Thu May 16 14:29:34 EEST 2013 PATCHES/packages/subversion-1.6.21-x86_64-1.txz: Upgraded. This update fixes some denial of service bugs: mod_dav_svn excessive memory usage from property changes mod_dav_svn crashes on LOCK requests against activity URLs mod_dav_svn crashes on LOCK requests against non-existant URLs mod_dav_svn crashes on PROPFIND requests against activity URLs For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1849 [*** Security fix ***] PATCHES/packages/bind-9.8.4_P2-x86_64-1.txz: Upgraded. This update fixes a critical defect in BIND 9 that allows an attacker to cause excessive memory consumption in named or other programs linked to libdns. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 https://kb.isc.org/article/AA-00871 [*** Security fix ***] PATCHES/packages/php-5.3.23-x86_64-1.txz: Upgraded. This release fixes two security issues in SOAP: Added check that soap.wsdl_cache_dir conforms to open_basedir. Disabled external entities loading. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1643 [*** Security fix ***] PATCHES/packages/sudo-1.7.10p7-x86_64-1.txz: Upgraded. This update fixes security issues that could allow a user to run commands without authenticating after the password timeout has already expired. Note that the vulnerability did not permit a user to run commands other than those allowed by the sudoers policy. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776 [*** Security fix ***] PATCHES/packages/httpd-2.2.24-x86_64-1.txz: Upgraded. This update provides bugfixes and enhancements. Two security issues are fixed: * Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp. [Jim Jagielski, Stefan Fritsch, Niels Heinen ] * XSS in mod_proxy_balancer manager interface. [Jim Jagielski, Niels Heinen ] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 [*** Security fix ***] PATCHES/packages/pidgin-2.10.7-x86_64-3.txz: Rebuilt. Fixed linking libirc.so with libsasl2. Added Makefile.in and Makefile to the patch, and applied it after running ./configure. Using autoreconf is not an option since most versions of Slackware aren't using the same libtools versions as the Pidgin developers are. PATCHES/packages/openssl-0.9.8y-x86_64-1.txz: Upgraded. Make the decoding of SSLv3, TLS and DTLS CBC records constant time. This addresses the flaw in CBC record processing discovered by Nadhem Alfardan and Kenny Paterson. Details of this attack can be found at: http://www.isg.rhul.ac.uk/tls/ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and Emilia Käsper for the initial patch. (CVE-2013-0169) [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson] Return an error when checking OCSP signatures when key is NULL. This fixes a DoS attack. (CVE-2013-0166) [Steve Henson] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8y-x86_64-1.txz: Upgraded. [*** Security fix ***] PATCHES/packages/mysql-5.0.96-x86_64-1.txz: Upgraded. Upgraded to the latest upstream version to fix security issues and provide other bug fixes and improvements. Note that some of the changes may possibly introduce incompatibilities with the previous package. [*** Security fix ***] PATCHES/packages/freetype-2.4.11-x86_64-1.txz: Upgraded. This release fixes several security bugs that could cause freetype to crash or run programs upon opening a specially crafted file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670 [*** Security fix ***] PATCHES/packages/libxml2-2.7.3-x86_64-5.txz: Rebuilt. Patched a heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier that could allow a remote attacker to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 [*** Security fix ***] +----------------------------+ Sun Oct 21 16:12:18 EEST 2012 PATCHES/packages/bind-9.7.6_P4-x86_64-1.tgz: Upgraded. This update fixes a security issue where a certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] [*** Security fix ***] PATCHES/packages/patch-2.7-x86_64-2.tgz: Upgraded. Applied two upstream git commits to fix bugs which could cause target files to be removed or truncated. PATCHES/packages/dhcp-4.1_ESV_R7-x86_64-1.tgz: Upgraded. An issue with the use of lease times was found and fixed. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue. [ISC-Bugs #30281] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 [*** Security fix ***] PATCHES/packages/php-5.3.17-x86_64-1.tgz: Upgraded. This is a bugfix release. PATCHES/packages/slocate-3.1-x86_64-2.tgz: Rebuilt. Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Patched to fix information leak of filenames in protected directories. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227 [*** Security fix ***] PATCHES/packages/dhcp-4.1_ESV_R6-x86_64-1.tgz: Upgraded. This fixes memory leaks, denial of service vulnerabilities, and disallows packets with zero length client ids (not valid according to RFC 2132 section 9.14). For more information, see: https://kb.isc.org/article/AA-00736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954 [*** Security fix ***] PATCHES/packages/t1lib-5.1.2-x86_64-1.tgz: Upgraded. Patched various overflows, crashes, and pointer bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554 [*** Security fix ***] PATCHES/packages/libpng-1.2.50-x86_64-1.tgz: Upgraded. Fixed incorrect type (int copy should be png_size_t copy) in png_inflate() (fixes CVE-2011-3045). Revised png_set_text_2() to avoid potential memory corruption (fixes CVE-2011-3048). Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386 [*** Security fix ***] PATCHES/packages/libexif-0.6.21-x86_64-1.tgz: Upgraded. This update fixes a number of remotely exploitable issues in libexif with effects ranging from information leakage to potential remote code execution. For more information, see: http://sourceforge.net/mailarchive/message.php?msg_id=29534027 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845 [*** Security fix ***] PATCHES/packages/freetype-2.4.10-x86_64-1.tgz: Upgraded. Since freetype-2.4.8 many fixes were made to better handle invalid fonts. Many of them are vulnerabilities (see CVE-2012-1126 up to CVE-2012-1144 and SA48320) so all users should upgrade. [*** Security fix ***] PATCHES/packages/libxml2-2.6.32-x86_64-2.tgz: Upgraded. Patched an off-by-one error in XPointer that could lead to a crash or possibly the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102 [*** Security fix ***] +----------------------------+ Wed May 23 10:29:58 EEST 2012 PATCHES/packages/libxml2-2.7.3-x86_64-4.txz: Upgraded. Patched an off-by-one error in XPointer that could lead to a crash or possibly the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102 [*** Security fix ***] PATCHES/packages/openssl-0.9.8x-x86_64-1.txz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8x-x86_64-1.txz: Upgraded. This is a very minor security fix: Fix DTLS record length checking bug CVE-2012-2333 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 [*** Security fix ***] PATCHES/packages/php-5.3.13-x86_64-1.txz: Upgraded. This release completes a fix for a vulnerability in CGI-based setups. Note: mod_php and php-fpm are not vulnerable to this attack. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2311 [*** Security fix ***] PATCHES/packages/pidgin-2.10.4-x86_64-1.txz: Upgraded. Fixed possible MSN remote crash. Fixed XMPP remote crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 [*** Security fix ***] PATCHES/packages/samba-3.2.15-x86_64-5.txz: Rebuilt. This is a security release in order to address a vulnerability that allows remote code execution as the "root" user. All sites running a Samba server should update to the new Samba package and restart Samba. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 [*** Security fix ***] PATCHES/packages/libtiff-3.8.2-x86_64-6.txz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 [*** Security fix ***] PATCHES/packages/libpng-1.2.47-x86_64-1.txz: Upgraded. All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57, respectively, fail to correctly validate a heap allocation in png_decompress_chunk(), which can lead to a buffer-overrun and the possibility of execution of hostile code on 32-bit systems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.6.28-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.1.20-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html [*** Security fix ***] PATCHES/packages/proftpd-1.3.4a-x86_64-1.txz: Upgraded. This update fixes a use-after-free() memory corruption error, and possibly other unspecified issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130 [*** Security fix ***] PATCHES/packages/vsftpd-2.3.5-x86_64-1.txz: Upgraded. Minor version bump, this also works around a hard to trigger heap overflow in glibc (glibc zoneinfo caching vuln). For there to be any possibility to trigger the glibc bug within vsftpd, the non-default option "chroot_local_user" must be set in /etc/vsftpd.conf. [*** Security fix ***] +--------------------------+ Sat Feb 4 19:46:58 EET 2012 PATCHES/packages/httpd-2.2.22-x86_64-1.txz: Upgraded. This release fixes multiple vulnerabilities.For more information, see: http://www.apache.org/dist/httpd/CHANGES_2.2.22 PATCHES/packages/php-5.3.10-x86_64-1.txz: Upgraded. Over 90 bug fixes, some of which are security related. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 PATCHES/packages/coreutils-8.15-x86_64-1.txz: Upgraded. Fixed some important issues with ext4. PATCHES/packages/freetype-2.4.8-x86_64-1.txz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.6.26-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.1.18-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html [*** Security fix ***] PATCHES/packages/openssl-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8t-x86_64-1.txz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 [*** Security fix ***] +--------------------------+ Mon Sep 26 13:27:42 EEST 2011 PATCHES/packages/httpd-2.2.21-x86_64-1.txz: Upgraded. SECURITY: CVE-2011-3348 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192. +--------------------------+ Sat Sep 10 23:02:48 EEST 2011 PATCHES/packages/httpd-2.2.20-x86_64-1.txz: Upgraded. SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.6.22-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html http://www.mozilla.org/security/known-vulnerabilities/firefox.html http://www.mozilla.org/security/announce/2011/mfsa2011-34.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.1.13-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html http://www.mozilla.org/security/announce/2011/mfsa2011-34.html [*** Security fix ***] +--------------------------+ Sat Aug 27 23:43:05 EEST 2011 PATCHES/packages/php-5.3.8-x86_64-1.txz: Upgraded. Php 5.2 is EOL. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. BUT, before upgrade to 5.3, MAKE SURE your applications are ready for the new php. If you use Open Source apps like Joomla, e107, Drupal, Wordpress etc, check their site for php 5.3 compatibility and update them to the latest versions! !!! Once again, upgrade your applications before upgrade php !!! PASTURE/php-5.2.17-x86_64-1.txz: Moved here just in case you will need this ;). Have fun & Enjoy Bluewhite Linux! +--------------------------+ Fri Aug 19 10:09:10 EEST 2011 PATCHES/packages/bind-9.4_ESV_R5-x86_64-1.txz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 [*** Security fix ***] PATCHES/packages/dhcpcd-3.2.3-x86_64-2.txz: Rebuilt. Sanitize the host name provided by the DHCP server to insure that it does not contain any shell metacharacters.For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996 [*** Security fix ***] PATCHES/packages/libpng-1.2.46-x86_64-1.txz: Upgraded. Fixed uninitialized memory read in png_format_buffer() For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 [*** Security fix ***] +--------------------------+ Sun Jul 17 11:03:53 EEST 2011 PATCHES/packages/mozilla-firefox-3.6.19-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.1.11-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html [*** Security fix ***] PATCHES/packages/pidgin-2.9.0-x86_64-1.txz: Upgraded. Fixed a remote denial of service. A remote attacker could set a specially crafted GIF file as their buddy icon causing vulerable versions of pidgin to crash due to excessive memory use. For more information, see: http://pidgin.im/news/security/?id=52 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 [*** Security fix ***] +--------------------------+ Sat Jun 25 14:02:44 EEST 2011 PATCHES/packages/mozilla-firefox-3.6.18-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/fetchmail-6.3.20-x86_64-1.txz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt [*** Security fix ***] +--------------------------+ Sat May 28 21:33:53 EEST 2011 PATCHES/packages/bind-9.4_ESV_R4_P1-x86_64-1.txz: Upgraded. This release fixes security issues: A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631].For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 [*** Security fix ***] PATCHES/packages/apr-1.4.5-x86_64-1.txz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 [*** Security fix ***] PATCHES/packages/apr-util-1.3.12-x86_64-1.txz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). PATCHES/packages/httpd-2.2.19-x86_64-1.txz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. +--------------------------+ Mon May 16 12:05:24 EEST 2011 PATCHES/packages/apr-1.4.4-x86_64-1.txz: Upgraded. This fixes a possible denial of service due to an unconstrained, recursive invocation of apr_fnmatch(). This function has been reimplemented using a non-recursive algorithm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 [*** Security fix ***] PATCHES/packages/apr-util-1.3.11-x86_64-1.txz: Upgraded. PATCHES/packages/httpd-2.2.18-x86_64-1.txz: Upgraded. +--------------------------+ Fri May 6 21:49:23 EEST 2011 PATCHES/packages/mozilla-firefox-3.6.17-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.1.10-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html [*** Security fix ***] PATCHES/packages/seamonkey-2.0.14-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.14-x86_64-1.txz: Upgraded. [*** Security fix ***] +--------------------------+ Sun Apr 24 19:40:26 EEST 2011 PATCHES/packages/rdesktop-1.6.0-x86_64-2.txz: Rebuilt. Patched a traversal vulnerability (disallow /.. requests). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595 [*** Security fix ***] PATCHES/packages/acl-2.2.50-x86_64-1.txz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent symlink attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411 [*** Security fix ***] +--------------------------+ Tue Apr 12 15:20:59 EEST 2011 PATCHES/packages/libtiff-3.8.2-x86_64-7.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 [*** Security fix ***] PATCHES/packages/dhcp-3.1_ESV_R1-x86_64-1.tgz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 [*** Security fix ***] PATCHES/packages/xrdb-1.0.9-x86_64-1.tgz: Upgraded. This fixes a security issue where improperly sanitized input could lead to privilege escalation or arbitrary command execution as root. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 [*** Security fix ***] +--------------------------+ Tue Apr 5 21:42:10 EEST 2011 PATCHES/packages/proftpd-1.3.3e-x86_64-1.txz: Upgraded. Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137 [*** Security fix ***] PATCHES/packages/seamonkey-2.0.13-x86_64-1.txz: Upgraded. This release fixes a security vulnerability by blacklisting several invalid HTTPS certificates. For more information, see: http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.13-x86_64-1.txz: Upgraded. PATCHES/packages/mozilla-firefox-3.6.16-x86_64-1.txz: Upgraded. This release fixes a security vulnerability by blacklisting several invalid HTTPS certificates. For more information, see: http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [*** Security fix ***] -|--------------------------|- Sat Mar 12 09:59:18 EET 2011 PATCHES/packages/pidgin-2.7.11-x86_64-1.txz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due to improper handling of malformed YMSG packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091 [*** Security fix ***] PATCHES/packages/subversion-1.6.16-x86_64-1.txz: Upgraded. Fixed a remotely triggerable NULL-pointer dereference in mod_dav_svn. For more information, see: http://subversion.apache.org/security/CVE-2011-0715-advisory.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 [*** Security fix ***] -|--------------------------|- Thu Mar 10 10:48:49 EET 2011 PATCHES/packages/seamonkey-2.0.12-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.12-x86_64-1.txz: Upgraded. [*** Security fix ***] -|--------------------------|- Wed Mar 9 11:50:06 EET 2011 PATCHES/packages/mozilla-firefox-3.6.15-x86_64-1.txz: Upgraded. Firefox 3.6.15 is a regular security and stability update to Firefox 3.6.x. [*** Security fix ***] PATCHES/packages/samba-3.2.15-x86_64-3.txz: Rebuilt. Fix memory corruption denial of service issue. For more information, see: http://www.samba.org/samba/security/CVE-2011-0719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0719 [*** Security fix ***] PATCHES/packages/pidgin-2.7.10-x86_64-1.txz: Upgraded. Fixed potential information disclosure issue in libpurple. [*** Security fix ***] -|--------------------------|- Mon Feb 14 14:34:19 EET 2011 PATCHES/packages/apr-1.3.12-x86_64-1.txz: Upgraded. PATCHES/packages/apr-util-1.3.10-x86_64-1.txz: Upgraded. Fixes a memory leak and DoS in apr_brigade_split_line(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/expat-2.0.1-x86_64-2.txz: Patched. Fixed various crash and hang bugs.For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 [*** Security fix ***] PATCHES/packages/httpd-2.2.17-x86_64-1.txz: Upgraded. This fixes some denial of service bugs in the bundled libraries. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 [*** Security fix ***] PATCHES/packages/openssl-0.9.8r-x86_64-1.txz: Upgraded. This OpenSSL update fixes an "OCSP stapling vulnerability". For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20110208.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8r-x86_64-1.txz: Upgraded. [*** Security fix ***] PATCHES/packages/sudo-1.7.4p6-x86_64-1.txz: Upgraded. Fix Runas group password checking. For more information, see the included CHANGES and NEWS files, and: Http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0010 [*** Security fix ***] -|--------------------------|- Wed Jan 12 21:51:52 EET 2011 PATCHES/packages/php-5.2.17-x86_64-1.txz: Upgraded. This update fixes an infinite loop with conversions from string to double that may result in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 [*** Security fix ***] -|--------------------------|- Sun Jan 9 20:14:15 EET 2011 PATCHES/packages/pidgin-2.7.9-x86_64-1.txz: Upgraded. Fixed denial-of-service flaw in the MSN protocol. [*** Security fix ***] PATCHES/packages/php-5.2.16-x86_64-1.txz: Upgraded. This fixes many bugs, including some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4150 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3d-x86_64-1.txz: Upgraded. This update fixes an unbounded copy operation in sql_prepare_where() that could be exploited to execute arbitrary code. [*** Security fix ***] PATCHES/packages/bind-9.4_ESV_R4-x86_64-1.txz: Upgraded. This update fixes some security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 [*** Security fix ***] -|--------------------------|- Fri Dec 10 11:44:00 EET 2010 PATCHES/packages/mozilla-firefox-3.6.13-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.0.11-x86_64-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html [*** Security fix ***] PATCHES/packages/openssl-0.9.8q-x86_64-1.txz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101202.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4252 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8q-x86_64-1.txz: Upgraded. [*** Security fix ***] -|--------------------------|- Wed Dec 1 10:04:11 EET 2010 PATCHES/packages/pidgin-2.7.7-x86_64-1.txz: Upgraded. This update fixes connection issues for AIM and MSN. PATCHES/packages/cups-1.3.11-x86_64-2.txz: Patched and rebuilt. Fixed memory corruption bugs that could lead to a denial of service or possibly execution of arbitrary code through a crafted IPP request. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 [*** SECURITY FIX ***] -|--------------------------|- Sat Nov 27 11:26:32 EET 2010 PATCHES/packages/openssl-0.9.8p-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://www.openssl.org/news/secadv_20101116.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 [*** SECURITY FIX ***] PATCHES/packages/openssl-solibs-0.9.8p-x86_64-1.tgz: Upgraded. [*** SECURITY FIX ***] -|--------------------------|- Sun Nov 21 17:00:59 EET 2010 PATCHES/packages/xpdf-3.02pl5-x86_64-1.txz: Upgraded. This update fixes security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** Security fix ***] PATCHES/packages/poppler-0.10.7-x86_64-3.txz: Rebuilt. This updated package includes patches based on xpdf 3.02pl5. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704 [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-3.0.10-x86_64-1.txz: Upgraded. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html [*** Security fix ***] -|--------------------------|- Tue Nov 2 13:35:03 EET 2010 PATCHES/packages/pidgin-2.7.5-x86_64-1.txz: Upgraded. This update addresses some denial of service bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 [*** Security fix ***] PATCHES/packages/proftpd-1.3.3c-x86_64-1.txz: Upgraded. Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925), which can allow remote execution of arbitrary code as the user running the ProFTPD daemon. Thanks to TippingPoint and the Zero Day Initiative (ZDI). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867 [*** Security fix ***] -|--------------------------|- Sun Oct 31 21:50:15 EET 2010 PATCHES/packages/glibc-2.9-x86_64-4.txz: Rebuilt. Patched "The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads." This security issue allows a local attacker to gain root by specifying an unsafe DSO in the library search path to be used with a setuid binary in LD_AUDIT mode. Patched "dynamic linker expands $ORIGIN in setuid library search path". This security issue allows a local attacker to gain root if they can create a hard link to a setuid root binary. Bugs found by Tavis Ormandy (with thanks to Ben Hawkes and Julien Tinnes). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 http://seclists.org/fulldisclosure/2010/Oct/257 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 http://seclists.org/fulldisclosure/2010/Oct/344 [*** Security fix ***] PATCHES/packages/glibc-i18n-2.9-x86_64-5.txz: Rebuilt. PATCHES/packages/glibc-profile-2.9-x86_64-4.txz: Rebuilt. PATCHES/packages/glibc-solibs-2.9-x86_64-4.txz: Upgraded. [*** Security fix ***] PATCHES/packages/glibc-zoneinfo-2.9-noarch-4.txz: Upgraded. Rebuilt to tzcode2010n and tzdata2010n. PATCHES/packages/mozilla-firefox-3.6.12-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/seamonkey-2.0.9-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.9-x86_64-1.txz: Upgraded. -|--------------------------|- Sun Sep 26 21:45:45 EEST 2010 PATCHES/packages/bzip2-1.0.6-x86_64-1.tgz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 [*** SECURITY FIX ***] Thu Sep 23 22:57:23 EEST 2010 PATCHES/packages/kernel-generic-2.6.30.10-x86_64-2.txz: Rebuilt. This kernel has been patched to fix security problems: 64-bit Compatibility Mode Stack Pointer Underflow (CVE-2010-3081). IA32 System Call Entry Point Vulnerability (CVE-2010-3301). These vulnerabilities allow local users to gain root privileges. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3301 [*** Security fix ***] PATCHES/packages/kernel-huge-2.6.30.10-x86_64-2.txz: Rebuilt. Patched for CVE-2010-3081 and CVE-2010-3301. [*** Security fix ***] -|--------------------------|- Mon Sep 20 22:12:41 EEST 2010 PATCHES/packages/samba-3.2.15-x86_64-3.txz: Patched. This upgrade fixes a buffer overflow in the sid_parse() function. For more information, see: http://www.samba.org/samba/security/CVE-2010-3069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069 [*** Security fix ***] PATCHES/packages/sudo-1.7.4p4-x86_64-1.txz: Upgraded. This fixes a flaw that could lead to privilege escalation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.6.10-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/seamonkey-2.0.8-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.8-x86_64-1.txz: Upgraded. -|--------------------------|- Sun Sep 5 12:23:22 EEST 2010 PATCHES/packages/gnupg2-2.0.12-x86_64-2.txz: Rebuilt. Patched to fix "Realloc Bug with X.509 certificates in GnuPG". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 [*** Security fix ***] PATCHES/packages/httpd-2.2.16-x86_64-1.txz: Upgraded. Fix Handling of requests without a path segment. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 [*** Security fix ***] PATCHES/packages/php-5.2.14-x86_64-1.txz: Upgraded. Fixed several security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html [*** Security fix ***] PATCHES/packages/pidgin-2.7.3-x86_64-1.txz: Upgraded. This fixes a crash due to malformed X-Status messages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 [*** Security fix ***] PATCHES/packages/xorg-server-1.6.3-x86_64-2.txz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240 [*** Security fix ***] PATCHES/packages/xorg-server-xephyr-1.6.3-x86_64-2.txz: Rebuilt. PATCHES/packages/xorg-server-xnest-1.6.3-x86_64-2.txz: Rebuilt. PATCHES/packages/xorg-server-xvfb-1.6.3-x86_64-2.txz: Rebuilt. -|--------------------------|- Mon Aug 9 22:02:33 EEST 2010 PATCHES/packages/mozilla-firefox-3.6.8-x86_64-1.txz: Upgraded. This fixes a regression in Firefox 3.6.7. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.6-x86_64-1.txz: Upgraded. PATCHES/packages/seamonkey-2.0.6-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/libtiff-3.8.2-x86_64-6.txz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 [*** Security fix ***] PATCHES/packages/libpng-1.2.44-x86_64-1.txz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 [*** Security fix ***] +----------------------------+ Sat Jun 26 13:41:41 EEST 2010 PATCHES/packages/bind-9.4.3_P5-x86_64-1.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 [*** Security fix ***] PATCHES/packages/mozilla-firefox-3.6.4-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/seamonkey-2.0.5-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.5-x86_64-1.txz: Upgraded. +----------------------------+ Sat Jun 19 21:04:31 EEST 2010 PATCHES/packages/samba-3.0.37-x86_64-2.txz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 [*** Security fix ***] PATCHES/packages/pidgin-2.7.0-x86_64-1.txz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 [*** Security fix ***] PATCHES/packages/fetchmail-6.3.17-x86_64-1.txz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 [*** Security fix ***] PATCHES/packages/irssi-0.8.15-x86_64-1.txz: Upgraded. From the NEWS file: - Check if an SSL certificate matches the hostname of the server we are connecting to. - Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 [*** Security fix ***] -|--------------------------|- Sun Apr 25 12:31:40 EEST 2010 PATCHES/packages/kdebase-workspace-4.3.1-x86_64-2.txz: Rebuilt. Patched a security issue with KDM. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 [*** Security fix ***] PATCHES/packages/sudo-1.7.2p6-x86_64-1.txz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html -|--------------------------|- Thu Apr 8 23:20:39 EEST 2010 PATCHES/packages/mozilla-firefox-3.6.3-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/mozilla-thunderbird-2.0.0.24-x86_64-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] PATCHES/packages/seamonkey-2.0.4-x86_64-1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-2.0.4-x86_64-1.txz: Upgraded. -|--------------------------|- Fri Apr 2 12:11:45 EEST 2010 PATCHES/packages/openssl-0.9.8n-x86_64-1.txz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8n-x86_64-1.txz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-2.txz: Rebuilt. PATCHES/packages/mozilla-firefox-3.6.2-x86_64-1.txz: Upgraded. Upgraded to firefox-3.6.2. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html [*** Security fix ***] PATCHES/packages/pidgin-2.6.6-x86_64-1.txz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 [*** Security fix ***] PATCHES/packages/httpd-2.2.15-x86_64-1.txz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 [*** Security fix ***] -|--------------------------|- Sat Mar 6 00:58:00 EET 2010 PATCHES/packages/gzip-1.4-x86_64-1.0.tgz: Upgraded. gzip -d could segfault and/or clobber the stack, possibly leading to arbitrary code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 [*** Security fix ***] PATCHES/packages/openssl-0.9.8m-x86_64-1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8m-x86_64-1.tgz: Upgraded. PATCHES/packages/proftpd-1.3.3-x86_64-1.tgz: Upgraded. -|--------------------------|- Tue Jan 26 01:40:13 EET 2010 PATCHES/packages/mozilla-firefox-3.6-x86_64-1.txz: Upgraded. PATCHES/packages/mc-20090714_git-x86_64-2.txz: Recompiled. Added missing profile.d wrapper scripts. PATCHES/packages/httpd-2.2.14-x86_64-1.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 [*** Security fix ***] PATCHES/packages/php-5.2.12-x86_64-1.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 [*** Security fix ***] PATCHES/packages/pidgin-2.6.5-x86_64-1.tgz: Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 [*** Security fix ***] -|--------------------------|- Sun Dec 20 18:27:16 EET 2009 PATCHES/packages/cairo-1.8.8-x86_64-1.txz: Upgraded. Firefox 3.5.6 requires a new cairo. PATCHES/packages/mozilla-firefox-3.5.6-x86_64-1.txz: Upgraded. Upgraded to firefox-3.5.6. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox35.html [*** Security fix ***] +------------------------------------------------------+ For those who use Seamonkey 2.0, it can be fount at: http://packages.bluewhite64.com:8080/bluewhite64-13.0/network/seamonkey-2/ +------------------------------------------------------+ Sat Dec 12 12:19:13 EET 2009 PATCHES/packages/kernel-generic-2.6.30.10-x86_64-1.txz: Upgraded. This upgrade fix a kernel bug where oversized IP packets cause a NULL pointer dereference and immediate hang. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1298 http://lkml.org/lkml/2009/11/25/104 [*** Security fix ***] PATCHES/packages/kernel-headers-2.6.30.10-x86-1.txz: Upgraded. PATCHES/packages/kernel-huge-2.6.30.10-x86_64-1.txz: Upgraded. PATCHES/packages/kernel-modules-2.6.30.10-x86_64-1.txz: Upgraded. PATCHES/packages/kernel-modules-generic-2.6.30.10-x86_64-1.txz: Upgraded. PATCHES/packages/kernel-source-2.6.30.10-noarch-1.txz: Upgraded. PATCHES/packages/gimp-2.6.8-x86_64-1.txz: Upgraded. This fixes integer overflows in the image handling plugins that could lead to the execution of arbitrary code or an application crash if a malicious image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909 [*** Security fix ***] PATCHES/packages/ntp-4.2.4p8-x86_64-1.txz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 [*** Security fix ***] -|--------------------------|- Sun Dec 6 13:51:28 EET 2009 PATCHES/packages/bind-9.4.3_P4-x86_64-1.txz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 [*** Security fix ***] -|--------------------------|- Sun Nov 29 20:10:34 EET 2009 PATCHES/packages/soprano-2.3.0-x86_64-3.txz: Recompiled to activate sesame2backend. Thanks to Yucatan "Kenjiro" Costa ;) -|--------------------------|- Thu Nov 19 23:08:22 EET 2009 PATCHES/packages/openssl-0.9.8k-x86_64-3.txz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 [*** Security fix ***] PATCHES/packages/openssl-solibs-0.9.8k-x86_64-3.txz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE PATCHES/packages/mozilla-firefox-3.5.5-x86_64-1.txz: Upgraded. Upgraded to firefox-3.5.5. This fixes some stability bugs. -|--------------------------|- Tue Nov 3 11:57:32 EET 2009 PATCHES/packages/mozilla-firefox-3.5.4-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox35.html [*** Security fix ***] PATCHES/packages/poppler-0.10.7-x86_64-2.txz: Rebuilt. This updated package includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] PATCHES/packages/xpdf-3.02pl4-x86_64-1.txz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 [*** Security fix ***] -|--------------------------|- Wed Oct 21 22:44:38 EEST 2009 PATCHES/packages/gnutls-2.8.4-x86_64-1.txz: This contains a correct fix for the NUL in CN/SAN SSL vulnerability. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 [*** Security fix ***] PATCHES/packages/pidgin-2.6.3-x86_64-1.txz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 [*** Security fix ***] -|--------------------------|- Tue Oct 6 22:16:50 EEST 2009 PATCHES/packages/php-5.2.11-x86_64-1.txz: This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 [*** Security fix ***] PATCHES/packages/samba-3.2.15-x86_64-1.txz: This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 [*** Security fix ***] PATCHES/packages/mesa-7.5-x86_64-2.txz: Rebuilt. Fixed install script to add glxinfo and other programs that were part of previous Mesa patches. -|--------------------------|- Wed Sep 16 22:51:46 EEST 2009 PATCHES/packages/mozilla-firefox-3.5.3-x86_64-1.txz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox35.html [*** Security fix ***] PATCHES/packages/seamonkey-solibs-1.1.18-x86_64-2.txz: Rebuilt. Added libnssutil3.so, -|--------------------------|- Tue Sep 8 18:06:14 EEST 2009 This is Bluewhite64 Linux 13.0 stable release! Special thanks to Yucatan "Kenjiro" Costa for working on the KDE4! Also, thanks to all who sent reports, suggestions and fixes, to the folks who are waiting for this release to start working on new packages for Bluewhite64 13.0 at http://packages.bluewhite64.com. Have fun and enjoy! (TM) ;-) L software series/seamonkey-solibs-1.1.18-x86_64-1.txz: Upgraded to seamonkey-1.1.18 shared libraries. [*** Security fix ***] XAP software series/seamonkey-1.1.18-x86_64-1.txz: Upgraded. Upgraded to seamonkey-1.1.18. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] -|--------------------------|- Sun Sep 6 15:40:08 EEST 2009 A software series/aaa_base-13.0-x86_64-2.txz: Rebuilt. Updated the initial email to root. A software series/cryptsetup-1.0.7-x86_64-1.txz: Upgraded. And yes, the cryptsetup.static works \o/ -;). A software series/infozip-6.0-x86_64-1.txz: Upgraded. Upgraded to Zip 3.0 and Unzip 6.0. A software series/kbd-1.15-x86_64-3.txz: Rebuilt. Fixed the default font in unicode_start. AP software series/sox-14.3.0-x86_64-1.txz: Upgraded. AP software series/vim-7.2.245-x86_64-1.txz: Upgraded. F software series/linux-howtos-20090805-noarch-1.txz: Upgraded. KDE software series/kdeaccessibility-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdeadmin-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdeartwork-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdebase-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdebase-runtime-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdebase-workspace-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdebindings-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdeedu-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdegames-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdegraphics-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdelibs-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdelibs-experimental-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdemultimedia-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdenetwork-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdepim-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdepim-runtime-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdepimlibs-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdeplasma-addons-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdesdk-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdetoys-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdeutils-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdewebdev-4.3.1-x86_64-1.txz: Upgraded. KDE software series/oxygen-icons-4.3.1-x86_64-1.txz: Upgraded. This is KDE 4.3.1, packages made by Yucatan "Kenjiro" Costa. As always, huge thanks! ;) KDE software series/guidance-power-manager-4.3.1-x86_64-1.txz: Upgraded. KDE software series/kdewebdev-4.3.1-x86_64-1.txz: Upgraded. KDE software series/konq-plugins-4.3.1-x86_64-1.txz: Upgraded. KDE software series/skanlite-0.3_kde4.3.1-x86_64-1.txz: Upgraded. KDEi software series/kde-l10n-*-4.3.1-noarch-1.txz: Upgraded to KDE 4.3.1 l10n packages. Added Croatian language support. L software series/akonadi-1.2.1-x86_64-1.txz: Upgraded. Thanks to Yucatan "Kenjiro" Costa for building the package. L software series/boost-1.38.0-x86_64-2.txz: Rebuilt. Patched wrong BOOST_NO_EXCEPTIONS define placement. L software series/strigi-0.7.0-x86_64-1.txz: Upgraded. Thanks to Yucatan "Kenjiro" Costa for building the package. N software series/network-scripts-13.0-noarch-2.txz: Rebuilt. Correct the comments about DHCP timeout to say that it is 10 seconds. N software series/bluez-utils-3.36-x86_64-7.txz: Rebuilt. XAP software series/vim-gvim-7.2.245-x86_64-1.txz: Upgraded. EXTRA/xf86-video-intel-alternate/xf86-video-intel-2.8.1-x86_64-1.txz: Added. EXTRA/wicd/wicd-1.6.2.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. Upgraded cryptsetup. Make the CD install disc swap more reliable on slow CD drives. Fixed bad block checking option for ext* filesystems. usb-and-pxe-installers/usbboot.img: Rebuilt. Upgraded cryptsetup. Make the CD install disc swap more reliable on slow CD drives. Fixed bad block checking option for ext* filesystems. -|--------------------------|- Sun Aug 23 13:38:14 EEST 2009 A software series/aaa_elflibs-13.0-x86_64-2.txz: Rebuilt. Updated CUPS libraries. A software series/cups-1.3.11-x86_64-1.txz: Upgraded. A software series/etc-13.0-x86_64-2.txz: Rebuilt. Build package with $ARCH, not noarch. Ensure that groups added through the install script have "root" as members where appropriate. AP software series/ghostscript-8.70-x86_64-1.txz: Upgraded. AP software series//gutenprint-5.2.4-x86_64-1.txz: Upgraded. L software series//icon-naming-utils-0.8.90-x86_64-2.txz: Rebuilt. Build package with $ARCH, not noarch. N software series//getmail-4.11.0-x86_64-1.txz: Upgraded. X software series//xf86-input-evdev-2.2.5-x86_64-1.txz: Upgraded. XAP software series//mozilla-thunderbird-2.0.0.23-x86_64-1.txz: Upgraded. This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] XAP software series//xgames-0.3-x86_64-2.txz: Rebuilt. Merged fixes to xlander: Avoid "warping" spacecraft position after pause for mouse click due to paused time being added to frame time. Decrease lateral thrust, but increase initial lateral velocity, to better match the original gameplay (DEC microVAX, early 1990s). Don't use unsigned (fix unsigned comparison warning). Bump patchlevel. EXTRA/brltty/brltty-4.0-x86_64-1.txz: Upgraded. EXTRA/mplayerplug-in/mplayerplug-in-3.55-x86_64-1.txz: Added. Enables the use of mplayer for web-embedded media. -|--------------------------|- Thu Aug 20 19:31:52 EEST 2009 XAP software series/pidgin-2.5.9-x86_64-1.txz: Upgraded. This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 [*** Security fix ***] -|--------------------------|- Wed Aug 19 21:56:19 EEST 2009 A software series/pkgtools-13.0-noarch-3.tgz: Rebuilt. Fixed hardcoded gzip in installpkg --warn. Fixed upgradepkg to reject invalid extensions. AP software series/foomatic-filters-4.0.2-x86_64-1.txz: Upgraded. L software series/libzip-0.9-x86_64-2.txz: Rebuilt. Get rid of hardlinked man pages. KDE software series/kdelibs-4.3.0-x86_64-3.txz: Patched. This fixes bug #195385. For more details see: http://bugs.kde.org/show_bug.cgi?id=195385. Thanks to Yucatan "Kenjiro" Costa for the fix. N software series/pinentry-0.7.6-x86_64-1.txz: Upgraded. XAP software series/x11-ssh-askpass-1.2.4.1-x86_64-1.txz: Added. -|--------------------------|- Mon Aug 17 17:48:52 EEST 2009 A software series/aaa_elflibs-13.0-x86_64-1.txz: Upgraded. A software series/mkinitrd-1.3.4-x86_64-3.txz: Rebuilt. Fixed quoting of "${MODULE_LIST}" A software series/usbutils-0.82-x86_64-2.txz: Rebuilt. Updated usb.ids, removed usb.ids.gz. A software series/etc-13.0-noarch-1.txz: Upgraded. Added root to power, netdev, and scanner groups in /etc/group. A software series/pciutils-3.1.3-x86_64-1.txz: Upgraded. A software series/rpm2tgz-1.1-x86_64-1.txz: Upgraded. Make .tgz with makepkg, not tar. A software series/kernel-firmware-2.6.30.5-noarch-1.txz: Upgraded. A software series/kernel-generic-2.6.30.5-x86_64-1.txz: Upgraded. A software series/kernel-huge-2.6.30.5-x86_64-1.txz: Upgraded. A software series/kernel-modules-2.6.30.5-x86_64-1.txz: Upgraded. A software series/kernel-modules-generic-2.6.30.5-x86_64-1.txz: Upgraded. AP software series/man-1.6f-x86_64-2.txz: In man.conf, change nroff from using -Tlatin1 to using -mandoc. AP software series/man-pages-3.22-noarch-1.txz: Upgraded. D software series/guile-1.8.7-x86_64-1.txz: Upgraded. D software series/kernel-headers-2.6.30.5-x86-1.txz: Upgraded. K software series kernel-source-2.6.30.5-noarch-1.txz N software series/curl-7.19.6-x86_64-1.txz: Upgraded. This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 [*** Security fix ***] N software series/elm-2.5.8-x86_64-3.txz: Rebuilt. N software series/mailx-12.4-x86_64-1.txz: Upgraded. N software series/netatalk-2.0.4-x86_64-2.txz: Rebuilt. Don't install rc.atalk as executable by default. L software series/imlib-1.9.15-x86_64-8.txz: Rebuilt. Fixed doc directory perms. XAP software series/gnuplot-4.2.5-x86_64-1.txz: Upgraded. XAP software series/xlockmore-5.28-x86_64-1.txz: Upgraded EXTRA/aspell-word-lists/aspell-nb-0.50.1_0-noarch-4.txz: Added. EXTRA/wicd/wicd-1.6.2-x86_64-2.txz:Rebuilt. Fixed a problem with hidden networks. isolinux/initrd.img: Rebuilt. Upgraded kernel modules. kernels/*: Rebuilt. Upgraded kernel modules usb-and-pxe-installers/: Rebuilt. Upgraded kernel modules -|--------------------------|- Mon Aug 17 10:32:28 EEST 2009 D software series/subversion-1.6.4-x86_64-1.txz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt [*** Security fix ***] L software series/apr-1.3.8-x86_64-1.txz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] L software series/apr-util-1.3.9-x86_64-1.txz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 [*** Security fix ***] N software series/httpd-2.2.13-x86_64-1.txz: Upgraded. This is a bugfix release. It also upgrades the internal versions of apr and apr-util to address CVE-2009-2412, -|--------------------------|- Sun Aug 16 13:06:07 EEST 2009 AP software series/mysql-5.0.84-x86_64-1.txz: Upgraded. KDE software series/kaudiocreator-r1009226-x86_64-2.txz: Recompiled. KDE software series/guidance-power-manager-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeaccessibility-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeadmin-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeartwork-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdebase-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdebase-runtime-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdebase-workspace-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdebindings-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeedu-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdegames-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdegraphics-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdelibs-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdelibs-experimental-4.3.0-x86_64-2.txz: Recpmpiled. KDE software series/kdemultimedia-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdenetwork-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdepim-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdepim-runtime-4.3.0-x86_64-2.txz: Recompile. KDE software series/kdepimlibs-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeplasma-addons-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdesdk-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdetoys-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdeutils-4.3.0-x86_64-2.txz: Recompiled. KDE software series/kdevelop-3.9.94-x86_64-2.txz: Recompiled. KDE software series/kdevplatform-0.9.94-x86_64-2.txz: Recompiled. KDE software series/kdewebdev-4.3.0-x86_64-2.txz: Recompiled. KDE software series/konq-plugins-4.3.0-x86_64-2.txz: Recompiled. KDE software series/oxygen-icons-4.3.0-x86_64-2.txz: Recompiled. KDE software series/skanlite-0.3_kde4.3.0-x86_64-2.txz: Recompiled. KDE software series/koffice-2.0.2-x86_64-1.txz: Recompiled. KDEi software series/koffice-l10n-*-2.0.2-noarch-1.txz: Upgraded to KOffice 2.0.2 l10n packages. Thanks to Yucatan "Kenjiro" Costa for rebuilding the KDE* packages and deps! L software series/jre-6u16-x86_64-1.txz: Upgraded. Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 16. L software series/akonadi-1.1.95-x86_64-1.txz: Upgraded. L software series/qt-4.5.2-x86_64-1.txz: Added. This is the KDE-qt which was used to develop the new KDE 4.3. Make sure that you are remove the old version (qt-r994599) before install this one! L software series/qt-r994599-x86_64-1.txz: Removed. L software series/soprano-2.3.0-x86_64-2.txz: Recompiled. L software series/strigi-0.6.5-x86_64-2.txz: Recompiled. N software series/fetchmail-6.3.11-x86_64-1.txz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 [*** Security fix ***] N software series/network-scripts-13.0-noarch-1.txz: Upgraded. Added new options to the rc.inet1.conf file to adjust debugging level, or to turn off ipv4ll (zeroconf) IP address assignment. X software series/glew-1.5.1-x86_64-1.txz: Added. Needed by the Mesa demos. X software series/libICE-1.0.5-x86_64-2.txz: Rebuilt. X software series/libX11-1.2.2-x86_64-1.txz: Upgraded. X software series/libdrm-2.4.12-x86_64-1.txz: Upgraded. X software series/mesa-7.5-x86_64-1.txz: Upgraded. X software series/pixman-0.15.18-x86_64-1.txz: Upgraded. X software series/rstart-1.0.3-x86_64-1.txz: Upgraded. X software series/setxkbmap-1.1.0-x86_64-1.txz: Upgraded. X software series/xf86-input-evdev-2.2.4-x86_64-1.txz: Upgraded. X software series/xf86-input-synaptics-1.1.3-x86_64-1.txz: Upgraded. X software series/xf86-video-apm-1.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-ast-0.89.9-x86_64-1.txz: Upgraded. X software series/xf86-video-cirrus-1.3.2-x86_64-1.txz: Upgraded. X software series/xf86-video-glint-1.2.4-x86_64-1.txz: Upgraded. X software series/xf86-video-i128-1.3.3-x86_64-1.txz: Upgraded. X software series/xf86-video-i740-1.3.2-x86_64-1.txz: Upgraded. X software series/xf86-video-intel-2.8.0-x86_64-1.txz: Upgraded. X software series/xf86-video-mach64-6.8.2-x86_64-1.txz: Upgraded. X software series/xf86-video-mga-1.4.11-x86_64-1.txz: Upgraded. X software series/xf86-video-neomagic-1.2.4-x86_64-1.txz: Upgraded. X software series/xf86-video-r128-6.8.1-x86_64-1.txz: Upgraded. X software series/xf86-video-s3-0.6.3-x86_64-1.txz: Upgraded. X software series/xf86-video-s3virge-1.10.4-x86_64-1.txz: Upgraded. X software series/xf86-video-savage-2.3.1-x86_64-1.txz: Upgraded. X software series/xf86-video-sis-0.10.2-x86_64-1.txz: Upgraded. X software series/xf86-video-sisusb-0.9.3-x86_64-1.txz: Upgraded. X software series/xf86-video-tdfx-1.4.3-x86_64-1.txz: Upgraded. X software series/xf86-video-vesa-2.2.1-x86_64-1.txz: Upgraded. X software series/xf86-video-voodoo-1.2.3-x86_64-1.txz: Upgraded. X software series/xfs-1.1.0-x86_64-1.txz: Upgraded. X software series/xkbcomp-1.1.0-x86_64-1.txz: Upgraded. X software series/xorg-server-1.6.3-x86_64-1.txz: Upgraded. X software series/xorg-server-xephyr-1.6.3-x86_64-1.txz: Upgraded. X software series/xorg-server-xnest-1.6.3-x86_64-1.txz: Upgraded. X software series/xorg-server-xvfb-1.6.3-x86_64-1.txz: Upgraded. X software series/xtrans-1.2.4-noarch-1.txz: Upgraded. XAP software series/xfce-4.6.1-x86_64-5.txz: Rebuilt. Upgraded to Terminal-0.4.0 and added some missing icons. extra/jdk-6/jdk-6u15-x86_64-1.txz: Upgraded. Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 16. extra/xf86-video-intel-alternate/xf86-video-intel-2.5.1-x86_64-1.txz: Added. extra/xf86-video-intel-alternate/xf86-video-intel-2.6.3-x86_64-1.txz: Added extra/xf86-video-intel-alternate/xf86-video-intel-2.7.1-x86_64-2.txz: Added. -|--------------------------|- Sun Aug 9 19:40:17 EEST 2009 L software series/iso-codes-3.10.2-noarch-1.txz: Upgraded. L software series/soprano-2.3.0-x86_64-1.txz: Upgraded. L software series/strigi-0.6.5-x86_64-1.txz: Upgraded. This is KDE 4.3.0 upgrade in the Bluewhite64 Linux -current development tree. There are 3 new packages added, so make sure that you are installing them. Enjoy! ;) Huge thanks to Yucatan "Kenjiro" Costa for building the kde* packages and deps! KDE software series/kaudiocreator-r1009226-x86_64-1.txz: Upgraded. KDE software series/guidance-power-manager-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeaccessibility-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeadmin-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeartwork-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdebase-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdebase-runtime-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdebase-workspace-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdebindings-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeedu-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdegames-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdegraphics-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdelibs-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdelibs-experimental-4.3.0-x86_64-1.txz: Added. KDE software series/kdemultimedia-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdenetwork-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdepim-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdepim-runtime-4.3.0-x86_64-1.txz: Added. KDE software series/kdepimlibs-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeplasma-addons-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdesdk-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdetoys-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdeutils-4.3.0-x86_64-1.txz: Upgraded. KDE software series/kdevelop-3.9.94-x86_64-1.txz: Upgraded. KDE software series/kdevplatform-0.9.94-x86_64-1.txz: Upgraded. KDE software series/kdewebdev-4.3.0-x86_64-1.txz: Upgraded. KDE software series/konq-plugins-4.3.0-x86_64-1.txz: Upgraded. KDE software series/oxygen-icons-4.3.0-x86_64-1.txz: Added. KDE software series/skanlite-0.3_kde4.3.0-x86_64-1.txz: Upgraded. KDEi software series/kde-l10n-*-4.3.0-noarch-1.txz: Upgraded to KDE 4.3.0 l10n packages. -|--------------------------|- Tue Aug 4 12:01:59 EEST 2009 AP software series/linuxdoc-tools-0.9.56-x86_64-5.txz: Rebuilt. Added a symlink to isogrk4.ent D software series/git-1.6.4-x86_64-1.txz: Upgraded. N software series/httpd-2.2.12-x86_64-1.tgz: Upgraded. This update fixes some security issues (from the CHANGES file): *) SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605. [Joe Orton, Ruediger Pluem] *) SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] *) SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] *) SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 [*** Security fix ***] N software series/irssi-0.8.14-x86_64-1.txz: Upgraded. XAP software series/mozilla-firefox-3.5.2-x86_64-1.txz: Upgraded. -|--------------------------|- Sat Aug 1 14:58:31 EEST 2009 Ladies and gentleman, This is Bluewhite64 Linux 13.0 second release candidate! I will not say here to much about this RC release, I reserve my words for the final release :P. Just a few notes about what we are "cooking" here. As you may know the KDE 4.3 release is going to be happen soon, so we are already packaging and testing this release of KDE4, I'd like to be included in the Bluewhite64 Linux 13.0 stable version. PLEASE TEST this RC version because it is the only one with an ISO release and post the problems, suggestions, fixes to the Bluewhite64 Linux forums. Enjoy! ;). A software series/kernel-firmware-2.6.30.4-noarch-1.txz: Upgraded. A software series/kernel-generic-2.6.30.4-x86_64-1.txz: Upgraded. A software series/kernel-huge-2.6.30.4-x86_64-1.txz: Upgraded. A software series/kernel-modules-2.6.30.4-x86_64-1.txz: Upgraded. A software series/kernel-modules-generic-2.6.30.4-x86_64-1.txz: Upgraded. A software series/shadow-4.0.6-x86_64-5.txz: Rebuilt. In adduser, adjusted the search of /etc/passwd to exclude the NIS inclusion string. A software series/cxxlibs-6.0.10-x86_64-1.txz: Upgraded. Replaced libstdc++.so.6.0.9 with libstdc++.so.6.0.10. A software series/lilo-22.8-x86_64-15.tgz: Patched liloconf to add large-memory option by default to lilo.conf. AP software series/linuxdoc-tools-0.9.56-x86_64-4.txz: Rebuilt. Upgraded a number of component packages. AP software series/slackpkg-2.80.2-noarch-3.tgz: Upgraded. AP software series/dc3dd-6.12.3-x86_64-1.txz: Added. This is a version of dd that has been patched to include a number of features useful for computer forensics. D software series/kernel-headers-2.6.30.4-x86-1.txz: Upgraded. K software series/kernel-source-2.6.30.4-noarch-1.txz: Upgraded. L software series/hal-0.5.11-x86_64-7.txz: Rebuilt with some backported patches from upstream to fix some bugs. Patched the 10-keymap.fdi with comments and examples for configuring keyboard layouts, both with and without input hotplugging. Important changes to /etc/dbus-1/system.d/hal.conf, so be sure to move the new config into place. L software series/hal-info-20090716-noarch-1.txz: Upgraded. N software series/bind-9.4.3_P3-x86_64-1.txz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 [*** Security fix ***] isolinux/initrd.img: Rebuilt. kernels/*: Rebuilt. usb-and-pxe-installers/: Rebuilt. -|--------------------------|- Wed Jul 22 23:18:35 EEST 2009 If you are having problems runnig the generic Linux kernel 2.6.30.x with initrd and you get the following error at boot: " RAMDISK: Couldn't find valid RAM disk image starting at 0" then the reason for this is (quote from lilo.conf manual): "Normally any initial ramdisk (initrd) loaded with a kernel is loaded as high in memory as possible, but never above 15Mb. This is due to a BIOS limitation on older systems. On newer systems, this option enables using memory above 15Mb (up to a kernel imposed limit, around 768Mb) for passing the initrd to the kernel. The presence of this option merely indicates that your system does not have the old BIOS limitation." *** The solution is to add the "large-memory" to the lilo.conf and run lilo.*** Also I have updated the "liloconf" here to add by default this option at the installation process or when liloconf is used. I will release later this changes just need more time to test. Until then, here is the latest stable kernel. Enjoy! ;). TESTING/packages/kernel/kernel-firmware-2.6.30.2-noarch-1.txz: Upgraded. TESTING/packages/kernel/kernel-generic-2.6.30.2-x86_64-1.txz: Upgraded. TESTING/packages/kernel/kernel-headers-2.6.30.2-x86-1.txz: Upgraded. TESTING/packages/kernel/kernel-huge-2.6.30.2-x86_64-1.txz: Upgraded. TESTING/packages/kernel/kernel-modules-2.6.30.2-x86_64-1.txz: Upgraded. TESTING/packages/kernel/kernel-modules-generic-2.6.30.2-x86_64-1.txz: Upgraded. TESTING/packages/kernel/kernel-source-2.6.30.2-noarch-1.txz: Upgraded. -|--------------------------|- Tue Jul 21 00:46:07 EEST 2009 A software series/kernel-firmware-2.6.29.6-noarch-1.txz: Upgraded. A software series/kernel-generic-2.6.29.6-x86_64-1.txz: Upgraded. A software series/kernel-huge-2.6.29.6-x86_64-1.txz: Upgraded. A software series/kernel-modules-2.6.29.6-x86_64-1.txz: Upgraded. A software series/kernel-modules-gemeric-2.6.29.6_smp-x86_64-1.txz: Upgraded. A software series/pkgtools-13.0-noarch-2.tgz: Rebuilt. Patched installpkg to fix handling of (some) broken packages. A software series/mkinitrd-1.3.4-x86_64-2.txz: Rebuilt. Added a small patch to mkinitrd to avoid an error message about a missing udevadm. A software series/shadow-4.0.6-x86_64-4.txz: Rebuilt. Added "power" and "netdev" to the list of suggested groups for desktop users. A software series/e2fsprogs-1.41.8-x86_64-1.txz: Upgraded. A software series/slocate-3.1-x86_64-3.txz: Rebuilt. Changed the daily updatedb cron job to use "ionice -c3 nice -n 19". A software series/sysvinit-scripts-1.2-noarch-30.txz Rebuilt. Updated rescan-scsi-bus. A software series/udev-141-x86_64-3.txz: Rebuilt. Added aic94xx to /etc/modprobe.d/blacklist. Change config files in /etc/modprobe.d/ to use a .conf suffix in preparation for newer versions of module-init-tools. Let the psmouse module load with the default kernel configuration, rather than forcing proto=imps. If this causes problems with your KVM, uncomment the line in /etc/modprobe.d/psmouse. AP software series/zsh-4.3.10-x86_64-1.txz: Upgraded. Added support for xz file formats to zsh's completion. D software series/kernel-headers-2.6.29.6-x86-1.txz: Upgraded. K software series/kernel-source-2.6.29.6-noarch-1.txz: Upgraded. N software series/dirmngr-1.0.3-x86_64-1.txz: Upgraded. N software series/gnupg2-2.0.12-x86_64-1.txz: Upgraded. N software series/iwlwifi-4965-ucode-228.61.2.24-fw-1.txz: Upgraded. N software series/iwlwifi-5150-ucode-8.24.2.2-fw-1.txz: Added. N software series/libksba-1.0.6-x86_64-1.txz: Upgraded. N software series/getmail-4.9.2-noarch-1.txz: Upgraded. N software series/nmap-5.00-x86_64-1.txz: Upgraded. N software series/snownews-1.5.11-x86_64-2.txz: Rebuilt. Linked with ncursesw instead of regular ncurses for unicode support. X software series/dri2proto-2.1-x86_64-1.txz: Upgraded. X software series/inputproto-1.5.1-noarch-1.txz: Upgraded. X software series/libFS-1.0.2-x86_64-1.txz: Upgraded. X software series/libXaw-1.0.6-x86_64-1.txz: Upgraded. X software series/libXt-1.0.6-x86_64-1.txz: Upgraded. X software series/util-macros-1.2.2-noarch-1.txz: Upgraded. X software series/xf86-video-ati-6.12.2-x86_64-2.txz: Recompiled. X software series/xf86-video-cirrus-1.3.1-x86_64-1.txz: Upgraded. X software series/xf86-video-dummy-0.3.2-x86_64-1.txz: Upgraded. X software series/xf86-video-glint-1.2.3-x86_64-1.txz: Upgraded. X software series/xf86-video-i128-1.3.2-x86_64-2.txz: Upgraded. X software series/xf86-video-i740-1.3.1-x86_64-1.txz: Upgraded. X software series/xf86-video-intel-2.7.1-x86_64-2.txz: Rebuilt. X software series/xf86-video-neomagic-1.2.3-x86_64-1.txz: Upgraded. X software series/xf86-video-nv-2.1.14-x86_64-1.txz: Upgraded. X software series/xf86-video-rendition-4.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-s3-0.6.2-x86_64-1.txz: Upgraded. X software series/xf86-video-s3virge-1.10.3-x86_64-1.txz: Upgraded. X software series/xf86-video-savage-2.3.0-x86_64-1.txz: Upgraded. X software series/xf86-video-siliconmotion-1.7.2-x86_64-1.txz: Upgraded. X software series/xf86-video-sisusb-0.9.2-x86_64-1.txz: Upgraded. X software series/xf86-video-tdfx-1.4.2-x86_64-1.txz: Upgraded. X software series/xf86-video-trident-1.3.2-x86_64-1.txz: Upgraded. X software series/xf86-video-tseng-1.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-voodoo-1.2.2-x86_64-1.txz: Upgraded. X software series/xorg-server-1.6.2-x86_64-1.txz: Upgraded. X software series/xorg-server-xephyr-1.6.2-x86_64-1.txz: Upgraded. X software series/xorg-server-xnest-1.6.2-x86_64-1.txz: Upgraded. X software series/xorg-server-xvfb-1.6.2-x86_64-1.txz: Upgraded. X software series/mesa-7.4.4-x86_64-2.txz: Rebuilt. Fixed paths in .pc files and moved from testing. XAP software series/mozilla-firefox-3.5.1-x86_64-1.txz: Upgraded. This fixes a vulnerability in Firefox 3.5's Just-in-time (JIT) JavaScript compiler. For more information, see: http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/ [*** Security fix ***] IF the xf86-video-intel-2.7.1 is not working on your machine then you can test this ones ;-). EXTRA/xf86-video-intel-alternate/xf86-video-intel-2.7.99.902-x86_64-1.txz: Added. EXTRA/xf86-video-intel-alternate/xf86-video-intel-2.7.99.901-x86_64-1.txz: Added. EXTRA/bash-completion/bash-completion-20060301-noarch-2.txz: Rebuilt. Added support for xz file formats. EXTRA/slacktrack/slacktrack-2.06-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Rebuilt. usb-and-pxe-installers/: Rebuilt. -|--------------------------|- Wed Jul 15 15:49:01 EEST 2009 A software series/e2fsprogs-1.41.7-x86_64-1.txz: Upgraded. AP software series/mc-20090714_git-x86_64-1.txz: Upgraded. AP software series/slackpkg-2.80.1-noarch-1.tgz: Upgraded. L software series/gnome-icon-theme-2.26.0-x86_64-1.txz: Upgraded. L software series/libgsf-1.14.15-x86_64-1.txz: Upgraded. N software seriesn/dhcp-3.1.2p1-x86_64-1.txz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 [*** Security fix ***] EXTRA/wicd/wicd-1.6.2-x86_64-1.txz: Upgraded. -|--------------------------|- Sun Jul 12 16:41:43 EEST 2009 L software series/qt-r994599-x86_64-1.txz: Upgraded to qt-copy-r994599. N software series/php-5.2.10-x86_64-2.txz: Rebuilt. Installed the pear.php.net.reg and pecl.php.net.reg files from php-5.2.9, since the ones installed by php-5.2.10 are broken. -|--------------------------|- Mon Jul 6 13:41:32 EEST 2009 This is Bluewhite64 Linux 13.0 Release Candidate 1. Enjoy ;). XAP software series/mozilla-firefox-3.5-x86_64-1.txz: Upgraded. TESTING/packages/kernel/kernel-firmware-2.6.30.1-noarch-1.txz: Added. TESTING/packages/kernel/kernel-generic-2.6.30.1-x86_64-1.txz: Added. TESTING/packages/kernel/kernel-headers-2.6.30.1-x86-1.txz: Added. TESTING/packages/kernel/kernel-huge-2.6.30.1-x86_64-1.txz: Added. TESTING/packages/kernel/kernel-modules-2.6.30.1-x86_64-1.txz: Added. TESTING/packages/kernel/kernel-modules-generic-2.6.30.1-x86_64-1.txz: Added. TESTING/packages/kernel/kernel-source-2.6.30.1-noarch-1.txz: Added. -|--------------------------|- Sat Jul 4 12:58:16 EEST 2009 A software series/slocate-3.1-x86_64-2.txz: Rebuilt. Don't index cifs or tmpfs. Add a few more directories to the list of paths to prune. AP software series/ghostscript-8.64-x86_64-2.txz: Rebuilt. Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 [*** Security fix ***] AP software series/most-5.0.0a-x86_64-2.txz: Fixed doc directory. D software series/git-1.6.3.3-x86_64-1.txz: Upgraded. D software series/subversion-1.6.3-x86_64-1.txz: Upgraded. KDE software series/amarok-2.1.1-x86_64-1.txz: Upgraded. KDE software series/kdenetwork-4.2.4-x86_64-2.txz: Rebuilt. Patched to fix Yahoo! protocol. KDE software series/koffice-2.0.1-x86_64-1.txz: Upgraded. KDEi software series/koffice-l10n-*-2.0.1-noarch-1.txz: Upgraded to KOffice 2.0.1 l10n packages. L software series/urwid-0.9.8.4-x86_64-1.txz: Added. Needed for wicd. N software series/dnsmasq-2.49-x86_64-1.txz: Upgraded. N software series/httpd-2.2.11-x86_64-2.txz: Rebuilt. This needed a recompile against the new apr package to fix building new modules. N software series/iwlwifi-3945-ucode-15.32.2.9-fw-1.txz: Upgraded. N software series/iwlwifi-5000-ucode-8.24.2.12-fw-1.txz: Upgraded. N software series/php-5.2.10-x86_64-1.txz: Upgraded. X software series/xorg-server-1.6.1-x86_64-2.txz: Rebuilt. Fixed default-font-path. Patched a key repeat problem in XineramaCheckMotion. X software series/xorg-server-xephyr-1.6.1-x86_64-2.txz: Rebuilt. X software series/xorg-server-xnest-1.6.1-x86_64-2.txz: Rebuilt. X software series/xorg-server-xvfb-1.6.1-x86_64-2.txz: Rebuilt. xap/electricsheep-20090306-x86_64-2.txz: Rebuilt. Patched to fix an issue where mplayer needs a buffer when reading from a pipe. XAP software series/mozilla-thunderbird-2.0.0.22-x86_64-1.txz: Upgraded to thunderbird-2.0.0.22. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] XAP software series/pidgin-2.5.8-x86_64-1.txz: Upgraded. EXTRA/wicd/wicd-1.6.1-x86_64-1.txz: Upgraded. -|--------------------------|- Sat Jun 27 23:13:41 EEST 2009 N software series/samba-3.2.13-x86_64-1.txz: Upgraded. This upgrade fixes the following security issues: - in Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". - in Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886 [*** Security fix ***} N software series/sendmail-8.14.3-x86_64-2.txz: Rebuilt. Fixed missing praliases. N software series/sendmail-cf-8.14.3-noarch-2.txz: Rebuilt. XAP software series/MPlayer-r29390-x86_64-1.txz: Upgraded. TESTING/packages/mesa-7.4.4-x86_64-1.txz: Upgraded. -|--------------------------|- Thu Jun 25 23:28:55 EEST 2009 A software series/aaa_base-13.0-noarch-1.txz: Rebuilt. Updated bluewhite64-version. A software series/cryptsetup-1.0.6-x86_64-2.txz: Rebuilt. Fixed cryptsetup to use "udevadm settle" instead of the deprecated "udevsettle". A software series/kernel-firmware-2.6.29.5-noarch-1.tgz: Upgraded to Linux 2.6.29.5 firmware. A software series/kernel-generic-2.6.29.5-x86_64-1.tgz: Upgraded to Linux 2.6.29.5. A software series/kernel-huge-2.6.29.5-x86_64-1.tgz: Upgraded to Linux 2.6.29.5. A software series/kernel-modules-2.6.29.5-x86_64-1.tgz: Upgraded to Linux 2.6.29.5 modules. A software series/kernel-modules-generic-2.6.29.5_smp-x86_64-1.tgz: Upgraded to Linux 2.6.29.5 generic modules. A software series/pkgtools-13.0-noarch-1.tgz: Changed version number. A software series/quota-3.17-x86_64-1.txz: Upgraded. A software series/sharutils-4.7-x86_64-1.txz: Upgraded. A software series/e2fsprogs-1.41.6-x86_64-1.txz: Upgraded. A software series/ed-1.3-x86_64-1.txz: Upgraded. A software series/file-5.03-x86_64-1.txz: Upgraded. A software series/findutils-4.4.2-x86_64-1.txz: Upgraded. A software series/jfsutils-1.1.14-x86_64-1.txz: Upgraded. A software series/ntfs-3g-2009.4.4-x86_64-1.txz: Upgraded. A software series/usbutils-0.82-x86_64-1.txz: Upgraded. A software series/xfsprogs-3.0.1-x86_64-1.txz: Upgraded. AP software series/lm_sensors-3.1.1-x86_64-1.txz: Upgraded. AP software serie/smc-20090621_git-x86_64-1.txz: Upgraded. AP software series/most-5.0.0a-x86_64-1.txz: Upgraded. AP software series/dmapi-2.2.10-x86_64-1.txz: Upgraded. AP software series/man-pages-3.21-noarch-1.txz: Upgraded. AP software series/sqlite-3.6.14.2-x86_64-1.txz: Upgraded. AP software series/xfsdump-3.0.1-x86_64-1.txz: Upgraded. D software series/kernel-headers-2.6.29.5_smp-x86-1.tgz: Upgraded to Linux 2.6.29.5 headers. D software series/git-1.6.3.2-x86_64-1.txz: Upgraded. D software series/m4-1.4.13-x86_64-1.txz: Upgraded. D software series/subversion-1.6.2-x86_64-1.txz: Upgraded. Enabled the bindings for Python, perl, and Ruby. D software series/ruby-1.8.7_p174-x86_64-1.txz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 [*** Security fix ***] K software series/kernel-source-2.6.29.5-noarch-1.tgz: Upgraded to Linux 2.6.29.5 source. KDE software series/kdelibs-4.2.4-x86_64-2.txz: Rebuilt. Patched popupapplet.cpp to fix plasmaboard, a virtual keyboard for plasma. L software series/jre-6u14-x86_64-1.txz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 14. L software series/exiv2-0.18.1-x86_64-1.txz: Upgraded. L software series/libpng-1.2.37-x86_64-1.txz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 [*** Security fix ***] L software series/slang-2.1.4-x86_64-1.txz: Upgraded. L software series/apr-1.3.5-x86_64-1.txz: Upgraded. L software series/apr-util-1.3.7-x86_64-1.txz: Upgraded. Fix underflow in apr_strmatch_precompile. Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 [*** Security fix ***] L software series/neon-0.28.4-x86_64-1.txz: Upgraded. L software series/sdl-1.2.13-x86_64-4.txz: Upgraded. Use SDL_image-1.2.7, and compile SDL without esd, as linking to esd breaks audio within VirtualBox. Also, compile without arts support. L software series/seamonkey-solibs-1.1.16-x86_64-2.txz: Added. This is a subset of the shared libraries from the seamonkey package used for runtime support of programs (such as rpm) on machines without X, or applications for X. N software series/bluez-utils-3.36-x86_64-6.txz: Rebuilt. Edited rc.bluetooth to start hidd before any other bluetooth service. This avoids an address conflict that can cause devices to fail to reconnect if the connection is lost. N software series/iptables-1.4.3.2-x86_64-1.txz: Upgraded. N software series/iw-0.9.14-x86_64-1.txz: Upgraded. N software series/lftp-3.7.14-x86_64-1.txz: Upgraded. N software series/samba-3.2.12-x86_64-1.txz: Upgraded. N software series/iproute2-2.6.29_1-x86_64-2.txz: Rebuilt. This needed a recompile against the new iptables. T software series/xfig-3.2.4-x86_64-4.txz: Rebuilt. This needed a recompile against glibc to fix crashes. X software series/mesa-7.4.1-x86_64-1.txz: Downgraded. This fix some issues with compositing in KDE when the Desktop Effects are in use. XAP software series/pidgin-2.5.7-x86_64-1.txz: Upgraded. This fixes the Yahoo protocol plugin. XAP software series/mozilla-firefox-3.0.11-x86_64-1.txz: Upgraded to firefox-3.0.11. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] XAP software series/seamonkey-1.1.17-x86_64-1.txz: Upgraded to seamonkey-1.1.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] XAP software series/xfce4-power-manager-0.6.6-x86_64-1.txz: Upgraded. XAP software series/xine-lib-1.1.16.3-x86_64-6.txz: Rebuilt. EXTRA/tightvnc/tightvnc-1.3.10-x86_64-1.txz: Added. EXTRA/aspell-word-lists/aspell-pt_BR-20080707_0-noarch-4.txz: Added. EXTRA/kde3-compat/k3b3-1.0.5-x86_64-opt1.txz: Added. In case the KDE4 version of k3b is not stable, this KDE3 version may be used along with the KDE3 compatibility packages in extra/kde3-compat/. EXTRA/jdk-6/jdk-6u14-x86_64-1.txz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 14. TESTING/packages/bash-4.0.024-x86_64-1.txz: Upgraded. TESTING/packages/mesa-7.4.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Rebuilt. usb-and-pxe-installers/: Rebuilt -|--------------------------|- Wed Jun 17 22:48:53 EEST 2009 A software series/apmd-3.2.2-x86_64-2.txz: Recompiled. A software series/dbus-1.2.14-x86_64-1.txz: Upgraded. AP software series/gphoto2-2.4.5-x86_64-1.txz: Upgraded. AP software series/gutenprint-5.2.3-x86_64-3.txz: Recompiled. AP software series/hplip-3.9.4b-x86_64-2.txz: Recompiled. AP software series/normalize-0.7.6-x86_64-2.txz: Upgraded. AP software series/pm-utils-1.2.5-x86_64-1.txz: Upgraded. D software series/oprofile-0.9.4-x86_64-2.txz: Recompiled. D software series/python-2.6.2-x86_64-3.txz: Recompiled. L software series/cairo-1.8.6-x86_64-3.txz: Recompiled. L software series/gd-2.0.35-x86_64-3.txz: Recompiled. L software series/gegl-0.0.22-x86_64-1.txz: Upgraded. L software series/gstreamer-0.10.23-x86_64-1.txz: Upgraded. L software series/gst-plugins-base-0.10.23-x86_64-1.txz: Upgraded. L software series/gtk+-1.2.10-x86_64-7.txz: Recompiled. L software series/gtk+2-2.14.7-x86_64-4.txz: Recompiled. L software series/gtkspell-2.0.15-x86_64-1.txz: Upgraded. L software series/hal-0.5.11-x86_64-6.txz: Recompiled. Patched 10-keymap.fdi to allow the Ctrl-Alt-Backspace key combination usage. L software series/imlib-1.9.15-x86_64-7.txz: Recompiled. L software series/jasper-1.900.1-x86_64-2.txz: Recompiled. L software series/lesstif-0.95.0-x86_64-7.txz: Recompiled. L software series/libcaca-0.99.beta16-x86_64-3.txz: Recompiled. L software series/libglade-2.6.4-x86_64-2.txz: Recompiled. L software series/libgphoto2-2.4.6-x86_64-1.txz: Upgraded. L software series/libgtkhtml-2.11.1-x86_64-2.txz: Recompiled. L software series/librsvg-2.26.0-x86_64-2.txz: Recompiled. L software series/libvisual-plugins-0.4.0-x86_64-2.txz: Recompiled. L software series/libwmf-0.2.8.4-x86_64-7.txz: Recompiled. L software series/libwmf-docs-0.2.8.4-noarch-7.txz: Recompiled. L software series/libwnck-2.26.1-x86_64-1.txz: Upgraded. L software series/libxklavier-3.9-x86_64-2.txz: Recompiled. L software series/pango-1.22.4-x86_64-3.txz: Recompiled. L software series/poppler-0.10.7-x86_64-1.txz: Upgraded. L software series/pycairo-1.8.4-x86_64-3.txz: Recompiled. L software series/pygtk-2.14.1-x86_64-2.txz: Recompiled. L software series/sdl-1.2.13-x86_64-3.txz: Recompiled. L software series/startup-notification-0.9-x86_64-2.txz: Recompiled. L software series/t1lib-5.1.2-x86_64-1.txz: Upgraded. L software series/vte-0.20.5-x86_64-1.txz: Upgraded. T software series/tetex-3.0-x86_64-6.txz: Recompiled. T software series/tetex-doc-3.0-x86_64-6.txz: Recompiled. XAP software series/gimp-2.6.6-x86_64-2.txz: Recompiled. XAP software series/gucharmap-2.26.2-x86_64-1.txz: Upgraded. XAP software series/gxine-0.5.903-x86_64-2.txz: Recompiled. XAP software series/imagemagick-6.5.3_3-x86_64-1.txz: Upgraded. XAP software series/pidgin-2.5.6-x86_64-2.txz: Recompiled. XAP software series/rxvt-2.7.10-x86_64-4.txz: Recompiled. XAP software series/windowmaker-20060427cvs-x86_64-2.txz: Recompiled. XAP software series/xchat-2.8.6-x86_64-3.txz: Recompiled. XAP software series/xfce-4.6.1-x86_64-4.txz: Recompiled. XAP software series/xine-lib-1.1.16.3-x86_64-5.txz: Recompiled. XAP software series/xmms-1.2.11-x86_64-3.txz: Recompiled. X software series/liboldX-1.0.1-x86_64-1.txz: Removed. X software series/xf86-input-calcomp-1.1.2-x86_64-1.txz: Removed. X software series/xf86-input-digitaledge-1.1.1-x86_64-1.txz: Removed. X software series/xf86-input-dmc-1.1.2-x86_64-1.txz: Removed. X software series/xf86-input-dynapro-1.1.2-x86_64-1.txz: Removed. X software series/xf86-input-elo2300-1.1.2-x86_64-1.txz: Removed. X software series/xf86-input-jamstudio-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-magellan-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-magictouch-1.0.0.5-x86_64-2.txz: Removed. X software series/xf86-input-microtouch-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-palmax-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-spaceorb-1.1.1-x86_64-1.txz: Removed. X software series/xf86-input-summa-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-tek4957-1.2.0-x86_64-1.txz: Removed. X software series/xf86-input-ur98-1.1.0-x86_64-2.txz: Removed. X software series/xf86-video-cyrix-1.1.0-x86_64-2.txz: Removed. X software series/xf86-video-fbdev-0.4.0-x86_64-1.txz: Removed. X software series/xf86-video-i810-1.7.4-x86_64-2.txz: Removed. X software series/xf86-video-imstt-1.1.0-x86_64-2.txz: Removed. X software series/xf86-video-nsc-2.8.3-x86_64-1.txz: Removed. X software series/xf86-video-vga-4.1.0-x86_64-2.txz: Removed. X software series/xf86-video-via-0.2.2-x86_64-2.txz: Removed. X software series/xphelloworld-1.0.1-x86_64-1.txz: Removed. X software series/xrx-1.0.1-x86_64-1.txz: Removed. X software series/appres-1.0.1-x86_64-2.txz: Recompiled. X software series/bdftopcf-1.0.1-x86_64-2.txz: Recompiled. X software series/beforelight-1.0.3-x86_64-1.txz: Upgraded. X software series/bigreqsproto-1.0.2-noarch-2.txz: Recompiled. X software series/bitmap-1.0.3-x86_64-2.txz: Recompiled. X software series/compiz-0.7.8-x86_64-4.txz: Recompiled. X software series/compositeproto-0.4-noarch-2.txz: Recompiled. X software series/damageproto-1.1.0-noarch-2.txz: Recompiled. X software series/dmxproto-2.2.2-noarch-2.txz: Recompiled. X software series/dri2proto-2.0-x86_64-1.txz: Upgraded. X software series/editres-1.0.3-x86_64-2.txz: Recompiled. X software series/encodings-1.0.2-noarch-2.txz: Recompiled. X software series/evieext-1.0.2-noarch-2.txz: Recompiled. X software series/fixesproto-4.0-noarch-2.txz: Recompiled. X software series/font-adobe-100dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-adobe-75dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-adobe-utopia-100dpi-1.0.1-noarch-3.txz: Recompiled. X software series/font-adobe-utopia-75dpi-1.0.1-noarch-3.txz: Recompiled. X software series/font-adobe-utopia-type1-1.0.1-noarch-3.txz: Recompiled. X software series/font-alias-1.0.1-noarch-2.txz: Recompiled. X software series/font-arabic-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-100dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-75dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-lucidatypewriter-100dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-lucidatypewriter-75dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-ttf-1.0.0-noarch-3.txz: Recompiled. X software series/font-bh-type1-1.0.0-noarch-3.txz: Recompiled. X software series/font-bitstream-100dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bitstream-75dpi-1.0.0-noarch-3.txz: Recompiled. X software series/font-bitstream-speedo-1.0.0-noarch-3.txz: Recompiled. X software series/font-bitstream-type1-1.0.0-noarch-3.txz: Recompiled. X software series/font-cronyx-cyrillic-1.0.0-noarch-3.txz: Recompiled. X software series/font-cursor-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-daewoo-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-dec-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-ibm-type1-1.0.0-noarch-3.txz: Recompiled. X software series/font-isas-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-jis-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-micro-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-misc-cyrillic-1.0.0-noarch-3.txz: Recompiled. X software series/font-misc-ethiopic-1.0.0-noarch-3.txz: Recompiled. X software series/font-misc-meltho-1.0.0-noarch-3.txz: Recompiled. X software series/font-misc-misc-1.0.0-noarch-4.txz: Recompiled. X software series/font-mutt-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-schumacher-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-screen-cyrillic-1.0.1-noarch-3.txz: Recompiled. X software series/font-sony-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-sun-misc-1.0.0-noarch-3.txz: Recompiled. X software series/font-util-1.0.1-x86_64-2.txz: Recompiled. X software series/font-winitzki-cyrillic-1.0.0-noarch-3.txz: Recompiled. X software series/font-xfree86-type1-1.0.1-noarch-2.txz: Recompiled. X software series/fontcacheproto-0.1.2-noarch-2.txz: Recompiled. X software series/fontsproto-2.0.2-noarch-2.txz: Recompiled. X software series/fonttosfnt-1.0.4-x86_64-1.txz: Upgraded. X software series/fslsfonts-1.0.2-x86_64-1.txz: Upgraded. X software series/fstobdf-1.0.3-x86_64-1.txz: Upgraded. X software series/gccmakedep-1.0.2-noarch-2.txz: Recompiled. X software series/glproto-1.4.10-noarch-1.txz: Upgraded. X software series/iceauth-1.0.2-x86_64-2.txz: Recompiled. X software series/ico-1.0.2-x86_64-2.txz: Recompiled. X software series/imake-1.0.2-x86_64-3.txz: Recompiled. X software series/inputproto-1.5.0-noarch-1.txz: Upgraded. X software series/intel-gpu-tools-1.0.1-x86_64-1.txz: Added. X software series/kbproto-1.0.3-noarch-2.txz: Recompiled. X software series/lbxproxy-1.0.1-x86_64-2.txz: Recompiled. X software series/libFS-1.0.1-x86_64-1.txz: Upgraded. X software series/libICE-1.0.5-x86_64-1.txz: Upgraded. X software series/libSM-1.1.0-x86_64-1.txz: Upgraded. X software series/libX11-1.2-x86_64-1.txz: Upgraded. X software series/libXScrnSaver-1.1.3-x86_64-2.txz: Recompiled. X software series/libXTrap-1.0.0-x86_64-2.txz: Recompiled. X software series/libXau-1.0.4-x86_64-2.txz: Recompiled. X software series/libXaw-1.0.5-x86_64-1.txz: Upgraded. X software series/libXcomposite-0.4.0-x86_64-2.txz: Recompiled. X software series/libXcursor-1.1.9-x86_64-2.txz: Recompiled. X software series/libXdamage-1.1.1-x86_64-2.txz: Recompiled. X software series/libXdmcp-1.0.2-x86_64-2.txz: Recompiled. X software series/libXevie-1.0.2-x86_64-2.txz: Recompiled. X software series/libXext-1.0.5-x86_64-1.txz: Upgraded. X software series/libXfixes-4.0.3-x86_64-2.txz: Recompiled. X software series/libXfont-1.4.0-x86_64-1.txz: Upgraded. X software series/libXfontcache-1.0.4-x86_64-2.txz: Recompiled. X software series/libXft-2.1.13-x86_64-2.txz: Recompiled. X software series/libXi-1.2.1-x86_64-1.txz: Upgraded. X software series/libXinerama-1.0.3-x86_64-2.txz: Recompiled. X software series/libXmu-1.0.4-x86_64-2.txz: Recompiled. X software series/libXp-1.0.0-x86_64-2.txz: Recompiled. X software series/libXpm-3.5.7-x86_64-2.txz: Recompiled. X software series/libXprintAppUtil-1.0.1-x86_64-2.txz: Recompiled. X software series/libXprintUtil-1.0.1-x86_64-2.txz: Recompiled. X software series/libXrandr-1.3.0-x86_64-1.txz: Upgraded. X software series/libXrender-0.9.4-x86_64-2.txz: Recompiled. X software series/libXres-1.0.3-x86_64-2.txz: Recompiled. X software series/libXt-1.0.5-x86_64-2.txz: Recompiled. X software series/libXtst-1.0.3-x86_64-2.txz: Recompiled. X software series/libXv-1.0.4-x86_64-2.txz: Recompiled. X software series/libXvMC-1.0.4-x86_64-2.txz: Recompiled. X software series/libXxf86dga-1.0.2-x86_64-2.txz: Recompiled. X software series/libXxf86misc-1.0.1-x86_64-2.txz: Recompiled. X software series/libXxf86vm-1.0.2-x86_64-2.txz: Recompiled. X software series/libdmx-1.0.2-x86_64-2.txz: Recompiled. X software series/libdrm-2.4.11-x86_64-1.txz: Upgraded. X software series/libfontenc-1.0.4-x86_64-2.txz: Recompiled. X software series/liblbxutil-1.0.1-x86_64-2.txz: Recompiled. X software series/libpciaccess-0.10.6-x86_64-1.txz: Upgraded. X software series/libpthread-stubs-0.1-noarch-2.txz: Recompiled. X software series/libxcb-1.3-x86_64-1.txz: Upgraded. X software series/libxkbfile-1.0.5-x86_64-2.txz: Recompiled. X software series/libxkbui-1.0.2-x86_64-2.txz: Recompiled. X software series/listres-1.0.1-x86_64-2.txz: Recompiled. X software series/lndir-1.0.1-x86_64-2.txz: Recompiled. X software series/luit-1.0.3-x86_64-2.txz: Recompiled. X software series/makedepend-1.0.1-x86_64-2.txz: Recompiled. X software series/mesa-7.4.2-x86_64-1.txz: Upgraded. X software series/mkcomposecache-1.2-x86_64-2.txz: Recompiled. X software series/mkfontdir-1.0.4-noarch-2.txz: Recompiled. X software series/mkfontscale-1.0.6-x86_64-1.txz: Upgraded. X software series/oclock-1.0.1-x86_64-2.txz: Recompiled. X software series/pixman-0.15.10-x86_64-1.txz: Upgraded. X software series/printproto-1.0.4-noarch-2.txz: Recompiled. X software series/proxymngr-1.0.1-x86_64-2.txz: Recompiled. X software series/randrproto-1.3.0-noarch-1.txz: Upgraded. X software series/recordproto-1.13.2-noarch-2.txz: Recompiled. X software series/rendercheck-1.3-x86_64-2.txz: Recompiled. X software series/renderproto-0.9.3-noarch-2.txz: Recompiled. X software series/resourceproto-1.0.2-noarch-2.txz: Recompiled. X software series/rgb-1.0.3-x86_64-1.txz: Upgraded. X software series/rstart-1.0.2-x86_64-2.txz: Recompiled. X software series/scim-1.4.9-x86_64-4.txz: Recompiled. X software series/scim-anthy-1.2.4-x86_64-2.txz: Recompiled. X software series/scim-bridge-0.4.16-x86_64-4.txz: Recompiled. X software series/scim-hangul-0.3.2-x86_64-2.txz: Recompiled. X software series/scim-input-pad-0.1.2-x86_64-4.txz: Recompiled. X software series/scim-pinyin-0.5.91-x86_64-2.txz: Recompiled. X software series/scim-tables-0.5.9-x86_64-3.txz: Recompiled. X software series/scripts-1.0.1-noarch-2.txz: Recompiled. X software series/scrnsaverproto-1.1.0-noarch-2.txz: Recompiled. X software series/sessreg-1.0.4-x86_64-1.txz: Upgraded. X software series/setxkbmap-1.0.4-x86_64-2.txz: Recompiled. X software series/showfont-1.0.2-x86_64-1.txz: Upgraded. X software series/smproxy-1.0.2-x86_64-2.txz: Recompiled. X software series/trapproto-3.4.3-noarch-2.txz: Recompiled. X software series/twm-1.0.4-x86_64-2.txz: Recompiled. X software series/util-macros-1.2.1-noarch-1.txz: Upgraded. X software series/videoproto-2.2.2-noarch-2.txz: Recompiled. X software series/viewres-1.0.1-x86_64-3.txz: Recompiled. X software series/x11-skel-7.4-x86_64-1.txz: Upgraded. X software series/x11perf-1.5-x86_64-2.txz: Recompiled. X software series/xauth-1.0.3-x86_64-2.txz: Recompiled. X software series/xbacklight-1.1-x86_64-2.txz: Recompiled. X software series/xbiff-1.0.1-x86_64-2.txz: Recompiled. X software series/xbitmaps-1.0.1-noarch-2.txz: Recompiled. X software series/xcalc-1.0.2-x86_64-2.txz: Recompiled. X software series/xcb-proto-1.5-noarch-1.txz: Upgraded. X software series/xcb-util-0.3.5-x86_64-1.txz: Added. X software series/xclipboard-1.0.1-x86_64-2.txz: Recompiled. X software series/xclock-1.0.3-x86_64-2.txz: Recompiled. X software series/xcmiscproto-1.1.2-noarch-2.txz: Recompiled. X software series/xcmsdb-1.0.1-x86_64-2.txz: Recompiled. X software series/xcompmgr-1.1.4-x86_64-2.txz: Recompiled. X software series/xconsole-1.0.3-x86_64-2.txz: Recompiled. X software series/xcursor-themes-1.0.1-noarch-2.txz: Recompiled. X software series/xcursorgen-1.0.2-x86_64-2.txz: Recompiled. X software series/xdbedizzy-1.0.2-x86_64-2.txz: Recompiled. X software series/xditview-1.0.1-x86_64-2.txz: Recompiled. X software series/xdm-1.1.8-x86_64-1.txz: Upgraded. X software series/xdpyinfo-1.0.3-x86_64-1.txz: Upgraded. X software series/xdriinfo-1.0.2-x86_64-2.txz: Recompiled. X software series/xedit-1.1.2-x86_64-1.txz: Upgraded. X software series/xev-1.0.3-x86_64-2.txz: Recompiled. X software series/xextproto-7.0.5-noarch-1.txz: Upgraded. X software series/xeyes-1.0.1-x86_64-2.txz: Recompiled. X software series/xf86-input-acecad-1.3.0-x86_64-1.txz: Upgraded. X software series/xf86-input-aiptek-1.2.0-x86_64-1.txz: Upgraded. X software series/xf86-input-citron-2.2.2-x86_64-1.txz: Upgraded. X software series/xf86-input-elographics-1.2.3-x86_64-2.txz: Recompiled. X software series/xf86-input-evdev-2.2.2-x86_64-1.txz: Upgraded. X software series/xf86-input-fpit-1.3.0-x86_64-1.txz: Upgraded. X software series/xf86-input-hyperpen-1.3.0-x86_64-1.txz: Upgraded. X software series/xf86-input-joystick-1.4.0-x86_64-1.txz: Upgraded. X software series/xf86-input-keyboard-1.3.2-x86_64-1.txz: Upgraded. X software series/xf86-input-mouse-1.4.0-x86_64-1.txz: Upgraded. X software series/xf86-input-mutouch-1.2.1-x86_64-2.txz: Recompiled. X software series/xf86-input-penmount-1.4.0-x86_64-1.txz: Upgraded. X software series/xf86-input-synaptics-1.1.2-x86_64-1.txz: Upgraded. X software series/xf86-input-vmmouse-12.6.4-x86_64-1.txz: Upgraded. X software series/xf86-input-void-1.2.0-x86_64-1.txz: Upgraded. X software series/xf86-video-apm-1.2.1-x86_64-1.txz: Upgraded. X software series/xf86-video-ark-0.7.1-x86_64-1.txz: Upgraded. X software series/xf86-video-ast-0.89.8-x86_64-1.txz: Upgraded. X software series/xf86-video-ati-6.12.2-x86_64-1.txz: Upgraded. X software series/xf86-video-chips-1.2.1-x86_64-1.txz: Upgraded. X software series/xf86-video-cirrus-1.3.0-x86_64-1.txz: Upgraded. X software series/xf86-video-dummy-0.3.1-x86_64-1.txz: Upgraded. X software series/xf86-video-glint-1.