Security Update: samba, firefox, php
Three security vulnerabilities were released yesterday:
Tue Mar 8 20:30:19 UTC 2016
l/shared-mime-info-1.6-i586-1.txz: Upgraded.
n/samba-4.3.6-i586-1.txz: Upgraded.
This update fixes bugs, and two security issues:
Incorrect ACL get/set allowed on symlink path (CVE-2015-7560).
Out-of-bounds read in internal DNS server (CVE-2016-0771).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
(* Security fix *)
xap/mozilla-firefox-45.0-i586-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Tue Mar 8 01:54:33 UTC 2016
A few more updates. Thanks to Robby Workman for prepping most of
the minor version bumps.
a/acpid-2.0.26-i586-1.txz: Upgraded.
a/ed-1.13-i586-1.txz: Upgraded.
a/hwdata-0.284-noarch-1.txz: Upgraded.
a/lvm2-2.02.145-i586-1.txz: Upgraded.
a/pciutils-3.4.1-i586-1.txz: Upgraded.
ap/cups-filters-1.8.2-i586-1.txz: Upgraded.
ap/diffstat-1.60-i586-1.txz: Upgraded.
ap/enscript-1.6.6-i586-1.txz: Upgraded.
ap/foomatic-filters-4.0.17-i486-1.txz: Removed.
The cups-filters package contains these programs.
ap/lxc-1.1.5-i586-3.txz: Rebuilt.
Added modified versions of a few init scripts instead of having the
lxc-slackware template try to patch them (which invariably led to the
template breaking every time any of the other files were changed).
ap/man-pages-4.04-noarch-1.txz: Upgraded.
ap/sysstat-11.2.1.1-i586-1.txz: Upgraded.
d/binutils-2.26-i586-3.txz: Rebuilt.
Rebuilt with --enable-install-libiberty, since the binutils version of
libiberty.a will be built with -fPIC where needed.
d/cscope-15.8b-i586-1.txz: Upgraded.
d/gcc-5.3.0-i586-3.txz: Rebuilt.
Rebuilt with --disable-install-libiberty.
d/gcc-g++-5.3.0-i586-3.txz: Rebuilt.
d/gcc-gfortran-5.3.0-i586-3.txz: Rebuilt.
d/gcc-gnat-5.3.0-i586-3.txz: Rebuilt.
d/gcc-go-5.3.0-i586-3.txz: Rebuilt.
d/gcc-java-5.3.0-i586-3.txz: Rebuilt.
d/gcc-objc-5.3.0-i586-3.txz: Rebuilt.
d/pkg-config-0.29.1-i586-1.txz: Upgraded.
d/python-setuptools-20.1.1-i586-1.txz: Upgraded.
l/LibRaw-0.17.1-i586-1.txz: Upgraded.
l/aspell-0.60.6.1-i586-1.txz: Upgraded.
l/fribidi-0.19.7-i586-1.txz: Upgraded.
l/fuse-2.9.5-i586-1.txz: Upgraded.
l/gtk+2-2.24.30-i586-1.txz: Upgraded.
l/gvfs-1.26.3-i586-1.txz: Upgraded.
l/libgsf-1.14.36-i586-1.txz: Upgraded.
l/libnl3-3.2.27-i586-1.txz: Upgraded.
l/libsecret-0.18.4-i586-1.txz: Upgraded.
l/libwpg-0.3.1-i586-1.txz: Upgraded.
l/mpfr-3.1.4-i586-1.txz: Upgraded.
l/pycurl-7.43.0-i586-1.txz: Upgraded.
l/v4l-utils-1.10.0-i586-1.txz: Upgraded.
n/lftp-4.6.5-i586-1.txz: Upgraded.
n/nettle-3.2-i586-1.txz: Upgraded.
n/netwatch-1.3.1_2-i586-1.txz: Upgraded.
n/openssh-7.2p1-i586-1.txz: Upgraded.
Thanks to Alan Brantley for updating the libwrap patch.
n/p11-kit-0.23.2-i586-1.txz: Upgraded.
n/php-5.6.19-i586-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.19
(* Security fix *)
x/libdrm-2.4.67-i586-1.txz: Upgraded.
x/libva-1.6.2-i586-1.txz: Upgraded.
x/libva-intel-driver-1.6.2-i586-1.txz: Upgraded.
x/xorg-server-1.18.1-i586-2.txz: Rebuilt.
Applied a patch to fix crashes when making MPlayer (and some other video
players) go fullscreen after a resume. Thanks to orbea.
x/xorg-server-xephyr-1.18.1-i586-2.txz: Rebuilt.
x/xorg-server-xnest-1.18.1-i586-2.txz: Rebuilt.
x/xorg-server-xvfb-1.18.1-i586-2.txz: Rebuilt.
xap/geeqie-1.2.1-i586-2.txz: Rebuilt.
Patched to fix crashes and high CPU usage when used with modern versions
of GTK+. Thanks to Jas for pointing out the patch in upstream git.
extra/bash-completion/bash-completion-2.2-noarch-1.txz: Upgraded.
