From 865737c0c7ba343b8351dab8bfaa0b6932275b52 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 18 Aug 2018 02:09:51 +0000 Subject: Sat Aug 18 02:09:51 UTC 2018 a/kernel-generic-4.14.64-x86_64-1.txz: Upgraded. a/kernel-huge-4.14.64-x86_64-1.txz: Upgraded. a/kernel-modules-4.14.64-x86_64-1.txz: Upgraded. d/kernel-headers-4.14.64-x86-1.txz: Upgraded. k/kernel-source-4.14.64-noarch-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. --- ChangeLog.rss | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 95 insertions(+), 2 deletions(-) (limited to 'ChangeLog.rss') diff --git a/ChangeLog.rss b/ChangeLog.rss index ab0f34736..78ece23ff 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,102 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Tue, 14 Aug 2018 22:56:09 GMT - Wed, 15 Aug 2018 07:00:26 GMT + Sat, 18 Aug 2018 02:09:51 GMT + Sat, 18 Aug 2018 07:00:29 GMT maintain_current_git.sh v 1.10 + + Sat, 18 Aug 2018 02:09:51 GMT + Sat, 18 Aug 2018 02:09:51 GMT + https://git.slackware.nl/current/tag/?h=20180818020951 + 20180818020951 + + +a/kernel-generic-4.14.64-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.64-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.64-x86_64-1.txz: Upgraded. +d/kernel-headers-4.14.64-x86-1.txz: Upgraded. +k/kernel-source-4.14.64-noarch-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + ]]> + + + + Fri, 17 Aug 2018 16:52:04 GMT + Fri, 17 Aug 2018 16:52:04 GMT + https://git.slackware.nl/current/tag/?h=20180817165204 + 20180817165204 + + +a/kernel-firmware-20180814_f1b95fe-noarch-1.txz: Upgraded. +a/kernel-generic-4.14.63-x86_64-1.txz: Upgraded. +a/kernel-huge-4.14.63-x86_64-1.txz: Upgraded. +a/kernel-modules-4.14.63-x86_64-1.txz: Upgraded. +ap/jove-4.16.0.73-x86_64-5.txz: Rebuilt. + Avoid a namespace conflict with glibc's getline() function. + Increase some hardcoded buffer sizes. + Thanks to TTK. +ap/mariadb-10.3.9-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://mariadb.com/kb/en/mariadb-1039-release-notes/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3060 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3064 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3063 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3058 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3066 + (* Security fix *) +d/kernel-headers-4.14.63-x86-1.txz: Upgraded. +k/kernel-source-4.14.63-noarch-1.txz: Upgraded. +l/expat-2.2.6-x86_64-1.txz: Upgraded. +n/ntp-4.2.8p12-x86_64-1.txz: Upgraded. + This release improves on one security fix in ntpd: + LOW/MEDIUM: Sec 3012: Sybil vulnerability: ephemeral association attack + While fixed in ntp-4.2.8p7 and with significant additional protections for + this issue in 4.2.8p11, ntp-4.2.8p12 includes a fix for an edge case in + the new noepeer support. Originally reported by Matt Van Gundy of Cisco. + Edge-case hole reported by Martin Burnicki of Meinberg. + And fixes another security issue in ntpq and ntpdc: + LOW: Sec 3505: The openhost() function used during command-line hostname + processing by ntpq and ntpdc can write beyond its buffer limit, which + could allow an attacker to achieve code execution or escalate to higher + privileges via a long string as the argument for an IPv4 or IPv6 + command-line parameter. NOTE: It is unclear whether there are any common + situations in which ntpq or ntpdc is used with a command line from an + untrusted source. Reported by Fakhri Zulkifli. + For more information, see: + http://support.ntp.org/bin/view/Main/SecurityNotice#August_2018_ntp_4_2_8p12_NTP_Rel + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12327 + (* Security fix *) +n/samba-4.8.4-x86_64-1.txz: Upgraded. + This is a security update in order to patch the following defects: + Weak authentication protocol allowed. + Denial of Service Attack on DNS and LDAP server. + Insufficient input validation on client directory listing in libsmbclient. + Denial of Service Attack on AD DC DRSUAPI server. + Confidential attribute disclosure from the AD LDAP server. + For more information, see: + https://www.samba.org/samba/security/CVE-2018-1139.html + https://www.samba.org/samba/security/CVE-2018-1140.html + https://www.samba.org/samba/security/CVE-2018-10858.html + https://www.samba.org/samba/security/CVE-2018-10918.html + https://www.samba.org/samba/security/CVE-2018-10919.html + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1139 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1140 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10858 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10918 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10919 + (* Security fix *) +x/xf86-video-v4l-0.3.0-x86_64-1.txz: Upgraded. +x/xterm-335-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. + ]]> + + Tue, 14 Aug 2018 22:56:09 GMT Tue, 14 Aug 2018 22:56:09 GMT -- cgit v1.2.3-65-gdbad