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-i128-1.3.1-x86_64-2.txz: Recompiled. X software series/xf86-video-i740-1.3.0-x86_64-1.txz: Upgraded. X software series/xf86-video-intel-2.7.1-x86_64-1.txz: Upgraded. X software series/xf86-video-mach64-6.8.1-x86_64-1.txz: Upgraded. X software series/xf86-video-mga-1.4.10-x86_64-1.txz: Upgraded. X software series/xf86-video-neomagic-1.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-newport-0.2.2-x86_64-1.txz: Upgraded. X software series/xf86-video-nv-2.1.13-x86_64-1.txz: Upgraded. X software series/xf86-video-openchrome-0.2.903-x86_64-2.txz: Recompiled. X software series/xf86-video-r128-6.8.0-x86_64-2.txz: Recompiled. X software series/xf86-video-radeonhd-1.2.5-x86_64-1.txz: Upgraded. X software series/xf86-video-rendition-4.2.1-x86_64-1.txz: Upgraded. X software series/xf86-video-s3-0.6.1-x86_64-1.txz: Upgraded. X software series/xf86-video-s3virge-1.10.2-x86_64-1.txz: Upgraded. X software series/xf86-video-savage-2.2.1-x86_64-2.txz: Recompiled. X software series/xf86-video-siliconmotion-1.7.1-x86_64-1.txz: Upgraded. X software series/xf86-video-sis-0.10.1-x86_64-1.txz: Upgraded. X software series/xf86-video-sisusb-0.9.1-x86_64-1.txz: Upgraded. X software series/xf86-video-tdfx-1.4.1-x86_64-1.txz: Upgraded. X software series/xf86-video-tga-1.2.0-x86_64-1.txz: Upgraded. X software series/xf86-video-trident-1.3.1-x86_64-1.txz: Upgraded. X software series/xf86-video-tseng-1.2.1-x86_64-1.txz: Upgraded. X software series/xf86-video-v4l-0.2.0-x86_64-2.txz: Recompiled. X software series/xf86-video-vesa-2.2.0-x86_64-1.txz: Upgraded. X software series/xf86-video-vmware-10.16.6-x86_64-1.txz: Upgraded. X software series/xf86-video-voodoo-1.2.1-x86_64-1.txz: Upgraded. X software series/xf86bigfontproto-1.1.2-noarch-2.txz: Recompiled. X software series/xf86dga-1.0.2-x86_64-2.txz: Recompiled. X software series/xf86dgaproto-2.0.3-noarch-2.txz: Recompiled. X software series/xf86driproto-2.0.4-noarch-2.txz: Recompiled. X software series/xf86miscproto-0.9.2-noarch-2.txz: Recompiled. X software series/xf86rushproto-1.1.2-noarch-2.txz: Recompiled. X software series/xf86vidmodeproto-2.2.2-noarch-2.txz: Recompiled. X software series/xfd-1.0.1-x86_64-2.txz: Recompiled. X software series/xfindproxy-1.0.1-x86_64-2.txz: Recompiled. X software series/xfontsel-1.0.2-x86_64-2.txz: Recompiled. X software series/xfs-1.0.8-x86_64-1.txz: Upgraded. X software series/xfsinfo-1.0.2-x86_64-1.txz: Upgraded. X software series/xfwp-1.0.1-x86_64-2.txz: Recompiled. X software series/xgamma-1.0.2-x86_64-2.txz: Recompiled. X software series/xgc-1.0.1-x86_64-2.txz: Recompiled. X software series/xhost-1.0.2-x86_64-2.txz: Recompiled. X software series/xineramaproto-1.1.2-noarch-2.txz: Recompiled. X software series/xinit-1.1.1-x86_64-1.txz: Upgraded. X software series/xinput-1.4.2-x86_64-1.txz: Upgraded. X software series/xkbcomp-1.0.5-x86_64-1.txz: Upgraded. X software series/xkbevd-1.0.2-x86_64-2.txz: Recompiled. X software series/xkbprint-1.0.1-x86_64-2.txz: Recompiled. X software series/xkbutils-1.0.1-x86_64-2.txz: Recompiled. X software series/xkeyboard-config-1.6-noarch-1.txz: Upgraded. X software series/xkill-1.0.1-x86_64-2.txz: Recompiled. X software series/xload-1.0.2-x86_64-2.txz: Recompiled. X software series/xlogo-1.0.1-x86_64-2.txz: Recompiled. X software series/xlsatoms-1.0.1-x86_64-2.txz: Recompiled. X software series/xlsclients-1.0.1-x86_64-2.txz: Recompiled. X software series/xlsfonts-1.0.2-x86_64-2.txz: Recompiled. X software series/xmag-1.0.2-x86_64-2.txz: Recompiled. X software series/xman-1.0.3-x86_64-2.txz: Recompiled. X software series/xmessage-1.0.2-x86_64-2.txz: Recompiled. X software series/xmh-1.0.1-x86_64-2.txz: Recompiled. X software series/xmodmap-1.0.3-x86_64-2.txz: Recompiled. X software series/xmore-1.0.1-x86_64-2.txz: Recompiled. X software series/xorg-cf-files-1.0.2-noarch-2.txz: Recompiled. X software series/xorg-docs-1.4-noarch-2.txz: Recompiled. X software series/xorg-server-1.6.1-x86_64-1.txz: Upgraded. X software series/xorg-server-xephyr-1.6.1-x86_64-1.txz: Added. X software series/xorg-server-xnest-1.6.1-x86_64-1.txz: Upgraded. X software series/xorg-server-xvfb-1.6.1-x86_64-1.txz: Upgraded. X software series/xorg-sgml-doctools-1.2-noarch-2.txz: Recompiled. X software series/xplsprinters-1.0.1-x86_64-2.txz: Recompiled. X software series/xpr-1.0.2-x86_64-2.txz: Recompiled. X software series/xprehashprinterlist-1.0.1-x86_64-2.txz: Recompiled. X software series/xprop-1.0.4-x86_64-2.txz: Recompiled. X software series/xproto-7.0.15-noarch-1.txz: Upgraded. X software series/xproxymanagementprotocol-1.0.2-noarch-2.txz: Recompiled. X software series/xpyb-1.1-x86_64-1.txz: Added. X software series/xrandr-1.3.0-x86_64-1.txz: Upgraded. X software series/xrdb-1.0.5-x86_64-2.txz: Recompiled. X software series/xrefresh-1.0.2-x86_64-2.txz: Recompiled. X software series/xscope-1.1-x86_64-1.txz: Added. X software series/xset-1.0.4-x86_64-2.txz: Recompiled. X software series/xsetmode-1.0.0-x86_64-2.txz: Recompiled. X software series/xsetpointer-1.0.1-x86_64-2.txz: Recompiled. X software series/xsetroot-1.0.2-x86_64-2.txz: Recompiled. X software series/xsm-1.0.1-x86_64-2.txz: Recompiled. X software series/xstdcmap-1.0.1-x86_64-2.txz: Recompiled. X software series/xterm-243-x86_64-2.txz: Recompiled. X software series/xtrans-1.2.3-noarch-1.txz: Upgraded. X software series/xtrap-1.0.2-x86_64-2.txz: Recompiled. X software series/xvidtune-1.0.1-x86_64-2.txz: Recompiled. X software series/xvinfo-1.0.2-x86_64-2.txz: Recompiled. X software series/xwd-1.0.2-x86_64-1.txz: Upgraded. X software series/xwininfo-1.0.4-x86_64-1.txz: Upgraded. X software series/xwud-1.0.1-x86_64-2.txz: Recompiled. -|--------------------------|- Mon Jun 8 21:22:31 EEST 2009 KDE software series/amarok-2.1-x86_64-2.txz: Recompiled to restore libgpod support. L software series/libgpod-0.7.2-x86_64-1.txz: Upgraded to libgpod-0.7.2. L software series/libkarma-0.1.1-x86_64-1.txz: Upgraded to libkarma-0.1.1. L software series/libmtp-0.3.6-x86_64-1.txz: Upgraded to libmtp-0.3.6. -|--------------------------|- Sun Jun 7 23:01:41 EEST 2009 A software series/kernel-modules-2.6.29.4-x86_64-2.txz: Fixed rc.modules to apply CPUfreq settings to all online CPUs, not just cpu0. A software series/kernel-modules-generic-2.6.29.4-x86_64-2.txz: Fixed rc.modules to apply CPUfreq settings to all online CPUs, not just cpu0. AP software series/linuxdoc-tools-0.9.56-x86_64-3.txz: Fixed to remove .pyc files already present in the Python package. AP software series/mysql-5.0.82-x86_64-1.txz: Upgraded to mysql-5.0.82. AP software series/rpm-4.7.0-x86_64-2.txz: Recompiled to add python bindings. KDE software series/amarok-2.1-x86_64-1.txz: Upgraded to amarok-2.1. KDE software series/guidance-power-manager-4.2.4-x86_64-1.txz: Upgraded to guidance-power-manager-4.2.4. KDE software series/kdeaccessibility-4.2.4-x86_64-1.txz: Upgraded to kdeaccessibility-4.2.4. KDE software series/kdeadmin-4.2.4-x86_64-1.txz: Upgraded to kdeadmin-4.2.4. KDE software series/kdeartwork-4.2.4-x86_64-1.txz: Upgraded to kdeartwork-4.2.4. KDE software series/kdebase-4.2.4-x86_64-1.txz: Upgraded to kdebase-4.2.4. KDE software series/kdebase-runtime-4.2.4-x86_64-1.txz: Upgraded to kdebase-runtime-4.2.4. KDE software series/kdebase-workspace-4.2.4-x86_64-1.txz: Upgraded to kdebase-workspace-4.2.4. KDE software series/kdebindings-4.2.4-x86_64-1.txz: Upgraded to kdebindings-4.2.4. KDE software series/kdeedu-4.2.4-x86_64-1.txz: Upgraded to kdeedu-4.2.4. KDE software series/kdegames-4.2.4-x86_64-1.txz: Upgraded to kdegames-4.2.4. KDE software series/kdegraphics-4.2.4-x86_64-1.txz: Upgraded to kdegraphics-4.2.4. KDE software series/kdelibs-4.2.4-x86_64-1.txz: Upgraded to kdelibs-4.2.4. KDE software series/kdemultimedia-4.2.4-x86_64-1.txz: Upgraded to kdemultimedia-4.2.4. KDE software series/kdenetwork-4.2.4-x86_64-1.txz: Upgraded to kdenetwork-4.2.4. KDE software series/kdepim-4.2.4-x86_64-1.txz: Upgraded to kdepim-4.2.4. KDE software series/kdepimlibs-4.2.4-x86_64-1.txz: Upgraded to kdepimlibs-4.2.4. KDE software series/kdeplasma-addons-4.2.4-x86_64-1.txz: Upgraded to kdeplasma-addons-4.2.4. KDE software series/kdesdk-4.2.4-x86_64-1.txz: Upgraded to kdesdk-4.2.4. KDE software series/kdetoys-4.2.4-x86_64-1.txz: Upgraded to kdetoys-4.2.4. KDE software series/kdeutils-4.2.4-x86_64-1.txz: Upgraded to kdeutils-4.2.4. KDE software series/kdewebdev-4.2.4-x86_64-1.txz: Upgraded to kdewebdev-4.2.4. KDE software series/koffice-2.0.0-x86_64-1.txz: Upgraded to koffice-2.0.0. KDE software series/konq-plugins-4.2.4-x86_64-1.txz: Upgraded to konq-plugins-4.2.4. KDE software series/ktorrent-3.2.2-x86_64-1.txz: Upgraded to ktorrent-3.2.2. KDE software series/mplayerthumbs-1.2-x86_64-2.txz: Recompiled. KDE software series/skanlite-0.3_kde4.2.4-x86_64-1.txz: Upgraded to skanlite-0.3_kde4.2.4. KDEi software series/kde-l10n-*-4.2.4-noarch-1.txz: Upgraded to KDE 4.2.4 l10n packages. KDEi software series/koffice-l10n-*-2.0.0-noarch-1.txz: Upgraded to KOffice 2.0.0 l10n packages. L software series/qtscriptgenerator-0.1.0-x86_64-1.txz: Added qtscriptgenerator-0.1.0, needed by amarok. L software series/taglib-extras-0.1.3-x86_64-1.txz: Added taglib-extras-0.1.3, needed by amarok. N software series/netatalk-2.0.4-x86_64-1.txz: Upgraded to netatalk-2.0.4. N software series/vsftpd-2.1.2-x86_64-1.txz: Upgraded to vsftpd-2.1.2. EXTRA/slacktrack/slacktrack-2.05-x86_64-1.txz: Upgraded to slacktrack-2.05. -|--------------------------|- Fri Jun 5 00:19:13 EEST 2009 A software series/pkgtools-12.34567890-noarch-6.tgz: Patched makepkg to warn about possible problems with /usr/share/info usage. L software series/liboil-0.3.16-x86_64-1.txz: Upgraded to liboil-0.3.16. N software series/ntp-4.2.4p7-x86_64-1.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Bluewhite64 ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 [*** Security fix ***] -|--------------------------|- Mon Jun 1 17:46:46 EEST 2009 A software series/kernel-firmware-2.6.29.4-noarch-1.tgz: Upgraded to Linux 2.6.29.4 firmware. A software series/kernel-generic-2.6.29.4-x86_64-1.tgz: Upgraded to Linux 2.6.29.4. A software series/kernel-huge-2.6.29.4-x86_64-1.tgz: Upgraded to Linux 2.6.29.4. A software series/kernel-modules-2.6.29.4-x86_64-1.tgz: Upgraded to Linux 2.6.29.4 modules. A software series/kernel-modules-generic-2.6.29.4-x86_64-1.tgz: Upgraded to Linux 2.6.29.4 modules. AP software series/vim-7.2.191-x86_64-1.txz: Patched vimrc to add the option 'set backupskip+=/var/spool/cron/*', which should fix the problems with using vim with "crontab -e". Note that if a global vimrc already exists the new one will be installed as vimrc.new and must be moved into place. D software series/gettext-tools-0.17-x86_64-3.txz: Recompiled against libgcj. D software series/kernel-headers-2.6.29.4-x86-1.tgz: Upgraded to Linux 2.6.29.4 headers. K software series/kernel-source-2.6.29.4-noarch-1.tgz: Upgraded to Linux 2.6.29.4 source. XAP software series/MPlayer-r29328-x86_64-1.txz: Upgraded to MPlayer-r29328. XAP software series/vim-gvim-7.2.191-x86_64-1.txz: Recompiled. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. kernels/*: Upgraded to Linux 2.6.29.4. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Wed May 27 22:40:12 EEST 2009 A software series/kbd-1.15-x86_64-2.txz: Fixed directory perms in the documentation. AP software series/linuxdoc-tools-0.9.56-x86_64-2.txz: Added missing asciidoc filters. XAP software series/MPlayer-r29324-x86_64-1.txz: Upgraded to MPlayer-r29324. Enable runtime CPU detection. XAP software series/pidgin-2.5.6-x86_64-1.txz: Upgraded to pidgin-2.5.6. This version fixes security issues that could lead to a denial of service or the execution of arbitrary code as the user running Pidgin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 [*** Security fix ***] -|--------------------------|- Tue May 26 19:36:04 EEST 2009 A software series/cryptsetup-1.0.6-x86_64-1.txz: Upgraded to cryptsetup-1.0.6. XAP software series/MPlayer-r29322-x86_64-1.txz: Upgraded to revision r29322. XAP software series/xv-3.10a-x86_64-3.txz: Fixed bug #10. For more details please see: http://bugzilla.bluewhite64.com/show_bug.cgi?id=10. Thanks to Andrej for reporting, sending the patch and testing the new package ;). -|--------------------------|- Sun May 24 21:09:38 EEST 2009 N software series/bind-9.4.3_P2-x86_64-2.txz: Use /dev/urandom to stop blocking on install. Fixed missing caching-example/*. -|--------------------------|- Thu May 21 12:03:27 EEST 2009 A software series/findutils-4.4.1-x86_64-1.txz: Upgraded to findutils-4.4.1. A software series/kbd-1.15-x86_64-1.txz: Upgraded to kbd-1.15. A software series/mkinitrd-1.3.4-x86_64-1.txz: Updated the included keymaps to kbd-1.15. A software series/pciutils-3.1.2-x86_64-1.txz: Upgraded to pciutils-3.1.2. Ap software series/mc-20090514_git-x86_64-1.txz: Switched to a GIT repo version with support for xz/lzma related formats, and better UTF8 support. AP software series/mysql-5.0.81-x86_64-1.txz: Upgraded to mysql-5.0.81. AP software series/sqlite-3.6.14-x86_64-1.txz: Upgraded to sqlite-3.6.14. KDE software series/mplayerthumbs-1.2-x86_64-1.txz: Added mplayerthumbs-1.2. This plugin for KDE uses MPlayer to provide video thumbnailing support for Dolphin and Konqueror. L software series/libxml2-2.7.3-x86_64-3.txz: Edited the install script to remove any existing libxml2 .pyc files to insure the new .py files will be used. N software series/bind-9.4.3_P2-x86_64-1.txz: Upgraded to bind-9.4.3-P2. N software series/rsync-3.0.6-x86_64-1.txz: Upgraded to rsync-3.0.6. N software series/snownews-1.5.11-x86_64-1.txz: Added snownews-1.5.11, a console RSS reader. X software series/scim-1.4.9-x86_64-2.txz: Reduce the noise from the install script. X software series/scim-bridge-0.4.16-x86_64-2.txz: Reduce the noise from the install script, and don't run it from the installer since it will run at first boot anyway. X software series/xterm-243-x86_64-1.txz: Upgraded to xterm-243. Added 88 and 256 color support. XAP software series/MPlayer-r29301-x86_64-1.txz: Added MPlayer-r29301. This is shipped without DeCSS support (binary or source), and with patent-encumbered encoders disabled, but it's still very capable of media playback. XAP software series/electricsheep-20090306-x86_64-1.txz: Added electricsheep-20090306, a distributed screensaver. This requires MPlayer. XAP software series/xscreensaver-5.08-x86_64-2.txz: Patched to support electricsheep. EXTAR/slacktrack/slacktrack-2.03-x86_64-1.txz: Update documentation, and make the slacktrack .txt file from a .txz package. isolinux/initrd.img: Updated keymaps and selection menu. usb-and-pxe-installers/usbboot.img: Updated keymaps and selection menu. usb-and-pxe-installers/usbimg2disk.sh: Added a script to put the Bluewhite64 USB installer onto a vfat partition on a USB thumb drive. -|--------------------------|- Fri May 15 20:24:38 EEST 2009 AP software series/linuxdoc-tools-0.9.56-x86_64-1.txz: Upgraded to linuxdoc-tools-0.9.56, and upgrades to various other components. N software series/cyrus-sasl-2.1.23-x86_64-1.txz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 [*** Security fix ***] EXTRA/slacktrack/slacktrack-2.02-x86_64-1.txz: Upgraded to slacktrack-2.02. -|--------------------------|- Tue May 12 23:50:09 EEST 2009 AP software series/slackpkg-2.71.2-noarch-1.tgz: Upgraded to slackpkg-2.71.2-noarch-1. This version contains a bug fix for upgrading rpm2tgz. TCL software series/expect-5.44.1.11-x86_64-3.txz: Fixed version conflict with expectk and newer versions of Tcl/Tk. Changed the command interpreter in scripts that use expectk from #!/bin/sh to #!/usr/bin/tclsh. -|--------------------------|- Mon May 11 14:50:38 EEST 2009 NOTICE! Most of the packages have been converted from .tgz to .txz, but the gzip, pkgtools, slackpkg, tar, and xz packages will be available in tgz format. A software series/coreutils-7.4-x86_64-1.txz: Upgraded to coreutils-7.4. A software series/tar-1.22-x86_64-2.tgz: Added support for .txz. AP software series/sqlite-3.6.13-x86_64-1.txz: Upgraded to sqlite-3.6.13. D software series/gcc-4.3.3-x86_64-3.txz: Recompiled. Moved some files into the gcc-gfortran and gcc-java packages. D software series/gcc-g++-4.3.3-x86_64-3.txz: Recompiled. D software series/gcc-gfortran-4.3.3-x86_64-3.txz: Recompiled. D software series/gcc-gnat-4.3.3-x86_64-3.txz: Recompiled. D software series/gcc-java-4.3.3-x86_64-3.txz: Added ecj-4.3.jar and fixed the build script to compile and install gcj. D software series/gcc-objc-4.3.3-x86_64-3.txz: Recompiled. KDE software series/guidance-power-manager-4.2.3-ix86_64-1.txz: Upgraded to guidance-power-manager-4.2.3. KDE software series/kaudiocreator-r964620-ix86_64-1.txz: Upgraded to kaudiocreator-r964620. KDE software series/kdeaccessibility-4.2.3-ix86_64-1.txz: Upgraded to kdeaccessibility-4.2.3. KDE software series/kdeadmin-4.2.3-ix86_64-1.txz: Upgraded to kdeadmin-4.2.3. KDE software series/kdeartwork-4.2.3-ix86_64-1.txz: Upgraded to kdeartwork-4.2.3. KDE software series/kdebase-4.2.3-ix86_64-1.txz: Upgraded to kdebase-4.2.3. KDE software series/kdebase-runtime-4.2.3-ix86_64-1.txz: Upgraded to kdebase-runtime-4.2.3. KDE software series/kdebase-workspace-4.2.3-ix86_64-1.txz: Upgraded to kdebase-workspace-4.2.3. KDE software series/kdebindings-4.2.3-ix86_64-1.txz: Upgraded to kdebindings-4.2.3. KDE software series/kdeedu-4.2.3-ix86_64-1.txz: Upgraded to kdeedu-4.2.3. KDE software series/kdegames-4.2.3-ix86_64-1.txz: Upgraded to kdegames-4.2.3. KDE software series/kdegraphics-4.2.3-ix86_64-1.txz: Upgraded to kdegraphics-4.2.3. KDE software series/kdelibs-4.2.3-ix86_64-1.txz: Upgraded to kdelibs-4.2.3. KDE software series/kdemultimedia-4.2.3-ix86_64-1.txz: Upgraded to kdemultimedia-4.2.3. KDE software series/kdenetwork-4.2.3-ix86_64-1.txz: Upgraded to kdenetwork-4.2.3. KDE software series/kdepim-4.2.3-ix86_64-1.txz: Upgraded to kdepim-4.2.3. KDE software series/kdepimlibs-4.2.3-ix86_64-1.txz: Upgraded to kdepimlibs-4.2.3. KDE software series/kdeplasma-addons-4.2.3-ix86_64-1.txz: Upgraded to kdeplasma-addons-4.2.3. KDE software series/kdesdk-4.2.3-ix86_64-1.txz: Upgraded to kdesdk-4.2.3. KDE software series/kdetoys-4.2.3-ix86_64-1.txz: Upgraded to kdetoys-4.2.3. KDE software series/kdeutils-4.2.3-ix86_64-1.txz: Upgraded to kdeutils-4.2.3. KDE software series/kdewebdev-4.2.3-ix86_64-1.txz: Upgraded to kdewebdev-4.2.3. KDE software series/koffice-1.9.99.0-ix86_64-1.txz: Upgraded to koffice-1.9.99.0. KDE software series/konq-plugins-4.2.3-ix86_64-1.txz: Upgraded to konq-plugins-4.2.3. KDE software series/skanlite-0.3_kde4.2.3-ix86_64-1.txz: Upgraded to skanlite-0.3-kde4.2.3. KDEi software series/kde-l10n-*-4.2.3-noarch-1.txz: Upgraded to KDE 4.2.3 l10n packages. KDEi software series/koffice-l10n-*-1.9.99.0-noarch-1.txz: Upgraded to KOffice 1.9.99.0 l10n packages. L software series/dbus-qt3-0.70-x86_64-2.tgz: Removed. L software series/qt-r964497-x86_64-1.txz: Upgraded to qt-copy-r964497. N software series/gnutls-2.6.6-x86_64-1.txz: Upgraded to gnutls-2.6.6. - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 [*** Security fix ***] XAP software series/pidgin-2.5.5-x86_64-2.txz: Recompiled against gnutls-2.6.6. XAP software series/gv-3.6.7-x86_64-1.txz: Upgraded to gv-3.6.7. XAP software series/xpdf-3.02pl3-x86_646-1.txz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 [*** Security fix ***] -|--------------------------|- Mon May 4 22:50:58 EEST 2009 EXTRA/wicd/wicd-1.5.9-noarch-3.tgz: Patched to include the rc.wicd init script. Thanks to Peter Polonkai for reporting the missing rc.wicd. -|--------------------------|- Mon May 4 17:01:12 EEST 2009 AP software series/slackpkg-2.71.1-noarch-1.tgz: Upgraded to slackpkg-2.71.1. This adds support for the new package compression formats. KDE software series/kdeedu-4.2.2-x86_64-2.tgz: Recompiled against libpython2.6.so. KDE software series/kdeutils-4.2.2-x86_64-2.tgz: Recompiled against libpython2.6.so. L software series/alsa-lib-1.0.18-x86_64-2.tgz: Recompiled against libpython2.6.so. -|--------------------------|- Sat May 2 11:41:48 EEST 2009 A software series/file-5.00-x86_64-2.tgz: Added xz file magic AP software series/hplip-3.9.4b-x86_64-1.tgz: Upgraded to hplip-3.9.4b. AP software series/rpm-4.7.0-x86_64-1.tgz: Upgraded to rpm-4.7.0. AP software series/vim-7.2.166-x86_64-1.tgz: Upgraded with latest upstream patches. AP software series/groff-1.20.1-x86_64-2.tgz: Rebuilt to drop lib64. D software series/mercurial-1.2.1-x86_64-1.tgz: Upgraded to mercurial-1.2.1. D software series/python-2.6.2-x86_64-1.tgz: Upgraded to python-2.6.2. D software series/ruby-1.8.7_p160-x86_64-1.tgz: Upgraded to ruby-1.8.7-p160. This update fixes a DoS in REXML. For details, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ [*** Security fix ***] KDE software series/guidance-power-manager-4.2.2-x86_64-2.tgz: Rebuilt for python-2.6.2. KDE software series/kdebase-workspace-4.2.2-x86_64-2.tgz: Rebuilt for python-2.6.2. KDE software series/kdebindings-4.2.2-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/M2Crypto-0.19.1-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/PyQt-4.4.4-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/QScintilla-2.3.2-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/akonadi-1.1.2-x86_64-1.tgz: Upgraded to akonadi-1.1.2. L software series/beecrypt-4.1.2-x86_64-1.tgz: Removed. (rpm no longer requires it) L software series/dbus-python-0.83.0-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/gamin-0.1.10-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/hal-info-20090414-noarch-1.tgz: Upgraded to hal-info-20090414. L software series/jre-6u13-x86_64-2.tgz: Removed obsolete /usr/lib/java/jre/bin directory. L software series/libgsf-1.14.12-x86_64-1.tgz: Upgraded to libgsf-1.14.12. L software series/libieee1284-0.2.11-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/libmsn-r96-x86_64-1.tgz: Upgraded to libmsn-r96. L software series/libxml2-2.7.3-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/libxslt-1.1.24-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/pil-1.1.6-x86_64-1.tgz: Added pil-1.1.6. This is the Python Imaging Library, and is used by the scanning component of HPLIP. L software series/pilot-link-0.12.3-x86_64-8.tgz: Rebuilt for python-2.6.2. L software series/pycairo-1.8.4-x86_64-1.tgz: Upgraded to pycairo-1.8.4. L software series/pycups-1.9.45-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/pygobject-2.16.1-x86_64-1.tgz: Upgraded to pygobject-2.16.1. L software series/pygtk-2.14.1-x86_64-1.tgz: Upgraded to pygtk-2.14.1. L software series/pyrex-0.9.8.5-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/sip-4.7.9-x86_64-2.tgz: Rebuilt for python-2.6.2. L software series/vte-0.20.1-x86_64-1.tgz: Upgraded to vte-0.20.1. N software series/fetchmail-6.3.9-x86_64-1.tgz: Upgraded to fetchmail-6.3.9. N software series/getmail-4.9.0-noarch-1.tgz: Upgraded to getmail-4.9.0. N software series/nmap-4.85BETA8-x86_64-1.tgz: Upgraded to nmap-4.85BETA8. N software series/obexftp-0.23-x86_64-1.tgz: Upgraded to obexftp-0.23. N software series/rsync-3.0.5-x86_64-2.tgz: Recompiled. N software series/samba-3.2.10-x86_64-2.tgz: Removed lib64. TCL software series/tcl-8.5.7-x86_64-1.tgz: Upgraded to tcl-8.5.7. TCL software series/tk-8.5.7-x86_64-1.tgz: Upgraded to tk-8.5.7. X software series/scim-input-pad-0.1.2-x86_64-2.tgz: Fixed path to scim-helper-launcher. XAP software series/gucharmap-2.26.0-x86_64-2.tgz: Rebuilt for python-2.6.2, removed gconf schema. XAP software series/vim-gvim-7.2.166-x86_64-1.tgz: Upgraded with latest upstream patches. XAP software series/xfce-4.6.1-x86_64-1.tgz: Upgraded to xfce-4.6.1. EXTRA/bittornado/bittornado-0.3.18-noarch-2.tgz: Rebuilt for python-2.6.2. EXTRA/bittorrent/bittorrent-4.4.0-noarch-3.tgz: Rebuilt for python-2.6.2. EXTRA/brltty/brltty-r4443-x86_64-1.tgz: Upgraded to brltty-r4443. EXTRA/wicd/wicd-1.5.9-noarch-2.tgz: Rebuilt for python-2.6.2, and included a couple of patches from the repo. -|--------------------------|- Wed Apr 29 12:48:27 EEST 2009 A software series/kernel-firmware-2.6.29.2-noarch-1.tgz: Upgraded to Linux 2.6.29.2 firmware. A software series/kernel-generic-2.6.29.2-x86_64-1.tgz: Upgraded to Linux 2.6.29.2. A software series/kernel-huge-2.6.29.2-x86_64-1.tgz: Upgraded to Linux 2.6.29.2. A software series/kernel-modules-2.6.29.2-x86_64-1.tgz: Upgraded to Linux 2.6.29.2 modules. A software series/kernel-modules-generic-2.6.29.2-x86_64-1.tgz: Upgraded to Linux 2.6.29.2 modules. A software series/openssl-solibs-0.9.8k-x86_64-2.tgz: Patched to advertise TLS extensions only with TLS. A software series/pkgtools-12.34567890-noarch-5.tgz: Fixed a bug in installpkg where a bad extension on the first package would cause subsequent package installs to fail. D software series/kernel-headers-2.6.29.2-x86-1.tgz: Upgraded to Linux 2.6.29.2 headers. K software series/kernel-source-2.6.29.2-noarch-1.tgz: Upgraded to Linux 2.6.29.2 source. Please NOTE! These sources are for kernel-generic. If you are using kernel-huge and having problems installing other software that need kernel-huge sources, you have to cd into the /usr/src/linux and run 'make prepare'. Then, you can continue to install your software ;). N software series/openssh-5.2p1-x86_64-1.tgz: Upgraded to openssh-5.2p1. N software series/openssl-0.9.8k-x86_64-2.tgz: Patched to advertise TLS extensions only with TLS. XAP software series/mozilla-firefox-3.0.10-x86_64-1.tgz: Upgraded to firefox-3.0.10. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] isolinux/initrd.img: Rebuilt with newly compiled kernel modules. kernels/*: Recompiled. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Tue Apr 28 12:20:34 EEST 2009 A software series/cups-1.3.10-x86_64-1.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 [*** Security fix ***] A software series/dialog-1.1_20080819-x86_64-2.tgz: Patched to make the minimum height of checkboxes and menuboxes 4. This fixes a bug where installer menus were taller than they needed to be, and in some cases filled the screen overwriting the information at the top. A software series/pkgtools-12.34567890-noarch-4.tgz: Patched to fix failures when a valid package extension (.tgz, .tbz, .tlz, .txz) is embedded somewhere in the directory path, or the package's name, version, or build number. A software series/sysvinit-scripts-1.2-noarch-29.tgz: Patched rc.M to remove files of the form {a,}quota.{group,user}.new from the top of filesystems that use quota. These can be created if quota is interrupted by a reboot or power failure and cause quotacheck at boot time to fail. D software series/strace-4.5.18-x86_64-1.tgz: Upgraded to strace-4.5.18. N software seriesbitchx-1.1-x86_64-5.tgz: Removed. BitchX has several known security flaws for which there are no known workarounds, and upstream progress seems to have stalled. Users should switch to a supported IRC client such as irssi. [*** Security fix ***] N software series/metamail-2.7-x86_64-3.tgz: Updated patch and recompiled. Moved fonts for mailto-hebrew to /usr/share/metamail/fonts/. N software series/wireless-tools-29-x86_64-5.tgz: Removed obsolete -w wpa_supplicant option in rc.wireless. N software series/wpa_supplicant-0.6.9-x86_64-1.tgz: Upgraded to wpa_supplicant-0.6.9. X software series/m17n-lib-1.5.4-x86_64-1.tgz: Upgraded to m17n-lib-1.5.4. X software series/scim-1.4.9-x86_64-1.tgz: Upgraded to scim-1.4.9. X software series/scim-bridge-0.4.16-x86_64-1.tgz: Upgraded to scim-bridge-0.4.16. X software series/scim-input-pad-0.1.2-x86_64-1.tgz: Added scim-input-pad-0.1.2. X software series/scim-m17n-0.2.3-x86_64-1.tgz: Upgraded to scim-m17n-0.2.3. X software series/scim-tables-0.5.9-x86_64-1.tgz: Upgraded to scim-tables-0.5.9. X software series/wqy-zenhei-font-ttf-0.8.38_1-noarch-1.tgz: Upgraded to wqy-zenhei-0.8.38-1. X software series/xaw3d-1.5E-x86_64-1.tgz: Upgraded to Xaw3d-1.5E. XAP software series/xfractint-20.04p09-x86_64-1.tgz: Upgraded to xfractint-20.04p09. isolinux/initrd.img: When formatting an ext3 partition, don't use '-j' (using mkfs.ext3 already takes care of that). Use the patched dialog to fix the formatting of the installer menus. TESTING/packages/bash-4.0.017-x86_64-1.tgz: Updated with upstream patches. usb-and-pxe-installers/usbboot.img: Same fixes as initrd.img. -|--------------------------|- Sun Apr 26 09:21:58 EEST 2009 A software series/kernel-modules-2.6.29.1-x86_64-2.tgz: Fixed slack-desc. isolinux/initrd.img: Added missing xz. usb-and-pxe-installers/usbboot.img: Added missing xz. -|--------------------------|- Thu Apr 23 12:45:15 EEST 2009 XAP software series/mozilla-firefox-3.0.9-x86_64-1.tgz: Upgraded to firefox-3.0.9. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] -|--------------------------|- Wed Apr 22 19:04:45 EEST 2009 A software series/sysvinit-scripts-1.2-noarch-28.tgz: Allow LUKS passphrases to contain spaces. A software series/udev-141-x86_64-2.tgz: Changed the permissions on the real time clock (/dev/rtc0) so that all users can read it. Modified rc.udev so that the /dev/root symlink is created. -|--------------------------|- Tue Apr 21 22:42:56 EEST 2009 A software series/etc-12.34567890-noarch-3.tgz: Added the uucp user to the dialout group. A software series/mkinitrd-1.3.3-x86_64-3.tgz: Fixed broken directory in initrd-tree.tar.gz. A software series/pkgtools-12.34567890-noarch-3.tgz: Fixed upgradepkg oldpackage%newpackage. Fixed the installpkg test for the external compression utility. A software series/pcmciautils-015-x86_64-2.tgz: Added symlinks to /sbin/* in /lib/udev (needed by the udev rules file). Fixed installation of udev rules file. A software series/udev-141-x86_64-1.tgz: Upgraded to udev-141. Changed serial devices from group 'uucp' to group 'dialout'. This upgrade fixes a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 [*** Security fix ***] L software series/pilot-link-0.12.3-x86_64-7.tgz: The dialout devices now use group 'dialout' rather than group 'uucp', and the udev rules have been changed to use MODE="660" instead of MODE="664". -|--------------------------|- Fri Apr 17 20:28:53 EEST 2009 EXTRA/ia32-emulation/ia32-gtk+2-2.14.7-x86_64-4.tgz: Added libgailutil. Thanks to ylo for reporting. -|--------------------------|- Wed Apr 15 22:17:31 CDT 2009 A software series/pkgtools-12.34567890-noarch-2.tgz: Fixed bugs with package extension stripping and package description handling that could cause error messages or hangs during package installs or upgrades. -|--------------------------|- Tue Apr 14 22:43:17 EEST 2009 A software series/coreutils-7.2-x86_64-1.tgz: Upgraded to coreutils-7.2. Added new file formats to /etc/DIR_COLORS. A software series/less-418-x86_64-2.tgz: Add support in lesspipe.sh for viewing .tbz, .tlz, .txz, .tar.lzma, and .tar.xz files. A software series/pkgtools-12.34567890-noarch-1.tgz: Added support for .tbz, .tlz, and .txz packages in addition to the traditional .tgz format. A software series/tree-1.5.2.2-x86_64-1.tgz: Upgraded to tree-1.5.2.2. L software series/libcap-2.16-x86_64-2.tgz: Patched broken header. N software series/crda-1.0.1-x86_64-2.tgz: Fixed docs directory. X software series/dejavu-fonts-ttf-2.29-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.29. XAP software series/audacious-1.5.1-x86_64-3.tgz: Patched to fix command line option handling. XAP software series/seamonkey-1.1.16-x86_64-1.tgz: Upgraded to seamonkey-1.1.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] isolinux/initrd.img: Added support for .tbz, .tlz, and .txz packages. usb-and-pxe-installers/: Added support for .tbz, .tlz, and .txz packages. -|--------------------------|- Mon Apr 13 00:16:48 EEST 2009 A software series/kernel-modules-generic-2.6.29.1-x86_64-2.tgz: Fixed description in slack-desc. EXTRA/ia32-emulation/ia32-gtk+2-2.14.7-x86_64-3.tgz: Added the correct modules to /usr/lib32/gtk-2.0. Thanks to ylo for reporting. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Fri Apr 10 23:44:57 EEST 2009 A software series/aaa_elflibs-12.34-x86_64-1.tgz: Added libcap, needed for coreutils. Added libidn, liblber, and libldap, needed by libcurl.so.4. A software series/dbus-1.2.12-x86_64-1.tgz: Moved from L, needed by CUPS. A software series/glibc-solibs-2.9-x86_64-3.tgz: Recompiled against Linux 2.6.29.1 headers. A software series/glibc-zoneinfo-2.9-noarch-3.tgz: Upgraded to tzcode2009d and tzdata2009d. A software series/jfsutils-1.1.13-x86_64-1.tgz: Upgraded to jfsutils-1.1.13. A software series/kernel-firmware-2.6.29.1-noarch-1.tgz: Upgraded to Linux 2.6.29.1 firmware. A software series/kernel-generic-2.6.29.1-x86_64-1.tgz: Upgraded to Linux 2.6.29.1. A software series/kernel-huge-2.6.29.1-x86_64-1.tgz: Upgraded to Linux 2.6.29.1. A software series/kernel-modules-2.6.29.1-x86_64-1.tgz: Upgraded to Linux 2.6.29.1. A software series/kernel-modules-generic-2.6.29.1-x86_64-1.tgz: Upgraded to Linux 2.6.29.1. A software series/mkinitrd-1.3.3-x86_64-2.tgz: Make sure /proc and /sys are mounted. Added /usr/share/mkinitrd/mkinitrd_command_generator.sh. A software series/ntfs-3g-2009.3.8-x86_64-1.tgz: Upgraded to ntfs-3g-2009.3.8. A software series/openssl-solibs-0.9.8k-x86_64-1.tgz: Upgraded to openssl-0.9.8k. This fixes possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 [*** Security fix ***] A software series/sysvinit-scripts-1.2-noarch-27.tgz: Edited rc.M to run update-gtk-immodules, update-gdk-pixbuf-loaders, and update-pango-querymodules. A software series/xz-4.999.8beta-x86_64-1.tgz: Added xz-4.999.8beta. AP software series/a2ps-4.14-x86_64-3.tgz: Added /usr/share/fonts/Type1 to the LibraryPath in /etc/a2ps.cfg. The new a2ps detects a working font path during ./configure, but without this will not use it at runtime. AP software series/sqlite-3.6.12-x86_64-1.tgz: Upgraded to sqlite-3.6.12. D software series/git-1.6.2.2-x86_64-1.tgz: Upgraded to git-1.6.2.2. D software series/kernel-headers-2.6.29.1-x86-1.tgz: Upgraded to Linux 2.6.29.1. K software series/kernel-source-2.6.29.1-noarch-1.tgz: Upgraded to Linux 2.6.29.1. KDE software series/amarok-2.0.2-x86_64-2.tgz: Patched LastFM service and recompiled. KDE software series/guidance-power-manager-4.2.2-x86_64-1.tgz: Upgraded to guidance-power-manager-4.2.2. KDE software series/k3b-r948463-x86_64-1.tgz: Upgraded to k3b-r948463. KDE software series/kaudiocreator-r948464-x86_64-1.tgz: Upgraded to kaudiocreator-r948464. KDE software series/kdeaccessibility-4.2.2-x86_64-1.tgz: Upgraded to kdeaccessibility-4.2.2. KDE software series/kdeadmin-4.2.2-x86_64-1.tgz: Upgraded to kdeadmin-4.2.2. KDE software series/kdeartwork-4.2.2-x86_64-1.tgz: Upgraded to kdeartwork-4.2.2. KDE software series/kdebase-4.2.2-x86_64-1.tgz: Upgraded to kdebase-4.2.2. KDE software series/kdebase-runtime-4.2.2-x86_64-1.tgz: Upgraded to kdebase-runtime-4.2.2. KDE software series/kdebase-workspace-4.2.2-x86_64-1.tgz: Upgraded to kdebase-workspace-4.2.2. KDE software series/kdebindings-4.2.2-x86_64-1.tgz: Upgraded to kdebindings-4.2.2. KDE software series/kdeedu-4.2.2-x86_64-1.tgz: Upgraded to kdeedu-4.2.2. KDE software series/kdegames-4.2.2-x86_64-1.tgz: Upgraded to kdegames-4.2.2. KDE software series/kdegraphics-4.2.2-x86_64-1.tgz: Upgraded to kdegraphics-4.2.2. KDE software series/kdelibs-4.2.2-x86_64-1.tgz: Upgraded to kdelibs-4.2.2. KDE software series/kdemultimedia-4.2.2-x86_64-1.tgz: Upgraded to kdemultimedia-4.2.2. KDE software series/kdenetwork-4.2.2-x86_64-1.tgz: Upgraded to kdenetwork-4.2.2. KDE software series/kdepim-4.2.2-x86_64-1.tgz: Upgraded to kdepim-4.2.2. KDE software series/kdepimlibs-4.2.2-x86_64-1.tgz: Upgraded to kdepimlibs-4.2.2. KDE software series/kdeplasma-addons-4.2.2-x86_64-1.tgz: Upgraded to kdeplasma-addons-4.2.2. KDE software series/kdesdk-4.2.2-x86_64-1.tgz: Upgraded to kdesdk-4.2.2. KDE software series/kdetoys-4.2.2-x86_64-1.tgz: Upgraded to kdetoys-4.2.2. KDE software series/kdeutils-4.2.2-x86_64-1.tgz: Upgraded to kdeutils-4.2.2. KDE software series/kdewebdev-4.2.2-x86_64-1.tgz: Upgraded to kdewebdev-4.2.2. KDE software series/koffice-1.9.98.7-x86_64-2.tgz: Recompiled. KDE software series/konq-plugins-4.2.2-x86_64-1.tgz: Upgraded to konq-plugins-4.2.2. KDE software series/skanlite-0.3-x86_64-1.tgz: Upgraded to skanlite-0.3. L software series/M2Crypto-0.19.1-x86_64-1.tgz: Added M2Crypto-0.19.1. L software series/QScintilla-2.3.2-x86_64-1.tgz: Upgraded to QScintilla-2.3.2. L software series/atk-1.26.0-x86_64-1.tgz: Upgraded to atk-1.26.0. L software series/boost-1.38.0-x86_64-1.tgz: Upgraded to boost-1.38.0. L software series/eigen2-r948353-x86_64-1.tgz: Upgraded to eigen2-r948353. L software series/esound-0.2.41-x86_64-1.tgz: Upgraded to esound-0.2.41. L software series/exiv2-0.18-x86_64-1.tgz: Upgraded to exiv2-0.18. L software series/glibc-2.9-x86_64-3.tgz: Recompiled against Linux 2.6.29.1 headers. L software series/glibc-i18n-2.9-x86_64-3.tgz: Recompiled. L software series/glibc-profile-2.9-x86_64-3.tgz: Recompiled against Linux 2.6.29.1 headers. L software series/gstreamer-0.10.22-x86_64-1.tgz: Upgraded to gstreamer-0.10.22. L software series/gst-plugins-base-0.10.22-x86_64-1.tgz: Upgraded to gst-plugins-base-0.10.22. L software series/gtk+2-2.14.7-x86_64-2.tgz: Patched to change /etc/gtk-2.0/ directory to /etc/gtk-2.0/x86_64-slackware-linux/. Added update-gtk-immodules and update-gdk-pixbuf-loaders scripts. L software series/hal-0.5.11-x86_64-5.tgz: Rebuilt with some configuration changes. L software series/hal-info-20090330-noarch-1.tgz: Upgraded to hal-info-20090330. L software series/iso-codes-3.8-noarch-1.tgz: Upgraded to iso-codes-3.8. L software series/jasper-1.900.1-x86_64-1.tgz: Added jasper-1.900.1. L software series/jre-6u13-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 13. L software series/libglade-2.6.4-x86_64-1.tgz: Upgraded to libglade-2.6.4. L software series/libical-0.43-x86_64-1.tgz: Upgraded to libical-0.43. L software series/libmcrypt-2.5.8-x86_64-1.tgz: Added libmcrypt-2.5.8. L software series/libmsn-r95-x86_64-1.tgz: Upgraded to libmsn-r95. L software series/libnl-1.1-x86_64-1.tgz: Added libnl-1.1. L software series/librsvg-2.26.0-x86_64-1.tgz: Upgraded to librsvg-2.26.0. L software series/libspectre-0.2.2-x86_64-1.tgz: Upgraded to libspectre-0.2.2. L software series/libtheora-1.0-x86_64-1.tgz: Upgraded to libtheora-1.0. L software series/libvncserver-0.9.7-x86_64-1.tgz: Upgraded to LibVNCServer-0.9.7. L software series/libxklavier-3.9-x86_64-1.tgz: Upgraded to libxklavier-3.9. L software series/pango-1.22.4-x86_64-2.tgz: Patched to change /etc/pango/ directory to /etc/pango/x86_64-pc-linux/. Added update-pango-querymodules script. L software series/pycups-1.9.45-x86_64-1.tgz: Upgraded to pycups-1.9.45. L software series/qimageblitz-r948358-x86_64-1.tgz: Upgraded to qimageblitz-r948358. L software series/qt-r948357-x86_64-1.tgz: Upgraded to qt-copy-r948357. L software series/soprano-2.2.3-x86_64-1.tgz: Upgraded to soprano-2.2.3. L software series/strigi-0.6.4-x86_64-1.tgz: Upgraded to strigi-0.6.4. N software series/crda-1.0.1-x86_64-1.tgz: Added crda-1.0.1. N software series/curl-7.19.4-x86_64-2.tgz: Added support for ca-bundle.crt, a bundle of X.509 certificates for public Certificate Authorities. N software series/httpd-2.2.11-x86_64-1.tgz: Upgraded to httpd-2.2.11. N software series/iproute2-2.6.29_1-x86_64-1.tgz: Upgraded to iproute2-2.6.29-1. N software series/irssi-0.8.13-x86_64-1.tgz: Upgraded to irssi-0.8.13. N software series/iw-0.9.11-x86_64-1.tgz: Added iw-0.9.11. N software series/libgcrypt-1.4.4-x86_64-1.tgz: Upgraded to libgcrypt-1.4.4. N software series/openssl-0.9.8k-x86_64-1.tgz: Upgraded to openssl-0.9.8k. This fixes possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 [*** Security fix ***] N software series/php-5.2.9-x86_64-1.tgz: Upgraded to php-5.2.9. This is now linked against libmcrypt. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 [*** Security fix ***] N software series/proftpd-1.3.2-x86_64-1.tgz: Upgraded to proftpd-1.3.2. N software series/samba-3.2.10-x86_64-1.tgz: Upgraded to samba-3.2.10. N software series/vsftpd-2.1.0-x86_64-2.tgz: Rebuilt with vsftpd.conf changed to use inetd, not standalone. XAP software series/gucharmap-2.26.0-x86_64-1.tgz: Upgraded to gucharmap-2.26.0. XAP software series/imagemagick-6.5.1_0-x86_64-1.tgz: Upgraded to ImageMagick-6.5.1-0. XAP software series/xine-lib-1.1.16.3-x86_64-1.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 [*** Security fix ***] XAP software series/xscreensaver-5.08-x86_64-1.tgz: Upgraded to xscreensaver-5.08. EXTRA/jdk-6/jdk-6u13-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 13. EXTRA/ia32-emulation/ia32-gtk+2-2.14.7-x86_64-2.tgz: Fixed a wrong path in /usr/lib32/gtk-2.0/. Thanks to ylo for reporting. EXTRA/ia32-emulation/ia32-glibc-2.9-x86_64-2.tgz: Added missing entries to doinst.sh which will add to the /etc/ld.so.conf the lib32 and usr/lib32 paths. Thanks to ALVAN for reporting. TESTING/packages/bash-4.0.010-x86_64-1.tgz: Patched with the official patches from ftp.gnu.org. +----------------------------+ Sun Mar 29 12:34:42 EEST 2009 EXTRA/ia32-emulation/*: Updated the IA32 emulation packages to the -current development level. Please test and post feedback to the Bluewhite64 Linux forums. Thanks to Slackware for the libs from ia32-lib32-0.4.0 package ;). +----------------------------+ Sat Mar 28 14:33:23 EET 2009 A software series/module-init-tools-3.6-x86_64-2.tgz: Patched modprobe to not complain if /sys is not mounted. L software series/glib2-2.18.4-x86_64-1.tgz: Upgraded to glib-2.18.4 and patched. This fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 [*** Security fix ***] L software series/libxml2-2.7.3-x86_64-1.tgz: Upgraded to libxml2-2.7.3. XAP software series/mozilla-firefox-3.0.8-x86_64-1.tgz: Upgraded to firefox-3.0.8. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] +----------------------------+ Thu Mar 26 14:24:59 EET 2009 A software series/etc-12.34567890-noarch-2.tgz: Fix missing :x: for oprofile in /etc/passwd. AP software series/a2ps-4.14-x86_64-2.tgz: Fixed the SlackBuild to correctly apply the psutils destdir patch so those utilities are included now. AP software series/gphoto2-2.4.4-x86_64-1.tgz: Upgraded to gphoto2-2.4.4. AP software series/slackpkg-2.70.5-noarch-3.tgz: Fixed bug #5. More details about this can be found at: http://bugzilla.bluewhite64.com/show_bug.cgi?id=5 Thanks to Benno for the report and fix. D software series/nasm-2.05.01-x86_64-1.tgz: Upgraded to nasm-2.05.01. KDE software series/kdebase-4.2.1-x86_64-2.tgz: Rebuilt including the install script that runs update-desktop-database. L software series/lcms-1.18-x86_64-1.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 [*** Security fix ***] L software series/lesstif-0.95.0-x86_64-6.tgz: Patched to fix a possible crash in RenderTable.c. L software series/libgphoto2-2.4.4-x86_64-1.tgz: Upgraded to libgphoto2-2.4.4. L software series/libid3tag-0.15.1b-x86_64-3.tgz: Added /usr/lib/pkgconfig/id3tag.pc. XAP software series/mozilla-thunderbird-2.0.0.21-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.21. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] XAP software series/seamonkey-1.1.15-x86_64-1.tgz: Upgraded to seamonkey-1.1.15. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] +----------------------------+ Fri Mar 20 22:15:45 EET 2009 A software series/glibc-solibs-2.9-x86_64-2.tgz: Recompiled against 2.6.28.8 headers. A software series/glibc-zoneinfo-2.9-noarch-2.tgz: Upgraded to tzdata2009c. A software series/kernel-firmware-2.6.28.8-noarch-1.tgz: Upgraded to Linux 2.6.28.8 firmware. A software series/kernel-generic-2.6.28.8-x86_64-1.tgz: Upgraded to Linux 2.6.28.8. A software series/kernel-huge-2.6.28.8-x86_64-1.tgz: Upgraded to Linux 2.6.28.8. A software series/kernel-modules-2.6.28.8-x86_64-1.tgz: Upgraded to Linux 2.6.28.8. A software series/kernel-modules-generic-2.6.28.8-x86_64-1.tgz: Upgraded to Linux 2.6.28.8. AP software series/hplip-3.9.2-x86_64-2.tgz: Patched an issue that could cause high CPU utilization after switching to a different user. D software series/kernel-headers-2.6.28.8-x86-1.tgz: Upgraded to Linux 2.6.28.8. K software serieskernel-source-2.6.28.8-noarch-1.tgz: Upgraded to Linux 2.6.28.8. L software series/glibc-2.9-x86_64-2.tgz: Recompiled. L software series/glibc-i18n-2.9-x86_64-2.tgz: Recompiled. L software series/glibc-profile-2.9-x86_64-2.tgz: Recompiled. L software series/lesstif-0.95.0-x86_64-5.tgz: Patched to compile with gcc-4.3.x. XAP software series/gimp-2.6.6-x86_64-1.tgz: Upgraded to gimp-2.6.6. XAP software series/gimp-help-2-0.8-noarch-1.tgz: Removed. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Tue Mar 17 14:37:46 EET 2009 A software series/kernel-generic-2.6.28.7-x86_64-1.tgz: Added Linux 2.6.28.7 generic (***requires initrd***) kernel. Please read /boot/README.initrd for how to create! A software series/kernel-modules-generic-2.6.28.7-x86_64-1.tgz: Added Linux 2.6.28.7 generic kernel modules. A software series/cpio-2.9-x86_64-2.tgz: Patched for new gcc version. AP software series/foomatic-filters-4.0_20090315-x86_64-1.tgz: Upgraded to foomatic-filters-4.0_20090315. D software series/gcc-4.3.3-x86_64-2.tgz: Recompiled with --enable-libssp. D software series/gcc-g++-4.3.3-x86_64-2.tgz: Recompiled. D software series/gcc-gfortran-4.3.3-x86_64-2.tgz: Recompiled. D software series/gcc-gnat-4.3.3-x86_64-2.tgz: Recompiled. D software series/gcc-java-4.3.3-x86_64-2.tgz: Recompiled. D software series/gcc-objc-4.3.3-x86_64-2.tgz: Recompiled. KDE software series/kdebase-workspace-4.2.1-x86_64-2.tgz: Recompiled against freetype-2.3.9, removed broken hicolor theme index. L software series/cairo-1.8.6-x86_64-2.tgz: Recompiled against freetype-2.3.9. L software series/freetype-2.3.9-x86_64-1.tgz: Upgraded to freetype-2.3.9. freetype-2.3.8 accidentally broke the ABI. Binaries linked with 2.3.8 that use the FT_Get_PS_Font_Info function will need to be recompiled. L software series/hicolor-icon-theme-0.10-noarch-5.tgz: Recompiled. L software series/libcap-2.16-x86_64-1.tgz: Upgraded to libcap-2.16. L software series/libwnck-2.24.2-x86_64-1.tgz: Upgraded to libwnck-2.24.2. L software series/qt-r931082-x86_64-2.tgz: Recompiled against freetype-2.3.9. N software series/iwlwifi-4965-ucode-228.57.2.23-fw-1.tgz: Upgraded iwlwifi-4965-2.ucode firmware to version 228.57.2.23. X software series/compiz-0.7.8-x86_64-3.tgz: Recompiled against libwnck-2.24.2. XAP software series/pidgin-2.5.5-x86_64-1.tgz: Upgraded to pidgin-2.5.5. XAP software series/xfce-4.6.0-x86_64-2.tgz: Recompiled against libwnck-2.24.2. XAP software series/xfce4-power-manager-0.6.4-x86_64-2.tgz: Patched to only start the power manager inside the Xfce environment. -|--------------------------|- Sat Mar 14 09:23:25 EET 2009 A software series/kernel-firmware-2.6.28.7-noarch-2.tgz: Recompiled. A software series/kernel-huge-2.6.28.7-x86_64-2.tgz: Added ext4 FS support. A software series/kernel-modules-2.6.28.7-x86_64-2.tgz: Recompiled. D software series/kernel-headers-2.6.28.7_smp-x86-2.tgz: Recompiled. K software series/kernel-source-2.6.28.7-noarch-2.tgz: Recompiled. isolinux/initrd.img: Added ext4 FS support. Updated kernel modules. usb-and-pxe-installers/: Added ext4 FS support. Updated kernel modules. -|--------------------------|- Fri Mar 13 18:21:31 EET 2009 A software series/aaa_terminfo-5.7-noarch-1.tgz: Updated with terminfo files from ncurses-5.7. A software series/attr-2.4.43_1-x86_64-1.tgz: Upgraded to attr-2.4.43-1. A software series/coreutils-7.1-x86_64-1.tgz: Upgraded to coreutils-7.1. A software series/dialog-1.1_20080819-x86_64-1.tgz: Upgraded to dialog-1.1-20080819. A software series/e2fsprogs-1.41.4-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.4. A software series/ed-1.2-x86_64-1.tgz: Upgraded to ed-1.2. A software series/etc-12.34567890-noarch-1.tgz: Added uid 51 (oprofile), gid 16 (dialout), gid 51 (oprofile), and gid 86 (netdev). A software series/file-5.00-x86_64-1.tgz: Upgraded to file-5.00. A software series/findutils-4.4.0-x86_64-1.tgz: Upgraded to findutils-4.4.0. A software series/glibc-solibs-2.9-x86_64-1.tgz: Upgraded to glibc-2.9. A software series/glibc-zoneinfo-2.9-noarch-1.tgz Upgraded to tz{code,data}2009b. A software series/grep-2.5.4-x86_64-1.tgz: Upgraded to grep-2.5.4. A software series/kernel-firmware-2.6.28.7-noarch-1.tgz: Upgraded to Linux 2.6.28.7 firmware. A software series/kernel-huge-2.6.28.7-x86_64-1.tgz: Upgraded to Linux 2.6.28.7. A software series/kernel-modules-2.6.28.7-x86_64-1.tgz: Upgraded to Linux 2.6.28.7. A software series/module-init-tools-3.6-x86_64-1.tgz: Upgraded to module-init-tools-3.6. A software series/ntfs-3g-2009.2.1-x86_64-1.tgz: Upgraded to ntfs-3g-2009.2.1. A software series/reiserfsprogs-3.6.21-x86_64-1.tgz: Upgraded to reiserfsprogs-3.6.21. A software series/tar-1.22-x86_64-1.tgz: Upgraded to tar-1.22. A software series/util-linux-ng-2.14.2-x86_64-1.tgz: Upgraded to util-linux-ng-2.14.2. A software series/which-2.20-x86_64-1.tgz: Upgraded to which-2.20. A software series/xfsprogs-3.0.0-x86_64-1.tgz: Upgraded to xfsprogs-3.0.0. AP software series/a2ps-4.14-x86_64-1.tgz: Upgraded to a2ps-4.14. AP software series/alsa-utils-1.0.18-x86_64-1.tgz: Upgraded to alsa-utils-1.0.18. AP software series/cupsddk-1.2.3-x86_64-1.tgz: Added cupsddk-1.2.3. AP software series/dmapi-2.2.9-x86_64-1.tgz: Upgraded to dmapi-2.2.9. AP software series/foomatic-filters-4.0.0-x86_64-1.tgz: Upgraded to foomatic-filters-4.0.0. AP software series/groff-1.20.1-x86_64-1.tgz: Upgraded to groff-1.20.1. AP software series/gutenprint-5.2.3-x86_64-1.tgz: Upgraded to gutenprint-5.2.3. AP software series/hplip-3.9.2-x86_64-1.tgz: Upgraded to hplip-3.9.2. AP software series/jove-4.16.0.70-x86_64-1.tgz: Upgraded to jove-4.16.0.70. AP software series/lsscsi-0.22-x86_64-1.tgz: Upgraded to lsscsi-0.22. AP software series/man-pages-3.19-noarch-1.tgz: Upgraded to man-pages-3.19. AP software series/mc-4.6.2-x86_64-1.tgz: Upgraded to mc-4.6.2. AP software series/pm-utils-1.2.4-x86_64-1.tgz: Upgraded to pm-utils-1.2.4. AP software series/sox-14.2.0-x86_64-1.tgz: Upgraded to sox-14.2.0. AP software series/xfsdump-3.0.0-x86_64-1.tgz: Upgraded to xfsdump-3.0.0. D software series/bison-2.4.1-x86_64-1.tgz: Upgraded to bison-2.4.1. D software series/clisp-2.47-x86_64-1.tgz: Upgraded to clisp-2.47. D software series/doxygen-1.5.8-x86_64-1.tgz: Upgraded to doxygen-1.5.8. D software series/gcc-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/gcc-g++-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/gcc-gfortran-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/gcc-gnat-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/gcc-java-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/gcc-objc-4.3.3-x86_64-1.tgz: Upgraded to gcc-4.3.3. D software series/guile-1.8.6-x86_64-1.tgz: Upgraded to guile-1.8.6. D software series/indent-2.2.10-x86_64-1.tgz: Upgraded to indent-2.2.10. D software series/kernel-headers-2.6.28.7_smp-x86-1.tgz: Upgraded to Linux 2.6.28.7. D software series/mercurial-1.1.2-x86_64-1.tgz: Upgraded to mercurial-1.1.2. D software series/oprofile-0.9.4-x86_64-1.tgz: Upgraded to oprofile-0.9.4. D software series/swig-1.3.38-x86_64-1.tgz: Added swig-1.3. K software series/kernel-source-2.6.28.7-noarch-1.tgz: Upgraded to Linux 2.6.28.7. KDE software series/amarok-2.0.2-x86_64-1.tgz: Upgraded to amarok-2.0.2. KDE software series/guidance-power-manager-4.2.0-x86_64-1.tgz: Added guidance-power-manager-4.2.0. KDE software series/kaudiocreator-r888119-x86_64-1.tgz: Added kaudiocreator-r888119. KDE software series/kdeaccessibility-4.2.1-x86_64-1.tgz: Upgraded to kdeaccessibility-4.2.1. KDE software series/kdeadmin-4.2.1-x86_64-1.tgz: Upgraded to kdeadmin-4.2.1. KDE software series/kdeartwork-4.2.1-x86_64-1.tgz: Upgraded to kdeartwork-4.2.1. KDE software series/kdebase-4.2.1-x86_64-1.tgz: Upgraded to kdebase-4.2.1. KDE software series/kdebase-runtime-4.2.1-x86_64-1.tgz: Added kdebase-runtime-4.2.1. KDE software series/kdebase-workspace-4.2.1-x86_64-1.tgz: Added kdebase-workspace-4.2.1. KDE software series/kdebindings-4.2.1-x86_64-1.tgz: Upgraded to kdebindings-4.2.1. KDE software series/kdeedu-4.2.1-x86_64-1.tgz: Upgraded to kdeedu-4.2.1. KDE software series/kdegames-4.2.1-x86_64-1.tgz: Upgraded to kdegames-4.2.1. KDE software series/kdegraphics-4.2.1-x86_64-1.tgz: Upgraded to kdegraphics-4.2.1. KDE software series/kdelibs-4.2.1-x86_64-1.tgz: Upgraded to kdelibs-4.2.1. KDE software series/kdemultimedia-4.2.1-x86_64-1.tgz: Upgraded to kdemultimedia-4.2.1. KDE software series/kdenetwork-4.2.1-x86_64-1.tgz: Upgraded to kdenetwork-4.2.1. KDE software series/kdepim-4.2.1-x86_64-1.tgz: Upgraded to kdepim-4.2.1. KDE software series/kdepimlibs-4.2.1-x86_64-1.tgz: Added kdepimlibs-4.2.1. KDE software series/kdeplasma-addons-4.2.1-x86_64-1.tgz: Added kdeplasma-addons-4.2.1. KDE software series/kdesdk-4.2.1-x86_64-1.tgz: Upgraded to kdesdk-4.2.1. KDE software series/kdetoys-4.2.1-x86_64-1.tgz: Upgraded to kdetoys-4.2.1. KDE software series/kdeutils-4.2.1-x86_64-1.tgz: Upgraded to kdeutils-4.2.1. KDE software series/kdewebdev-4.2.1-x86_64-1.tgz: Upgraded to kdewebdev-4.2.1. KDE software series/koffice-1.9.98.7-x86_64-1.tgz: Upgraded to koffice-1.9.98.7. KDE software series/konq-plugins-4.2.0-x86_64-1.tgz: Added konq-plugins-4.2.0. KDE software series/ktorrent-3.2-x86_64-1.tgz: Added ktorrent-3.2. KDE software series/skanlite-0.2_kde4.2.0-x86_64-1.tgz: Added skanlite-0.2_kde4.2.0 KDEi software series/kde-l10n-*-4.2.1-noarch-1.tgz: Upgraded to KDE 4.2.1 l10n packages. KDEi software series/koffice-l10n-*-1.9.98.7-noarch-1.tgz: Upgraded to KOffice 1.9.98.7 l10n packages. L software series/PyQt-4.4.4-x86_64-1.tgz: Added PyQt-4.4.4. L software series/QScintilla-2.3-x86_64-1.tgz: Added QScintilla-2.3. L software series/akonadi-1.1.1-x86_64-1.tgz: Added akonadi-1.1.1. L software series/alsa-lib-1.0.18-x86_64-1.tgz: Upgraded to alsa-lib-1.0.18. L software series/arts-1.5.10-x86_64-2.tgz: Removed. L software series/atk-1.24.0-x86_64-1.tgz: Upgraded to atk-1.24.0. L software series/automoc4-0.9.88-x86_64-1.tgz: Added automoc4-0.9.88. L software series/babl-0.0.22-x86_64-1.tgz: Added babl-0.0.22. L software series/boost-1.36.0-x86_64-1.tgz: Added boost-1.36.0. L software series/cairo-1.8.6-x86_64-1.tgz: Upgraded to cairo-1.8.6. L software series/chmlib-0.39-x86_64-1.tgz: Added chmlib-0.39. L software series/clucene-0.9.21b-x86_64-1.tgz: Added clucene-0.9.21b. L software series/dbus-1.2.12-x86_64-1.tgz: Upgraded to dbus-1.2.12. L software series/dbus-glib-0.80-x86_64-1.tgz: Upgraded to dbus-glib-0.80. L software series/djvulibre-3.5.21-x86_64-1.tgz: Added djvulibre-3.5.21. L software series/eigen-1.0.5-x86_64-1.tgz: Added eigen-1.0.5. L software series/eigen2-r922425-x86_64-1.tgz: Added eigen2-r922425. L software series/exiv2-0.17.1-x86_64-1.tgz: Added exiv2-0.17.1. L software series/freetype-2.3.8-x86_64-1.tgz: Upgraded to freetype-2.3.8. L software series/gamin-0.1.10-x86_64-1.tgz: Upgraded to gamin-0.1.10. L software series/gegl-0.0.20-x86_64-1.tgz: Added gegl-0.0.20. L software series/glib2-2.18.3-x86_64-1.tgz: Upgraded to glib-2.18.3. L software series/glibc-2.9-x86_64-1.tgz: Upgraded to glibc-2.9. L software series/glibc-i18n-2.9-x86_64-1.tgz Upgraded to glibc-2.9. L software series/glibc-profile-2.9-x86_64-1.tgz Upgraded to glibc-2.9. L software series/gmm-3.1-noarch-1.tgz: Added gmm-3.1. L software series/gnome-icon-theme-2.24.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.24.0. L software series/gtk+2-2.14.7-x86_64-1.tgz: Upgraded to gtk+-2.14.7. L software series/gmp-4.2.4-x86_64-1.tgz: Upgraded to gmp-4.2.4. L software series/hal-info-20090309-noarch-1.tgz: Upgraded to hal-info-20090309. L software series/icon-naming-utils-0.8.90-noarch-1.tgz: Upgraded to icon-naming-utils-0.8.90. L software series/ilmbase-1.0.1-x86_64-1.tgz: Added ilmbase-1.0.1. L software series/iso-codes-3.5-noarch-1.tgz: Added iso-codes-3.5. L software series/libarchive-2.6.2-x86_64-1.tgz: Added libarchive-2.6.2. L software series/libcaca-0.99.beta16-x86_64-1.tgz: Upgraded to libcaca-0.99.beta16. L software series/libdvdread-4.1.3-x86_64-1.tgz: Added libdvdread-4.1.3. L software series/libical-0.42-x86_64-1.tgz: Added libical-0.42. L software series/libmcs-0.7.1-x86_64-1.tgz: Upgraded to libmcs-0.7.1. L software series/libmsn-r93-x86_64-1.tgz: Added libmsn-r93. L software series/libspectre-0.2.1-x86_64-1.tgz: Added libspectre-0.2.1. L software series/libvncserver-0.9.1-x86_64-1.tgz: Added libvncserver-0.9.1. L software series/libxklavier-3.8-x86_64-1.tgz: Added libxklavier-3.8. L software series/libzip-0.9-x86_64-1.tgz: Added libzip-0.9. L software series/ncurses-5.7-x86_64-1.tgz: Upgraded to ncurses-5.7. L software series/openexr-1.6.1-x86_64-1.tgz: Added openexr-1.6.1. L software series/pango-1.22.4-x86_64-1.tgz: Upgraded to pango-1.22.4. L software series/phonon-4.3.1-x86_64-1.tgz: Added phonon-4.3.1. L software series/poppler-0.10.4-x86_64-1.tgz: Upgraded to poppler-0.10.4. L software series/poppler-data-0.2.1-noarch-1.tgz: Upgraded to poppler-data-0.2.1. L software series/pycairo-1.8.2-x86_64-1.tgz: Upgraded to pycairo-1.8.2. L software series/pycups-1.9.42-x86_64-1.tgz: Added pycups-1.9.42. L software series/pygobject-2.16.0-x86_64-1.tgz: Upgraded to pygobject-2.16.0. L software series/pygtk-2.14.0-x86_64-1.tgz: Upgraded to pygtk-2.14.0. L software series/pyrex-0.9.8.5-x86_64-1.tgz: Upgraded to pyrex-0.9.8.5. L software series/qca-2.0.1-x86_64-1.tgz: Upgraded to qca-2.0.1. L software series/qca-cyrus-sasl-2.0.0_beta3-x86_64-1.tgz: Added qca-cyrus-sasl-2.0.0_beta3. L software series/qca-gnupg-2.0.0_beta3-x86_64-1.tgz: Added qca-gnupg-2.0.0_beta3. L software series/qca-ossl-2.0.0_beta3-x86_64-1.tgz: Added qca-ossl-2.0.0_beta3. L software series/qca-tls-1.0-x86_64-6.tgz: Removed. L software series/qimageblitz-r900905-x86_64-1.tgz: Added qimageblitz-r900905. L software series/qt-r931082-x86_64-1.tgz: Upgraded to qt-copy r931082. L software series/raptor-1.4.18-x86_64-1.tgz: Added raptor-1.4.18. L software series/rasqal-0.9.16-x86_64-1.tgz: Added rasqal-0.9.16. L software series/readline-5.2-x86_64-4.tgz: Recompiled with official patch readline52-013. L software series/redland-1.0.8-x86_64-1.tgz: Added redland-1.0.8. L software series/shared-mime-info-0.60-x86_64-1.tgz: Upgraded to shared-mime-info-0.60. L software series/sip-4.7.9-x86_64-1.tgz: Added sip-4.7.9. L software series/soprano-2.2.2-x86_64-1.tgz: Added soprano-2.2.2. L software series/strigi-0.6.3-x86_64-1.tgz: Added strigi-0.6.3. L software series/svgalib-1.9.25-x86_64-2.tgz: Patched for recent kernel headers and configured to no longer use the helper kernel module. L software series/svgalib_helper-1.9.25_2.6.27.7-x86_64-2.tgz: Removed, as the helper module does not work with recent kernels. L software series/tango-icon-theme-0.8.90-noarch-1.tgz: Upgraded to tango-icon-theme-0.8.90. L software series/vte-0.19.4-x86_64-1.tgz: Upgraded to vte-0.19.4. N software series/curl-7.19.4-x86_64-1.tgz: Upgraded to curl-7.19.4. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-biN software series/cvename.cgi?name=CVE-2009-0037 [*** Security fix ***] N software series/dhcpcd-3.2.3-x86_64-1.tgz: Upgraded to dhcpcd-3.2.3. N software series/dirmngr-1.0.2-x86_64-1.tgz: Upgraded to dirmngr-1.0.2. N software series/gnupg2-2.0.11-x86_64-1.tgz: Upgraded to gnupg-2.0.11. N software series/gnutls-2.6.3-x86_64-1.tgz: Upgraded to gnutls-2.6.3. N software series/gpgme-1.1.8-x86_64-1.tgz: Upgraded to gpgme-1.1.8. N software series/libgcrypt-1.4.3-x86_64-1.tgz: Upgraded to libgcrypt-1.4.3. N software series/libgpg-error-1.7-x86_64-1.tgz: Upgraded to libgpg-error-1.7. N software series/libksba-1.0.5-x86_64-1.tgz: Upgraded to libksba-1.0.5. N software series/netwatch-1.3.0-x86_64-1.tgz: Added netwatch-1.3.0. N software series/rsync-3.0.5-x86_64-1.tgz: Upgraded to rsync-3.0.5. X software series/compiz-0.7.8-x86_64-2.tgz: Patched for Qt4/KDE4 and rebuilt. X software series/scim-1.4.7-x86_64-8.tgz: Edited profile scripts to use the Qt4 scim-bridge immodule with Qt4/KDE4. X software series/scim-bridge-0.4.14-x86_64-4.tgz: Rebuilt with qt4 immodule enabled. X software series/x11-skel-7.1-noarch-7.tgz: Adjusted xwmconfig menu dimensions. X software series/xterm-241-x86_64-1.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 [*** Security fix ***] XAP software series/gimp-2.6.5-x86_64-1.tgz: Upgraded to gimp-2.6.5. XAP software series/mozilla-firefox-3.0.7-x86_64-1.tgz: Upgraded to firefox-3.0.7. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] XAP software series/thunar-volman-0.3.80-x86_64-1.tgz: Added thunar-volman-0.3.80. XAP software series/xfce-4.6.0-x86_64-1.tgz: Upgraded to xfce-4.6.0. XAP software series/xfce4-power-manager-0.6.4-x86_64-1.tgz: Added xfce4-power-manager-0.6.4. XAP software series/xine-lib-1.1.16.2-x86_64-1.tgz: Upgraded to xine-lib-1.1.16.2. EXTRA/kde3-compat/arts-1.5.10-x86_64-opt1.tgz: Added arts-1.5.10. EXTRA/de3-compat/kdelibs3-3.5.10-x86_64-opt1.tgz: Added kdelibs3-3.5.10. EXTRA/kde3-compat/qca-tls1-1.0-x86_64-opt1.tgz: Added qca-tls1-1.0. EXTRA/kde3-compat/qca1-1.0-x86_64-opt1.tgz: Added qca1-1.0. EXTRA/kde3-compat/qt3-3.3.8b-x86_64-opt1.tgz: Added qt3-3.3.8b. TESTING/packages/bash-4.0.0-x86_64-1.tgz: Upgraded to bash-4.0. -|--------------------------|- Sun Mar 1 11:19:01 EET 2009 TESTING/packages/kde4/kde3-compat/kdelibs3-3.5.10-x86_64-opt5.tgz: Recompiled on Bluewhite64 12.1 :). Now the k3b start fine and the DVD write test passed successfully here. Please test this and post to the Bluewhite64 forums your feedback. Thanks to all who reported that the k3b is not working on KDE4 ;). -|--------------------------|- Sat Feb 21 14:20:07 EET 2009 A software series/cpio-2.9-x86_64-1.tgz: Upgraded to cpio-2.9. AP software series/cdrtools-2.01.01a57-x86_64-2.tgz: Fixed build script to put the charset conversion tables in /usr/lib/siconv. Hopefully this will work correctly with k3b now. AP software series/sqlite-3.6.11-x86_64-1.tgz: Upgraded to sqlite-3.6.11. D software series/git-1.6.1.3-x86_64-1.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 [*** Security fix ***] D software series/subversion-1.5.5-x86_64-1.tgz: Upgraded to subversion-1.5.5. L software series/libpng-1.2.35-x86_64-1.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt [*** Security fix ***] N software series/dnsmasq-2.47-x86_64-1.tgz: Upgraded to dnsmasq-2.47. N software series/vsftpd-2.1.0-x86_64-1.tgz: Upgraded to vsftpd-2.1.0. TESTING/packages/kde4/extragear/ktorrent-3.2-x86_64-1.tgz: Upgraded to ktorrent-3.2. -|--------------------------|- Tue Feb 10 22:25:12 EET 2009 AP software series/cdrtools-2.01.01a57-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a57. Also, fixed a build script error so that the utilities look for locale files in the correct directory. Anyone who had problems with k3b previously should upgrade this package. EXTRA/wicd/wicd-1.5.9-noarch-1.tgz: Upgraded to wicd-1.5.9. This fixes a security problem with the D-Bus configuration file that allows local users to intercept D-Bus messages, possibly including wireless network credentials. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0489 [*** Security fix ***] TESTING/packages/kde4/deps/eigen2-r922425-x86_64-1.tgz: Upgraded to eigen2-r922425. TESTING/packages/kde4/kde/kdelibs-4.2.0-x86_64-2.tgz: Added bugfix patches from SVN: r917170, r918403, r918654, r918838. TESTING/packages/kde4/kde/koffice-1.9.98.6-x86_64-1.tgz: Upgraded to koffice-1.9.98.6. TESTING/packages/kde4/kde-l10n/koffice-l10n-*-1.9.98.6-noarch-1.tgz: Upgraded to koffice-1.9.98.6 l10n packages. -|--------------------------|- Fri Feb 6 22:08:32 EET 2009 AP software series/ghostscript-8.64-x86_64-1.tgz: Upgraded to ghostscript-8.64. XAP software series/mozilla-firefox-3.0.6-x86_64-1.tgz: Upgraded to firefox-3.0.6. This fixes some security issues, for more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] -|--------------------------|- Tue Feb 3 21:47:42 EET 2009 X software series/xdg-utils-1.0.2-noarch-3.tgz: This update fixes two security issues. First, use of xdg-open in /etc/mailcap was found to be unsafe -- xdg-open passes along downloaded files without indicating what mime type they initially presented themselves as, leaving programs further down the processing chain to discover the file type again. This makes it rather trivial to present a script (such as a .desktop file) as a document type (like a PDF) so that it looks safe to click on in a browser, but will result in the execution of an arbitrary script. It might be safe to send files to trusted applications in /etc/mailcap, but it does not seem to be safe to send files to xdg-open in /etc/mailcap. This package will comment out calls to xdg-open in /etc/mailcap if they are determined to have been added by a previous version of this package. If you've made any local customizations to /etc/mailcap, be sure to check that there are no uncommented calls to xdg-open after installing this update. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 Another bug in xdg-open fails to sanitize input properly allowing the execution of arbitrary commands. This was fixed in the xdg-utils repository quite some time ago (prior to the inclusion of xdg-utils in Bluewhite64), but was never fixed in the official release of xdg-utils. The sources for xdg-utils in Bluewhite64 have now been updated from the repo to fix the problem. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 [*** Security fix ***] -|--------------------------|- Wed Jan 28 23:27:02 EET 2009 Upgraded to KDE 4.2 (Codename: "The Answer")! Congratulations to the KDE development team for such an amazing job on this beautiful and highly user-friendly desktop environment! And don't forget, these packages are compatible with Bluewhite64 12.2! TESTING/packages/kde4/deps/automoc4-0.9.88-x86_64-1.tgz: Upgraded to automoc4-0.9.88. TESTING/packages/kde4/deps/clucene-0.9.21b-x86_64-1.tgz: Upgraded to clucene-0.9.21b. TESTING/packages/kde4/extragear/guidance-power-manager-4.2.0-x86_64-1.tgz: Upgraded to guidance-power-manager-4.2.0. TESTING/packages/kde4/extragear/konq-plugins-4.2.0-x86_64-1.tgz: Upgraded to konq-plugins-4.2.0. TESTING/packages/kde4/extragear/skanlite-0.2_kde4.2.0-x86_64-1.tgz: Upgraded to skanlite-0.2_kde4.2.0. TESTING/packages/kde4/kde/kdeaccessibility-4.2.0-x86_64-1.tgz: Upgraded to kdeaccessibility-4.2.0. TESTING/packages/kde4/kde/kdeadmin-4.2.0-x86_64-1.tgz: Upgraded to kdeadmin-4.2.0. TESTING/packages/kde4/kde/kdeartwork-4.2.0-x86_64-1.tgz: Upgraded to kdeartwork-4.2.0. TESTING/packages/kde4/kde/kdebase-4.2.0-x86_64-1.tgz: Upgraded to kdebase-4.2.0. TESTING/packages/kde4/kde/kdebase-runtime-4.2.0-x86_64-1.tgz: Upgraded to kdebase-runtime-4.2.0. TESTING/packages/kde4/kde/kdebase-workspace-4.2.0-x86_64-1.tgz: Upgraded to kdebase-workspace-4.2.0. TESTING/packages/kde4/kde/kdebindings-4.2.0-x86_64-1.tgz: Upgraded to kdebindings-4.2.0. TESTING/packages/kde4/kde/kdeedu-4.2.0-x86_64-1.tgz: Upgraded to kdeedu-4.2.0. TESTING/packages/kde4/kde/kdegames-4.2.0-x86_64-1.tgz: Upgraded to kdegames-4.2.0. TESTING/packages/kde4/kde/kdegraphics-4.2.0-x86_64-1.tgz: Upgraded to kdegraphics-4.2.0. TESTING/packages/kde4/kde/kdelibs-4.2.0-x86_64-1.tgz: Upgraded to kdelibs-4.2.0. TESTING/packages/kde4/kde/kdemultimedia-4.2.0-x86_64-1.tgz: Upgraded to kdemultimedia-4.2.0. TESTING/packages/kde4/kde/kdenetwork-4.2.0-x86_64-2.tgz: Upgraded to kdenetwork-4.2.0. TESTING/packages/kde4/kde/kdepim-4.2.0-x86_64-1.tgz: Upgraded to kdepim-4.2.0. TESTING/packages/kde4/kde/kdepimlibs-4.2.0-x86_64-1.tgz: Upgraded to kdepimlibs-4.2.0. TESTING/packages/kde4/kde/kdeplasma-addons-4.2.0-x86_64-1.tgz: Upgraded to kdeplasma-addons-4.2.0. TESTING/packages/kde4/kde/kdesdk-4.2.0-x86_64-1.tgz: Upgraded to kdesdk-4.2.0. TESTING/packages/kde4/kde/kdetoys-4.2.0-x86_64-1.tgz: Upgraded to kdetoys-4.2.0. TESTING/packages/kde4/kde/kdeutils-4.2.0-x86_64-1.tgz: Upgraded to kdeutils-4.2.0. TESTING/packages/kde4/kde/kdewebdev-4.2.0-x86_64-1.tgz: Upgraded to kdewebdev-4.2.0. TESTING/packages/kde4/kde-l10n/kde-l10n-*-4.2.0-noarch-1.tgz: Upgraded to KDE 4.2.0 l10n packages. TESTING/packages/kde4/extragear/ktorrent-3.1.6-x86_64-1.tgz: Upgraded to ktorrent-3.1.6. -|--------------------------|- Mon Jan 26 23:03:02 EET 2009 N software series/bluez-utils-3.36-x86_64-5.tgz: The newer version of the .conf (bluez-4) file has been merged into this package, and changed from a .conf.new to a plain .conf to ensure that it replaces the other version. N software series/lftp-3.7.8-x86_64-1.tgz: Upgraded to lftp-3.7.8. TESTING/packages/kde4/deps/libmsn-r93-x86_64-1.tgz: Added libmsn-r93, needed to handle the MSN protocol in kopete. TESTING/packages/kde4/deps/phonon-4.3.0-x86_64-1.tgz: Upgraded to phonon-4.3.0. TESTING/packages/kde4/deps/soprano-2.1.67-x86_64-1.tgz: Upgraded to soprano-2.1.67. TESTING/packages/kde4/kde/kdenetwork-4.1.96-x86_64-2.tgz: Recompiled against libmsn-r93. -|--------------------------|- Fri Jan 23 18:37:01 EET 2009 Upgraded to KDE 4.2rc1 (4.1.96) in /TESTING. This set of packages will also work on Bluewhite64 12.2. If you intend to use them with Bluewhite64 12.2, grab them now. Library changes in -current may occur which could make it more difficult to use these KDE packages with Bluewhite64 12.2 in the future. TESTING/packages/kde4/deps/PyQt-4.4.4-x86_64-1.tgz: Upgraded to PyQt-4.4.4. TESTING/packages/kde4/deps/akonadi-1.1.1-x86_64-1.tgz: Upgraded to akonadi-1.1.1. TESTING/packages/kde4/deps/automoc4-r900905-x86_64-1.tgz: Added automoc4-r900905. TESTING/packages/kde4/deps/boost-1.36.0-x86_64-1.tgz: Upgraded to boost-1.36.0. TESTING/packages/kde4/deps/eigen2-r900905-x86_64-1.tgz: Upgraded to eigen2-r900905. TESTING/packages/kde4/deps/iso-codes-3.5-noarch-1.tgz: Added iso-codes-3.5. TESTING/packages/kde4/deps/libdvdread-4.1.3-x86_64-1.tgz: Added libdvdread-4.1.3. TESTING/packages/kde4/deps/libical-0.42-x86_64-1.tgz: Added libical-0.42. TESTING/packages/kde4/deps/libxklavier-3.8-x86_64-1.tgz: Upgraded to libxklavier-3.8. TESTING/packages/kde4/deps/phonon-4.2.96-x86_64-1.tgz: Upgraded to phonon-4.2.96. TESTING/packages/kde4/deps/qimageblitz-r900905-x86_64-1.tgz: Upgraded to qimageblitz-r900905. TESTING/packages/kde4/deps/qt-r912655-x86_64-1.tgz: Upgraded to qt-r912655. TESTING/packages/kde4/deps/sip-4.7.9-x86_64-1.tgz: Upgraded to sip-4.7.9. TESTING/packages/kde4/deps/soprano-2.1.64-x86_64-1.tgz: Upgraded to soprano-2.1.64. TESTING/packages/kde4/deps/strigi-0.6.3-x86_64-1.tgz: Upgraded to strigi-0.6.3. TESTING/packages/kde4/extragear/amarok-2.0.1.1-x86_64-1.tgz: Upgraded to amarok-2.0.1.1. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.96-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.96. TESTING/packages/kde4/extragear/kaudiocreator-r888119-x86_64-1.tgz: Upgraded to kaudiocreator-r888119. TESTING/packages/kde4/extragear/konq-plugins-4.1.96-x86_64-1.tgz: Upgraded to konq-plugins-4.1.96. TESTING/packages/kde4/extragear/skanlite-0.2_kde4.1.96-x86_64-1.tgz: Added skanlite-0.2_kde4.1.96. TESTING/packages/kde4/kde/kdeaccessibility-4.1.96-x86_64-1.tgz: Upgraded to kdeaccessibility-4.1.96. TESTING/packages/kde4/kde/kdeadmin-4.1.96-x86_64-1.tgz: Upgraded to kdeadmin-4.1.96. TESTING/packages/kde4/kde/kdeartwork-4.1.96-x86_64-1.tgz: Upgraded to kdeartwork-4.1.96. TESTING/packages/kde4/kde/kdebase-4.1.96-x86_64-1.tgz: Upgraded to kdebase-4.1.96. TESTING/packages/kde4/kde/kdebase-runtime-4.1.96-x86_64-1.tgz: Upgraded to kdebase-runtime-4.1.96. TESTING/packages/kde4/kde/kdebase-workspace-4.1.96-x86_64-1.tgz: Upgraded to kdebase-workspace-4.1.96. TESTING/packages/kde4/kde/kdebindings-4.1.96-x86_64-1.tgz: Upgraded to kdebindings-4.1.96. TESTING/packages/kde4/kde/kdeedu-4.1.96-x86_64-1.tgz: Upgraded to kdeedu-4.1.96. TESTING/packages/kde4/kde/kdegames-4.1.96-x86_64-1.tgz: Upgraded to kdegames-4.1.96. TESTING/packages/kde4/kde/kdegraphics-4.1.96-x86_64-1.tgz: Upgraded to kdegraphics-4.1.96. TESTING/packages/kde4/kde/kdelibs-4.1.96-x86_64-1.tgz: Upgraded to kdelibs-4.1.96. TESTING/packages/kde4/kde/kdemultimedia-4.1.96-x86_64-1.tgz: Upgraded to kdemultimedia-4.1.96. TESTING/packages/kde4/kde/kdenetwork-4.1.96-x86_64-1.tgz: Upgraded to kdenetwork-4.1.96. TESTING/packages/kde4/kde/kdepim-r914823_4.2-x86_64-1.tgz: Upgraded to kdepim-r914823_4.2. TESTING/packages/kde4/kde/kdepimlibs-4.1.96-x86_64-1.tgz: Upgraded to kdepimlibs-4.1.96. TESTING/packages/kde4/kde/kdeplasma-addons-4.1.96-x86_64-1.tgz: Upgraded to kdeplasma-addons-4.1.96. TESTING/packages/kde4/kde/kdesdk-4.1.96-x86_64-1.tgz: Upgraded to kdesdk-4.1.96. TESTING/packages/kde4/kde/kdetoys-4.1.96-x86_64-1.tgz: Upgraded to kdetoys-4.1.96. TESTING/packages/kde4/kde/kdeutils-4.1.96-x86_64-1.tgz: Upgraded to kdeutils-4.1.96. TESTING/packages/kde4/kde/kdevelop-3.9.85-x86_64-1.tgz: Added kdevelop-3.9.85. TESTING/packages/kde4/kde/kdevplatform-0.9.85-x86_64-1.tgz: Added kdevplatform-0.9.85. TESTING/packages/kde4/kde/kdewebdev-4.1.96-x86_64-1.tgz: Upgraded to kdewebdev-4.1.96. TESTING/packages/kde4/kde/koffice-1.9.98.5-x86_64-1.tgz: Upgraded to koffice-1.9.98.5. TESTING/packages/kde4/kde-l10n/kde-l10n-*-4.1.96-noarch-1.tgz: Upgraded to KDE 4.1.96 l10n packages. TESTING/packages/kde4/kde-l10n/koffice-l10n-*-1.9.98.5-noarch-1.tgz: Upgraded to KOffice 1.9.98.5 l10n packages. TESTING/packages/bash-3.2.048-x86_64-1.tgz: Upgraded to bash-3.2.048. This might still have issues with backtick handling. Even though $(...) is a better syntax, a lot of things break if `...` is not handled correctly. -|--------------------------|- Thu Jan 15 23:51:48 EET 2009 A software series/openssl-solibs-0.9.8i-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] N software series/bind-9.4.3_P1-x86_64-1.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 [*** Security fix ***] N software series/ntp-4.2.4p6-x86_64-1.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 [*** Security fix ***] N software series/openssl-0.9.8i-x86_64-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 -|--------------------------|- Sun Dec 21 19:40:20 EET 2008 A software series/mkinitrd-1.3.3-x86_64-1.tgz: Fixed a few bugs in the previous mkinitrd package: If a kernel version is requested with the -k option and modules are needed to build the initrd, exit with an error if no matching /lib/modules/ tree is present. Usually an incorrect kernel version was supplied. When adding kernel modules to the initrd, be more verbose showing success and failure copying each module. With some newer kernels, "/dev/root" might be returned by mount as the root device, but this will not work as an initrd root device. If mount returns /dev/root, look at the /dev/root symlink to determine the actual root device and use that so that the root device does not need to be supplied with -r. In the call to /sbin/modprobe used to determine module dependencies, use the option --ignore-install to avoid catching "install" lines under /etc/modprobe.d/ when modules that use these are added to the initrd. This prevents /sbin/modprobe from being copied over busybox, breaking the initrd. XAP software series/mozilla-firefox-3.0.5-x86_64-1.tgz: Upgraded to firefox-3.0.5. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] -|--------------------------|- Fri Dec 12 23:39:17 EET 2008 Say hello to the Bluewhite64 Linux 12.2 stable version! Huge thanks to all the Bluewhite64 users who helped on this release! Enjoy! -|--------------------------|- Tue Dec 9 22:56:32 EET 2008 X software series/xf86-video-intel-2.4.3-x86_64-2.tgz: Patched to fix BIOS parsing code and fix some Intel and i830 video chipsets. isolinux/initrd.img: Added missing mount.nfs. Added INSSMB, an installer script to use a Samba source. usb-and-pxe-installers/: Added missing mount.nfs. Added INSSMB, an installer script to use a Samba source. -|--------------------------|- Mon Dec 8 20:04:39 EET 2008 AP software series/slackpkg-2.70.5-noarch-2.tgz: Commented all active mirrors. N software series/network-scripts-12.2-noarch-4.tgz: Patched rc.inet1 to filter output from "modprobe -c" that begins with #, preventing spurious error messages. N software series/php-5.2.8-x86_64-1.tgz: Upgraded to php-5.2.8. This is a bugfix release that reverts a change that broke magic_quotes_gpc. KDE software series/kdeadmin-3.5.10-x86_64-4.tgz: Updated the knetworkconf patch to handle the domain name better, and to retain the correct permissions on rc.samba. L software series/dbus-1.2.6-x86_64-1.tgz: Upgraded to dbus-1.2.6. L software series/dbus-glib-0.78-x86_64-1.tgz: Upgraded to dbus-glib-0.78. L software series/hal-0.5.11-x86_64-4.tgz: Modified hal.conf to use the plugdev group correctly. L software series/libgphoto2-2.4.3-x86_64-3.tgz: Added README.jl2005a. Although the driver for this proprietary chipset is not built by default, the README is useful to let people know why that is (and perhaps as a warning to steer clear of these cameras unless you happen to be an expert in reverse engineering compression formats). -|--------------------------|- Sun Dec 7 13:33:03 EET 2008 A software series/hdparm-9.3-x86_64-1.tgz: Upgraded to hdparm-9.3. AP software series/man-pages-3.15-noarch-1.tgz: Upgraded to man-pages-3.15. KDE software series/kdeadmin-3.5.10-x86_64-3.tgz: Patched knetworkconf (KDE Control Center Network Settings) to be able to configure network interfaces. Added Bluewhite64 Linux 11.0, 12.0. 12.1 and 12.2 support. The utility it can strip commented out options from the rc.inet1.conf config file, and can put options into the file in a confusing order, so it is still not the optimal way to configure a network. L software series/libgphoto2-2.4.3-x86_64-2.tgz: Restore README files for camera libraries that were not previously included. A pointer to the API documentation has also been added to the docs directory. N software series/network-scripts-12.2-noarch-3.tgz: Allow rc.inet1.conf to override MAXNICS value in rc.inet1. Added rc.inet1.8 and rc.inet1.conf.5 manpages. Removed duplicated code in rc.inet1 default case. XAP software series/pidgin-2.5.2-x86_64-2.tgz: Patched to accept certificates signed with rsa-md5. Other SSL libraries accept this, so GnuTLS should as well. EXTTRA/wicd/wicd-1.5.6-noarch-2.tgz: Change usr/lib/pm-utils/sleep.d/55wicd to chmod 644 by default to avoid interference with suspend. -|--------------------------|- Sat Dec 6 16:22:55 EET 2008 AP software series/ghostscript-8.63-x86_64-2.tgz: Patched to remove a dependency on the experimental cairo output driver, which brings in dependencies on many X libraries. AP software series/gutenprint-5.2.2-x86_64-2.tgz: Edited setup.06.gutenprint, which still had the old path to the PPD files. AP software series/pm-utils-1.2.3-x86_64-1.tgz: Upgraded to pm-utils-1.2.3. XAP software series/gftp-2.0.19-x86_64-1.tgz: Upgraded to gftp-2.0.19. isolinux/initrd.img: Added probe for forcedeth, e1000e and r8169 network chipsets. usb-and-pxe-installers/: Added probe for forcedeth, e1000e and r8169 network chipsets. -|--------------------------|- Fri Dec 5 14:40:10 EET 2008 AP software series/slackpkg-2.70.5-noarch-1.tgz: Upgraded to slackpkg-2.70.5-noarch-1. L software series/jre-6u11-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 11. N software series/php-5.2.7-x86_64-1.tgz: Upgraded to php-5.2.7. In addition to improvements and bug fixes, this new version of PHP also addresses several security issues, including: Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660). rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829). Fixed extraction of zip files or directories when the entry name is a relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt These are the URLs to get more information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 http://www.sektioneins.de/advisories/SE-2008-06.txt [*** Security fix ***] EXTRA/jdk-6/jdk-6u11-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 11. EXTRA/wicd/wicd-1.5.6-noarch-1.tgz: Upgraded to wicd-1.5.6. Patched to work with Bluewhite64. Thanks to Cycojesus for the patch. -|--------------------------|- Fri Dec 5 00:49:35 EET 2008 A software series/kernel-firmware-2.6.27.7-noarch-2.tgz: Recompiled. A software series/kernel-huge-2.6.27.7-x86_64-2.tgz: Recompiled with RTC (Real Time Clock) built in to the kernel image. The latest udev does not load the rtc modules (works up to udev-132), so hwclock cannot work as expected. Also, if the right modules is manually loaded, after reboot, the system time is set by default to UTC. The built in RTC fixes both ;). A software series/kernel-source-2.6.27.7-noarch-2.tgz: Recompiled. D software series/kernel-headers-2.6.27.7-x86-2.tgz: Recompiled. K software series/kernel-modules-2.6.27.7-x86_64-2.tgz: Recompiled. L software series/svgalib_helper-1.9.25_2.6.27.7-x86_64-2.tgz: Recompiled. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt with newly compiled kernel modules. -|--------------------------|- Thu Dec 4 21:17:57 EET 2008 A software series/udev-135-x86_64-2.tgz: Make DRI devices usable by anyone in group "video". AP software series/slackpkg-2.70.3-noarch-4.tgz: Added Bluewhite64 12.2 mirrors. D software series/oprofile-0.9.2-x86_64-5.tgz: Recompiled. N software series/netwatch-1.0a-x86_64-1.tgz: Removed. It is a old unmaintained software and not working as expected. N software series/network-scripts-12.2-noarch-2.tgz: Don't try to reset ipv4 parameters in rc.ip_forward unless /etc/sysctl.conf exists. XAP software series/mozilla-firefox-3.0.4-x86_64-2.tgz: Bumped Bluewhite64 version number in UA. XAP software series/eamonkey-1.1.13-x86_64-2.tgz: Bumped Bluewhite64 version in UA. EXTRA/jdk-6/jdk-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10. Thanks to rraptor and LukenShiro for reporting this. isolinux/initrd.img: Added lsscsi and pciutils. usb-and-pxe-installers/: Added lsscsi and pciutils. -|--------------------------|- Wed Dec 3 23:54:47 EET 2008 This is Bluewhite64 Linux 12.2 Release canditate one! Right now there is no iso, still have some small issues to resolve. I'll try at the next RC to relase an iso ;). A software series/aaa_base-12.2.0-noarch-1.tgz: Bumped /etc/bluewhite64-version version number in preparation for a stable release, and updated the initial emails. A software series/aaa_elflibs-12.2.0-x86_64-1.tgz: Updated the initial "starter" library package to the latest versions in -current. A software series/genpower-1.0.5-x86_64-2.tgz: Patched genpowerfail to halt the machine during a power failure rather than causing it to reboot over and over. A software series/ntfs-3g-1.5130-x86_64-1.tgz: Upgraded to ntfs-3g-1.5130. A software series/pciutils-2.2.10-x86_64-2.tgz: Updated pci.ids. A software series/sysvinit-scripts-1.2-noarch-26.tgz: Patched rc.M to start rc.wicd and rc.snmpd if those scripts are executable, and removed the reference to the old rc.hplip script. Also, modifed rc.K to shut down acpid using rc.acpid. Changed /proc/bus/usb mounting in rc.S to use the options from /etc/fstab if there is an entry for it there. A software series/udev-135-x86_64-1.tgz: Upgraded to udev-135. A software series/usbutils-0.73-x86_64-3.tgz: Updated usb.ids. AP software seris/alsa-utils-1.0.17-x86_64-2.tgz: Patched rc.alsa to use [[:blank:]] instead of [[:space:]] with tr, since the latter removes vertical whitespace and causes everything to be incorrectly listed on one line. L software series/hal-info-20081127-noarch-1.tgz: Upgraded to hal-info-20081127. N software series/ethtool-6-x86_64-1.tgz: Upgraded to ethtool-6. N software series/network-scripts-12.2-noarch-1.tgz: Removed the automatic DHCP timeout reduction in rc.inet1, since the kernel is not reliably returning correct information about that. If the default 30 second timeout is too long, it can be shortened in rc.inet1.conf. Patched rc.ip_forward to reapply any non-default ipv4 parameters after turning ipv4 forwarding on or off, as doing that clears them. TCL software series/expect-5.44.1.11-x86_64-2.tgz: Recompiled. TCL software series/tcl-8.5.5-x86_64-1.tgz: Upgraded to tcl-8.5.5. TCL software series/tk-8.5.5-x86_64-1.tgz: Upgraded to tk-8.5.5. XAP spftware series/audacious-1.5.1-x86_64-2.tgz: Recompiled to make sure newer libraries will work as expected. extra/brltty/brltty-3.10-x86_64-1.tgz: Upgraded to brltty-3.10. EXTRA/wicd/wicd-1.5.5-noarch-1.tgz: Added wicd-1.5.5. isolinux/initrd.img: Rebuilt removing some unneeded kernel modules. usb-and-pxe-installers/: Rebuilt removing some unneeded kernel modules. -|--------------------------|- Tue Dec 2 22:16:27 EET 2008 A software series/lilo-22.8-x86_64-14.tgz: Fixed typo in liloconfig. A software series/sysvinit-scripts-1.2-noarch-25.tgz: Edited rc.S to clear temporary files better. Edited rc.M, rc.6, and rc.K to not output additional information when running accton, as the new binary already does that. A software series/udev-134-x86_64-1.tgz: Upgraded to udev-134. (Remove any obsolete /etc/modprobe.d/uhci-hci config file after upgrade) AP software series/man-pages-3.14-noarch-1.tgz: Upgraded to man-pages-3.14. AP software series/pm-utils-1.2.2.1-x86_64-2.tgz: Rebuilt with a patch to properly reset acpi video flags after a resume. AP software series/radeontool-1.5-x86_64-1.tgz: Added radeontool-1.5. AP software series/lsscsi-0.21-x86_64-1.tgz: Upgraded to lsscsi-0.21. AP software series/mc-4.6.1_20070623p14-x86_64-2.tgz: Patched to fix a bug where moving or copying a file could cause mc to crash. D software series/ruby-1.8.7_p72-x86_64-2.tgz: Recompiled with a patch to fix short name constants. L software series/jre-6u10-x86_64-2.tgz: Added /usr/bin/java/jre/bin directory since the profile scripts add it to the $PATH. N software series/wireless-tools-29-x86_64-4.tgz: Patched rc.wireless to take the interface down and retry if setting the mode fails. N software series/bridge-utils-1.2-x86_64-2.tgz: Patched to fix a corner case where brctl does not work if the name of the bridge is "bridge". XAP software series/audacious-plugins-1.5.1-x86_64-4.tgz: Patched to fix amidi-plug plugin. -|--------------------------|- Sat Nov 29 18:05:22 EET 2008 AP software series/cdrtools-2.01.01a53-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a53. AP software series/dmidecode-2.10-x86_64-1.tgz: Upgraded to dmidecode-2.10. AP software series/sqlite-3.6.6.2-x86_64-1.tgz: Upgraded to sqlite-3.6.6.2. L software series/libgsf-1.14.10-x86_64-1.tgz: Upgraded to libgsf-1.14.10. N software series/dnsmasq-2.46-x86_64-1.tgz: Upgraded to dnsmasq-2.46. N software series/ntp-4.2.4p5-x86_64-2.tgz: Edited rc.ntpd to add status support for pm-utils. N software series/samba-3.2.5-x86_64-1.tgz: Upgraded to samba-3.2.5. This package fixes an important barrier against rogue clients reading from uninitialized memory (though no proof-of-concept is known to exist). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314 [*** Security fix ***] -|--------------------------|- Wed Nov 26 22:59:47 EET 2008 TESTING/packages/kde4/deps/eigen2-r888176-x86_64-1.tgz: Added eigen2-r888176. TESTING/packages/kde4/extragear/amarok-1.98-x86_64-1.tgz: Upgraded to amarok-1.98. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.3-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.3. TESTING/packages/kde4/extragear/kaudiocreator-r888119-x86_64-1.tgz: Upgraded to kaudiocreator-r888119. TESTING/packages/kde4/extragear/konq-plugins-4.1.3-x86_64-1.tgz: Added konq-plugins-4.1.3. TESTING/packages/kde4/extragear/ktorrent-3.1.5-x86_64-1.tgz: Upgraded to ktorrent-3.1.5. TESTING/packages/kde4/kde/kdeaccessibility-4.1.3-x86_64-1.tgz: Upgraded to kdeaccessibility-4.1.3. TESTING/packages/kde4/kde/kdeadmin-4.1.3-x86_64-1.tgz: Upgraded to kdeadmin-4.1.3. TESTING/packages/kde4/kde/kdeartwork-4.1.3-x86_64-1.tgz: Upgraded to kdeartwork-4.1.3. TESTING/packages/kde4/kde/kdebase-4.1.3-x86_64-1.tgz: Upgraded to kdebase-4.1.3. TESTING/packages/kde4/kde/kdebase-runtime-4.1.3-x86_64-1.tgz: Upgraded to kdebase-runtime-4.1.3. TESTING/packages/kde4/kde/kdebase-workspace-4.1.3-x86_64-1.tgz: Upgraded to kdebase-workspace-4.1.3. TESTING/packages/kde4/kde/kdebindings-4.1.3-x86_64-1.tgz: Upgraded to kdebindings-4.1.3. TESTING/packages/kde4/kde/kdeedu-4.1.3-x86_64-1.tgz: Upgraded to kdeedu-4.1.3. TESTING/packages/kde4/kde/kdegames-4.1.3-x86_64-1.tgz: Upgraded to kdegames-4.1.3. TESTING/packages/kde4/kde/kdegraphics-4.1.3-x86_64-1.tgz: Upgraded to kdegraphics-4.1.3. TESTING/packages/kde4/kde/kdelibs-4.1.3-x86_64-1.tgz: Upgraded to kdelibs-4.1.3. TESTING/packages/kde4/kde/kdemultimedia-4.1.3-x86_64-1.tgz: Upgraded to kdemultimedia-4.1.3. TESTING/packages/kde4/kde/kdenetwork-4.1.3-x86_64-1.tgz: Upgraded to kdenetwork-4.1.3. TESTING/packages/kde4/kde/kdepim-4.1.3-x86_64-1.tgz: Upgraded to kdepim-4.1.3. TESTING/packages/kde4/kde/kdepimlibs-4.1.3-x86_64-1.tgz: Upgraded to kdepimlibs-4.1.3. TESTING/packages/kde4/kde/kdeplasma-addons-4.1.3-x86_64-1.tgz: Upgraded to kdeplasma-addons-4.1.3. TESTING/packages/kde4/kde/kdesdk-4.1.3-x86_64-1.tgz: Upgraded to kdesdk-4.1.3. TESTING/packages/kde4/kde/kdetoys-4.1.3-x86_64-1.tgz: Upgraded to kdetoys-4.1.3. TESTING/packages/kde4/kde/kdeutils-4.1.3-x86_64-1.tgz: Upgraded to kdeutils-4.1.3. TESTING/packages/kde4/kde/kdewebdev-4.1.3-x86_64-1.tgz: Upgraded to kdewebdev-4.1.3. TESTING/packages/kde4/kde/koffice-1.9.98.2-x86_64-1.tgz: Upgraded to koffice-1.9.98.2. TESTING/packages/kde4/kde-l10n/kde-l10n-*.tgz: Upgraded to kde-l10n-*-4.1.3. TESTING/packages/kde4/kde-l10n/koffice-l10n-*.tgz: Added koffice-l10n-*-1.9.98.2. -|--------------------------|- Mon Nov 24 16:27:29 EET 2008 TESTING/packages/kde4/deps/qt-r887099-x86_64-1.tgz: Upgraded to qt-copy-r887099. TESTING/packages/kde4/kde/kdebase-workspace-4.1.2-x86_64-2.tgz: Recompiled against lm_sensors-3.0.3. TESTING/packages/kde4/kde/kdelibs-4.1.2-x86_64-2.tgz: Included an upstream patch to fix crashes with kded. -|--------------------------|- Sat Nov 22 21:12:00 EET 2008 A software series/aaa_base-12.1.0-noarch-4.tgz: Fixed an extra "../" at the beginning of the /var/X11R6 symlink A software series/glibc-solibs-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. A software series/glibc-zoneinfo-2.7-noarch-16.tgz: Recompiled. A software series/kernel-firmware-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 firmware. A software series/kernel-huge-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. A software series/kernel-modules-2.6.27.7-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. AP software series/hplip-2.8.10-x86_64-1.tgz: Upgraded to hplip-2.8.10. AP software series/pm-utils-1.2.2.1-x86_64-1.tgz: Added pm-utils-1.2.2.1. AP software series/slackpkg-2.70.3-noarch-2.tgz: Updates mirrors list and moved here from EXTRA ;). AP software series/texinfo-4.13a-x86_64-2.tgz: Patched the install script to replace /usr/info/dir if the topmost node is missing. D software series/kernel-headers-2.6.27.7-x86-1.tgz: Upgraded to Linux 2.6.27.6 headers. E software series/emacs-22.3-x86_64-2.tgz: Rebuilt with compressed info pages and using the emacs PNG icon from the sources. K software series/kernel-source-2.6.27.7-noarch-1.tgz: Upgraded to Linux 2.6.27.6. L software series/glibc-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. L software series/glibc-i18n-2.7-noarch-16.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-16.tgz: Recompiled against Linux 2.6.27.6. L software series/svgalib_helper-1.9.25_2.6.27.7-x86_64-1.tgz: Recompiled for Linux 2.6.27.6. N software series/alpine-2.00-x86_64-1.tgz: Upgraded to alpine-2.00. N software series/imapd-2.00-x86_64-1.tgz: Upgraded to imapd from alpine-2.00. N software series/curl-7.19.2-x86_64-1.tgz: Upgraded to curl-7.19.2. N software series/ntp-4.2.4p5-x86_64-1.tgz: Upgraded to ntp-4.2.4p5. N software series/sendmail-8.14.3-x86_64-1.tgz: Upgraded to sendmail-8.14.3. N software series/sendmail-cf-8.14.3-noarch-1.tgz: Upgraded to sendmail-8.14.3 config files. X software series/scim-1.4.7-x86_64-7.tgz: Recompiled. X/software series/scim-bridge-0.4.14-x86_64-3.tgz: Recompiled. XAP software series/mozilla-thunderbird-2.0.0.18-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.18. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Sat Nov 22 13:39:47 EET 2008 A software series/acpid-1.0.8-x86_64-1.tgz: Upgraded to acpid-1.0.8. /etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades, but since whatever version already installed on the system owns /etc/acpi/acpi_handler.sh, it will still be overwritten one more time when this update is installed. If you've customized your script, be sure to back it up before upgrading. A software series/mkinitrd-1.3.2-x86_64-4.tgz: Fixed a bug where unless -F was the first option given, other command line options would not override the contents of /etc/mkinitrd.conf as documented in the man page. L software series/libxml2-2.6.32-x86_64-2.tgz: Patched and recompiled. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 [*** Security fix ***] X software series/compiz-0.7.8-x86_64-1.tgz: Upgraded to compiz-0.7.8. X software series/dejavu-fonts-ttf-2.27-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.27. X software series/xf86-input-acecad-1.2.2-x86_64-1.tgz: Added xf86-input-acecad-1.2.2. X software series/xf86-input-calcomp-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-calcomp-1.1.2-x86_64-1.tgz. X software series/xf86-input-digitaledge-1.1.1-x86_64-2.tgz: Upgraded to xf86-input-digitaledge-1.1.1. X software series/xf86-input-dmc-1.1.2-x86_64-1.tgz: Added xf86-input-dmc-1.1.2. X software series/xf86-input-dynapro-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-dynapro-1.1.2. X software series/xf86-input-elo2300-1.1.2-x86_64-1.tgz: Upgraded to xf86-input-elo2300-1.1.2. X software series/xf86-input-elographics-1.2.3-x86_64-1.tgz: Upgraded to xf86-input-elographics-1.2.3. X software series/xf86-input-evdev-2.0.8-x86_64-1.tgz: Upgraded to xf86-input-evdev-2.0.8. X software series/xf86-input-fpit-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-fpit-1.2.0. X software series/xf86-input-hyperpen-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-hyperpen-1.2.0. X software series/xf86-input-jamstudio-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-jamstudio-1.2.0. X software series/xf86-input-joystick-1.3.3-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.3. X software series/xf86-input-keyboard-1.3.1-x86_64-1.tgz: Upgraded to xf86-input-keyboard-1.3.1. X software series/libdrm-2.3.0-x86_64-2.tgz: Recompiled. X software series/xf86-input-magellan-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-magellan-1.2.0. X software series/xf86-input-microtouch-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-microtouch-1.2.0. X software series/xf86-input-mutouch-1.2.1-x86_64-1.tgz: Upgraded to xf86-input-mutouch-1.2.1. X software series/xf86-input-palmax-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-palmax-1.2.0. X software series/xf86-input-penmount-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-penmount-1.3.0. X software series/xf86-input-summa-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-summa-1.2.0. X software series/xf86-input-synaptics-0.15.2-x86_64-1.tgz: Added xf86-input-synaptics-0.15.2. X software series/xf86-input-tek4957-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-tek4957-1.2.0. X software series/xf86-input-vmmouse-12.5.2-x86_64-1.tgz: Upgraded to xf86-input-vmmouse-12.5.2. X software series/xf86-input-void-1.1.1-x86_64-1.tgz: Added xf86-input-void-1.1.1. X software series/xf86-video-cirrus-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-cirrus-1.2.1. X software series/xf86-video-glint-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-glint-1.2.1. X software series/xf86-video-i128-1.3.1-x86_64-1.tgz: Upgraded to xf86-video-i128-1.3.1. X software series/xf86-video-intel-2.4.3-x86_64-1.tgz: Upgraded to xf86-video-intel-2.4.3. X software series/xf86-video-mga-1.4.9-x86_64-1.tgz: Upgraded to xf86-video-mga-1.4.9. X software series/xf86-video-neomagic-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-neomagic-1.2.1. X software series/xf86-video-nv-2.1.12-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.12. X software series/xf86-video-openchrome-0.2.903-x86_64-1.tgz: Added xf86-video-openchrome-0.2.903. X software series/xf86-video-radeonhd-1.2.3-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.3. X software series/xf86-video-s3virge-1.10.1-x86_64-1.tgz: Upgraded to xf86-video-s3virge-1.10.1. X software series/xf86-video-savage-2.2.1-x86_64-1.tgz: Upgraded to xf86-video-savage-2.2.1. X software series/xf86-video-vmware-10.16.5-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.5. X software series/xkeyboard-config-1.4-noarch-1.tgz: Upgraded to xkeyboard-config-1.4. EXTRA/slacktrack/slacktrack-2.01-noarch-1.tgz: Upgraded to slacktrack-2.01. -|--------------------------|- Sun Nov 16 19:06:13 EET 2008 A software series/glibc-solibs-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. A software series/glibc-zoneinfo-2.7-noarch-15.tgz: Recompiled. A software series/kernel-firmware-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 firmware. A software series/kernel-huge-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. A software series/kernel-modules-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6. D software series/kernel-headers-2.6.27.6-x86_64-1.tgz: Upgraded to Linux 2.6.27.6 headers. K software series/kernel-source-2.6.27.6-noarch-1.tgz: Upgraded to Linux 2.6.27.6. L software series/glibc-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. L software series/glibc-i18n-2.7-noarch-15.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.6. L software series/svgalib_helper-1.9.25_2.6.27.6-x86_64-1.tgz: Recompiled for Linux 2.6.27.6. N software series/gnutls-2.6.2-x86_64-1.tgz: Upgraded to gnutls-2.6.2. The security fix in gnutls-2.6.1 had a flaw in cases where the certificate chain contained only one self-signed certificate. This update fixes the issue. n/net-snmp-5.4.2.1-x86_64-1.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 [*** Security fix ***] N software series/proftpd-1.3.1-x86_64-3.tgz: Recompiled against the new openssl packages. XAP software series/mozilla-firefox-3.0.4-x86_64-1.tgz: Upgraded to firefox-3.0.4. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [*** Security fix ***] XAP software series/seamonkey-1.1.13-x86_64-1.tgz: Upgraded to seamonkey-1.1.13. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Sat Nov 15 00:49:08 EET 2008 AP software series/acct-6.4pre1-X86_64-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel accounting file format (and the older log formats). KDE software series/kdepim-3.5.10-x86_64-4.tgz: Recompiled against bluez-libs and pilot-link. L software series/pilot-link-0.12.3-x86_64-6.tgz: Recompiled against bluez-libs-3.36. N software series/bluez-hcidump-1.42-x86_64-2.tgz: Recompiled against bluez-libs-3.36. N software series/bluez-libs-3.36-x86_64-2.tgz: Switched back to the BlueZ 3.x series. As the website says, "without support from the userspace these modules are useless." N software series/bluez-utils-3.36-x86_64-4.tgz: Switched back to bluez-utils-3.36, with the udev rules moved into /lib/udev/rules.d/. N software series/obexftp-0.22-x86_64-3.tgz: Recompiled against openobex-1.3. N software series/openobex-1.3-x86_64-3.tgz: Recompiled against bluez-libs-3.36. N software series/slrn-0.9.9p1-x86_64-2.tgz: Fixed slack-desc to properly note that the original author, John E. Davis, is now maintaining slrn again. -|--------------------------|- Tue Nov 11 23:16:06 EET 2008 A software series/cups-1.3.9-x86_64-1.tgz: Upgraded to cups-1.3.9. This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 [*** Security fix ***] A software series/e2fsprogs-1.41.3-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.3. A software series/glibc-solibs-2.7-x86_64-14.tgz: Recompiled against Linux 2.6.27.5. A software series/glibc-zoneinfo-2.7-noarch-14.tgz: Rebuilt with tzdata2008i. A software series/kernel-firmware-2.6.27.5-x86_64-1.tgz: Added Linux 2.6.27.5 firmware (mostly for sound cards). A software series/kernel-huge-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5. A software series/kernel-modules-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5. A software series/module-init-tools-3.5-x86_64-1.tgz: Upgraded to module-init-tools-3.5. A software series/ntfs-3g-1.5012-x86_64-1.tgz: Upgraded to ntfs-3g-1.5012. A software series/openssl-solibs-0.9.8i-x86_64-1.tgz: Upgraded to openssl-0.9.8i. AP software series/cdparanoia-III_10.2-x86_64-1.tgz: Upgraded to cdparanoia-III-10.2. AP software series/gphoto2-2.4.3-x86_64-1.tgz: Upgraded to gphoto2-2.4.3. AP software series/hplip-2.8.9-x86_64-1.tgz: Upgraded to hplip-2.8.9. AP software series/lm_sensors-3.0.3-x86_64-1.tgz: Upgraded to lm_sensors-3.0.3. AP software series/rpm-4.4.2.3-x86_64-2.tgz: Recompiled against neon-0.28.3. AP software series/sqlite-3.6.4-x86_64-1.tgz: Upgraded to sqlite-3.6.4. D software series/binutils-2.18.50.0.9-x86_64-1.tgz: Upgraded to binutils-2.18.50.0.9. D software series/cmake-2.6.2-x86_64-1.tgz: Upgraded to cmake-2.6.2. D software series/git-1.6.0.3-x86_64-1.tgz: Upgraded to git-1.6.0.3. D software series/intltool-0.40.5-x86_64-1.tgz: Upgraded to intltool-0.40.5. D software series/kernel-headers-2.6.27.5_smp-x86-1.tgz: Upgraded to Linux 2.6.27.5 headers. D software series/m4-1.4.12-x86_64-1.tgz: Upgraded to m4-1.4.12. D software series/subversion-1.5.4-x86_64-1.tgz: Upgraded to subversion-1.5.4. D software series/kernel-headers-2.6.27.5-x86_64-1.tgz: Upgraded to Linux 2.6.27.5 headers. K software series/kernel-source-2.6.27.5-noarch-1.tgz: Upgraded to Linux 2.6.27.5. KDE software series/kdebase-3.5.10-x86_64-3.tgz: Recompiled against the new libsensors. KDE software series/kdepim-3.5.10-x86_64-3.tgz: Recompiled against the upgraded bluez and pilot-link packages. KDE software series/kdesdk-3.5.10-x86_64-3.tgz: Recompiled against apr-1.3.3 and neon-0.28.3. KDE software series/kdevelop-3.5.3-x86_64-3.tgz: Recompiled against neon-0.28.3. L software series/apr-1.3.3-x86_64-1.tgz: Upgraded to apr-1.3.3. L software series/apr-util-1.3.4-x86_64-1.tgz: Upgraded to apr-util-1.3.4. L software series/fuse-2.7.4-x86_64-2.tgz: Moved udev rules to /lib/udev/rules.d/. L software series/dbus-1.2.4-x86_64-1.tgz: Upgraded to dbus-1.2.4. L software series/glibc-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.5. L software series/glibc-i18n-2.7-noarch-15.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-15.tgz: Recompiled against Linux 2.6.27.5. L software series/hal-info-20081022-noarch-1.tgz: Upgraded to hal-info-20081022. L software series/hicolor-icon-theme-0.10-noarch-4.tgz: Recompiled. L software series/jre-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 10. L software series/libcap-2.14-x86_64-1.tgz: Upgraded to libcap-2.14. L software series/libgphoto2-2.4.3-x86_64-1.tgz: Upgraded to libgphoto2-2.4.3. L software series/libmtp-0.3.3-x86_64-1.tgz: Upgraded to libmtp-0.3.3. L software series/libnjb-2.2.6-x86_64-3.tgz: Moved udev rules to /lib/udev/rules.d/. L software series/neon-0.28.3-x86_64-1.tgz: Upgraded to neon-0.28.3. L software series/pilot-link-0.12.3-x86_64-5.tgz: Moved udev rules to /lib/udev/rules.d/. Recompiled against bluez-4.17. L software series/svgalib_helper-1.9.25_2.6.27.5-x86_64-1.tgz: Recompiled for Linux 2.6.27.5. n/bluez-4.17-x86_64-1.tgz: Added bluez-4.17, which replaces the blues-libs and blues-utils packages. n/bluez-hcidump-1.42-x86_64-1.tgz: Upgraded to bluez-hcidump-1.42. n/httpd-2.2.10-x86_64-1.tgz: Upgraded to httpd-2.2.10. n/gnutls-2.6.1-x86_64-1.tgz: Upgraded to gnutls-2.6.1. From the gnutls-2.6.1 NEWS file: ** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle attackers (i.e., active attackers) to assume any name and trick GNU TLS clients into trusting that name. Thanks for report and analysis from Martin von Gagern . [CVE-2008-4989] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 [*** Security fix ***] N software series/iproute2-2.6.26-x86_64-1.tgz: Upgraded to iproute2-2.6.26. N software series/iptables-1.4.2-x86_64-1.tgz: Upgraded to iptables-1.4.2. N software series/iwlwifi-3945-ucode-15.28.2.8-fw-1.tgz: Upgraded to iwlwifi-3945-ucode-15.28.2.8. N software series/iwlwifi-4965-ucode-228.57.2.21-fw-1.tgz: Upgraded to iwlwifi-4965-ucode-228.57.2.21. N software series/iwlwifi-5000-ucode-5.4.A.11-fw-1.tgz: Added iwlwifi-5000-ucode-5.4.A.11. N software series/nfs-utils-1.1.4-x86_64-1.tgz: Upgraded to nfs-utils-1.1.4. N software series/obexftp-0.22-x86_64-2.tgz: Recompiled. N software series/openobex-1.3-x86_64-2.tgz: Recompiled against bluez-4.17. N software series/openssl-0.9.8i-x86_64-1.tgz: Upgraded to openssl-0.9.8i. N software series/samba-3.2.4-x86_64-1.tgz: Upgraded to samba-3.2.4. N software series/slrn-0.9.9p1-x86_64-1.tgz: Upgraded to slrn-0.9.9p1. N software series/tcpdump-4.0.0-x86_64-1.tgz: Upgraded to libpcap-1.0.0 and tcpdump-4.0.0. TCL software series/expect-5.44.1.11-x86_64-1.tgz: Upgraded to expect-5.44.1.11. XAP software series/audacious-plugins-1.5.1-x86_64-3.tgz: Recompiled against neon-0.28.3. XAP software series/gkrellm-2.3.2-x86_64-1.tgz: Upgraded to gkrellm-2.3.2 compiled against lm_sensors-3.0.3. XAP software series/pidgin-2.5.2-x86_64-1.tgz: Upgraded to pidgin-2.5.2. XAP software series/sane-1.0.19-x86_64-3.tgz: Moved udev rules to /lib/udev/rules.d/. XAP software series/xfce-4.4.3-x86_64-1.tgz: Upgraded to xfce-4.4.3. XAP software series/xsane-0.996-x86_64-1.tgz: Upgraded to xsane-0.996. XAP software series/xscreensaver-5.07-x86_64-2.tgz: Fixed a problem that can occur when RANDR reports incorrect data. EXTRA/jdk-6/jdk-6u10-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10. EXTRA/ktorrent/ktorrent-2.2.8-x86_64-1.tgz: Upgraded to ktorrent-2.2.8. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Tue Oct 14 20:22:00 EEST 2008 A software series/glibc-solibs-2.7-x86_64-13.tgz: Recompiled. A software series/glibc-zoneinfo-2.7-noarch-13.tgz: Rebuilt using tzdata2008h for more DST fixes. A software series/kernel-test-huge-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! A A software series/kernel-test-modules-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! D software series/kernel-test-headers-2.6.27-x86_64-1.tgz: Upgraded to Linux 2.6.27 TEST! AP software series/rpm-4.4.2.3-x86_64-2.tgz: Recompiled to make sure that the rpm binary links correctly. Thanks to Tom Newsom for reporting. L software series/glibc-2.7-x86_64-13.tgz: Recompiled. L software series/glibc-i18n-2.7-noarch-13.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-14.tgz: Recompiled with tzcode/tzdata updates. K software series/kernel-test-source-2.6.27-noarch-1.tgz: Upgraded to Linux 2.6.27 TEST! isolinux/initrd.img: Upgraded the test kernel modules and image to Linux 2.6.27. usb-and-pxe-installers: Upgraded the test kernel modules and image to Linux 2.6.27. -|--------------------------|- Sat Oct 11 14:30:44 EEST 2008 A software series/ntfs-3g-1.2918-x86_64-1.tgz: Upgraded to ntfs-3g-1.2918. A software series/reiserfsprogs-3.6.20-x86_64-1.tgz: Upgraded to reiserfsprogs-3.6.20. A software series/udev-130-x86_64-1.tgz: Upgraded to udev-130. AP software series/cdrtools-2.01.01a50-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a50. D software series/ruby-1.8.7_p72-x86_64-1.tgz: Upgraded to ruby-1.8.7-p72. L software series/desktop-file-utils-0.15-x86_64-1.tgz: Upgraded to desktop-file-utils-0.15. L software series/gst-plugins-base-0.10.21-x86_64-1.tgz: Upgraded to gst-plugins-base-0.10.21. L software series/gstreamer-0.10.21-x86_64-1.tgz: Upgraded to gstreamer-0.10.21. L software series/hal-0.5.11-x86_64-3.tgz: Rebuilt against udev. Thanks to djgera for reporting. L software series/libcap-2.11-x86_64-1.tgz: Added libcap-2.11. L software series/libglade-2.6.3-x86_64-1.tgz: Upgraded to libglade-2.6.3. L software series/librsvg-2.22.3-x86_64-1.tgz: Upgraded to librsvg-2.22.3. L software series/shared-mime-info-0.51-x86_64-1.tgz: Upgraded to shared-mime-info-0.51. N software series/mcabber-0.9.9-x86_64-1.tgz: Upgraded to mcabber-0.9.9. N software series/vsftpd-2.0.7-x86_64-1.tgz: Upgraded to vsftpd-2.0.7 (this now requires libcap). TESTING/packages/kde4/deps/libspectre-0.2.1-x86_64-1.tgz: Added libspectre-0.2.1. TESTING/packages/kde4/deps/QScintilla-2.3-x86_64-1.tgz: Upgraded to QScintilla-2.3. TESTING/packages/kde4/deps/qimageblitz-r868728-x86_64-1.tgz: Upgraded to qimageblitz-r868728. TESTING/packages/kde4/deps/qt-r869114-x86_64-1.tgz: Upgraded to qt-copy-r869114. TESTING/packages/kde4/extragear/amarok-1.92.2-x86_64-1.tgz: Upgraded to amarok-1.92.2. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.2-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.2. TESTING/packages/kde4/extragear/kaudiocreator-r869103-x86_64-1.tgz: Upgraded to kaudiocreator-r869103. TESTING/packages/kde4/extragear/ktorrent-3.1.3-x86_64-1.tgz: Upgraded to ktorrent-3.1.3. TESTING/packages/kde4/kde/*.tgz: Upgraded to KDE 4.1.2. TESTING/packages/kde4/kde-l10n/*.tgz: Upgraded to KDE 4.1.2 l10n packages. -|--------------------------|- Thu Oct 9 00:04:38 EEST 2008 A software series/device-mapper-1.02.28-x86_64-1.tgz: Upgraded to device-mapper-1.02.28. A software series/e2fsprogs-1.41.2-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.2. A software series/glibc-solibs-2.7-x86_64-12.tgz: Recompiled. A software series/glibc-zoneinfo-2.7-noarch-12.tgz: Recompiled. Upgraded to tzdata2008f to keep up with more DST and other timezone changes. A software series/grep-2.5.3-x86_64-1.tgz: Upgraded to grep-2.5.3. A software series/lilo-22.8-x86_64-13.tgz: Recompiled against new device-mapper and lvm2. A software series/lvm2-2.02.40-x86_64-1.tgz: Upgraded to lvm2-2.02.40. A software series/pcmciautils-015-x86_64-1.tgz: Upgraded to pcmciautils-015. A software series/udev-128-x86_64-1.tgz: Upgraded to udev-128. A software series/xfsprogs-2.10.1_1-x86_64-1.tgz: Upgraded to xfsprogs-2.10.1-1. AP software series/mysql-5.0.67-x86_64-1.tgz: Upgraded to mysql-5.0.67. AP software series/rpm-4.4.2.3-x86_64-1.tgz: Upgraded to rpm-4.4.2.3. AP software series/sqlite-3.6.3-x86_64-1.tgz: Upgraded to sqlite-3.6.3. AP software series/texinfo-4.13a-x86_64-1.tgz: Upgraded to texinfo-4.13a. D software series/autoconf-2.63-noarch-1.tgz: Upgraded to autoconf-2.63. D software series/automake-1.10.1-noarch-1.tgz: Upgraded to automake-1.10.1. D software series/doxygen-1.5.7-x86_64-1.tgz: Upgraded to doxygen-1.5.7. D software series/libtool-1.5.26-x86_64-1.tgz: Upgraded to libtool-1.5.26. L software series/beecrypt-4.1.2-x86_64-1.tgz: Added beecrypt-4.1.2. L software series/dbus-1.2.3-x86_64-1.tgz: Upgraded to dbus-1.2.3. L software series/dbus-glib-0.76-x86_64-1.tgz: Upgraded to dbus-glib-0.76. L software series/dbus-python-0.83.0-x86_64-1.tgz: Upgraded to dbus-python-0.83.0. L software series/hal-0.5.11-x86_64-2.tgz: Recompiled. L software series/hal-info-20081001-noarch-1.tgz: Upgraded to hal-info-20081001. L software series/glibc-2.7-x86_64-12.tgz: Recompiled. Upgraded to tzdata2008f to keep up with more DST and other timezone changes. L software series/glibc-i18n-2.7-noarch-12.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-12.tgz: Recompiled. L software series/parted-1.8.8-x86_64-2.tgz: Recompiled with LVM2 support. N software series/lftp-3.7.4-x86_64-1.tgz: Upgraded to lftp-3.7.4. N software series/links-2.2-x86_64-1.tgz: Upgraded to links-2.2. N software series/ncftp-3.2.2-x86_64-1.tgz: Upgraded to ncftp-3.2.2. N software series/nmap-4.76-x86_64-1.tgz: Upgraded to nmap-4.76. N software series/wget-1.11.4-x86_64-1.tgz: Upgraded to wget-1.11.4. X software series/xdg-utils-1.0.2-noarch-2.tgz: Do not output errors from the first install script grep -- /etc/mailcap may not exist yet. XAP software series/fluxbox-1.1.1-x86_64-1.tgz: Upgraded to fluxbox-1.1.1. XAP/imagemagick-6.4.3_10-x86_64-1.tgz: Upgraded to ImageMagick-6.4.3-10 and recompiled with --disable-openmp to fix a problem with the perl Image::Magick module. -|--------------------------|- Mon Sep 29 13:24:05 EEST 2008 XAP software series/mozilla-firefox-3.0.3-x86_64-1.tgz: Upgraded to firefox-3.0.3. This fixes a bug in firefox-3.0.2 where saved passwords did not work. XAP software series/mozilla-thunderbird-2.0.0.17-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.17. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [* Security fix *] -|--------------------------|- Fri Sep 26 15:45:01 EEST 2008 XAP software series/mozilla-firefox-3.0.2-x86_64-1.tgz: Upgraded to firefox-3.0.2. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html [* Security fix *] XAP software series/seamonkey-1.1.12-x86_64-1.tgz: Upgraded to seamonkey-1.1.12. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [* Security fix *] -|--------------------------|- Thu Sep 25 00:26:01 EEST 2008 N software series/dhcpcd-2.0.8-x86_64-2.tgz: Recompiled with -fPIC. TESTING/packages/kde4/deps/gst-plugins-base-0.10.20-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/gstreamer-0.10.20-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/libgphoto2-2.4.1-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/sqlite-3.6.1-x86_64-1.tgz: Removed. TESTING/packages/kde4/deps/xdg-utils-1.0.2-noarch-1.tgz: Removed. This packages are already in the main tree. Thanks to djgera for reporting that this packages need to be removed ;). usb-and-pxe-installers/usbboot.img: Fixed bug #3. See http://bugzilla.bluewhite64.com/show_bug.cgi?id=3. Thanks to Diego for reporting. -|--------------------------|- Wed Sep 24 16:31:08 EEST 2008 L software series/gtk+2-2.12.12-x86_64-2.tgz: Recompiled. This will fix some stability problems in GTk based applications. So, upgrade if your desktop experiencing some stability problems ;). L software series/poppler-0.8.5-x86_64-3.tgz: Added back qt3 support. Now both qt versions are enabled. -|--------------------------|- Wed Sep 24 14:14:20 EEST 2008 X software series/libxcb-1.1-x86_64-2.tgz: Rebuilt with the right patch, previous was not applied correctly. TESTING/packages/kde4/remove-kde4.sh: Removed enchant and libraw1394 from the removepkg list. This was merged to the main tree so, don't need to be removed ;). Thanks to djgera for reporting the problems for this TESTING packages. TESTING/packages/kde4/kdegraphics-4.1.1-x86_64-2.tgz: Rebuilt once again against poppler, previous packages was missing some files. TESTING/packages/kde4/koffice-1.9.95.10-x86_64-2.tgz: Rebuilt once again against poppler, previous packages was missing some files. TESTING/packages/kde4/kde3-compat/qca-tls1-1.0-x86_64-opt2.tgz: Fixed qt3 path. TESTING/packages/kde4/kde3-compat/kdelibs3-3.5.10-x86_64-opt4.tgz: Removed some duplicate /usr files. TESTING/packages/kde4/kde-l10n/: Upgraded to KDE 4.1.1 l10n packages. This was missed with the latest updates. -|--------------------------|- Tue Sep 23 15:43:00 EEST 2008 D software series/flex-2.5.35-x86_64-1.tgz: Upgraded to flex-2.5.35. E software series/emacs-22.3-x86_64-1.tgz: Upgraded to emacs-22.3. N software series/curl-7.19.0-x86_64-1.tgz: Upgraded to curl-7.19.0. A software series/coreutils-6.12-x86_64-1.tgz: Upgraded to coreutils-6.12. EXTRA/slacktrack/slacktrack-2.00-noarch-1.tgz: Upgraded to slacktrack-2.00. L software series/libpng-1.2.32-x86_64-1.tgz: Upgraded to libpng-1.2.32. XAP software series/imagemagick-6.4.3_6-x86_64-1.tgz: Upgraded to ImageMagick-6.4.3-6. AP software series/alsa-utils-1.0.17-x86_64-1.tgz: Upgraded to alsa-utils-1.0.17. L software series/alsa-lib-1.0.17a-x86_64-1.tgz: Upgraded to alsa-lib-1.0.17a. L software series/alsa-oss-1.0.17-x86_64-1.tgz: Upgraded to alsa-oss-1.0.17. L software series/enchant-1.4.2-x86_64-1.tgz: Moved from /testing/packages/kde4/deps/. L software series/gtkspell-2.0.14-x86_64-1.tgz: Added gtkspell-2.0.14. L software series/libraw1394-2.0.0-x86_64-1.tgz: Moved from /testing/packages/kde4/deps/. L software series/liboil-0.3.15-x86_64-1.tgz: Upgraded to liboil-0.3.15. XAP software series/pidgin-2.5.1-x86_64-4.tgz: Recompiled against gtkspell-2.0.14. Added gstreamer support. XAP software series/xlockmore-5.26.1-x86_64-1.tgz: Upgraded to xlockmore-5.26.1. TESTING/packages/kde4/remove-kde4.sh: Fixed kde-l10n names (was kde-i18n). D software series/bin86-0.16.15-x86_64-1.tgz: Removed. D software series/dev86-0.16.17-x86_64-1.tgz: Added dev86-0.16.17 (replaces bin86 package). D software seriesgit-1.6.0.2-x86_64-1.tgz: Upgraded to git-1.6.0.2. D software series/intltool-0.40.3-x86_64-1.tgz: Added intltool-0.40.3. L software series/atk-1.23.5-x86_64-1.tgz: Upgraded to atk-1.23.5. L software series/cairo-1.6.4-x86_64-1.tgz: Upgraded to cairo-1.6.4. L software series/gmime-2.2.23-x86_64-1.tgz: Upgraded to gmime-2.2.23. L software series/gnome-icon-theme-2.23.92-noarch-1.tgz: Upgraded to gnome-icon-theme-2.23.92. L software series/gtk+2-2.12.12-x86_64-1.tgz: Upgraded to gtk+-2.12.12. L software series/icon-naming-utils-0.8.7-x86_64-1.tgz: Upgraded to icon-naming-utils. L software series/librsvg-2.22.2-x86_64-1.tgz: Upgraded to librsvg-2.22.2. L software series/pango-1.20.5-x86_64-1.tgz: Upgraded to pango-1.20.5. L software series/pycairo-1.6.4-x86_64-1.tgz: Upgraded to pycairo-1.6.4. L software series/pygobject-2.15.4-x86_64-1.tgz: Upgraded to pygobject-2.15.4. N software series/bluez-utils-3.36-x86_64-3.tgz: This should work now. X software series/dri2proto-1.1-x86_64-1.tgz: Added dri2proto-1.1. X software series/fontconfig-2.6.0-x86_64-1.tgz: Upgraded to fontconfig-2.6.0. X software series/inputproto-1.4.4-noarch-1.tgz: Upgraded to inputproto-1.4.4. X software series/pixman-0.12.0-x86_64-1.tgz: Upgraded to pixman-0.12.0. X software series/libX11-1.1.5-x86_64-1.tgz: Upgraded to libX11-1.1.5. X software series/libXau-1.0.4-x86_64-1.tgz: Upgraded to libXau-1.0.4. X software series/libXft-2.1.13-x86_64-1.tgz: Upgraded to libXft-2.1.13. X software series/libXrandr-1.2.3-x86_64-1.tgz: Upgraded to libXrandr-1.2.3. X software series/libXxf86vm-1.0.2-x86_64-1.tgz: Upgraded to libXxf86vm-1.0.2. X software series/libxcb-1.1-x86_64-1.tgz: Upgraded to libxcb-1.1. X software series/randrproto-1.2.2-noarch-1.tgz: Upgraded to randrproto-1.2.2. X software series/xcb-proto-1.1-noarch-1.tgz: Upgraded to xcb-proto-1.1. X software series/xextproto-7.0.3-noarch-1.tgz: Upgraded to xextproto-7.0.3. X software series/xf86driproto-2.0.4-noarch-1.tgz: Upgraded to xf86driproto-2.0.4. X software series/xproto-7.0.13-noarch-1.tgz: Upgraded to xproto-7.0.13. XAP software seriss/xmms-1.2.11-x86_64-1.tgz: Recompiled without --enable-simd. Thanks to djgera for reporting that the previouse package can't play mp3 files. XAP software series/xfce-4.4.2-x86_64-6.tgz: Fixed a misapplied memory leak patch. -|--------------------------|- Fri Sep 19 23:37:45 EEST 2008 KDE software series/k3b-1.0.5-x86_64-3.tgz: Recompiled to drop libdvdread support ;). -|--------------------------|- Fri Sep 19 16:00:17 EEST 2008 kernels/huge.s/*: Upgraded to Linux kernel 2.6.24.7. TESTING/packages/kde4/kde3-compat/kdelibs3-3.5.10-x86_64-opt3.tgz: Repackaged the kdelibs-3.5.10-x86_64-1.tgz to make it work in a compat mode. Successfully tested k3b-1.0.5 on KDE4 with this packages ;). -|--------------------------|- Fri Sep 19 01:27:45 EEST 2008 TESTING/packages/kde4/deps/gmm-3.1-noarch-1.tgz: Upgraded to gmm-3.1. TESTING/packages/kde4/deps/clucene-0.9.21-x86_64-1.tgz: Upgraded to clucene-0.9.21. TESTING/packages/kde4/deps/soprano-2.1.1-x86_64-1.tgz: Upgraded to soprano-2.1.1. TESTING/packages/kde4/deps/sip-4.7.7-x86_64-1.tgz: Upgraded to sip-4.7.7. TESTING/packages/kde4/deps/libzip-0.9-x86_64-1.tgz: Upgraded to libzip-0.9. TESTING/packages/kde4/deps/pycups-1.9.42-x86_64-1.tgz: Upgraded to pycups-1.9.42. TESTING/packages/kde4/deps/djvulibre-3.5.21-x86_64-1.tgz: Upgraded to djvulibre-3.5.21. TESTING/packages/kde4/deps/libraw1394-2.0.0-x86_64-1.tgz: Upgraded to libraw1394-2.0.0. TESTING/packages/kde4/deps/qimageblitz-r860451-x86_64-1.tgz: Upgraded to qimageblitz r860451. TESTING/packages/kde4/deps/PyQt-4.4.3-x86_64-1.tgz: Upgraded to PyQt-4.4.3. TESTING/packages/kde4/deps/qt-r860451-x86_64-1.tgz: Upgraded to qt-copy r860451. TESTING/packages/kde4/extragear/amarok-1.90-x86_64-1.tgz: Upgraded to amarok-1.90. TESTING/packages/kde4/extragear/guidance-power-manager-4.1.1-x86_64-1.tgz: Upgraded to guidance-power-manager-4.1.1. TESTING/packages/kde4/extragear/kaudiocreator-r860749-x86_64-1.tgz: Upgraded to kaudiocreator r860749. TESTING/packages/kde4/extragear/ktorrent-3.1.2-x86_64-2.tgz: Recompiled ktorrent-3.1.2. TESTING/packages/kde4/kde/: Upgraded to KDE 4.1.1. TESTING/packages/kde4/kde-l10n/: Upgraded to KDE 4.1.1 l10n packages. TESTING/packages/kde4/kde3-compat/: Rebuild the KDE3 compatibility packages, moved them into /opt/kde3/. -|--------------------------|- Thu Sep 18 01:21:46 EEST 2008 A software series/acpid-1.0.7b1-x86_64-1.tgz: Upgraded to acpid-1.0.7b1. A software series/e2fsprogs-1.41.1-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.1. A software series/etc-12.2-noarch-1.tgz: Do not set LC_ALL POSIX in /etc/csh.login. A software series/gawk-3.1.6-x86_64-1.tgz: Upgraded to gawk-3.1.6. A software series/sysvinit-scripts-1.2-noarch-24.tgz: Shut down acpid cleanly on halt/reboot. Erase any /usr/share/icons/icon-theme.cache that should not be there. AP software series/gphoto2-2.4.2-x86_64-2.tgz: Fixed uncompressed manpage. AP software series/nano-2.0.9-x86_64-1.tgz: Upgraded to nano-2.0.9. AP software series/vim-7.2.018-x86_64-1.tgz: Upgraded to vim-7.2.018. D software series/clisp-2.46-x86_64-1.tgz: Upgraded to clisp-2.46. KDE software series/amarok-1.4.10-x86_64-3.tgz: Patched for new libmtp API. KDE software series/kdelibs-3.5.10-x86_64-1.tgz: Reverted to the earlyer package. GCC 4.2.4 did not produce good code here, so will stick the working one ;). L software series/glib2-2.16.6-x86_64-1.tgz: Upgraded to glib2-2.16.6. L software series/libmtp-0.3.1-x86_64-1.tgz: Upgraded to libmtp-0.3.1. L software series/pilot-link-0.12.3-x86_64-4.tgz: Get rid of stray perllocal.pod. N software series/bind-9.4.2_P2-x86_64-1.tgz: Upgraded to bind-9.4.2-P2. This version has performance gains over bind-9.4.2-P1. Additional BIND /patches packages are available back to Bluewhite64 11.0. N software series/bluez-libs-3.36-x86_64-1.tgz: Upgraded to bluez-libs-3.36. (Some upstream code is not yet ready for the 4.x API) N software series/bluez-utils-3.36-x86_64-1.tgz: Upgraded to bluez-utils-3.36. It seems --enable-all is no longer a valid ./configure option for this package, and everything needs to be enabled individually, so several utilities and config files were missing from the previous package. N software series/rp-pppoe-3.10-x86_64-1.tgz: Upgraded to rp-pppoe-3.10. X software series/xf86-input-joystick-1.3.2-x86_64-2.tgz: Fixed misplaced man page. XAP software series/audacious-plugins-1.5.1-x86_64-2.tgz: Patched for new libmtp API. XAP software series/vim-gvim-7.2.018-x86_64-1.tgz: Upgraded to vim-7.2.018 (GTK+ add-on package). KDE 4.1.1 coming soon, need more TESTING here ;) -|--------------------------|- Sun Sep 14 12:32:57 EEST 2008 A software series/glibc-solibs-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. A software series/glibc-zoneinfo-2.7-noarch-11.tgz: Rebuild from tzcode/tzdata2008e. A software series/kernel-huge-2.6.24.7-x86_64-1.tgz: Upgraded to Linux 2.6.24.7. A software series/kernel-modules-2.6.24.7-x86_64-1.tgz: Upgraded to Linux 2.6.24.7. A software series/less-418-x86_64-1.tgz: Upgraded to less-418. A software series/ntfs-3g-1.2812-x86_64-1.tgz: Upgraded to ntfs-3g-1.2812. A software series/util-linux-ng-2.14.1-x86_64-1.tgz: Upgraded to util-linux-ng-2.14.1. AP software series/flac-1.2.1-x86_64-2.tgz: Recompiled to bring back the XMMS plugin. AP software series/gphoto2-2.4.2-x86_64-1.tgz: Added gphoto2-2.4.2. AP software series/linuxdoc-tools-0.9.21-x86_64-6.tgz: Recompiled against perl-5.10.0. AP software series/man-pages-3.08-noarch-1.tgz: Upgraded to man-pages-3.08 and man-pages-posix-2003-a. AP software series/mc-4.6.1_20070623p14-x86_64-1.tgz: Upgraded to mc-4.6.1_20070623p14. Patched to improve UTF8 support. AP software series/sqlite-3.6.2-x86_64-1.tgz: Added sqlite-3.6.2. AP software series/sox-14.1.0-x86_64-1.tgz: Upgraded to sox-14.1.0. See the documention for changes to the command-line options. D software series/cmake-2.6.1-x86_64-1.tgz: Upgraded to cmake-2.6.1. D software series/cvs-1.11.23-x86_64-1.tgz: Upgraded to cvs-1.11.23. D software series/doxygen-1.5.6-x86_64-1.tgz: Upgraded to doxygen-1.5.6. D software series/gcc-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-g++-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-gfortran-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-gnat-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-java-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/gcc-objc-4.2.4-x86_64-1.tgz: Upgraded to gcc-4.2.4. D software series/git-1.6.0.1-x86_64-1.tgz: Upgraded to git-1.6.0.1. D software series/guile-1.8.5-x86_64-1.tgz: Upgraded to guile-1.8.5. D software series/kernel-headers-2.6.24.7_smp-x86-1.tgz: Upgraded to Linux 2.6.24.7 headers. D software series/mercurial-1.0.2-x86_64-1.tgz: Upgraded to mercurial-1.0.2. D software series/perl-5.10.0-x86_64-1.tgz: Upgraded to perl-5.10.0. D software series/python-2.5.2-x86_64-3.tgz: Recompiled against Tcl/Tk 8.5.4. D software series/subversion-1.5.2-x86_64-1.tgz: Upgraded to subversion-1.5.2. D software series/perl-5.10.0-x86_64-1.tgz: Upgraded to perl-5.10.0. K software series/kernel-source-2.6.24.7-noarch-1.tgz: Upgraded to Linux 2.6.24.7. KDE software series/amarok-1.4.10-x86_64-2.tgz: Recompiled. KDE software series/k3b-1.0.5-x86_64-2.tgz: Recompiled. KDE software series/kdeaccessibility-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeaddons-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeadmin-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeartwork-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdebase-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdebindings-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeedu-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdegames-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdegraphics-3.5.10-x86_64-2.tgz: Recompiled. This adds libgphoto2 support. KDE software series/kdelibs-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdemultimedia-3.5.10-x86_64-2.tgz: Recompiled. This adds libgstreamer support to JuK. KDE software series/kdenetwork-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdepim-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdesdk-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdetoys-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdeutils-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/kdevelop-3.5.3-x86_64-2.tgz: Recompiled. KDE software series/kdewebdev-3.5.10-x86_64-2.tgz: Recompiled. KDE software series/koffice-1.6.3-x86_64-7.tgz: Recompiled. L software series/arts-1.5.10-x86_64-2.tgz: Recompiled. L software series/freetype-2.3.7-x86_64-1.tgz: Upgraded to freetype-2.3.7. L software series/fuse-2.7.4-x86_64-1.tgz: Upgraded to fuse-2.7.4. L software series/glibc-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. L software series/glibc-i18n-2.7-noarch-11.