutions to any of these. 1. xf86-video-vesa was not upgraded for the X.Org 7.3 release, and running Terminal or vte under KDE results in an X hang under KDE, or garbage in the terminal under XFce. 2. The following modules were not upgraded in the X.Org 7.3 release and no longer compile: mkcfm, xf86-input-acecad, xf86-input-dmc, xf86-input-void, xf86-video-glide, xf86-video-impact, and xf86-video-wsfb. Odds are good that due to the driver ABI change none of these are currently working. X software series/compiz-0.6.0-x86_64-1: Upgraded to compiz-0.6.0. X software series/compositeproto-0.4-noarch-1: Upgraded to compositeproto-0.4. X software series/iceauth-1.0.2-x86_64-1: Upgraded to iceauth-1.0.2. X software series/ico-1.0.2-x86_64-1: Upgraded to ico-1.0.2. X software series/inputproto-1.4.2.1-noarch-1: Upgraded to inputproto-1.4.2.1. X software series/libICE-1.0.4-x86_64-1: Upgraded to libICE-1.0.4. X software series/libX11-1.1.3-x86_64-1: Upgraded to libX11-1.1.3. X software series/libXaw-1.0.4-x86_64-1: Upgraded to libXaw-1.0.4. X software series/libXcomposite-0.4.0-x86_64-1: Upgraded to libXcomposite-0.4.0. X software series/libXcursor-1.1.9-x86_64-1: Upgraded to libXcursor-1.1.9. X software series/libXfont-1.3.1-x86_64-1: Upgraded to libXfont-1.3.1. X software series/libXi-1.1.3-x86_64-1: Upgraded to libXi-1.1.3. X software series/libXpm-3.5.7-x86_64-1: Upgraded to libXpm-3.5.7. X software series/libXrandr-1.2.2-x86_64-1: Upgraded to libXrandr-1.2.2. X software series/libXrender-0.9.4-x86_64-1: Upgraded to libXrender-0.9.4. X software series/libXtst-1.0.3-x86_64-1: Upgraded to libXtst-1.0.3. X software series/libXxf86dga-1.0.2-x86_64-1: Upgraded to libXxf86dga-1.0.2. X software series/pixman-0.9.5-x86_64-1: Added pixman-0.9.5. X software series/renderproto-0.9.3-noarch-1: Upgraded to renderproto-0.9.3. X software series/sessreg-1.0.3-x86_64-1: Upgraded to sessreg-1.0.3. X software series/setxkbmap-1.0.4-x86_64-1: Upgraded to setxkbmap-1.0.4. X software series/xbacklight-1.1-x86_64-1: Added xbacklight-1.1. X software series/xcalc-1.0.2-x86_64-1: Upgraded to xcalc-1.0.2. X software series/xclock-1.0.3-x86_64-1: Upgraded to xclock-1.0.3. X software series/xconsole-1.0.3-x86_64-1: Upgraded to xconsole-1.0.3. X software series/xcursorgen-1.0.2-x86_64-1: Upgraded to xcursorgen-1.0.2. X software series/xdm-1.1.6-x86_64-1: Upgraded to xdm-1.1.6. X software series/xdriinfo-1.0.2-x86_64-1: Upgraded to xdriinfo-1.0.2. X software series/xf86-input-aiptek-1.0.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-acecad-1.2.0-x86_64-1.tgz: Removed (not compiling). X software series/xf86-input-calcomp-1.1.1-x86_64-1: Upgraded to xf86-input-calcomp-1.1.1. X software series/xf86-input-citron-2.2.1-x86_64-1: Added xf86-input-citron-2.2.1. X software series/xf86-input-digitaledge-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-dynapro-1.1.1-x86_64-1: Added xf86-input-dynapro-1.1.1. X software series/xf86-input-elo2300-1.1.1-x86_64-1: Added xf86-input-elo2300-1.1.1. X software series/xf86-input-elographics-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-evdev-1.1.5-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-fpit-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-hyperpen-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-jamstudio-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-joystick-1.2.3-x86_64-1: Upgraded to xf86-input-joystick-1.2.3. X software series/xf86-input-keyboard-1.2.2-x86_64-1: Upgraded to xf86-input-keyboard-1.2.2. X software series/xf86-input-magellan-1.1.1-x86_64-1: Upgraded to xf86-input-magellan-1.1.1. X software series/xf86-input-magictouch-1.0.0.5-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-microtouch-1.1.1-x86_64-1: Added xf86-input-microtouch-1.1.1. X software