- PHP: Upgraded to 5.6.19 for Slackware 14.0 and newer
- Mozilla Firefox: Upgraded to 38.7.0 for Slackware 14.1 and 45.0 for current
- Samba: Upgraded to 4.1.23 for Slackware 14.1 and 4.3.6 for current
Tue Mar 8 20:30:19 UTC 2016
l/shared-mime-info-1.6-i586-1.txz: Upgraded.
n/samba-4.3.6-i586-1.txz: Upgraded.
This update fixes bugs, and two security issues:
Incorrect ACL get/set allowed on symlink path (CVE-2015-7560).
Out-of-bounds read in internal DNS server (CVE-2016-0771).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0771
(* Security fix *)
xap/mozilla-firefox-45.0-i586-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Tue Mar 8 01:54:33 UTC 2016
A few more updates. Thanks to Robby Workman for prepping most of
the minor version bumps.
a/acpid-2.0.26-i586-1.txz: Upgraded.
a/ed-1.13-i586-1.txz: Upgraded.
a/hwdata-0.284-noarch-1.txz: Upgraded.
a/lvm2-2.02.145-i586-1.txz: Upgraded.
a/pciutils-3.4.1-i586-1.txz: Upgraded.
ap/cups-filters-1.8.2-i586-1.txz: Upgraded.
ap/diffstat-1.60-i586-1.txz: Upgraded.
ap/enscript-1.6.6-i586-1.txz: Upgraded.
ap/foomatic-filters-4.0.17-i486-1.txz: Removed.
The cups-filters package contains these programs.
ap/lxc-1.1.5-i586-3.txz: Rebuilt.
Added modified versions of a few init scripts instead of having the
lxc-slackware template try to patch them (which invariably led to the
template breaking every time any of the other files were changed).
ap/man-pages-4.04-noarch-1.txz: Upgraded.
ap/sysstat-11.2.1.1-i586-1.txz: Upgraded.
d/binutils-2.26-i586-3.txz: Rebuilt.
Rebuilt with --enable-install-libiberty, since the binutils version of
libiberty.a will be built with -fPIC where needed.
d/cscope-15.8b-i586-1.txz: Upgraded.
d/gcc-5.3.0-i586-3.txz: Rebuilt.
Rebuilt with --disable-install-libiberty.
d/gcc-g++-5.3.0-i586-3.txz: Rebuilt.
d/gcc-gfortran-5.3.0-i586-3.txz: Rebuilt.
d/gcc-gnat-5.3.0-i586-3.txz: Rebuilt.
d/gcc-go-5.3.0-i586-3.txz: Rebuilt.
d/gcc-java-5.3.0-i586-3.txz: Rebuilt.
d/gcc-objc-5.3.0-i586-3.txz: Rebuilt.
d/pkg-config-0.29.1-i586-1.txz: Upgraded.
d/python-setuptools-20.1.1-i586-1.txz: Upgraded.
l/LibRaw-0.17.1-i586-1.txz: Upgraded.
l/aspell-0.60.6.1-i586-1.txz: Upgraded.
l/fribidi-0.19.7-i586-1.txz: Upgraded.
l/fuse-2.9.5-i586-1.txz: Upgraded.
l/gtk+2-2.24.30-i586-1.txz: Upgraded.
l/gvfs-1.26.3-i586-1.txz: Upgraded.
l/libgsf-1.14.36-i586-1.txz: Upgraded.
l/libnl3-3.2.27-i586-1.txz: Upgraded.
l/libsecret-0.18.4-i586-1.txz: Upgraded.
l/libwpg-0.3.1-i586-1.txz: Upgraded.
l/mpfr-3.1.4-i586-1.txz: Upgraded.
l/pycurl-7.43.0-i586-1.txz: Upgraded.
l/v4l-utils-1.10.0-i586-1.txz: Upgraded.
n/lftp-4.6.5-i586-1.txz: Upgraded.
n/nettle-3.2-i586-1.txz: Upgraded.
n/netwatch-1.3.1_2-i586-1.txz: Upgraded.
n/openssh-7.2p1-i586-1.txz: Upgraded.
Thanks to Alan Brantley for updating the libwrap patch.
n/p11-kit-0.23.2-i586-1.txz: Upgraded.
n/php-5.6.19-i586-1.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
http://php.net/ChangeLog-5.php#5.6.19
(* Security fix *)
x/libdrm-2.4.67-i586-1.txz: Upgraded.
x/libva-1.6.2-i586-1.txz: Upgraded.
x/libva-intel-driver-1.6.2-i586-1.txz: Upgraded.
x/xorg-server-1.18.1-i586-2.txz: Rebuilt.
Applied a patch to fix crashes when making MPlayer (and some other video
players) go fullscreen after a resume. Thanks to orbea.
x/xorg-server-xephyr-1.18.1-i586-2.txz: Rebuilt.
x/xorg-server-xnest-1.18.1-i586-2.txz: Rebuilt.
x/xorg-server-xvfb-1.18.1-i586-2.txz: Rebuilt.
xap/geeqie-1.2.1-i586-2.txz: Rebuilt.
Patched to fix crashes and high CPU usage when used with modern versions
of GTK+. Thanks to Jas for pointing out the patch in upstream git.
extra/bash-completion/bash-completion-2.2-noarch-1.txz: Upgraded.