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-11.tgz: Recompiled against Linux 2.6.24.7. L software series/gst-plugins-base-0.10.20-x86_64-1.tgz: Added gst-plugins-base-0.10.20. L software series/gstreamer-0.10.20-x86_64-1.tgz: Added gstreamer-0.10.20. L software series/gmp-4.2.3-x86_64-1.tgz: Upgraded to gmp-4.2.3. L software series/hal-0.5.11-x86_64-1.tgz: Upgraded to hal-0.5.11. L software series/hal-info-20080508-noarch-1.tgz: Upgraded to hal-info-20080508. L software series/libgphoto2-2.4.2-x86_64-1.tgz: Added libgphoto2-2.4.2. L software series/liboil-0.3.14-x86_64-1.tgz: Added liboil-0.3.14. L software series/libvisual-plugins-0.4.0-x86_64-1.tgz: Added libvisual-plugins-0.4.0. These create some cool special effects with Amarok. L software series/parted-1.8.8-x86_64-1.tgz: Moved from /extra (this is now a HAL dependency). L software series/pilot-link-0.12.3-x86_64-3.tgz: Recompiled against perl-5.10.0. L software series/svgalib_helper-1.9.25_2.6.24.7-x86_64-3.tgz: Recompiled for Linux 2.6.24.7. N software series/dhcpcd-2.0.8-x86_64-1.tgz: Upgraded to dhcpcd-2.0.8. N software series/iptables-1.4.1.1-x86_64-1.tgz: Upgraded to iptables-1.4.1.1. N software series/irssi-0.8.12-x86_64-2.tgz: Recompiled against perl-5.10.0. N software series/net-snmp-5.4.1.2-x86_64-2.tgz: Recompiled against perl-5.10.0. N software series/obexftp-0.22-x86_64-1.tgz: Upgraded to obexftp-0.22. Built without ruby support, it does not compile. N software series/rsync-3.0.4-x86_64-1.tgz: Upgraded to rsync-3.0.4. TCL software series/expect-5.43.0-x86_64-3.tgz: Recompiled against Tcl/Tk 8.5.4. TCL software series/hfsutils-3.2.6-x86_64-3.tgz: Recompiled against tcl-8.5.4. TCL software series/tcl-8.5.4-x86_64-1.tgz: Upgraded to tcl-8.5.4. TCL software series/tix-8.4.3-x86_64-1.tgz: Upgraded to Tix-8.4.3. tixwish is no longer supported. TCL software series/tk-8.5.4-x86_64-1.tgz: Upgraded to tk-8.5.4. X software series/xdg-utils-1.0.2-noarch-1.tgz: Added xdg-utils-1.0.2. Thanks to Erik Hanson for the build script, and thanks to Michael Wagner for the hints concerning setting up some default mailcap entries. XAP software series/audacious-1.5.1-x86_64-1.tgz: Upgraded to audacious-1.5.1. XAP software series/audacious-plugins-1.5.1-x86_64-1.tgz: Upgraded to audacious-plugins-1.5.1. XAP software series/gimp-2.4.7-x86_64-1.tgz: Upgraded to gimp-2.4.7. XAP software series/imagemagick-6.4.2_5-x86_64-2.tgz: Recompiled against perl-5.10.0. XAP software series/pidgin-2.5.1-x86_64-2.tgz: Recompiled against tcl-8.5.4 and perl-5.10.0. XAP software series/x3270-3.3.7p8-x86_64-1.tgz: Upgraded to x3270-3.3.7p8. XAP software series/xchat-2.8.6-x86_64-2.tgz: Recompiled against tcl-8.5.4. XAP software series/xine-lib-1.1.15-x86_64-1.tgz: Upgraded to xine-lib-1.1.15. XAP software seriss/xmms-1.2.11-x86_64-1.tgz: Added xmms-1.2.11. XAP software series/xscreensaver-5.07-x86_64-1.tgz: Upgraded to xscreensaver-5.07. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Thu Sep 4 01:49:01 EEST 2008 XAP software series/pidgin-2.5.1-x86_64-1.tgz: Upgraded to pidgin-2.5.1. N software series/samba-3.2.3-x86_64-1.tgz: Upgraded to samba-3.2.3. This fixes a security issue where group_mapping.ldb was accidentally chmod 666 (only in -current, as all previous Bluewhite64 versions use the Samba 3.0.x branch which is not affected). This build also adds the mount.smbfs wrapper script for mount.cifs, and a link to the wrapper from /usr/bin/smbmount. This may fix some of the issues that people were having mounting SMB filesystems. Note that SMBFS is considered obsolete now, and using mount.smbfs really isn't any different in function using the wrapper than using mount.cifs directly. For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 [*** Security fix ***] Since this security issue only affects the unreleased development branch, (-current) this ChangeLog comment is the official notification. For those using older versions of Bluewhite64, many of them got bugfix updates to the 3.0.x branch. Check the new packages out -- they should correct some stability issues. -|--------------------------|- Fri Aug 29 20:22:11 EEST 2008 Upgraded KDE version 3.x.x to 3.5.10. The announcement may be found on the KDE web site: http://kde.org/announcements/announce-3.5.10.php KDE software series/amarok-1.4.10-x86_64-1.tgz: Upgraded to amarok-1.4.10. KDE software series/k3b-1.0.5-x86_64-1.tgz: Upgraded to k3b-1.0.5. KDE software series/kdeaccessibility-3.5.10-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.10. KDE software series/kdeaddons-3.5.10-x86_64-1.tgz: Upgraded to kdeaddons-3.5.10. KDE software series/kdeadmin-3.5.10-x86_64-1.tgz: Upgraded to kdeadmin-3.5.10. KDE software series/kdeartwork-3.5.10-x86_64-1.tgz: Upgraded to kdeartwork-3.5.10. KDE software series/kdebase-3.5.10-x86_64-1.tgz: Upgraded to kdebase-3.5.10. KDE software series/kdebindings-3.5.10-x86_64-1.tgz: Upgraded to kdebindings-3.5.10. KDE software series/kdeedu-3.5.10-x86_64-1.tgz: Upgraded to kdeedu-3.5.10. KDE software series/kdegames-3.5.10-x86_64-1.tgz: Upgraded to kdegames-3.5.10. KDE software series/kdegraphics-3.5.10-x86_64-1.tgz: Upgraded to kdegraphics-3.5.10. KDE software series/kdelibs-3.5.10-x86_64-1.tgz: Upgraded to kdelibs-3.5.10. KDE software series/kdemultimedia-3.5.10-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.10. KDE software series/kdenetwork-3.5.10-x86_64-1.tgz: Upgraded to kdenetwork-3.5.10. KDE software series/kdetoys-3.5.10-x86_64-1.tgz: Upgraded to kdetoys-3.5.10. KDE software series/kdepim-3.5.10-x86_64-1.tgz: Upgraded to kdepim-3.5.10. KDE software series/kdesdk-3.5.10-x86_64-1.tgz: Upgraded to kdesdk-3.5.10. KDE software series/kdeutils-3.5.10-x86_64-1.tgz: Upgraded to kdeutils-3.5.10. KDE software series/kdevelop-3.5.3-x86_64-1.tgz: Upgraded to kdevelop-3.5.3. KDE software series/kdewebdev-3.5.10-x86_64-1.tgz: Upgraded to kdewebdev-3.5.10. KDE software series/koffice-1.6.3-x86_64-5.tgz: Recompiled and Patched KOffice to write ODT elements in the correct order according to specs. KDEi/k3b-i18n-1.0.5-noarch-1.tgz: Upgraded to k3b-i18n-1.0.5. KDEi software series/kde-i18n-*-3.5.10-noarch-1.tgz: Upgraded to kde-i18n 3.5.10. L software series/arts-1.5.10-x86_64-1.tgz: Upgraded to arts-1.5.10. -|--------------------------|- Tue Aug 12 11:24:10 EEST 2008 N software series/alpine-1.10-x86_64-2.tgz: Fixed path for SSL certs. N software series/imapd-1.10-x86_64-2.tgz: Fixed path for SSL certs. X software series/m17n-lib-1.5.2-x86_64-1.tgz: Upgraded to m17n-lib-1.5.2. -|--------------------------|- Fri Aug 8 00:54:49 EEST 2008 A software series/cups-1.3.8-x86_64-1.tgz: Upgraded to cups-1.3.8. AP software series/hplip-2.8.7-x86_64-1.tgz: Upgraded to hplip-2.8.7. D software series/git-1.5.6.4-x86_64-1.tgz: Upgraded to git-1.5.6.4. D software series/mercurial-1.0.1-x86_64-1.tgz: Upgraded to mercurial-1.0.1. D software series/subversion-1.5.1-x86_64-1.tgz: Upgraded to subversion-1.5.1. N software series/alpine-1.10-x86_64-1.tgz: Added alpine-1.10, a Pine replacement. N software series/imapd-1.10-x86_64-1.tgz: Upgraded to imapd/ipop3d daemons from alpine-1.10. N software series/pine-4.64-x86_64-2.tgz: Removed. (Replaced by alpine-1.10) N software series/rsync-3.0.3-x86_64-1.tgz: Upgraded to rsync-3.0.3. N software series/samba-3.2.1-x86_64-1.tgz: Upgraded to samba-3.2.1. XAP software series/xchat-2.8.6-x86_64-1.tgz: Upgraded to xchat-2.8.6. -|--------------------------|- Thu Aug 7 00:35:47 EEST 2008 A software series/sysvinit-scripts-1.2-noarch-23.tgz: Removed line that wipes out /etc/motd. AP software series/ghostscript-8.63-x86_64-1.tgz: Upgraded to ghostscript-8.63. N software series/httpd-2.2.9-x86_64-2.tgz: Recompiled: Lennard reported that httpd segfaults when mod_proxy is used. The recompile fixed this issue. Thanks to Lennard for reporting and tesing the new package. -|--------------------------|- Wed Aug 6 12:18:59 EEST 2008 A software series/sysvinit-scripts-1.2-noarch-22.tgz: _Really_ quieted down rc.M's mime update this time (it seems that errors are sent to stdout). If we must update icon-cache files in rc.M (which is done only if they already exist), background it so that it doesn't delay the boot as much. In rc.S, only update the kernel version in /etc/motd if the file begins with "Linux", leaving the rest of the file free to be customized. Grab some information about the root partition from /proc/mounts to initialize /etc/mtab. D software series/python-2.5.2-x86_64-2.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 [*** Security fix ***] N software series/getmail-4.8.2-noarch-1.tgz: Upgraded to getmail-4.8.2. X software series/dejavu-fonts-ttf-2.26-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.26. X software series/liberation-fonts-ttf-1.04-noarch-1.tgz: Upgraded to liberation-fonts-1.04. XAP software series/pan-0.133-x86_64-1.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 [*** Security fix ***] -|--------------------------|- Fri Aug 1 12:26:20 EEST 2008 A software series/hdparm-8.9-x86_64-1.tgz: Upgraded to hdparm-8.9. KDE software series/kdegraphics-3.5.9-x86_64-3.tgz: Recompiled against poppler-0.8.5. KDE software series/koffice-1.6.3-x86_64-4.tgz: Recompiled against poppler-0.8.5. L software series/poppler-0.8.5-x86_64-1.tgz: Upgraded to poppler-0.8.5. XAP software series/gimp-2.4.6-x86_64-2.tgz: Recompiled against poppler-0.8.5. XAP software series/gxine-0.5.903-x86_64-1.tgz: Upgraded to gxine-0.5.903. XAP software series/mozilla-firefox-3.0.1-x86_64-3.tgz: Added some missing symlinks needed by gxine in order to compile. XAP software series/imagemagick-6.4.2_5-x86_64-1.tgz: Upgraded to ImageMagick 6.4.2-5. XAP software series/windowmaker-20060427cvs-x86_64-1.tgz: Switched to a patched CVS snapshot to get this compiling again with gcc 4.x (against ImageMagick 6.4.2-5). XAP software series/xine-lib-1.1.14-x86_64-1.tgz: Upgraded to xine-lib-1.1.14. N software series/proftpd-1.3.1-x86_64-2.tgz: Recompiled against new OpenSSL, since this evidently checks the OpenSSL version and will only run against the libraries it was compiled against. A small patch was also added to account for changes in the system includes. -|--------------------------|- Thu Jul 31 16:00:55 EEST 2008 A software series/openssl-solibs-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h shared libraries (see below). [*** Security fix ***] A software series/sysvinit-scripts-1.2-noarch-21.tgz: For now, quiet error output from update-mime-database, since KDE4 causes some "noise". AP software series/vim-7.1.330-x86_64-1.tgz: Upgraded to vim-7.1.330. This fixes several security issues related to the automatic processing of untrusted files. For more information, see: http://www.rdancer.org/vulnerablevim.html [*** Security fix ***] L software series/libxml2-2.6.32-x86_64-1.tgz: Upgraded to libxml2-2.6.32. L software series/libxslt-1.1.24-x86_64-1.tgz: Upgraded to libxslt-1.1.24. A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 [*** Security fix ***] L software series/pcre-7.7-x86_64-1.tgz: Upgraded to pcre-7.7. Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 [*** Security fix ***] N software series/fetchmail-6.3.8-x86_64-3.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 [*** Security fix ***] N software series/httpd-2.2.9-x86_64-1.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 [*** Security fix ***] N software series/links-2.1-x86_64-1.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 [*** Security fix ***] N software series/mtr-0.73-x86_64-1.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). [*** Security fix ***] N software series/net-snmp-5.4.1.2-x86_64-1.tgz: Upgraded to net-snmp-5.4.1.2. A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292 [*** Security fix ***] N software series/openldap-client-2.3.43-x86_64-1.tgz: Upgraded to openldap-2.3.43. This release fixes a security issue in slapd (our package does not ship it.) N software series/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! N software series/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! N software series/openssl-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h. The Codenomicon TLS test suite uncovered security bugs in OpenSSL. If OpenSSL was compiled using non-default options (Bluewhite64's package is not), then a malicious packet could cause a crash. Also, a malformed TLS handshake could also lead to a crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or it is possible to be unable to log back into sshd! [*** Security fix ***] XAP software series/gimp-2.4.6-x86_64-1.tgz: Upgraded to gimp-2.4.6. XAP software series/mozilla-thunderbird-2.0.0.16-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.16. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html [*** Security fix ***] XAP software series/vim-gvim-7.1.330-x86_64-1.tgz: Upgraded to vim-gvim-7.1.330. See "vim" above for details. [*** Security fix ***] XAP software series/xscreensaver-5.06-x86_64-1.tgz: Upgraded to xscreensaver-5.06. -|--------------------------|- Fri Jul 25 16:52:34 EEST 2008 N software series/dnsmasq-2.45-x86_64-1.tgz: Upgraded to dnsmasq-2.45. It was discovered that earlier versions of dnsmasq have DNS cache weaknesses that are similar to the ones recently discovered in BIND. This new release minimizes the risk of cache poisoning. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] TESTING/packages/jdk-6u10_beta-x86_64-1.tgz: Added Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 10 beta. If you have printing issues with CUPS and Java(TM) version 6.0 update 7 (stable), try using version 6.0 update 10 (BETA)! TESTING/packages/jre-6u10_beta-x86_64-1.tgz: Added Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 10 beta. Both of these Java(TM) packages are suitable for use on Bluewhite64 12.1 and 12.0. -|--------------------------|- Mon Jul 21 00:49:06 EEST 2008 L software series/jre-6u7-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 7. EXTRA software/jdk-6/jdk-6u7-x86_64-1.tgz: Upgradedto Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 7. -|--------------------------|- Sat Jul 19 15:52:10 EEST 2008 XAP software series/mozilla-firefox-3.0.1-x86_64-2.tgz: Removed unused commands from doinst.sh. Thanks to rraptorr for reporting this. Sorry for any inconvenience! -|--------------------------|- Fri Jul 18 11:56:12 EEST 2008 A software series/ntfs-3g-1.2712-x86_64-1.tgz: Upgraded to ntfs-3g-1.2712. This has been compiled to use the internal FUSE library rather than the system FUSE library. The benefit of this is that if /bin/ntfs-3g is make setuid root, then non-root users can use it to mount NTFS partitions if /etc/fstab allows it. Also, this version of ntfs-3g would require the CVS version of external FUSE. A software series/util-linux-ng-2.14-x86_64-1.tgz: Upgraded to util-linux-ng-2.14. X software series/mesa-7.0.3-x86_64-1.tgz: Upgraded to mesa-7.0.3. XAP software series/mozilla-firefox-3.0.1-x86_64-1.tgz: Upgraded to firefox-3.0.1 This release fixes some stability and security issues found in Firefox 3. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.1 http://www.mozilla.com/en-US/firefox/3.0.1/releasenotes/ [*** Security fix ***] XAP software series/seamonkey-1.1.11-x86_64-1.tgz: Upgraded to Seamonkey 1.1.11. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html [*** Security fix ***] -|--------------------------|- Tue Jul 15 18:44:52 EEST 2008 A software series/e2fsprogs-1.41.0-x86_64-1.tgz: Upgraded to e2fsprogs-1.41.0. N software series/dnsmasq-2.43-x86_64-1.tgz: Upgraded to dnsmasq-2.43. -|--------------------------|- Sat Jul 12 01:44:05 EEST 2008 D software series/nasm-2.03.01-x86_64-1.tgz: Upgraded to nasm-2.03.01. X software series/compiz-0.7.6-x86_64-1.tgz: Upgraded to compiz-0.7.6. X software series/xf86-video-ati-6.9.0-x86_64-1.tgz: Upgraded to xf86-video-ati-6.9.0. X software series/xf86-video-mach64-6.8.0-x86_64-1.tgz: Added xf86-video-mach64-6.8.0. This can be used alone with driver type "mach64" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. X software series/xf86-video-r128-6.8.0-x86_64-1.tgz: Added xf86-video-r128-6.8.0. This can be used alone with driver type "r128" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. X software series/xf86-video-intel-2.3.2-x86_64-1.tgz: Upgraded to xf86-video-intel-2.3.2. X software series/xf86-video-nv-2.1.10-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.10. -|--------------------------|- Thu Jul 10 22:56:12 EEST 2008 N software series/bind-9.4.2_P1-x86_64-1.tgz: Upgraded to bind-9.4.2-P1. This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache Poisoning Issue. This is the summary of the problem from the BIND site: "A weakness in the DNS protocol may enable the poisoning of caching recurive resolvers with spoofed data. DNSSEC is the only full solution. New versions of BIND provide increased resilience to the attack." It is suggested that sites that run BIND upgrade to one of the new packages in order to reduce their exposure to DNS cache poisoning attacks. For more information, see: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [*** Security fix ***] XAP software series/pidgin-2.4.3-x86_64-1.tgz: Upgraded to pidgin-2.4.3. This updates pidgin to work with the changed ICQ protocol. XAP software series/seamonkey-1.1.10-x86_64-1.tgz: Upgraded to seamonkey-1.1.10. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] -|--------------------------|- Thu Jul 3 00:14:20 EEST 2008 X software series/wqy-zenhei-font-ttf-0.6.26_0-noarch-1.tgz: Upgraded to wqy-zenhei-font-ttf-0.6.26-0. X software series/xorg-server-1.4.2-x86_64-1.tgz: Upgraded xorg-server to address denial of service and possible arbitrary code execution flaws reported in xorg-server 1.4 prior to 1.4.2. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362 [*** Security fix ***] X software series/xorg-server-xnest-1.4.2-x86_64-1.tgz: Security fixes (see CVE entries above). [*** Security fix ***] X software series/xorg-server-xvfb-1.4.2-x86_64-1.tgz: Security fixes (see CVE entries above). [*** Security fix ***] -|--------------------------|- Mon Jun 30 13:27:37 EEST 2008 N software series/gnutls-2.2.5-x86_64-1.tgz: Upgraded to GnuTLS version 2.2.5. This updated package fixes bugs which can lead to a denial of service (DoS) in programs linked with GnuTLS. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 [*** Security fix ***] -|--------------------------|- Sat Jun 28 12:34:11 EEST 2008 D software series/ruby-1.8.6_p230-x86_64-1.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 [*** Security fix ***] -|--------------------------|- Thu Jun 26 11:15:05 EEST 2008 A software series/pciutils-2.2.10-x86_64-2.tgz: Recompiled with -fPIC. N software series/libassuan-1.0.4-x86_64-2.tgz: Recompiled with -fPIC. Thanks to Kenjiro Tanaka for reporting that this two packages need to be compiled with -fPIC for KDE 4.x ;). -|--------------------------|- Fri Jun 20 23:15:58 EEST 2008 XAP software series/mozilla-firefox-3.0-x86_64-1.tgz: Upgraded to firefox-3.0. A software series/getty-ps-2.1.0b-x86_64-1.tgz: Added getty-ps-2.1.0b. Thanks to Adrian Virgil-Teaca for helping to compile this ;). -|--------------------------|- Thu May 29 20:03:29 EEST 2008 N software series/samba-3.0.30-x86_64-1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 [*** Security fix ***] -|--------------------------|- Thu May 29 00:28:18 EEST 2008 A software series/mkinitrd-1.3.2-x86_64-3.tgz: Initialize RAID earlier so that the combination of RAID+LUKS+LVM works. XAP software series/rdesktop-1.6.0-x86_64-1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" This package build also includes the new alsa driver (--with-sound=alsa), For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 [*** Security fix ***] EXTRA software/ktorrent/ktorrent-2.2.7-x86_64-1.tgz: Upgraded to ktorrent-2.2.7. -|--------------------------|- Thu May 8 18:48:25 EEST 2008 N software series/php-5.2.6-x86_64-1.tgz: Upgraded to PHP 5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php XAP software series/mozilla-thunderbird-2.0.0.14-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] -|--------------------------|- Sat May 3 09:51:15 EEST 2008 Bluewhite64 Linux 12.1 released as stable! THANKS to all for helping with this release! Don't forget to read the CHANGES_AND_HINTS.TXT file for more information about changes and hints. I hope you find Bluewhite64 12.1 to be useful! ;) EXTRA software/ia32-emulation/ia32-libX11-with-xcb/ia32-libX11-1.1.4-x86_64-1.tgz: Added libX11 compiled with xcb. Use this package only if you are having problems running 32-bit GUI applications. -|--------------------------|- Fri May 2 12:07:05 EEST 2008 A software series/kernel-test-huge-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 SMP test.s (full-featured test) kernel. A software series/kernel-modules-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel modules. TESTING/packages/kernel-test/kernel-test-headers-2.6.25.1-x86_64-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel headers. TESTING/packages/kernel-test/kernel-test-source-2.6.25.1-noarch-1.tgz: Upgraded to Linux 2.6.25.1 test SMP kernel source package. kernels/test.s/*: Upgraded to huge.s 2.6.25.1 test kernel. isolinux/initrd.img: Replaced the test kernel modules with 2.6.25.1 version. usb-and-pxe-installers/: Replaced the test kernel modules with 2.6.25.1 version. -|--------------------------|- Thu May 1 23:26:52 EEST 2008 Bluewhite64 12.1 RC4. The last RC? ;). A software series/kernel-huge-2.6.24.5-x86_64-2.tgz: Patched to fix a security issue in fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x systems) could lead to a local DoS, or possibly a local root hole. This flaw will also be addressed in the kernels for previous releases as soon as possible. The patch itself may be found in source/k/linux-2.6.24.5-CVE-2008-1375-patch/. For additional information (when the CVE candidate is opened), see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375 All the kernel packages below should also be considered security fixes. [*** Security fix ***] A software series/kernel-test-huge-2.6.25-x86_64-2.tgz: Patched and recompiled. A software series/kernel-modules-2.6.24.5-x86_64-2.tgz: Patched and recompiled. A software series/kernel-test-modules-2.6.25-x86_64-2.tgz: Patched and recompiled. D software series/kernel-headers-2.6.24.5-x86_64-2.tgz: Rebuilt from a patched source tree. K software series/kernel-source-2.6.24.5-noarch-2.tgz: Patched (leaving dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later). L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-2.tgz: Recompiled. EXTRA software/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:) TESTING/packages/kernel-test/kernel-test-headers-2.6.25-x86_64-2.tgz: Rebuilt from a patched source tree. TESTING/packages/kernel-test/kernel-test-source-2.6.25-noarch-2.tgz: Patched (leaving dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later). kernels/huge.s/*: Patched and recompiled. kernels/test.s/*: Patched and recompiled. isolinux/initrd.img: Rebuilt with newly compiled kernel modules. usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules. -|--------------------------|- Tue Apr 29 13:47:34 EEST 2008 This is Bluewhite64 12.1-RC3, no ISO for this time ;). Enjoy! A software series/cups-1.3.7-x86_64-2.tgz: Applied patch str2790 to fix crash bugs in the PNG image filter. The issues are not believed to be capable of either a DoS (at worst, it simply crashes the filter processing the current job and does not crash the scheduler daemon, which just moves on to the next job in the print queue), nor arbitrary code execution (data from the image is never stored in the affected tile array). Still, it seems to be worth fixing here just in case. The CUPS bug report may be found here: http://www.cups.org/str.php?L2790 AP software series/mysql-5.0.51b-x86_64-1.tgz: Upgraded to mysql-5.0.51b (which appears to be nothing more than a version bump...) L software series/imlib-1.9.15-x86_64-6.tgz: Patched to fix rendering issues on Intel and possibly other graphics chipsets. L software series/libmtp-0.2.6.1-x86_64-1.tgz: Upgraded to libmtp-0.2.6.1. The udev rules are now sed processed during build. L software series/libpng-1.2.27-x86_64-1.tgz: Upgraded to libpng-1.2.27. This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt [*** Security fix ***] X software series/xf86-input-joystick-1.3.2-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.2. X software series/xf86-video-vmware-10.16.1-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.1. XAP software series/mozilla-firefox-2.0.0.14-x86_64-2.tgz: Added the distribution name and version to the User Agent (UA). XAP software series/seamonkey-1.1.9-x86_64-1.tgz:Added the distribution name and version to the User Agent (UA). isolinux/initrd.img: Fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer. usb-and-pxe-installers/: In usbboot.img, fixed minimum RAM amount in /etc/issue, and made some edits to other documentation within the installer. -|--------------------------|- Sun Apr 27 17:43:34 EEST 2008 X software series/pixman-0.10.0-x86_64-3.tgz: Restored MMX optimizations. -|--------------------------|- Sat Apr 26 11:24:26 EEST 2008 A software series/aaa_base-12.1.0-noarch-3.tgz: More initial emails update. KDE software series/kdelibs-3.5.9-x86_64-4.tgz: Patched to fix a security problem. From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code." This issue affects KDE 3.5.5 through KDE 3.5.9. We recommend upgrading to the new kdelibs package as soon as possible. For more information, see: http://www.kde.org/info/security/advisory-20080426-2.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671 [*** Security fix ***] isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID. usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for formatted swap on RAID. EXTRA software/ktorrent/ktorrent-2.2.6-x86_64-1.tgz: Upgraded to ktorrent-2.2.6. EXTRA software/slackpkg/slackpkg-2.70.2-noarch-2.tgz: Added a new mirror. Thanks to Peter Polonkai for the devall.hu mirrors! -|--------------------------|- Thu Apr 24 10:53:16 EEST 2008 A software series/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails. N software series/wireless-tools-29-x86_64-3.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. -|--------------------------|- Tue Apr 22 14:58:42 EEST 2008 This is Bluewhite64 12.1-RC2! There is a DVD iso available for download from the primary mirror, other mirrors should be updated soon. Also, you can download through BitTorrent too (see the "Get Bluewhite64"). Please TEST, TEST and TEST as much as you can and post the possible problems to the forum ;). Enjoy! A software series/glibc-solibs-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. A software series/glibc-zoneinfo-2.7-noarch-10.tgz: Recompiled. A software series/kernel-huge-2.6.24.5-x86_64-1.tgz: Upgraded to Linux 2.6.24.5 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.5-x86_64-1.tgz Upgraded to Linux 2.6.24.5 SMP kernel modules. A software series/pkgtools-12.1.0-noarch-7.tgz: Removed obsolete modem setup script (any /dev/modem symlink would be wiped out by udev anyway). AP software series/lm_sensors-2.10.6-x86_64-1.tgz: Upgraded to lm_sensors-2.10.6. D software series/kernel-headers-2.6.24.5-x86_64-1.tgz: Upgraded to Linux 2.6.24.5 SMP kernel headers. A software series/mkinitrd-1.3.2-x86_64-2.tgz: Updated the version numbers in README.initrd and manpage. K software series/kernel-source-2.6.24.5-noarch-1.tgz Upgraded to Linux 2.6.24.5 SMP kernel source package. L software series/glibc-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. L software series/glibc-i18n-2.7-noarch-10.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers. L software series/jre-6u6-x86_64-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-1.tgz: Recompiled for Linux 2.6.24.5. N software series/mcabber-0.9.7-x86_64-1.tgz: Upgraded to mcabber-0.9.7. XAP software series/xine-lib-1.1.11.1-x86_64-3.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Bluewhite64 anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format). As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12: http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655 Moving to xine-lib-1.1.12 right now doesn't seem prudent for RC2, as the diff between 1.1.11.1 and 1.1.12 is many thousands of lines long. [*** Security fix ***] EXTRA software/brltty/brltty-3.9-x86_64-1.tgz: Upgraded to brltty-3.9. EXTRA software/jdk-6/jdk-6u6-x86_64-2.tgz: Adjusted installation directory to avoid removing files from kdebindings. isolinux/initrd.img: Replaced kernel modules with 2.6.24.5 versions. kernels/huge.s/*: Upgraded to huge.s 2.6.24.5 kernel. usb-and-pxe-installers/: Replaced kernel modules with 2.6.24.5 versions. Thanks to Amritpal Bath for writing a new README_RAID document explaining how to install Bluewhite64 using various RAID levels. -|--------------------------|- Fri Apr 18 11:46:34 EEST 2008 AP software series/mysql-5.0.51a-x86_64-3.tgz: Edited rc.mysql to fix a missing '=' in the example for mysql_install_db. XAP software series/mozilla-firefox-2.0.0.14-x86_64-1.tgz: Upgraded to firefox-2.0.0.14. This upgrade fixes a potential security bug. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] -|--------------------------|- Fri Apr 18 00:17:29 EEST 2008 A software series/kernel-test-huge-2.6.25-x86_64-1.tgz: Added Linux 2.6.25 SMP test.s (full-featured) testing kernel! please NOTE: this kernel is only for testing! You have to install the sources and the headers if you need them from testing/packages/kernel-test/* A software series/kernel-test-modules-2.6.25-x86_64-1.tgz Added Linux 2.6.25 SMP test.s kernel modules. L software series/jre-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 6. N software series/wireless-tools-29-x86_64-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. EXTRA software/jdk-6/jdk-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 6. testing/packages/kernel-test/*: Added a testing kernel version 2.6.25. kernels/test.s: Added a test.s (huge) SMP kernel 2.6.25 for testing! isolinux/initrd.img: Updated binaries and shared libraries. Added test.s kernel modules. Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu for reporting and testing. usb-and-pxe-installers/: Added test.s kernel and modules. Updated binaries and shared libraries. Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu for reporting and testing. -|--------------------------|- Tue Apr 15 17:46:44 EEST 2008 E software series/emacs-22.2-x86_64-1.tgz: Upgraded to GNU emacs-22.2. X software series/xf86-video-radeonhd-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1. EXTRA software/emacspeak/emacspeak-27.0-x86_64-1.tgz: Upgraded to emacspeak-27.0. -|--------------------------|- Mon Apr 14 18:39:31 EEST 2008 A software series/smartmontools-5.38-x86_64-1.tgz: Upgraded to smartmontools-5.38. D software series/git-1.5.5-x86_64-1.tgz: Upgraded to git-1.5.5. KDE software series/amarok-1.4.9.1-x86_64-1.tgz: Upgraded to amarok-1.4.9.1. N software series/bind-9.4.2-x86_65-2.tgz: Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Upgraded to the latest named.root file. T software series/xfig-3.2.4-x86_64-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. TCL software series/tclx-8.4-x86_64-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "private", this needs -I flags to compile (for now). XAP software series/xscreensaver-5.05-x86_64-1.tgz: Upgraded to xscreensaver-5.05. -|--------------------------|- Mon Apr 14 00:18:12 EEST 2008 AP software series/ghostscript-8.62-x86_64-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap to attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts). AP software series/man-1.6f-x86_64-1.tgz: Upgraded to man-1.6f. D software series/cscope-15.6-x86_64-1.tgz: Upgraded to cscope-15.6. F software series/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411. L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-2.tgz: Recompiled. N software series/iproute2-2.6.16_060323-x86_64-2.tgz: Fixed hardcoded "/usr/local/lib/iptables" path in two places within the source. N software series/sendmail-8.14.2-x86_64-2.tgz: Recompiled. Fixed issues in the install script with properly adding the smmsp user/group. When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Fixed typos at the top of example .mc files. Clamp down on security in the defaults some more by requiring authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations. N software series/sendmail-cf-8.14.2-noarch-2.tgz: Recompiled. X software series/xf86-video-radeonhd-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.0, which adds support for RV620, RV635, and R680 chipsets, and 2D acceleration for R5xx (including RS6xx) chipsets, both XAA and EXA. This driver also enables the use of the second digital output on the RS690 chipset. -|--------------------------|- Fri Apr 11 14:30:59 EEST 2008 A software series/cryptsetup-1.0.5-x86_64-4.tgz: Recompiled against static libgpg-error and got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent the error "Command failed: Key processing error: No hash backend found" when creating a new cryptographic volume. Thanks to TaQ for the heads-up. A software series/ed-0.9-x86_64-2.tgz: Fixed missing man page. D software series/guile-1.8.4-x86_64-1.tgz: Upgraded to guile-1.8.4. N software series/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the /usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware. N software series/libgcrypt-1.4.0-x86_64-2.tgz: Recompiled to include the static library. N software series/libgpg-error-1.6-X86_64-3.tgz: Recompiled to include the static library. N software series/mailx-12.3-x86_64-1.tgz: Upgraded to mailx-12.3. XAP software series/gnuplot-4.2.3-x86_64-1.tgz: Upgraded to gnuplot-4.2.3. isolinux/initrd.img: Replaced /sbin/cryptsetup.static. usb-and-pxe-installers/: Replaced /sbin/cryptsetup.static. -|--------------------------|- Thu Apr 10 15:15:18 EEST 2008 The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option, since some newer Intel motherboards are already using this chipset. Like everything else, use it at your own risk. It was decided that having some driver that was tested and found to work was better than no support at all. A software series/kernel-huge-2.6.24.4-x86_64-2.tgz: Recompiled Linux 2.6.24.4 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.4-x86_64-2.tgz Recompiled Linux 2.6.24.4 SMP kernel modules. D software series/kernel-headers-2.6.24.4-x86_64-2.tgz: Rebuild Linux 2.6.24.4 SMP kernel headers. D software series/pkg-config-0.23-x86_64-2.tgz: Prevent unwanted output during package install. D software series/ruby-1.8.6_p114-x86_64-1.tgz: Upgraded to ruby-1.8.6-p114. K software series/kernel-source-2.6.24.4-noarch-2.tgz Rebuilt Linux 2.6.24.4 SMP kernel source package. L software series/libaio-0.3.106-x86_64-1.tgz: Added libaio-0.3.106 (asynchronous I/O library). L software series/glib2-2.14.6-x86_64-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to /etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run first, setting the $LANG variable which these scripts require. N software series/dhcp-3.0.6-x86_64-1.tgz: Upgraded to dhcp-3.0.6. N software series/lftp-3.7.0-x86_64-1.tgz: Upgraded to lftp-3.7.0. N software series/links-2.1pre33-x86_64-1.tgz: Upgraded to links-2.1pre33. N software series/ncftp-3.2.1-x86_64-1.tgz: Upgraded to ncftp-3.2.1. N software series/rsync-3.0.2-x86_64-1.tgz: Upgraded to rsync-3.0.2. From the NEWS file: "BUG FIXES: - Fixed a potential buffer overflow in the xattr code." This is the security advisory, as the issue was present in -current only. [*** Security fix ***) N software series/tcpdump-3.9.8-x86_64-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8. X software series/compiz-0.7.4-x86_64-1.tgz: Upgraded to compiz-0.7.4. X software series/scim-1.4.7-x86_64-6.tgz: Fixed locale example typo in profile.d scripts. X software series/xf86-input-mouse-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to fix a copy/paste bug when switching between the virtual consoles and X. EXTRA software/slackpkg/slackpkg-2.70.2-noarch-1.tgz: Upgraded to slackpkg-2.70.2-noarch-1. isolinux/initrd.img: Replaced kernel modules with recompiled versions. kernels/huge.s/*: Recompiled huge.s 2.6.24.4 kernel. usb-and-pxe-installers/: Replaced kernel modules with recompiled versions. -|--------------------------|- Tue Apr 8 15:26:23 EEST 2008 D software series/cmake-2.4.8-x86_64-1.tgz: Upgraded to cmake-2.4.8. L software series/fribidi-0.10.9-x86_64-2.tgz: Recompiled. "left-to-right" was far too egregious a mistake to leave in the slack-desc. Sorry about that. X software series/pixman-0.10.0-x86_64-2.tgz: Symlink the headers into /usr/include to temporarily accommodate software that isn't yet using pixman.pc to get the -I/usr/include/pixman-1/ include path. Thanks to garry for reporting this. XAP software series/xine-lib-1.1.11.1-x86_64-2.tgz: Patched to fix playback failure affecting several media formats accidentally broken in the xine-lib-1.1.11.1 release. A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Added libfuse. Updated libbz2 (which still has the shared library name "libbz2.so.1.0.4"). A software series/bzip2-1.0.5-x86_64-1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 [*** Security fix ***] A software series/cryptsetup-1.0.5-x86_64-3.tgz: Make cryptsetup in /sbin and /usr/sbin both symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if someone installs only the A package series. AP software series/cdrtools-2.01.01a38-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a38. AP software series/dvd+rw-tools-7.1-x86_64-1.tgz: Upgraded to dvd+rw-tools-7.1. AP software series/ghostscript-8.62-x86_64-4.tgz: Fixed cidfmap for printing with the wqy-zenhei.ttf font. D software series/m4-1.4.11-x86_64-1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 [*** Security fix ***] N software series/iptables-1.4.0-x86_64-1.tgz: Upgraded to iptables-1.4.0. N software series/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated by netconfig. N software series/whois-4.7.26-x86_64-1.tgz: Upgraded to whois-4.7.26. XAP software series/xfce-4.4.2-x86_64-5.tgz: Fixed the build script to apply a couple of bugfix patches correctly. isolinux/initrd.img: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080 usb-and-pxe-installers/: Patched to fix expert mode FTP/HTTP installation, and to allow installation from HTTP source with port number, such as: http://somehost:8080 pasture/ia32-emulation/* Added the IA32 emulation found in Bluewhite64 12.0 testing. If the new packages found in extra/ia32-emulation/* not working as you expected, then you should use this one. Upgraded ia32-lib32asound-1.0.15. NOTE: use "removepkg /var/log/packages/ia32-*" to remove the existing IA32 packages and installpkg to install this ones. -|--------------------------|- Sun Apr 6 09:45:42 EEST 2008 XAP software series/xfce-4.4.2-x86_64-4.tgz: Show Orage Calendar only in XFce rather than having it fall into KDE's "Lost & Found" ;). EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-2.tgz: Recompiled libX11 without xcb. Thanks to Roberto Gonzalez Azevedo for reporting and testing. -|--------------------------|- Sat Apr 5 09:45:47 EEST 2008 L software series/glibc-2.7-x86_64-9a.tgz: Added /bin/sln -> /sbin/sln symlink. N software series/rsync-3.0.1-x86_64-1.tgz: Upgraded to rsync-3.0.1. TESTING/packages/bash-3.2.029-x86_64-1.tgz: Brought up to patchlevel 029. Last time we tried this as our main shell, it was still causing problems with a lot of the scripts out there, but perhaps it will be tried again in the next development cycle. isolinux/initrd.img: Added test26.s kernel support. usb-and-pxe-installers/usbboot.img: Added test26.s kernel support. -|--------------------------|- Sat Apr 5 01:51:22 EEST 2008 A software series/mkinitrd-1.3.2-x86_64-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. A software series/glibc-solibs-2.7-x86_64-9.tgz: Recompiled. A software series/glibc-zoneinfo-2.7-noarch-9.tgz: Updated timeconfig script. D software series/mercurial-1.0-x86_64-1.tgz: Upgraded to mercurial-1.0. L software series/glibc-2.7-x86_64-9.tgz: Removed /sbin/sln symlink. L software series/glibc-i18n-2.7-noarch-9.