series/xf86-input-mouse-1.2.3-x86_64-1: Upgraded to xf86-input-mouse-1.2.3. X software series/xf86-input-mutouch-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-palmax-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-penmount-1.2.1-x86_64-1: Added xf86-input-penmount-1.2.1. X software series/xf86-input-spaceorb-1.1.1-x86_64-1: Upgraded to xf86-input-spaceorb-1.1.1. X software series/xf86-input-summa-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-tek4957-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-ur98-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-vmmouse-12.4.3-x86_64-1: Upgraded to xf86-input-vmmouse-12.4.3. X software series/xf86-input-void-1.1.0-x86_64-1.tgz: Removed (not compiling). X software series/xf86-video-apm-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ark-0.6.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ast-0.81.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ati-6.7.195-x86_64-1: Upgraded to xf86-video-ati-6.7.195. X software series/xf86-video-chips-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-cirrus-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-cyrix-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-dummy-0.2.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-fbdev-0.3.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-glint-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i128-1.2.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i740-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i810-1.7.4-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-imstt-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-intel-2.1.1-x86_64-1: Upgraded to xf86-video-intel-2.1.1. X software series/xf86-video-mga-1.9.100-x86_64-1: Upgraded to xf86-video-mga-1.9.100. X software series/xf86-video-neomagic-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-newport-0.2.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-nsc-2.8.3-x86_64-1: Upgraded to xf86-video-nsc-2.8.3. X software series/xf86-video-nv-2.1.5-x86_64-1: Upgraded to xf86-video-nv-2.1.5. X software series/xf86-video-rendition-4.1.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-s3-0.5.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-s3virge-1.9.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-savage-2.1.3-x86_64-1: Upgraded to xf86-video-savage-2.1.3. X software series/xf86-video-siliconmotion-1.5.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-sis-0.9.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-sisusb-0.8.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tdfx-1.3.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tga-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-trident-1.2.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tseng-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-v4l-0.1.1-x86_64-3: Recompiled against xorg-server-1.4. X software series/xf86-video-vesa-1.3.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-vga-4.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-via-0.2.2-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-vmware-10.15.2-x86_64-1: Upgraded to xf86-video-vmware-10.15.2. X software series/xf86-video-voodoo-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86dgaproto-2.0.3-noarch-1: Upgraded to xf86dgaproto-2.0.3. X software series/xfs-1.0.5-x86_64-1.tgz: Upgraded to xfs-1.0.5. X software series/xgamma-1.0.2-x86_64-1: Upgraded to xgamma-1.0.2. X software series/xhost-1.0.2-x86_64-1: Upgraded to xhost-1.0.2. X software series/xinit-1.0.7-x86_64-1: Upgraded to xinit-1.0.7. X software series/xmag-1.0.2-x86_64-1: Upgraded to xmag-1.0.2. X software series/xman-1.0.3-x86_64-1: Upgraded to xman-1.0.3. X software series/xmessage-1.0.2-x86_64-1: Upgraded to xmessage-1.0.2. X software series/xmodmap-1.0.3-x86_64-1: Upgraded to xmodmap-1.0.3. X software series/xorg-server-1.4-x86_64-1: Upgraded to xorg-server-1.4. X software series/xorg-server-xdmx-1.4-x86_64-1: Upgraded to xorg-server-xdmx. X software series/xorg-server-xnest-1.4-x86_64-1: Upgraded to xorg-server-xnest-1.4. X software series/xorg-server-xvfb-1.4-x86_64-1: Upgraded to xorg-server-xvfb-1.4. X software series/xprop-1.0.3-x86_64-1: Upgraded to xprop-1.0.3. X software series/xrandr-1.2.2-x86_64-1: Upgraded to xrandr-1.2.2. X software series/xrdb-1.0.4-x86_64-1: Upgraded to xrdb-1.0.4. X software series/xset-1.0.3-x86_64-1: Upgraded to xset-1.0.3. X software series/xsetroot-1.0.2-x86_64-1: Upgraded to xsetroot-1.0.2. X software series/xtrans-1.0.4-noarch-1: Upgraded to xtrans-1.0.4. X software series/xvinfo-1.0.2-x86_64-1: Upgraded to xvinfo-1.0.2. X software series/xwininfo-1.0.3-x86_64-1: Upgraded to xwininfo-1.0.3. XAP software series/fluxbox-1.0.0-x86_64-1.tgz: Upgraded to fluxbox-1.0.0. XAP software series/imagemagick-6.3.6_0-x86_64-1.tgz: Upgraded to ImageMagick-6.3.6-0. XAP software series/mozilla-firefox-2.0.0.7-x86_64-1.tgz: Upgraded to mozilla-firefox-2.0.0.7. XAP software series/pidgin-2.2.1-x86_64-1.tgz: Upgraded to pidgin-2.2.1. XAP software series/vim-gvim-7.1.138-x86_64-1.tgz: Upgraded to vim-7.1.138 with GTK+ extensions. XAP software series/xine-lib-1.1.8-x86_64-1.tgz: Upgraded to xine-lib-1.1.8. XAP software series/xscreensaver-5.03-x86_64-1.tgz: Upgraded to xscreensaver-5.03. EXTRA software/ktorrent/ktorrent-2.2.2-x86_64-1.tgz: Upgraded to ktorrent-2.2.2. EXTRA software/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-x86_64-1.tgz: Removed. This does not compile with Linux 2.6.23.1, and no newer version is out. EXTRA software/xf86-video-ati-6.6.3/xf86-video-ati-6.6.3-x86_64-3.tgz: Removed. If there are still problems with the ATI driver we'll have to look at them again. There's a proposed patch around here somewhere. isolinux/initrd.img: Upgraded to jfsutils-1.1.12. isolinux/network.dsk: Added 2.6.23.1 SMP modules. isolinux/pcmcia.dsk: Added 2.6.23.1 SMP modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.1. kernels/test26.s/*: Removed. testing/packages/linux-2.6.22/*: Removed. testing/packages/svgalib_helper-1.9.25_2.6.22-x86_64-2.tgz: Removed. testing/packages/bash-3.2.025-x86_64-1.tgz: Upgraded to bash-3.2.025. +--------------------------+ Fri Sep 14 11:37:32 EEST 2007 L software series/jre-6u2-x86_64-2.tgz: Rebuilt. Fixed /usr/lib/java -> jre1.6.0_02 symlink. EXTRA software/jdk-6/jdk-6u2-x86_64-3.tgz: Rebuilt. Fixed /usr/lib/java -> jdk1.6.0_02 symlink. Thanks to Virgil Moldoveanu for reporting this. +--------------------------+ Sun Sep 2 12:54:30 EEST 2007 EXTRA software/jdk-6/jdk-6u2-x86_64-2.tgz: Fixed a bug in the improvement to the /etc/profile.d/ scripts where it would mess up the $MANPATH. Sorry about that, folks. The JRE package was not affected. BTW, any time a security upgrade package mentioned in an advisory is "missing", it probably means a mistake like this was made. In those cases, look for a newer package, and verify the authenticity using "gpg --verify" and the .asc file. +--------------------------+ Sat Sep 1 10:55:05 EEST 2007 L software series/jre-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. EXTRA software/jdk-6/jdk-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. +--------------------------+ Tue Aug 28 23:41:03 EEST 2007 TESTING/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-1.tgz: Added libxslt-1.1.20, libstdc++.so.5.0.7 and libutil-2.5.so from Slackware 12.0. Thanks! This libs will help you to install and run programs like ATI drivers or wine ;). [*** UPDATE ***] +--------------------------+ Fri Aug 24 22:36:50 EEST 2007 N software series/tcpdump-3.9.7-x86_64-1.