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-9.tgz: Rebuilt L software series/dbus-python-0.82.4-x86_64-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. N software series/openssh-5.0p1-x86_64-1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 [*** Security fix ***] EXTRA software/ia32-emulation/ia32-glibc-2.7-x86_64-1.tgz: Added ia32-glibc-2.7. From now one this is the place for the IA32 emulation packages for Bluewhite64. If you like to run 32-bit software then you have to install all this packages. Since the latest packages from BW64 12.0, all libraries have been updated to the versions found in the --current tree. The ia32-glibc-2.7 automatically add the /lib32 and /usr/lib32 to /etc/ld.so.conf and run ldconfig for you, so now is more easy to run 32-bit software ;). NOTE: this packages are ONLY to run 32-bit software, NOT to compile. Please test as much as you can and post success or failures to the Bluewhite64 forum. Use removepkg /var/log/packages/ia32-* to remove the old ones and use installpkg to install all this brand new ones ;). Enjoy! EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-1.tgz: Added ia32-lib32-0.3.0. EXTRA software/ia32-emulation/ia32-pango-1.20.0-x86_64-1.tgz: Added ia32-pango-1.20.0. EXTRA software/ia32-emulation/ia32-zlib-1.2.3-x86_64-1.tgz: Added ia32-zlib-1.2.3. EXTRA software/ia32-emulation/ia32-gtk+2-2.12.9-x86_64-1.tgz: Added ia32-gtk+2-2.12.9. EXTRA software/ia32-emulation/ia32-lib32asound-1.0.15-x86_64-1.tgz: Added ia32-lib32asound. EXTRA software/ia32-emulation/ia32-stdc++-6.0.9-x86_64-1.tgz: Added a32-stdc++6.0.9. EXTRA software/ia32-emulation/linux32-1.0-x86_64-1.tgz: Added linux32-1.0. testing/ia32-emulation/*: Moved to EXTRA software. -|--------------------------|- Thu Apr 3 17:50:11 EEST 2008 This is Bluewhite64 12.1-rc1, though there is still some more minor work to do. No ISO for this RC, perhaps the RC2 will have one, I'm waiting for the 2.6.25 Linux kernel to integrate it as a test26.s kernel. Please help test! And if we're missing anything major, please let me know at arny at bluewhite64 dot com or post to the forum. Thank You! A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Updated the initial "starter" library package to the latest versions in -current. A software series/cups-1.3.7-x86_64-1.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 [*** Security fix ***] A software series/cxxlibs-6.0.9-x86_64-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3. A software series/mdadm-2.6.4-x86_64-1.tgz: Upgraded to mdadm-2.6.4. A software series/pciutils-2.2.10-x86_64-1.tgz: Upgraded to pciutils-2.2.10. A software series/sysvinit-2.86-x86_64-7.tgz: Fixed the /sbin/initscript path to match the man pages. Thanks to Michiel Broek for the patch. AP software series/hplip-2.8.4-x86_64-1.tgz: Upgraded to hplip-2.8.4. AP software series/zsh-4.3.6-x86_64-1.tgz: Upgraded to zsh-4.3.6. D software series/gdb-6.8-x86_64-1.tgz: Upgraded to gdb-6.8. L software series/hal-0.5.10-x86_64-2.tgz: Recompiled with --enable-umount-helper, which allows non-root users to umount hotplugged devices from the command line. L software/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317. N software/bind-9.4.2-x86_64-1.tgz: Upgraded to bind-9.4.2. N software/wpa_supplicant-0.5.10-x86_64-1.tgz: Upgrade/d to wpa_supplicant-0.5.10. X software series/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23. X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Reverted to xf86-video-intel-2.2.1. We suspected that might be needed, given the version number and development status of the newer driver we tried, but gave it a try anyway. Probably there will be no more driver updates at this point unless bugs are reported that newer drivers fix. XAP software series/pidgin-2.4.1-x86_64-1.tgz: Upgraded to pidgin-2.4.1. -|--------------------------|- Tue Apr 1 22:45:27 EEST 2008 A software series/acl-2.2.47_1-x86_64-1.tgz: Upgraded to acl-2.2.47_1. A software series/attr-2.4.41_1-x86_64-1.tgz: Upgraded to attr-2.4.41_1. A software series/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell". A software series/lilo-22.8-x86_64-10.tgz: Fixed a bug where liloconfig might not properly determine the root directory where /boot is found. A software series/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make rescan-scsi-bus unneccessary). Keep /usr/share/mime's mime.cache file updated. A software series/util-linux-2.12r-x86_64-4.tgz: Removed. See below. A software series/util-linux-ng-2.13.1-x86_64-1.tgz: Added util-linux-ng-2.13.1, which replaces the old util-linux package. To install, either use upgradepkg with the "%" option, or do this: installpkg util-linux-ng-2.13.1-x86_64-1.tgz ; removepkg util-linux ; installpkg util-linux-ng-2.13.1-x86_64-1.tgz A software series/xfsprogs-2.9.7_1-x86_64-1.tgz: Upgraded to xfsprogs-2.9.7_1. AP software series/alsa-utils-1.0.15-x86_64-3.tgz: Don't load the mixer settings until after the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using sed and tr instead. AP software series/dmapi-2.2.8_1-x86_64-1.tgz: Upgraded to dmapi-2.2.8_1. AP software series/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the POSIX pthread_* man pages this time. AP software series/mysql-5.0.51a-x86_64-2.tgz: Modified /etc/rc.d/rc.mysqld's database installation instructions to take into consideration that the mysql user no longer has a login shell. In addition, the admin is told to consider locking the database server down even further (if possible) by using the mysql_secure_installation utility. AP software series/xfsdump-2.2.48_1-x86_64-1.tgz: Upgraded to xfsdump-2.2.48_1. L software series/libgsf-1.14.8-x86_64-1.tgz: Upgraded to libgsf-1.14.8. N software series/net-tools-1.60-x86_64-2.tgz: Recompiled with latest Debian patch. N software series/nfs-utils-1.1.2-x86_64-1.tgz: Upgraded to nfs-utils-1.1.2. N software series/nmap-4.60-x86_64-3.tgz: Fixed the build script (third time's the charm?) to use DESTDIR and remove the one item (useless, IMHO, within a package system) that still can't get DESTDIR right: uninstall_zenmap. N software series/openssh-4.9p1-x86_64-1.tgz: Upgraded to openssh-4.9p1. N software series/wget-1.11.1-x86_64-1.tgz: Upgraded to wget-1.11.1. X software series/scim-1.4.7-x86_64-5.tgz: Fixed scim.desktop to have more information, and to place the SCIM startup utility in the "Utilities" menu rather than having it fall into "Lost & Found". X software series/xf86-video-intel-2.2.99.902-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.99.902. XAP software series/xine-lib-1.1.11.1-x86_64-1.tgz: Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 [*** Security fix ***] isolinux/initrd.img: Patched to have /etc/fstab mount /dev/shm. Updated XFS utilities. usb-and-pxe-installers/: Patched to have /etc/fstab mount /dev/shm. Updated XFS utilities. -|--------------------------|- Sun Mar 30 18:53:02 EEST 2008 A software series/glibc-solibs-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. A software series/glibc-zoneinfo-2.7-noarch-8.tgz: Upgraded to tzdata2008b. L software series/glibc-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. Upgraded to tzdata2008b. L software series/glibc-i18n-2.7-noarch-8.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers. A software series/lilo-22.8-x86_64-9.tgz: Fixed reversed vt.default_utf8 kernel parameter (0 <-> 1) in /etc/lilo.conf. Fxed liloconfig to at least create an empty message file in /boot if none exists. A software series/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this seems to be a de-facto standard directory and (for example) XFce will give an error if it is missing and one tries to change the desktop image. Bumped version number of package, and of /etc/bluewhite64-version. A software series/etc-12.1-noarch-4.tgz: Installed root into the audio, cdrom, video, plugdev, and floppy groups _correctly_ :). A software series/sysvinit-scripts-1.2-noarch-19.tgz: Keep any icon-theme.cache files updated. A software series/kernel-huge-2.6.24.4-x86_64-1.tgz: Upgraded to Linux 2.6.24.4 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.4-x86_64-1.tgz Upgraded to Linux 2.6.24.4 uniprocessor kernel modules. AP software series/vim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285. D software series/kernel-headers-2.6.24.4-x86_64-1.tgz: Upgraded to Linux 2.6.24.4 SMP kernel headers. K software series/kernel-source-2.6.24.4-noarch-1.tgz Upgraded to Linux 2.6.24.4 SMP kernel source. L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-1.tgz: Recompiled for Linux 2.6.24.4. N software series/gnupg-1.4.9-x86_64-1.tgz: Upgraded to gnupg-1.4.9. N software series/gnupg2-2.0.9-x86_64-1.tgz: Upgraded to gnupg-2.0.9. N software series/nmap-4.60-x86_64-2.tgz: Recompiled. Some files were missing due to an incompletely removed previous compile. It may also be necessary to reinstall python after upgrading from -1. TCL software series/tcl-8.4.18-x86_64-1.tgz: Upgraded to tcl8.4.18. TCL software series/tk-8.4.18-x86_64-1.tgz: Upgraded to tk8.4.18. X software series/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0. X software series/pixman-0.10.0-x86_64-1.tgz: Upgraded to pixman-0.10.0. XAP software series/mozilla-firefox-2.0.0.13-x86_64-1.tgz: Upgraded to firefox-2.0.0.13. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/seamonkey-1.1.9-x86_64-1.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/xine-lib-1.1.11-x86_64-1.tgz: Earlier versions of xine-lib suffer from an array index bug that may have security implications if a malicious RTSP stream is played. Playback of other media formats is not affected. If you use RTSP, you should probably upgrade xine-lib. For more information on the security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 [*** Security fix ***] XAP software series/vim-gvim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285. This is the GTK+ version of vim (gvim). The normal vim package is also required. XAP software series/windowmaker-0.92.0-x86_64-5.tgz: Repackaged to fix WPrefs missing icons. Thanks to Garry for reporting this. isolinux/initrd.img: Fixed huge.s kernel installation bug. kernels/huge.s/*: Upgraded huge.s SMP kernel to 2.6.24.4. pasture/gcc-3.4.6/: Removed, since this has gone unchanged since Bluewhite64 12.0. I'm not sure if the one in 12.0's pasture still works, but if it does, and you need it for something, that's where to find it. usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.4 modules. -|--------------------------|- Wed Mar 26 23:19:18 EET 2008 A software series/etc-12.1-noarch-3.tgz: Add root to the groups audio, cdrom, video, plugdev, and floppy. Root already has access to most of these devices, but it doesn't hurt to provide an example for people who edit /etc/groups manually. A software series/shadow-4.0.6-x86_64-3.tgz: Took plugdev out of CONSOLE_GROUPS in /etc/login.defs, since DBUS doesn't know about group memberships added that way. Users not actually listed in /etc/groups as part of groups such as plugdev wouldn't be able to use those devices even at the console when logging in through a graphical login manager such as XDM, KDM, or GDM. Stuart Winter enhanced the command-line adduser tool. Quote from the adduser program history: "* To facilitate use of the automatic mounting features of HAL, allow the admin to easily add users to the default groups: audio,cdrom,video,plugdev,floppy. The default is not to add new users to these groups. And by the way, this script is "adduser from Slackware" not "superadduser from Gentoo" ;-)" If you trust your users, this is the correct way to give them access to these devices. adduser will automatically edit /etc/groups for you. If you do not trust your users and you give them access to these groups, they may create mischief from afar with this access, so be aware of the security implications. A software series/udev-118-x86_64-3.tgz: Fixed two broken symbolic links in /sbin. AP software series/ntfsprogs-2.0.0-x86_64-2.tgz: Added back ntfsprogs-2.0.0, using (for now) --disable-ntfsmount. It is still needed to manage NTFS partitions even if we use the kernel driver or NTFS-3G to mount them. N software series/epic4-2.8-x86_64-1.tgz: Upgraded to epic4-2.8. N software series/irssi-0.8.12-x86_64-1.tgz: Upgraded to irssi-0.8.12. N software series/nmap-4.60-x86_64-1.tgz: Upgraded to nmap-4.60. Zenmap still isn't working because we don't include sqlite, but a zenmap .desktop file was added anyway, and some paths in a script were fixed. XAP software series/gimp-2.4.5-x86_64-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK. isolinux/initrd.img: Fixed Speakup kernel detection. Added LVM swap partition detection. usb-and-pxe-installers/: Fixed Speakup kernel detection. Added LVM swap partition detection. -|--------------------------|- Sun Mar 23 11:59:21 EET 2008 A software series/pkgtools-12.1.0-noarch-6.tgz: Fixed bogus bad gzipped file warnings. AP software series/ghostscript-8.62-x86_64-3.tgz: Fixed default cidfmap installation. N software series/mcabber-0.9.6-x86_64-1.tgz: Upgraded to mcabber-0.9.6. XAP software series/audacious-1.5.0-x86_64-2.tgz: Don't use opcodes that break older computers. XAP software series/audacious-plugins-1.5.0-x86_64-2.tgz: Recompiled. -|--------------------------|- Fri Mar 21 15:06:38 EET 2008 Is this Bluewhite64 12.1 RC 1 yet? It has to be close. A software series/e2fsprogs-1.40.8-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.8. A software series/gpm-1.20.1-x86_64-7.tgz: Default item to imps2, which works well with KVM boxes. If you use a Synaptics pad with the third party driver, you may have to change this setting. A software series/inotify-tools-3.13-x86_64-1.tgz: Upgraded to inotify-tools-3.13. A software series/kernel-huge-2.6.24.3-x86_64-2.tgz: Recompiled with CONFIG_SCSI_MULTI_LUN. A software series/kernel-modules-2.6.24.3-x86_64-2.tgz: Recompiled. A software series/ntfs-3g-1.2310-x86_64-1.tgz: Added ntfs-3g-1.2310. A software series/pkgtools-12.1.0-noarch-5.tgz: Default making a USB boot stick to off. A software series/sysvinit-scripts-1.2-noarch-18.tgz: Removed /etc/rc.d/rc.scanluns. A software series/udev-118-x86_64-2.tgz: Blacklist old bcm43xx driver (b43 and b43legacy are the recommended drivers now). AP software series/alsa-utils-1.0.15-x86_64-2.tgz: Set reasonable volume defaults if there are none in /etc/asound.state. AP software series/gutenprint-5.0.2-x86_64-1.tgz: Upgraded to gutenprint-5.0.2. AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Removed (for now). D software series/m4-1.4.10-x86_64-1.tgz: Upgraded to m4-1.4.10. D software series/pkg-config-0.23-x86_64-1.tgz: Upgraded to pkg-config-0.23. K software series/kernel-source-2.6.24.3-noarch-2.tgz: CONFIG_SCSI_MULTI_LUN is now the default in the supplied Bluewhite64 huge .config. L software series/atk-1.22.0-x86_64-1.tgz: Upgraded to atk-1.22.0. L software series/dbus-1.1.20-x86_64-1.tgz: Upgraded to dbus-1.1.20. L software series/dbus-glib-0.74-x86_64-2.tgz: Recompiled. L software series/dbus-qt3-0.70-x86_64-2.tgz: Recompiled. L software series/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0. L software series/glib2-2.14.6-x86_64-3.tgz: Set G_BROKEN_FILENAMES=1, and if the locale is UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the G_BROKEN_FILENAMES setting). This should get us a little closer with UTF. L software series/gtk+2-2.12.9-x86_64-1.tgz: Upgraded to gtk+-2.12.9. L software series/hal-info-20080313-noarch-1.tgz: Upgraded to hal-info-20080313. L software series/hicolor-icon-theme-0.10-noarch-3.tgz: Don't make an icon-theme.cache file in /usr/share/icons. L software series/lcms-1.17-x86_64-1.tgz: Upgraded to lcms-1.17. L software series/libart_lgpl-2.3.20-x86_64-1.tgz: Upgraded to libart_lgpl-2.3.20. L software series/pango-1.20.0-x86_64-1.tgz: Upgraded to pango-1.20.0. L software series/pygtk-2.12.1-x86_64-2.tgz: Robby said it would help to recompile this. L software series/wavpack-4.41.0-x86_64-1.tgz: Added wavpack-4.41.0. This is needed for audacious WAV format support. N software series/gnupg2-2.0.8-x86_64-1.tgz: Upgraded to gnupg2-2.0.8. N software series/gnutls-2.2.2-x86_64-1.tgz: Upgraded to gnutls-2.2.2. N software series/gpgme-1.1.6-x86_64-1.tgz: Upgraded to gpgme-1.1.6. N software series/libassuan-1.0.4-x86_64-1.tgz: Upgraded to libassuan-1.0.4. N software series/libksba-1.0.3-x86_64-1.tgz: Upgraded to libksba-1.0.3. N software series/libgcrypt-1.4.0-x86_64-1.tgz: Upgraded to libgcrypt-1.4.0. N software series/libgpg-error-1.6-x86_64-2.tgz: Recompiled. N software series/pinentry-0.7.5-x86_64-1.tgz: Upgraded to pinentry-0.7.5. N software series/samba-3.0.28a-x86_64-1.tgz: Upgraded to samba-3.0.28a. N software series/wireless-tools-29-x86_64-1.tgz: Upgraded to wireless-tools-29. X software series/libXScrnSaver-1.1.3-x86_64-1.tgz: Upgraded to libXScrnSaver-1.1.3. X software series/libXv-1.0.4-x86_64-1.tgz: Upgraded to libXv-1.0.4. X software series/libxkbfile-1.0.5-x86_64-1.tgz: Upgraded to libxkbfile-1.0.5. X software series/xf86-video-amd-2.7.7.7-x86_64-1.tgz: Upgraded to xf86-video-amd-2.7.7.7. X software series/xf86-video-apm-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-apm-1.2.0. X software series/xf86-video-ark-0.7.0-x86_64-1.tgz: Upgraded to xf86-video-ark-0.7.0. X software series/xf86-video-ast-0.85.0-x86_64-1.tgz: Upgraded to xf86-video-ast-0.85.0. X software series/xf86-video-chips-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-chips-1.2.0. X software series/xf86-video-cirrus-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-cirrus-1.2.0. X software series/xf86-video-dummy-0.3.0-x86_64-1.tgz: Upgraded to xf86-video-dummy-0.3.0. X software series/xf86-video-fbdev-0.4.0-x86_64-1.tgz: Upgraded to xf86-video-fbdev-0.4.0. X software series/xf86-video-glint-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-glint-1.2.0. X software series/xf86-video-i128-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-i128-1.3.0. X software series/xf86-video-i740-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-i740-1.2.0. X software series/xf86-video-neomagic-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-neomagic-1.2.0. X software series/xf86-video-rendition-4.2.0-x86_64-1.tgz: Upgraded to xf86-video-rendition-4.2.0. X software series/xf86-video-s3-0.6.0-x86_64-1.tgz: Upgraded to xf86-video-s3-0.6.0. X software series/xf86-video-s3virge-1.10.0-x86_64-1.tgz: Upgraded to xf86-video-s3virge-1.10.0. X software series/xf86-video-savage-2.2.0-x86_64-1.tgz: Upgraded to xf86-video-savage-2.2.0. X software series/xf86-video-siliconmotion-1.6.0-x86_64-1.tgz: Upgraded to xf86-video-siliconmotion-1.6.0. X software series/xf86-video-sis-0.10.0-x86_64-1.tgz: Upgraded to xf86-video-sis-0.10.0. X software series/xf86-video-sisusb-0.9.0-x86_64-1.tgz: Upgraded to xf86-video-sisusb-0.9.0. X software series/xf86-video-tdfx-1.4.0-x86_64-1.tgz: Upgraded to xf86-video-tdfx-1.4.0. X software series/xf86-video-trident-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-trident-1.3.0. X software series/xf86-video-tseng-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-tseng-1.2.0. X software series/xf86-video-v4l-0.2.0-x86_64-1.tgz: Upgraded to xf86-video-v4l-0.2.0. X software series/xf86-video-vmware-10.16.0-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.0. X software series/xf86-video-voodoo-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-voodoo-1.2.0. XAP software series/audacious-1.5.0-x86_64-1.tgz: Upgraded to audacious-1.5.0. XAP software series/audacious-plugins-1.5.0-x86_64-1.tgz: Upgraded to audacious-plugins-1.5.0. XAP software series/gkrellm-2.3.1-x86_64-2.tgz: Recompiled against gnutls-2.2.2. XAP software series/pidgin-2.4.0-x86_64-2.tgz: Recompiled against gnutls-2.2.2. XAP software series/xfce-4.4.2-x86_64-3.tgz: Patched two Thunar bugs. XAP oftware series/xpdf-3.02pl2-x86_64-3.tgz: Rebuilt adding an icon and .desktop file. EXTAR/parted/parted-1.8.8-x86_64-1.tgz: Upgraded to parted-1.8.8. EXTRA/slackpkg/slackpkg-2.70.1-noarch-1.tgz: Upgraded to slackpkg-2.70.1-noarch-1. isolinux/initrd.img: Offer ntfs-3g read-write mounts for NTFS partitions. Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8. kernels/huge.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN. usb-and-pxe-installers/: Offer ntfs-3g read-write mounts for NTFS partitions. Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8. -|--------------------------|- Fri Mar 14 13:44:51 EET 2008 A software series/gettext-0.17-x86_64-2.tgz: Compressed the man pages. D software series/gettext-tools-0.17-x86_64-2.tgz: Compressed the man pages. L software series/sdl-1.2.13-x86_64-2.tgz: SDL_mixer looks for timidity files in /usr/lib/timidity rather than /usr/local/lib/timidity. N software series/zd1211-firmware-1.4-fw-1.tgz: Added ZD1211 USB WLAN firmware. X software series/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.24. isolinux/initrd.img: Updated dropbear version. More dropbear adjustments from Eric Hameleers. usb-and-pxe-installers/: Updated dropbear version. More dropbear adjustments from Eric Hameleers. -|--------------------------|- Wed Mar 12 19:20:47 EET 2008 A software series/glibc-solibs-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. A software series/glibc-zoneinfo-2.7-noarch-7.tgz: Upgraded to tzdata2008a. A software series/gettext-0.17-x86_64-1.tgz: Upgraded to gettext-0.17. A software series/sysvinit-scripts-1.2-noarch-17.tgz: Update gtk.immodules from rc.M at boot. AP software series/flac-1.2.1-x86_64-1.tgz: Upgraded to flac-1.2.1. AP software series/vorbis-tools-1.2.0-x86_64-1.tgz: Upgraded to vorbis-tools-1.2.0. D software series/gettext-tools-0.17-x86_64-1.tgz: Upgraded to tools for gettext-0.17. KDE software series/k3b-1.0.4-x86_64-3.tgz: Recompiled against flac-1.2.1. KDE software series/kdemultimedia-3.5.9-x86_64-3.tgz: Recompiled against flac-1.2.1. L software series/glibc-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. L software series/glibc-i18n-2.7-noarch-7.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers. L software series/jre-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 5. L software series/libcddb-1.3.0-x86_64-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins) L software series/libcdio-0.79-x86_64-1.tgz: Added libcdio-0.79. (needed by audacious-plugins) N software series/ipw2100-fw-1.3-fw-1.tgz: Added ipw2100-fw-1.3. N software series/ipw2200-fw-3.0-fw-1.tgz: Added ipw2200-fw-3.0. N software series/rt61-firmware-1.2-fw-1.tgz: Added rt61-firmware-1.2. N software series/rt71w-firmware-1.8-fw-1.tgz: Added rt71w-firmware-1.8. X software series/compiz-0.7.2-x86_64-1.tgz: Upgraded to compiz-0.7.2. X software series/font-xfree86-type1-1.0.1-noarch-1.tgz: Upgraded to font-xfree86-type1-1.0.1. X software series/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3. X software series/libX11-1.1.4-x86_64-1.tgz: Upgraded to libX11-1.1.4. X software series/libXfont-1.3.2-x86_64-1.tgz: Upgraded to libXfont-1.3.2. X software series/libXinerama-1.0.3-x86_64-1.tgz: Upgraded to libXinerama-1.0.3. X software series/libpciaccess-0.10-x86_64-1.tgz: Added libpciaccess-0.10. X software series/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4. X software series/mkfontscale-1.0.4-x86_64-1.tgz: Upgraded to mkfontscale-1.0.4. X software series/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4. X software series/rendercheck-1.3-x86_64-1.tgz: Upgraded to rendercheck-1.3. X software series/twm-1.0.4-x86_64-1.tgz: Upgraded to twm-1.0.4. X software series/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6. X software series/x11perf-1.5-x86_64-1.tgz: Upgraded to x11perf-1.5. X software series/xauth-1.0.3-x86_64-1.tgz: Upgraded to xauth-1.0.3. X software series/xcompmgr-1.1.4-x86_64-1.tgz: Added xcompmgr-1.1.4. X software series/xdm-1.1.7-x86_64-1.tgz: Upgraded to xdm-1.1.7. X software series/xev-1.0.3-x86_64-1.tgz: Upgraded to xev-1.0.3. X software series/xf86-input-aiptek-1.1.1-x86_64-1.tgz: Upgraded to xf86-input-aiptek-1.1.1. X software series/xf86-video-nv-2.1.8-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.8. X software series/xfs-1.0.6-x86_64-1.tgz: Upgraded to xfs-1.0.6. X software series/xinit-1.0.8-x86_64-1.tgz: Upgraded to xinit-1.0.8. X software series/xkbcomp-1.0.4-x86_64-1.tgz: Upgraded to xkbcomp-1.0.4. X software series/xprop-1.0.4-x86_64-1.tgz: Upgraded to xprop-1.0.4. X software series/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12. X software series/xrandr-1.2.3-x86_64-1.tgz: Upgraded to xrandr-1.2.3. X software series/xrdb-1.0.5-x86_64-1.tgz: Upgraded to xrdb-1.0.5. X software series/xset-1.0.4-x86_64-1.tgz: Upgraded to xset-1.0.4. X software series/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1. XAP software series/audacious-plugins-1.4.5-x86_64-2.tgz: Recompiled against flac-1.2.1. XAP software series/pidgin-2.4.0-x86_64-1.tgz: Upgraded to pidgin-2.4.0 and pidgin-encryption-3.0 EXTRA software/jdk-6/jdk-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 5. isolinux/initrd.img: Made some dropbear changes. Thanks, Eric. usb-and-pxe-installers/: Made some dropbear changes. Thanks, Eric. -|--------------------------|- Sat Mar 8 21:10:09 EET 2008 A software series/kernel-huge-2.6.24.3-x86_64-1.tgz: Upgraded to Linux 2.6.24.3 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.24.3-x86_64-1.tgz Upgraded to Linux 2.6.24.3 SMP kernel modules. A software series/lilo-22.8-x86_64-8.tgz: If the kernel is >= 2.6.24, then ask the user if they want to override the kernel's new default to UTF-8 on the text consoles. Most users will not want UTF-8 yet until all applications have been fixed to work with it. This option will not affect the use of UTF-8 locales in X. A software series/pcmciautils-014-x86_64-4.tgz: Improved the default configuration to work with more hardware. Thanks to Piter Punk. A software series/pkgtools-12.1.0-noarch-4.tgz: Added fuse to the installer's boot-start (setup.services) menu. Patched makepkg to test gzipped files properly. A software series/sysvinit-scripts-1.2-noarch-16.tgz: Modified rc.S to start FUSE. A software series/udev-118-x86_64-1.tgz: Upgraded to udev-118. AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Moved from /extra. ntfsprogs now includes full read-write support when the NFTS filesystem is mounted with ntfsmount or -t ntfs.fuse. This feature requires the new fuse package. D software series/kernel-headers-2.6.24.3-x86_64-1.tgz: Upgraded to Linux 2.6.24.3 SMP kernel headers. K software series/kernel-source-2.6.24.3-noarch-1.tgz Upgraded to Linux 2.6.24.3 SMP kernel source. KDE software series/kdelibs-3.5.9-x86_64-3.tgz: Patched a problem with Kate mislocating the cursor after a block paste. L software series/fuse-2.7.3-x86_64-1.tgz: Added FUSE, a userspace filesystem interface. Thanks to Antonio Hernández Blas for submitting the build script. L software series/gtk+2-2.12.8-x86_64-3.tgz: Don't run gtk-query-immodules-2.0 from the installer, because some of the libraries it needs would not yet be on the machine. The SCIM scripts should pick this up later on. L software series/hal-info-20080215-noarch-1.tgz: Upgraded to hal-info-20080215. L software series/svgalib_helper-1.9.25_2.6.24.3-x86_64-1.tgz: Recompiled for Linux 2.6.24.3. N software series/iwlwifi-3945-ucode-2.14.1.5-fw-1.tgz: Added Intel 3945 wireless firmware. N software series/iwlwifi-4965-ucode-4.44.1.20-fw-1.tgz: Added Intel 4965 wireless firmware. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.3. isolinux/initrd.img: Merged new dropbear and patches from Eric Hameleers. usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.3 modules. -|--------------------------|- Thu Mar 6 18:21:31 EET 2008 A software series/usbutils-0.73-x86_64-2.tgz: Don't compress usb.ids (this breaks HAL). L software series/glib2-2.14.6-x86_64-2.tgz: Added /etc/profile.d/ scripts so that GTK+ will use the $LANG variable instead of forcing UTF-8. N software series/rsync-3.0.0-x86_64-1.tgz: Upgraded to rsync-3.0.0. X software series/libXext-1.0.4-x86_64-1.tgz: Upgraded to libXext-1.0.4. X software series/xf86-video-mga-1.4.8-x86_64-1.tgz: Upgraded to xf86-video-mga-1.4.8. -|--------------------------|- Tue Mar 4 23:06:56 EET 2008 AP software series/ghostscript-8.62-x86_64-2.tgz: Fixed the gs_res.ps file for CJK. -|--------------------------|- Mon Mar 3 02:45:53 EET 2008 AP software series/ghostscript-8.62-x86_64-1.tgz: Upgraded to ghostscript-8.62. This new release of GPL Ghostscript fixes a buffer overflow. For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 [*** Security fix ***] L software series/gtk+2-2.12.8-x86_64-2.tgz: Patched to fix Flash in Konqueror. L software series/hicolor-icon-theme-0.10-noarch-2.tgz: Since XFce adds a few hicolor icons of its own, make sure the hicolor icon-cache is updated at the end of the installation. XAP software series/xpdf-3.02pl2-x86_64-2.tgz: Added support for Arabic, simplified and traditional Chinese, Hebrew, Japanese, Korean, Thai, and Turkish (in addition to the Cyrillic, Greek, and Latin2 support that had already been included). D software series/python-2.5.2-x86_64-1.tgz: Upgraded to Python-2.5.2. XAP software series/mozilla-thunderbird-2.0.0.12-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-01.html These are the related CVE entries: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 [*** Security fix ***] A software series/ed-0.9-x86_64-1.tgz: Upgraded to ed-0.9. World's greatest line editor. A software series/hdparm-8.6-x86_64-1.tgz: Upgraded to hdparm-8.6. A software series/lilo-22.8-x86_64-7.tgz: Patched liloconfig to make using the boot splash screen an expert option as well. Fixed a bug using append= in the expert menu. A software series/pkgtools-12.1.0-noarch-3.tgz: Have makepkg warn of two more common mistakes -- dropping man pages in /usr/share/man, or (now) using site_perl in a non-local package. A software series/usbutils-0.73-x86_64-1.tgz: Upgraded to usbutils-0.73 with fresh usb.ids. AP software series/cdrtools-2.01.01a37-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a37. AP software series/linuxdoc-tools-0.9.21-x86_64-5.tgz: Upgraded to asciidoc-8.2.5, docbook-utils-0.6.14-13.fc9, docbook-xsl-1.73.2, docbook-xsl-doc-1.73.2, gtk-doc-1.9, libsgmls-perl_1.03ii-32.diff, linuxdoc-tools_0.9.21-0.11, sgml-common-0.6.3-23.fc9, and xmlto-0.0.20. AP software series/lm_sensors-2.10.5-x86_64-1.tgz: Upgraded to lm_sensors-2.10.5. D software series/binutils-2.17.50.0.17-x86_64-1.tgz: Reverted to binutils-2.17.50.0.17. D software series/doxygen-1.5.5-x86_64-1.tgz: Upgraded to doxygen-1.5.5. D software series/git-1.5.4.3-x86_64-1.tgz: Upgraded to git-1.5.4.3. Switched to vendor_perl for the Git perl module. D software series/oprofile-0.9.2-x86_64-4.tgz: Reverted to oprofile-0.9.2 compiled against binutils-2.17.50.0.17. D software series/perl-5.8.8-x86_64-9.tgz: Use vendor_perl for Bluewhite64-added Perl modules, not site_perl. Really, I think perl's handling of this (and other issues like the registry-like handling of perllocal.pod) is flawed, but this is better than nothing. IMHO, something like /usr/local/lib/perl5/site_perl/ would fit much better with the FHS's recommendations. Try not to clobber an existing perllocal.pod (hard to do after the fact, so make backups if you care...) F software series/linux-howtos-20080227-noarch-1.tgz: Upgraded to Linux-HOWTOs-20080227. Recompiled all Qt things, since /usr/lib/qt-3.3.8/lib (no longer a valid path) was turning up in .la files. KDE software series/amarok-1.4.8-x86_64-2.tgz: Recompiled. KDE software series/k3b-1.0.4-x86_64-2.tgz: Recompiled. KDE software series/kdeaccessibility-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeaddons-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeadmin-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeartwork-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdebase-3.5.9-x86_64-2.tgz: Patched a bug with lm_sensors. KDE software series/kdebindings-3.5.9-x86_64-2.tgz: Recompiled. Use vendor_perl dir. KDE software series/kdeedu-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdegames-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdegraphics-3.5.9-x86_64-2.tgz: Recompiled. Patched with a fix for kdvi. KDE software series/kdelibs-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdemultimedia-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdenetwork-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdepim-3.5.9-x86_64-2.tgz: Recompiled (against new pilot-link). KDE software series/kdesdk-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdetoys-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdeutils-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/kdevelop-3.5.1-x86_64-2.tgz: Recompiled with official bugfix patch. KDE software series/kdewebdev-3.5.9-x86_64-2.tgz: Recompiled. KDE software series/knemo-0.4.8-x86_64-2.tgz: Recompiled. KDE software series/koffice-1.6.3-x86_64-3.tgz: Recompiled. L software series/arts-1.5.9-x86_64-2.tgz: Recompiled. L software series/fribidi-0.10.9-x86_64-1.tgz: Upgraded to fribidi-0.10.9 L software series/gmime-2.2.17-x86_64-1.tgz: Upgraded to gmime-2.2.17. L software series/gmp-4.2.2-x86_64-1.tgz: Upgraded to gmp-4.2.2. L software series/jre-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 4. L software series/libglade-2.6.2-x86_64-1.tgz: Upgraded to libglade-2.6.2. L software series/libgtkhtml-2.11.1-x86_64-1.tgz: Upgraded to libgtkhtml-2.11.1 L software series/libidl-0.8.10-x86_64-1.tgz: Upgraded to libIDL-0.8.10. L software series/libidn-1.5-x86_64-1.tgz: Upgraded to libidn-1.5. L software series/libieee1284-0.2.11-x86_64-1.tgz: Upgraded to libieee1284-0.2.11. L software series/libmng-1.0.10-x86_64-1.tgz: Upgraded to libmng-1.0.10. L software series/libmcs-0.7.0-x86_64-1.tgz: Added libmcs-0.7.0 (replaces mcs package). L software series/libpng-1.2.25-x86_64-1.tgz: Upgraded to libpng-1.2.25. L software series/librsvg-2.22.1-x86_64-1.tgz: Upgraded to librsvg-2.22.1. L software series/libtheora-1.0beta2-x86_64-1.tgz: Upgraded to libtheora-1.0beta2. L software series/libwpd-0.8.14-x86_64-1.tgz: Upgraded to libwpd-0.8.14. L software series/libxml2-2.6.31-x86_64-2.tgz: Moved the man pages to the right location. L software series/mcs-0.4.1-x86_64-2.tgz: Removed. L software series/mpfr-2.3.1-x86_64-1.tgz: Upgraded to mpfr-2.3.1. L software series/pango-1.19.4-x86_64-1.tgz: Upgraded to pango-1.19.4. L software series/pcre-7.6-x86_64-1.tgz: Upgraded to pcre-7.6 L software series/pilot-link-0.12.3-x86_64-1.tgz: Upgraded to pilot-link-0.12.3 L software series/qca-1.0-x86_64-5.tgz: Recompiled. L software series/qca-tls-1.0-x86_64-7.tgz: Recompiled. L software series/qt-3.3.8b-x86_64-2.tgz: Recompiled against gcc-4.2.3. L software series/readline-5.2-x86_64-3.tgz: Applied all official patches L software series/sdl-1.2.13-x86_64-1.tgz: Upgraded to SDL-1.2.13, SDL_image-1.2.6, SDL_mixer-1.2.8, SDL_net-1.2.7, and SDL_ttf-2.0.9. L software series/slang-2.1.3-x86_64-1.tgz: Upgraded to slang-2.1.3. L software series/startup-notification-0.9-x86_64-1.tgz: Upgraded to startup-notification-0.9. L software series/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme. L software series/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added Tango theme extra icons. L software series/vte-0.16.12-x86_64-1.tgz: Upgraded to vte-0.16.12. N software series/dnsmasq-2.41-x86_64-1.tgz: Upgraded to dnsmasq-2.41. N software series/iptraf-3.0.0-x86_64-2.tgz: Absorbed the latest Debian patch. (thanks! :-) Add support for the legacy Ralink 2500 driver. N software series/net-snmp-5.4-x86_64-6.tgz: Recompiled to use vendor_perl. N software series/obexftp-0.21-x86_64-2.tgz: Recompiled to use vendor_perl. N software series/wget-1.11-x86_64-1.tgz: Upgraded to wget-1.11. N software series/wpa_supplicant-0.5.9-x86_64-1.tgz: Upgraded to wpa_supplicant-0.5.9. X software series/compiz-0.7.0-x86_64-1.tgz: Upgraded to compiz-0.7.0. X software series/luit-1.0.3-x86_64-1.tgz: Upgraded to luit-1.0.3. X software series/scim-1.4.7-x86_64-4.tgz: Default profile.d scripts to executable. X software series/xf86-video-trident-1.2.4-x86_64-1.tgz: Upgraded to xf86-video-trident-1.2.4. X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.1. X software series/xf86-video-ati-6.8.0-x86_64-1.tgz: Upgraded to xf86-video-ati-6.8.0. XAP software series/imagemagick-6.3.7_10-x86_64-1.tgz: Upgraded to ImageMagick-6.3.7-10. Changed build script to install Perl modules under vendor_perl. XAP software series/sane-1.0.19-x86_64-2.tgz: Fixed /var/lock permissions. XAP software series/xfce-4.4.2-x86_64-2.tgz: Patched a memory leak. The recompile also seemed to pick up new exo and pygtk features. EXTRA software/intel-wlan-iwlwifi/*: This replaces the older ipw3945 driver and daemon (no daemon required now). Support was also added for more chipsets, such as the ipw4965 series. EXTRA software/jdk-6/jdk-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 4. EXTRA software/ktorrent/ktorrent-2.2.5-x86_64-1.tgz: Upgraded to ktorrent-2.2.5. -|--------------------------|- Mon Feb 25 19:44:53 EET 2008 A software series/mkinitrd-1.3.1-x86_64-3.tgz: Fixed a patch glitch glitch. -|--------------------------|- Sun Feb 24 16:56:50 EET 2008 A software series/mkinitrd-1.3.1-x86_64-2.tgz: Make sure to copy both devices and symlinks to /dev in the initrd. Fixed a patch glitch. AP software series/hplip-2.8.2-x86_64-2.tgz: Fixed udev rules. X software series/m17n-lib-1.5.0-x86_64-2.tgz: Fixed --mandir. Thanks to Kris Karas. X software series/scim-1.4.7-x86_64-3.tgz: Make the library links first in the install script. isolinux/initrd.img: Made a minor cosmetic fix to the network script. Fixed an installer patch that caused preformatted filesystems to be misdetected in some cases. usb-and-pxe-installers/: Recompiled. -|--------------------------|- Sat Feb 23 20:39:08 EET 2008 A software series/kernel-huge-2.6.23.16-x86_64-2.tgz: Recompiled. A software series/kernel-modules-2.6.23.16-x86_64-2.tgz: Recompiled. D software series/binutils-2.18.50.0.4-x86_64-1.tgz: Upgraded to binutils-2.18.50.0.4. D software series/gcc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCC). D software series/gcc-g++-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (C++). D software series/gcc-gfortran-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (FORTRAN). D software series/gcc-gnat-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Ada). D software series/gcc-java-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCJ). D software series/gcc-objc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Objective-C). D software series/kernel-headers-2.6.23.16-x86_64-2.tgz: Recompiled. D software series/oprofile-0.9.2-x86_64-6.tgz: Recompiled. K software series/kernel-source-2.6.23.16-noarch-2.tgz: Recompiled. L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-2.tgz: Recompiled. L software series/qca-tls-1.0-x86_64-6.tgz: Rebuilt for Qt 3.3.8b. N software series/bluez-hcidump-1.41-x86_64-1.tgz: Upgraded to bluez-hcidump-1.41. N software series/bluez-libs-3.26-x86_64-1.tgz: Upgraded to bluez-libs-3.26. N software series/bluez-utils-3.26-x86_64-1.tgz: Upgraded to bluez-utils-3.26. isolinux/initrd.img: Recompiled. kernels/huge.s/*: Recompiled. usb-and-pxe-installers/: Updated. -|--------------------------|- Fri Feb 22 14:57:08 EET 2008 A software series/cups-1.3.6-x86_64-1.tgz: Upgraded to cups-1.3.6. A software series/lilo-22.8-x86_64-6.tgz: Fixed some trivial bugs. AP software series/foomatic-filters-3.0_20080211-x86_64-1.tgz: Upgraded to foomatic-filters-3.0_20080211. AP software series/hplip-2.8.2-x86_64-1.tgz: Upgraded to hplip-2.8.2. D software series/git-1.5.4.2-x86_64-1.tgz: Upgraded to git-1.5.4.2. D software series/perl-5.8.8-x86_64-8.tgz: Added XML::Simple perl module for icon-naming-utils. L software series/cairo-1.4.14-x86_64-1.tgz: Upgraded to cairo-1.4.14. L software series/desktop-file-utils-0.14-x86_64-1.tgz: Upgraded to desktop-file-utils-0.14. L software series/gnome-icon-theme-2.20.