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 [*** Security fix ***] +--------------------------+ Sun Aug 12 11:36:59 EEST 2007 XAP software series/gimp-2.2.17-x86_64-1.tgz: Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding certain image types. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949 [*** Security fix ***] L software series/poppler-0.5.4-x86_64-3.tgz: Patched to fix an integer overflow in code borrowed from xpdf. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] L software series/qt-3.3.8-x86_64-4.tgz: Patched to fix several format string bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 [*** Security fix ***] XAP software series/seamonkey-1.1.4-x86_64-1.tgz: Upgraded to seamonkey-1.1.4. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/packages/xpdf-3.02pl1-x86_64-1.tgz: Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly be leveraged to run arbitrary code if a malicious PDF file is processed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] +--------------------------+ Sat Aug 4 14:10:07 EEST 2007 XAP software series/mozilla-thunderbird-2.0.0.6-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/mozilla-firefox-2.0.0.6-x86_64-1.tgz: Upgraded to firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** SECURITY FIX ***] +--------------------------+ Fri Jul 27 11:47:24 EEST 2007 XAP software series/bind-9.4.1_P1-x86_64-1.tgz: Upgraded to bind-9.4.1_P1 to fix security issues. The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1. The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak. For more information on these issues, see: http://www.isc.org/index.pl?/sw/bind/bind-security.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 [*** Security fix ***] XAP software series/mozilla-thunderbird-2.0.0.5-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine with Firefox it is susceptible to similar vulnerabilities. This update fixes the same issues fixed in the recent Firefox patch. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/seamonkey-1.1.3-x86_64-1.tgz: Upgraded to seamonkey-1.1.3. This is presumably a security update, but the details on the net have been sparse. So far nothing has appeared at the usual URL, but I would treat this as a security update unless it is announced as otherwise. For more information (if/when it appears), see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] A software series/mkinitrd-1.1.3-x86_64-4.tgz: Fixed a minor bug in mkinitrd where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were not affected by this bug, so most people won't run into it (which is probably why it wasn't spotted in development here). XAP software series/mozilla-firefox-2.0.0.5-x86_64-1.tgz: Upgraded to firefox-2.0.0.5. This upgrade fixes a couple of minor security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/xf86-video-intel-2.1.0-x86_64-1.tgz: Added additional chipsets. XAP software series/xf86-video-nv-2.1.2-x86_64-1.tgz: Added additional chipsets. +--------------------------+ Mon Jul 16 14:57:22 EEST 2007 X software series/xf86-video-v4l-0.1.1-x86_64-2.tgz: Patched to fix X.org server crash (only on 64-bit arch) when xvinfo or other programs like xdtv try to use v4l driver. This is happens only if you have v4l loaded in your xorg.conf file. Thanks to Casteyde Christian for reporting this. usb-and-pxe-installers/*: Fixed missing lib64->lib symlink in initrd.img which prevent installing Bluewhite64 12.0 from a bootable USB stick. Thanks to Bogdan Bordea for reporting and testing the new initrd.img. +--------------------------+ Tue Jul 10 01:24:59 EEST 2007 This is Bluewhite64 Linux 12.0! THANKS to ALL for helping on this release! Don't forget to read the CHANGES_AND_HINTS.TXT file for more information about changes. I hope you find Bluewhite64 to be useful! ;) +--------------------------+