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.20.0. L software series/gtk+2-2.12.8-x86_64-1.tgz: Upgraded to gtk+-2.12.8. L software series/hicolor-icon-theme-0.10-noarch-1.tgz: Upgraded to hicolor-icon-theme-0.10. L software series/icon-naming-utils-0.8.6-x86_64-1.tgz: Added utilities for naming icons. L software series/librsvg-2.20.0-x86_64-1.tgz: Upgraded to librsvg-2.20.0. L software series/ncurses-5.6-x86_64-3.tgz: Applied all official patches. L software series/taglib-1.5-x86_64-1.tgz: Upgraded to taglib-1.5. L software series/poppler-0.6.4-x86_64-1.tgz: Upgraded to poppler-0.6.4. Activated --enable-xpdf-headers option. L software series/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0. L software series/qt-3.3.8b-x86_64-1.tgz: Upgraded to qt-x11-free-3.3.8b. L software series/shared-mime-info-0.23-x86_64-1.tgz: Upgraded to shared-mime-info-0.23. X software series/xterm-232-x86_64-1.tgz: Upgraded to xterm-232. XAP software series/sane-1.0.19-x86_64-1.tgz: Upgraded sane-backends to version 1.0.19. Merged HAL/DBUS/udev fixes from Robby Workman. -|--------------------------|- Thu Feb 21 22:39:42 EET 2008 A software series/lilo-22.8-x86_64-5.tgz: Added a simple splash screen ;). A software series/mkinitrd-1.3.1-x86_64-1.tgz: Merged patches for LVM/LUKS, hibernate, and RAID. Fixed a bug using -o with a relative path. A software series/sysvinit-scripts-1.2-noarch-15.tgz: Patched /etc/rc.d/rc.S for some of Eric's changes to LUKS handling in the initrd. A software series/etc-12.1-noarch-2.tgz: Fixed shared libs PATH in ld.so.conf. Thanks to Artur for reporting this. KDE software series/k3b-1.0.4-x86_64-1.tgz: Upgraded to k3b-1.0.4. KDE software series/kdeaccessibility-3.5.9-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.9. KDE software series/kdeaddons-3.5.9-x86_64-1.tgz: Upgraded to kdeaddons-3.5.9. KDE software series/kdeadmin-3.5.9-x86_64-1.tgz: Upgraded to kdeadmin-3.5.9. KDE software series/kdeartwork-3.5.9-x86_64-1.tgz: Upgraded to kdeartwork-3.5.9. KDE software series/kdebase-3.5.9-x86_64-1.tgz: Upgraded to kdebase-3.5.9. KDE software series/kdebindings-3.5.9-x86_64-1.tgz: Upgraded to kdebindings-3.5.9. KDE software series/kdeedu-3.5.9-x86_64-1.tgz: Upgraded to kdeedu-3.5.9. KDE software series/kdegames-3.5.9-x86_64-1.tgz: Upgraded to kdegames-3.5.9. KDE software series/kdegraphics-3.5.9-x86_64-1.tgz: Upgraded to kdegraphics-3.5.9. KDE software series/kdelibs-3.5.9-x86_64-1.tgz: Upgraded to kdelibs-3.5.9. KDE software series/kdemultimedia-3.5.9-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.9. KDE software series/kdenetwork-3.5.9-x86_64-1.tgz: Upgraded to kdenetwork-3.5.9. KDE software series/kdepim-3.5.9-x86_64-1.tgz: Upgraded to kdepim-3.5.9. KDE software series/kdesdk-3.5.9-x86_64-1.tgz: Upgraded to kdesdk-3.5.9. KDE software series/kdetoys-3.5.9-x86_64-1.tgz: Upgraded to kdetoys-3.5.9. KDE software series/kdeutils-3.5.9-x86_64-1.tgz: Upgraded to kdeutils-3.5.9. KDE software series/kdevelop-3.5.1-x86_64-1.tgz: Upgraded to kdevelop-3.5.1. KDE software series/kdewebdev-3.5.9-x86_64-1.tgz: Upgraded to kdewebdev-3.5.9. KDEi software series/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4. KDEi software series/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9. L software series/arts-1.5.9-x86_64-1.tgz: Upgraded to arts-1.5.9. L software series/libmad-0.15.1b-x86_64-3.tgz: Added mad.pc. L software series/libmusicbrainz-2.1.4-x86_64-2.tgz: Removed. L software series/libtunepimp-0.4.2-x86_64-3.tgz: Removed. X software series/scim-1.4.7-x86_64-2.tgz: Don't try to use SCIM as the input method if the package has been removed, or use scim-bridge if that package is not installed. Remove the LANG variables and give a pointer to the lang.* scripts. Install script bugfix. X software series/scim-bridge-0.4.14-x86_64-2.tgz: Install script bugfix. X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Removed. x/wqy-zenhei-font-ttf-0.4.23-noarch-1.tgz: Switched from Arphic to wqy-zenhei. isolinux/initrd.img: Added network install patches from Eric Hameleers. usb-and-pxe-installers/: Rebuilt with new patches. -|--------------------------|- Sun Feb 17 19:46:08 EET 2008 AP software series/mysql-5.0.51a-x86_64-1.tgz: Upgraded to mysql-5.0.51a. X software series/anthy-9100e-x86_64-1.tgz: Added anthy-9100e. X software series/dejavu-fonts-ttf-2.23-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.23. X software series/libhangul-0.0.7-x86_64-1.tgz: Added libhangul-0.0.7. X software series/m17n-lib-1.5.0-x86_64-1.tgz: Added m17n-lib-1.5.0. X software series/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629. X software series/scim-1.4.7-x86_64-1.tgz: Added scim-1.4.7. X software series/scim-anthy-1.2.4-x86_64-1.tgz: Added scim-anthy-1.2.4. X software series/scim-bridge-0.4.14-x86_64-1.tgz: Added scim-bridge-0.4.14. X software series/scim-hangul-0.3.2-x86_64-1.tgz: Added scim-hangul-0.3.2. X software seriesx/scim-m17n-0.2.2-x86_64-1.tgz: Added scim-m17n-0.2.2. X software series/scim-pinyin-0.5.91-x86_64-1.tgz: Added scim-pinyin-0.5.91. X software series/scim-tables-0.5.7-x86_64-1.tgz: Added scim-tables-0.5.7. X software series/sinhala_lklug-font-ttf-20060929-noarch-1.tgz: Added sinhala_lklug-font-ttf-20060929. X software series/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901. X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Added ttf-arphic-uming-0.1.20060928. -|--------------------------|- Fri Feb 15 11:32:37 EET 2008 N software series/httpd-2.2.8-x86_64-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 [*** Security fix ***] -|--------------------------|- Wed Feb 13 09:42:39 EET 2008 XAP software series/mozilla-firefox-2.0.0.12-x86_64-1.tgz: Upgraded to firefox-2.0.0.12. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [** Security fix ***] XAP software series/seamonkey-1.1.8-x86_64-1.tgz: Upgraded to seamonkey-1.1.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] -|--------------------------|- Tue Feb 12 17:59:48 EET 2008 A software series/kernel-huge-2.6.23.16-x86_64-1.tgz: Upgraded to Linux 2.6.23.16 SMP huge.s (full-featured) kernel. This kernel upgrade fix yesterday's local root exploit. The kernel headers did not change, so a glibc rebuild is not required. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 [*** Security fix ***] If you use lilo, don't forget to run it again after the upgrade. A software series/kernel-modules-2.6.23.16-x86_64-1.tgz Upgraded to Linux 2.6.23.16 SMP kernel modules. D software series/kernel-headers-2.6.23.16-x64_64-1.tgz: Upgraded to Linux 2.6.23.16 SMP kernel headers. K software series/kernel-source-2.6.23.16-noarch-1.tgz Upgraded to Linux 2.6.23.16 SMP kernel source. [*** Security fix ***] L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-1.tgz: Rebuilt for 2.6.23.16 kernels. isolinux/initrd.img: Upgraded modules to 2.6.23.16. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.16 (SMP). [*** Security fix ***] usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.23.16 modules. -|--------------------------|- Mon Feb 11 18:30:16 EET 2008 A software series/cups-1.3.5-x86_64-1.tgz: Upgraded to cups-1.3.5. A software series/e2fsprogs-1.40.6-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.6. L software series/glib2-2.14.6-x86_64-1.tgz: Upgraded to glib-2.14.6. XAP oftware series/gimp-2.4.4-x86_64-1.tgz: Upgraded to gimp-2.4.4. isolinux/initrd.img: Upgraded libraries and utilities to e2fsprogs-1.40.6. usb-and-pxe-installers/: Updated libraries and utilities to e2fsprogs-1.40.6. -|--------------------------|- Sun Feb 10 13:42:01 EET 2007 K software series/kernel-source-2.6.23.15-noarch-2.tgz: Fixed /usr/src/linux symlink. usb-and-pxe-installers/*: Upgraded to Linux 2.6.23.15 SMP kernel modules. isolinux/initrd.img: Fixed some text in /etc/issue. -|--------------------------|- Sun Feb 10 02:16:11 EET 2008 A software series/device-mapper-1.02.24-x86_64-1.tgz: Upgraded to device-mapper.1.02.24. A software series/glibc-solibs-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. Bumped everything to -6 since glibc-zoneinfo has been at -5 already. A software series/glibc-zoneinfo-2.7-noarch-6.tgz: Recompiled. A software series/kernel-huge-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel modules. D software series/kernel-headers-2.6.23.15-x86_64-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel headers. K software series/kernel-source-2.6.23.15-noarch-1.tgz: Upgraded to Linux 2.6.23.15 SMP kernel source. A software series/lvm2-2.02.33-x86_64-1.tgz: Upgraded to LVM2.2.02.33. L software series/glibc-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. L software series/glibc-i18n-2.7-noarch-6.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15. L software series/svgalib_helper-1.9.25_2.6.23.15-x86_64-1.tgz: Rebuilt for 2.6.23.15 kernels. XAP software series/xine-lib-1.1.10.1-x86_64-1.tgz: Upgraded to xine-lib-1.1.10.1. isolinux/initrd.img: Massive overhaul, primarily the work and initiative of Eric Hameleers. Work above and beyond the call of duty. If we gave out medals of honor, this would deserve one. :-) The installer now supports network installs from not just NFS, but also HTTP and FTP. Please be nice to our mirrors -- this feature is _intended_ for use within private networks from your own "site". Work is also underway to fully support unattended/remote installs. The installer has both a small ssh and sshd (dropbear). Thanks again Eric! This is something that's been on the drawing board for many years. isolinux/network.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules. isolinux/pcmcia.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.15. usb-and-pxe-installers/: usbboot.img: Converted to FAT (16 bit) FS. Thanks to Gerardo Exequiel Pozzi for reporting that usbboot.img uses ext2fs. -|--------------------------|- Wed Feb 6 12:19:42 EET 2008 E software series/emacs-info-21.4a-x86_64-1.tgz: Renamed to emacs-info-21.4a. E software series/emacs-leim-21.4a-x86_64-1.tgz: Renamed to emacs-leim-21.4a. E software series/emacs-lisp-21.4a-x86_64-1.tgz: Renamed to emacs-lisp-21.4a. E software series/emacs-nox-21.4a-x86_64-2.tgz: Renamed to emacs-nox-21.4a. E software series/emacs-misc-21.4a-x86_64-1.tgz: Renamed to emacs-misc-21.4a. Thanks to Gerardo Exequiel for pointing out that this emacs packages has a wrong version name. Only the packages, the software itself is 21.4a ;). L software series/arts-1.5.8-x86_64-1.tgz: Upgraded to arts-1.5.8. Thanks to Gerardo Exequiel Pozzi for reporting this. KDEi/software series/k3b-i18n-1.0.3-noarch-1.tgz: Upgraded to /k3b-i18n-1.0.3. Thanks to Gerardo Exequiel Pozzi for reporting this. This two upgrades was unintentionally missed ;). -|--------------------------|- Sat Feb 2 11:07:31 EET 2008 A software series/e2fsprogs-1.40.5-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.5. D software series/subversion-1.4.6-x86_64-1.tgz: Upgraded to subversion-1.4.6. KDE software series/kdesdk-3.5.8-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs. A couple of bugzilla-related files have now appeared in the package. KDE software series/kdevelop-3.5.0-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs. L software series/apr-1.2.12-x86_64-1.tgz: Upgraded to apr-1.2.12. L software series/apr-util-1.2.12-x86_64-1.tgz: Upgraded to apr-util-1.2.12. L software series/neon-0.26.4-x86_64-1.tgz: Upgraded to neon-0.26.4. There are newer versions, but this is newer than what we had and allows everything to work for now. XAP software series/audacious-1.4.6-x86_64-1.tgz: Upgraded to audacious-1.4.6. XAP software series/audacious-plugins-1.4.5-x86_64-1.tgz: Upgraded to audacious-plugins-1.4.5. Now with an upgraded neon library, this uses neon for http/https transport. -|--------------------------|- Fri Feb 1 18:27:07 EET 2008 AP software series/alsa-utils-1.0.15-x86_64-1.tgz: Upgraded to alsa-utils-1.0.15. L software series/alsa-lib-1.0.15-x86_64-1.tgz: Upgraded to alsa-lib-1.0.15. L software series/alsa-oss-1.0.15-x86_64-1.tgz: Upgraded to alsa-oss-1.0.15. X software series/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias. The install scripts will make it. X software series/libXmu-1.0.4-x86_64-1.tgz: Upgraded to libXmu-1.0.4. X software series/xf86-video-nv-2.1.7-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.7. X software series/xinput-1.3.0-x86_64-1.tgz: Added xinput-1.3.0. -|--------------------------|- Thu Jan 31 18:29:59 EET 2008 D software series/ruby-1.8.6_p111-x86_64-2.tgz: Moved some comments out of the ./configure part of the build script to fix a couple of missed options. KDE software series/amarok-1.4.8-x86_64-1.tgz: Upgraded to amarok-1.4.8. L software series/atk-1.21.5-x86_64-1.tgz: Upgraded to atk-1.21.5. L software series/gtk+2-2.12.7-x86_64-1.tgz: Upgraded to gtk+-2.12.7. L software series/libmowgli-0.6.0-x86_64-1.tgz: Added libmowgli-0.6.0, which is needed by Audacious. L software series/libmtp-0.2.5-x86_64-1.tgz: Upgraded to libmtp-0.2.5. L software series/libgpod-0.6.0-x86_64-1.tgz: Upgraded to libgpod-0.6.0 (major version bump). L software series/pango-1.19.3-x86_64-1.tgz: Upgraded to pango-1.19.3. XAP software series/audacious-1.4.5-x86_64-1.tgz: Upgraded to audacious-1.4.5. XAP software series/audacious-plugins-1.4.4-x86_64-1.tgz: Upgraded to audacious-plugins-1.4.4-x86_64-1.tgz. XAP software series/xine-lib-1.1.10-x86_64-1.tgz: Upgraded to xine-lib-1.1.10. EXTRA software/slackpkg/slackpkg-2.70-noarch-1.tgz: Upgraded to slackpkg-2.70. -|--------------------------|- Wed Jan 9 21:24:05 EET 2008 AP software series/nano-2.0.7-x86_64-1.tgz: Upgraded to nano-2.0.7. D software series/mercurial-0.9.5-x86_64-1.tgz: Upgraded to mercurial-0.9.5. D software series/ruby-1.8.6_p111-x86_64-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111. L software series/atk-1.20.0-x86_64-1.tgz: Upgraded to atk-1.20.0. L software series/glib2-2.14.5-x86_64-1.tgz: Upgraded to glib-2.14.5. L software series/gtk+2-2.12.4-x86_64-1.tgz: Upgraded to gtk+-2.12.4. L software series/libxml2-2.6.30-x86_64-1.tgz: Upgraded to libxml2-2.6.30. L software series/libxslt-1.1.22-x86_64-1.tgz: Upgraded to libxslt-1.1.22. L software series/pango-1.19.2-x86_64-1.tgz: Upgraded to pango-1.19.2. L software series/pycairo-1.4.12-x86_64-1.tgz: Added pycairo-1.4.12. L software series/pygobject-2.14.1-x86_64-1.tgz: Added pygobject-2.14.1. L software series/pygtk-2.12.1-x86_64-1.tgz: Added pygtk-2.12.1. L software series/pyrex-0.9.6.4-x86_64-1.tgz: Added Pyrex-0.9.6.4. X software series/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE** Upgraded to version 2.22. X software series/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3. X software series/xf86-video-ati-6.7.197-x86_64-1.tgz: Upgraded to xf86-video-ati-6.7.197. X software series/xf86-video-radeonhd-1.1.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.1.0. XAP software series/seamonkey-1.1.7-x86_64-2.tgz: Use the system cairo to avoid a compile error. Patched a Makefile.in to avoid another compile error with the new GTK+. -|--------------------------|- Tue Jan 1 15:57:16 EET 2008 A software series/glibc-zoneinfo-2.7-noarch-5.tgz: Upgraded to tzdata2007k. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) -|--------------------------|- Mon Dec 24 12:56:19 EET 2007 isolinux/network.dsk, pcmcia.dsk: Recreated to reflect the current changes. usb-and-pxe-installers/usboot.img: Recreated to reflect the current changes. -|--------------------------|- Sun Dec 23 17:55:14 EET 2007 L software series/libgsf-1.14.7-x86_64-1.tgz: Upgraded to libgsf-1.14.7. A software series/glibc-solibs-2.7-x86_64-4.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.12 kernel headers. A software series/glibc-zoneinfo-2.7-noarch-4.tgz: Upgraded to tzdata2007j. A software series/kernel-huge-2.6.23.12-x86_64-1.tgz: Upgraded to Linux 2.6.23.12 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.12-x86_64-1.tgz Upgraded to Linux 2.6.23.12 SMP kernel modules. D software series/kernel-headers-2.6.23.12-x86_64-1.tgz: Upgraded to Linux 2.6.23.12 SMP kernel headers. D software series/kernel-source-2.6.23.12-noarch-1.tgz Upgraded to Linux 2.6.23.12 SMP kernel source. L software series/glibc-2.7-x86_64-4.tgz: Rebuilt against Linux 2.6.23.12 kernel headers. L software series/glibc-i18n-2.7-noarch-4.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-4.tgz: Rebuilt against Linux 2.6.23.12 headers. L software series/svgalib_helper-1.9.25_2.6.23.12-x86_64-1.tgz: Recompiled for Linux 2.6.23.12. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.12. usb-and-pxe-installers/: Updated USB and PXE installers. A software series/pkgtools-12.1.0-noarch-2.tgz: Fixed a regex bug in a grep in installpkg that could cause packages that do not conform to the FHS (those containing single- character top-level directories) to not be removable or upgradeable through the pkgtools. Made the top-line with -infobox more terse since some of the package names have become too long to fit, and were disturbing the infobox's formatting. isolinux/initrd.img: Upgraded to the latest installpkg. -|--------------------------|- Sat Dec 15 13:40:34 EET 2007 A software series/mkinitrd-1.3.0-x86_64-4.tgz: Fixed a bug that could cause modprobe to attempt to load the same module more than once (due to whitespace differences in the initramfs's load_kernel_modules script). AP software series/mysql-5.0.51-x86_64-1.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 [*** Security fix *** F software series/linux-howtos-20071214-noarch-1.tgz: Upgraded to linux-howtos-20071214. L software series/hal-info-20071212-noarch-1.tgz: Upgraded to hal-info-20071212. L software series/libpng-1.2.24-x86_64-1.tgz: Upgraded to libpng-1.2.24. N software series/nmap-4.50-x86_64-1.tgz: Upgraded to nmap-4.50. X software series/xf86-input-joystick-1.3.1-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.1. X software series/xf86-video-radeonhd-1.0.0-x86_64-1.tgz: Added xf86-video-radeonhd-1.0.0. X software series/xorg-server-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-1.4.0.90. X software series/xorg-server-xnest-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-xnest-1.4.0.90. X software series/xorg-server-xvfb-1.4.0.90-x86_64-1.tgz: Upgraded to xorg-server-xvfb-1.4.0.90. XAP software series/imagemagick-6.3.7_4-x86_64-1.tgz: Upgraded to ImageMagick-6.3.7-4. -|--------------------------|- Tue Dec 11 21:52:51 EET 2007 L software series/vte-0.16.10-x86_64-1.tgz: Upgraded to vte-0.16.10. N software series/proftpd-1.3.1-x86_64-1.tgz: Upgraded to proftpd-1.3.1. N software series/samba-3.0.28-x86_64-1.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ [*** Security fix ***] XAP software series/gkrellm-2.3.1-x86_64-1.tgz: Upgraded to gkrellm-2.3.1. XAP software series/pidgin-2.3.1-x86_64-1.tgz: Upgraded to pidgin-2.3.1. XAP software series/xchat-2.8.4-x86_64-1.tgz: Upgraded to xchat-2.8.4. EXTRA/ktorrent/ktorrent-2.2.4-x86_64-1.tgz: Upgraded to ktorrent-2.2.4. -|--------------------------|- Thu Dec 6 11:02:11 EET 2007 A software series/hdparm-7.7-x86_64-1.tgz: Upgraded to hdparm-7.7. Moved hdparm binary to /sbin. A software series /kernel-huge-2.6.23.9-x86_64-2.tgz: Recompiled. A software series/kernel-modules-2.6.23.9-x86_64-2.tgz Added JFFS2 modules. D software series/kernel-headers-2.6.23.9-x86_64-2.tgz: Recompiled. K software series/kernel-source-2.6.23.9-noarch-2.tgz: Reconfigured to include the option for JFFS2, a journalling flash file system. L software series/svgalib_helper-1.9.25_2.6.23.9-x86_64-2.tgz: Recompiled. XAP software series/gimp-2.4.2-x86_64-1.tgz: Upgraded to gimp-2.4.2. isolinux/network.dsk, pcmcia.dsk; Upgraded kernel modules. kernels/huge.s/*: Upgraded huge.s kernel. usb-and-pxe-installers/: Updated USB and PXE installers. -|--------------------------|- Tue Dec 4 23:53:02 EET 2007 A software series/inotify-tools-3.12-x86_64-1.tgz: Added inotify-tools-3.12. AP software series/cdparanoia-III10pre0-x86_64-1.tgz: Upgraded to cdparanoia-III-10pre0. AP software series/hplip-2.7.10-x86_64-2.tgz: Rebuilt with some fixes to the build script. KDE software series/amarok-1.4.7-x86_64-2.tgz: Recompiled against libmtp-0.2.4. L software series/cairo-1.4.12-x86_64-1.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 [*** Security fix ***] L software series/libmtp-0.2.4-x86_64-1.tgz: Upgraded to libmtp-0.2.4. L software series/libnjb-2.2.6-x86_64-2.tgz: Updated udev rules. N software series/bluez-hcidump-1.40-x86_64-1.tgz: Upgraded to bluez-hcidump-1.40. N software series/bluez-libs-3.22-x86_64-1.tgz: Upgraded to bluez-libs-3.22. N software series/bluez-utils-3.22-x86_64-1.tgz: Upgraded to bluez-utils-3.22. N software series/gnupg2-2.0.7-x86_64-1.tgz: Upgraded to gnupg2-2.0.7. N software series/gnutls-2.0.4-x86_64-1.tgz: Upgraded to gnutls-2.0.4. N software series/gpgme-1.1.5-x86_64-1.tgz: Upgraded to gpgme-1.1.5. N software series/libassuan-1.0.3-x86_64-1.tgz: Upgraded to libassuan-1.0.3. N software series/libgpg-error-1.6-x86_64-1.tgz: Upgraded to libgpg-error-1.6. N software series/libksba-1.0.2-x86_64-1.tgz: Upgraded to libksba-1.0.2. N software series/mcabber-0.9.5-x86_64-1.tgz: Upgraded to mcabber-0.9.5. N software series/pinentry-0.7.4-x86_64-1.tgz: Upgraded to pinentry-0.7.4. N software series/samba-3.0.27a-x86_64-1.tgz: Upgraded to samba-3.0.27a. This update fixes a crash bug regression experienced by smbfs clients caused by the fix for CVE-2007-4572. XAP software/xfce-4.4.2-x86_64-1.tgz: Upgraded to xfce-4.4.2. Thanks to Robby Workman for the build script. This fixes a minor security bug in Terminal: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 [*** Security fix ***] -|--------------------------|- Sun Dec 2 11:48:09 EET 2007 N software series/rsync-2.6.9-x86_64-2.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html [*** Security fix ***] XAP software series/mozilla-firefox-2.0.0.11-x86_64-1.tgz: Upgraded to Firefox 2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. -|--------------------------|- Fri Nov 30 20:16:36 EET 2007 XAP software series/seamonkey-1.1.7-x86_64-1.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] A software series/mkinitrd-1.3.0-x86_64-3.tgz: Fixed a missing '--parents' in a cp command. A software series/glibc-solibs-2.7-x86_64-3.tgz: Fixed incorrect version numbers in the install script. A software series/glibc-zoneinfo-2.7-noarch-3.tgz: Recompiled. L software series/glibc-2.7-x86_64-3.tgz: Fixed incorrect version numbers in the install script. L software series/glibc-i18n-2.7-noarch-3.tgz: Recompiled. L software series/glibc-profile-2.7-x86_64-3.tgz: Recompiled. -|--------------------------|- Thu Nov 29 22:18:43 EET 2007 AP software series/cdrtools-2.01.01a36-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a36. A software series/glibc-solibs-2.7-x86_64-2.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.9 kernel headers. A software series/glibc-zoneinfo-2.7-noarch-2.tgz: Upgraded to tzdata2007i. A software series/kernel-huge-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel modules. AP software series/ghostscript-8.61-x86_64-1.tgz: Upgraded to ghostscript-8.61. This is still under the GPL -- just FYI, I do not know why the package name changed. This package replaces gnu-ghostscript-8.60.0-x86_64-2. D software series/kernel-headers-2.6.23.9-x86_64-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel headers. K software series/kernel-source-2.6.23.9-noarch-1.tgz: Upgraded to Linux 2.6.23.9 SMP kernel source. L software series/gamin-0.1.9-x86_64-1.tgz: Upgraded to gamin-0.1.9. L software series/glibc-2.7-x86_64-2.tgz: Upgraded to glibc-2.7, built against Linux 2.6.23.9 kernel headers. * NOTE: Packages for -current built after this batch of packages (up to * the datestamp above) will be linked against glibc-2.7 and _may_ not work * on systems running earlier versions of glibc (such as Bluewhite64 12.0 * systems running glibc-2.5). L software series/glibc-i18n-2.7-noarch-2.tgz: Upgraded to glibc-2.7 locale files. L software series/glibc-profile-2.7-x86_64-2.tgz: Upgraded to glibc-2.7 profile libs. L software series/svgalib_helper-1.9.25_2.6.23.9-x86_64-1.tgz: Recompiled for Linux 2.6.23.9. isolinux/initrd.img: Upgraded to glibc-2.7. Added dmidecode. isolinux/network.dsk, pcmcia.dsk; Upgraded to 2.6.23.9 kernel modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.9. usb-and-pxe-installers/: Updated USB and PXE installers. -|--------------------------|- Wed Nov 28 23:13:59 EET 2007 A software series/mkinitrd-1.3.0-x86_64-2.tgz: Edited two spots where grep was searching for / rather than ' on / '. -|--------------------------|- Wed Nov 28 20:40:53 EET 2007 A software series/mkinitrd-1.3.0-x86_64-1.tgz: Upgraded to mkinitrd-1.3.0. This fixes a bug where some module options could be ignored. XAP software series/mozilla-firefox-2.0.0.10-x86_64-1.tgz: Upgraded to firefox-2.0.0.10. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] -|--------------------------|- Wed Nov 21 22:12:46 EET 2007 A software series/kernel-huge-2.6.23.8-x86_64-1.tgz: Upgraded to Linux 2.6.23.8 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.8-x86_64-1.tgz Upgraded to Linux 2.6.23.8 SMP kernel modules. D software series/kernel-headers-2.6.23.8-x86_64-1.tgz: Upgraded to Linux 2.6.23.8 SMP kernel headers. K software series/kernel-source-2.6.23.8-noarch-1.tgz Upgraded to Linux 2.6.23.8 SMP kernel source. L software series/libpng-1.2.23-x86_64-1.tgz: Upgraded to libpng-1.2.23. Previous libpng versions may crash when loading malformed PNG files. It is not currently known if this vulnerability can be exploited to execute malicious code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 [*** Security fix ***] L software series/svgalib_helper-1.9.25_2.6.23.8-x86_64-1.tgz: Recompiled for Linux 2.6.23.8. isolinux/network.dsk, pcmcia.dsk; upgraded to 2.6.23.8 kernel modules. initrd.img: Upgraded to hdparm-7.6. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.8. usb-and-pxe-installers/: Updated USB and PXE installers. XAP software series/mozilla-thunderbird-2.0.0.9-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.9. This update fixes the following security related issues: URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36). Crashes with evidence of memory corruption (MFSA 2007-29). OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox. JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on. For more information, see: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 [*** Security fix ***] -|--------------------------|- Sun Nov 18 00:36:19 EET 2007 AP software series/cdparanoia-IIIalpha9.8-x86_64-4.tgz: Recompiled with SG_IO patch. This didn't seem to make a noticable difference, but to someone it might. X software series/xf86-video-intel-2.2.0-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.0 X software series/xf86-video-sis-0.9.4-x86_64-1.tgz: Upgraded to xf86-video-sis-0.9.4. OK, now that that Samba fix is done, we can give you a working X server. :-) Evidently, the HAL/D-Bus enabled X server, xf86-input-evdev, and one of HAL's .fdi files aren't playing well together. After considering three possible workarounds, it was decided to disable D-Bus/HAL support in the X server for now. If you really want to play with X input hotplugging, it's easy enough to modify the source/x/x11/configure xorg-server configure file to enable D-Bus and HAL and run: ./x11.SlackBuild xserver xorg-server Xdmx remains gone per X build recommendations. X software series/xorg-server-1.4-x86_64-4.tgz: Recompiled without input hotplugging support. X software series/xorg-server-xnest-1.4-x86_64-4.tgz: Recompiled. X software series/xorg-server-xvfb-1.4-x86_64-4.tgz: Recompiled. XAP software series/xscreensaver-5.04-x86_64-1.tgz: Upgraded to xscreensaver-5.04. N software series/samba-3.0.27-x86_64-1.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 [*** Security fix ***] -|--------------------------|- Thu Nov 15 13:58:13 EET 2007 X software series/xf86-input-evdev-1.2.0-x86_64-1.tgz: Upgraded to xf86-input-evdev-1.2.0. X software series/xf86-input-joystick-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.0. X software series/mesa-7.0.2-x86_64-1.tgz: Upgraded to mesa-7.0.2. X software series/xf86-video-ati-6.7.196-x86_64-1.tgz: Upgraded to xf86-video-ati-6.7.196. X software series/xf86-video-intel-2.1.99-x86_64-1.tgz: Upgraded to xf86-video-intel-2.1.99. X software series/xorg-server-1.4-x86_64-2.tgz: Rebuilt against Mesa 7.0.2. Removed support for XDMX, as the code is not maintained and interferes with input hotplug support. X software series/xorg-server-xdmx-1.4-x86_64-1.tgz: Removed. X software series/xorg-server-xnest-1.4-x86_64-2.tgz: Recompiled. X software series/xorg-server-xvfb-1.4-x86_64-2.tgz: Recompiled. -|--------------------------|- Mon Nov 12 22:23:43 EET 2007 KDE software series/kdegraphics-3.5.8-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] KDE software series/koffice-1.6.3-x86_64-2.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] L software series/pcre-7.4-x86_64-1.tgz: Upgraded to pcre-7.4. L software series/poppler-0.6.2-x86_64-1.tgz: Upgraded to poppler-0.6.2. This release fixes xpdf related bugs. For more information, see: http://poppler.freedesktop.org/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] XAP software series/xpdf-3.02pl2-x86_64-1.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 [*** Security fix ***] -|--------------------------|- Mon Nov 12 01:22:25 EET 2007 N software series/php-5.2.5-x86_64-1.tgz: Upgraded to php-5.2.5. This fixes bugs and security issues. For more information, see: http://www.php.net/releases/5_2_5.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 [** Security fix ***] -|--------------------------|- Sat Nov 10 16:48:47 EET 2007 AP software series/gnu-ghostscript-8.60.0-x86_64-2.tgz: ./configured with --disable-compile-inits option, which disables a new default of compiling in various configuration values (such as paper size) rather than reading them from the traditional config file. XAP software series/mozilla-firefox-2.0.0.9-x86_64-1.tgz: Upgraded to firefox-2.0.0.9. This upgrade improves the stability of Firefox. For more information, see: http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/ XAP software series/seamonkey-1.1.6-x86_64-1.tgz: Upgraded to SeaMonkey 1.1.6. This upgrade fixes SeaMonkey's ability to display certain types of web pages. That's about all we could find about it here: http://www.mozilla.org/projects/seamonkey/ testing/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-2.tgz: Added libXss and libXv. -|--------------------------|- Mon Nov 5 12:15:39 EET 2007 X software series/libXft-2.1.12-x86_64-2.tgz: Recompiled to fix issues with bold font rendering. -|--------------------------|- Fri Nov 2 10:39:15 EET 2007 A software series/cups-1.3.4-x86_64-1.tgz: Upgraded to cups-1.3.4. An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 [*** Security fix ***] -|--------------------------|- A software series/pkgtools-12.1.0-noarch-1.tgz: Upgraded to pkgtools-12.1.0-noarch-1. Fixed the following issues with removepkg: Fix problem removing packages with a large number of fields. Thanks to Niki Kovacs for noticing this, and to Piter Punk for the patch. Use LC_ALL=C locale, which is much faster with "sort". Thanks to Tsomi. Don't try to remove any package that starts with '-'. This is not a proper package name (usually a typo), and results in the package database being broken as the "package" beginning with '-' is passed along as an option to a command later in the script. Thanks to Jef Oliver. Patched cat_except() to allow the last Bluewhite64 package on a partition to be removed (using ROOT=, of course). Thanks to Selkfoster for the patch, and to everyone else who proposed solutions before. This issue really wasn't given the highest priority before, but as long as I was here... Fixed pkgtool to handle much larger numbers of installed packages. Thanks to Gabriele Inghirami for the patch. NOTE: If you upgrade to the glibc packages below, be sure you are really wishing to test them, because reverting to the old version is not easy. However, these packages have (so far) passed the tests done here. testing/packages/glibc-2.7-x86_64-1.tgz: Added glibc-2.7. testing/packages/glibc-i18n-2.7-noarch-1.tgz: Added glibc-i18n-2.7. testing/packages/glibc-profile-2.7-x86_64-1.tgz: Added glibc-profile-2.7. testing/packages/glibc-solibs-2.7-x86_64-1.tgz: Added glibc-solibs-2.7. testing/packages/glibc-zoneinfo-2.7-noarch-1.tgz: Added glibc-zoneinfo-2.7. -|--------------------------|- Sun Oct 28 23:47:43 EET 2007 X software series/xf86-video-nv-2.1.6-x86_64-1.tgz: Upgraded to xf86-video-nv. X software series/compiz-0.6.2-x86_64-1.tgz: Upgraded to compiz-0.6.2. X software series/pixman-0.9.6-x86_64-1.tgz: Upgraded to pixman-0.9.6. X software series/glproto-1.4.9-noarch-1.tgz: Upgraded to glproto-1.4.9. -|--------------------------|- Thu Oct 25 20:19:54 EEST 2007 L software series/librsvg-2.18.2-x86_64-1.tgz: Upgraded to librsvg-2.18.2. XAP software series/gimp-2.4.0-x86_64-1.tgz: Upgraded to gimp-2.4.0. XAP software series/mozilla-firefox-2.0.0.8-x86_64-1.tgz: Upgraded to firefox-2.0.0.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/seamonkey-1.1.5-x86_54-1.tgz: Upgraded to seamonkey-1.1.5. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] -|--------------------------|- Sun Oct 21 00:30:32 EEST 2007 AP software series/hplip-2.7.10-x86_64-1.tgz: Upgraded to hplip-2.7.10. A software series/libpng-1.2.22-x86_64-1.tgz: Upgraded to libpng-1.2.22. A software series/openssl-solibs-0.9.8g-x86_64-1.tgz: Upgraded to openssl-solibs-0.9.8g. N software series/openssh-4.7p1-x86_64-2.tgz: Recompiled against openssl-0.9.8g. N software series/openssl-0.9.8g-x86_64-1.tgz: Upgraded to openssl-0.9.8g. L software series/poppler-0.6.1-x86_64-1.tgz: Upgraded to poppler-0.6.1. L software series/poppler-data-0.1.1-noarch-1.tgz: Upgraded to poppler-data-0.1.1. A software series/cups-1.3.3-x86_64-1.tgz: Upgraded to cups-1.3.3. A software series/dialog-1.1_20070930-x86_64-1.tgz: Upgraded to dialog-1.1-20070930 A software series/etc-12.1-noarch-1.tgz: Added "tape" group. A software series/glibc-solibs-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. A software series/glibc-zoneinfo-2.5-noarch-4.tgz: Upgraded to tzcode2007h and tzdata2007h. A software series/jfsutils-1.1.12-x86_64-1.tgz: Upgraded to jfsutils-1.1.12. A software series/kernel-huge-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP huge.s (full-featured) kernel. A software series/kernel-modules-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP kernel modules. A software series/kernel-test26-2.6.22-x86_64-1.tgz: Removed. A software series/module-init-tools-3.4-x86_64-1.tgz: Upgraded to module-init-tools-3.4. A software series/mkinitrd-1.2.0-x86_64-1.tgz: Updated to busybox-1.7.2 and dialog-1.1-20070930. A software series/openssl-solibs-0.9.8f-x86_64-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Bluewhite64 is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) [*** Security fix ***] A software series/syslinux-3.52-x86_64-1.tgz: Upgraded to syslinux-3.52. A software series/sysvinit-scripts-1.2-noarch-14.tgz: In rc.M, execute "mount -a" to mount any filesystems not already mounted. A software series/udev-116-x86_64-1.tgz: Upgraded to udev-116. AP software series/espgs-8.15.4-x86_64-2.tgz: Removed. This is replaced by gnu-ghostscript. AP software series/foomatic-filters-3.0_20070919-x86_64-1.tgz: Added. This is a printer filter required to use Gutenprint or HPLIP with CUPS. AP software series/gutenprint-5.0.1-x86_64-2.tgz: Added gutenprint-5.0.1, which is the new version of (and name for) gimp-print. AP software series/gnu-ghostscript-8.60.0-x86_64-1.tgz: Added gnu-ghostscript-8.60.0. This replaces the espgs (ESP Ghostscript) package. AP software series/hplip-2.7.9-x86_64-1.tgz: Upgraded to hplip-2.7.9. Note that this no longer requires daemons to be started at boot time, so any /etc/rc.d/rc.hplip script can be removed. AP software series/mysql-5.0.45-x86_64-1.tgz: Upgraded to mysql-5.0.45. AP software series/vim-7.1.138-x86_64-1.tgz: Upgraded to vim-7.1.138. D software series/git-1.5.3.3-x86_64-1.tgz: Upgraded to git-1.5.3.3. D software series/kernel-headers-2.6.23.1-x86_64-1.tgz: Upgraded to Linux 2.6.23.1 SMP kernel headers. K software series/kernel-source-2.6.23.1-noarch-1.tgz Upgraded to Linux 2.6.23.1 SMP kernel source. KDE software series/amarok-1.4.7-x86_64-1.tgz: Upgraded to amarok-1.4.7. KDE software series/k3b-1.0.3-x86_64-1.tgz: Upgraded to k3b-1.0.3. KDE software series/kdeaccessibility-3.5.8-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.8. KDE software series/kdeaddons-3.5.8-x86_64-1.tgz: Upgraded to kdeaddons-3.5.8. KDE software series/kdeadmin-3.5.8-x86_64-1.tgz: Upgraded to kdeadmin-3.5.8. KDE software series/kdeartwork-3.5.8-x86_64-1.tgz: Upgraded to kdeartwork-3.5.8. KDE software series/kdebase-3.5.8-x86_64-1.tgz: Upgraded to kdebase-3.5.8. KDE software series/kdeedu-3.5.8-x86_64-1.tgz: Upgraded to kdeedu-3.5.8. KDE software series/kdegames-3.5.8-x86_64-1.tgz: Upgraded to kdegames-3.5.8. KDE software series/kdegraphics-3.5.8-x86_64-1.tgz: Upgraded to kdegraphics-3.5.8. KDE software series/kdelibs-3.5.8-x86_64-1.tgz: Upgraded to kdelibs-3.5.8. KDE software series/kdemultimedia-3.5.8-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.8. KDE software series/kdenetwork-3.5.8-x86_64-1.tgz: Upgraded to kdenetwork-3.5.8. KDE software series/kdepim-3.5.8-x86_64-1.tgz: Upgraded to kdepim-3.5.8. KDE software series/kdesdk-3.5.8-x86_64-1.tgz: Upgraded to kdesdk-3.5.8. KDE software series/kdetoys-3.5.8-x86_64-1.tgz: Upgraded to kdetoys-3.5.8. KDE software series/kdeutils-3.5.8-x86_64-1.tgz: Upgraded to kdeutils-3.5.8. KDE software series/kdevelop-3.5.0-x86_64-1.tgz: Upgraded to kdevelop-3.5.0. KDE software series/kdewebdev-3.5.8-x86_64-1.tgz: Upgraded to kdewebdev-3.5.8. KDEi software series/kde-i18n-*-3.5.8-noarch-1.tgz: Upgraded to kde-i18n-3.5.8. L software series/dbus-glib-0.74-x86_64-1.tgz: Upgraded to dbus-glib-0.74. L software series/freetype-2.3.5-x86_64-1.tgz: Upgraded to freetype-2.3.5. L software series/glib2-2.12.13-x86_64-1.tgz: Upgraded to glib-2.12.13. L software series/glibc-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. L software series/glibc-i18n-2.5-noarch-5.tgz: Recompiled. L software series/glibc-profile-2.5-x86_64-4.tgz: Recompiled against 2.6.23.1 kernel headers. L software series/gtk+2-2.10.14-x86_64-1.tgz: Upgraded to gtk+-2.10.14. L software series/hal-0.5.10-x86_64-1.tgz: Upgraded to hal-0.5.10. L software series/hal-info-20071011-noarch-1.tgz: Upgraded to hal-info-20071011. L software series/libao-0.8.8-x86_64-1.tgz: Upgraded to libao-0.8.8. L software series/libgpod-0.5.2-x86_64-1.tgz: Upgraded to libgpod-0.5.2. L software series/libnjb-2.2.6-x86_64-1.tgz: Upgraded to libnjb-2.2.6. L software series/libpng-1.2.21-x86_64-1.tgz: Upgraded to libpng-1.2.21. L software series/libtheora-1.0beta1-x86_64-1.tgz: Upgraded to libtheora-1.0beta1. L software series/libvorbis-1.2.0-x86_64-1.tgz: Upgraded to libvorbis-1.2.0. L software series/libwnck-2.18.3-x86_64-1.tgz: Added libwnck-2.18.3. This is needed by compiz to compile gtk-window-decorator. L software series/pcre-7.3-x86_64-1.tgz: Upgraded to pcre-7.3. L software series/poppler-0.6-x86_64-1.tgz: Upgraded to poppler-0.6. L software series/qt-3.3.8-x86_64-5.tgz: Added back the library symlinks into /usr/lib, without which kdelibs does not compile. L software series/svgalib_helper-1.9.25_2.6.23.1-x86_64-1.tgz: Recompiled for Linux 2.6.23.1. L software series/vte-0.16.8-x86_64-1.tgz: Upgraded to vte-0.16.8. N software series/httpd-2.2.6-x86_64-1.tgz: Upgraded to httpd-2.2.6. N software series/network-scripts-12.0-noarch-5.tgz: Mount CIFS partitions N software series/openssh-4.7p1-x86_64-1.tgz: Upgraded to openssh-4.7p1. From the OpenSSH release notes: "Security bugs resolved in this release: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec." While it's fair to say that we here at Bluewhite64 don't see how this could be leveraged to compromise a system, a) the OpenSSH people (who presumably understand the code better) characterize this as a security bug, b) it has been assigned a CVE entry, and c) OpenSSH is one of the most commonly used network daemons. Better safe than sorry. More information should appear here eventually: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 [*** Security fix ***] N software series/openssl-0.9.8f-x86_64-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Bluewhite64 is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) [*** Security fix ***] N software series/php-5.2.4-x86_64-1.tgz: Upgraded to php-5.2.4. The PHP announcement says this version fixes over 120 bugs as well as "several low priority security bugs." Read more about it here: http://www.php.net/releases/5_2_4.php [*** Security fix ***] N software series/samba-3.0.26a-x86_64-1.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: "Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin." For more information, see: http://www.samba.org/samba/security/CVE-2007-4138.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 [*** Security fix ***] N software series/wpa_supplicant-0.5.8-x86_64-1.tgz: Upgraded to wpa_supplicant-0.5.8. TCL software series/expect-5.43.0-x86_64-4.tgz: Rebuilt against tcl-8.4.16. TCL software series/tcl-8.4.16-x86_64-1.tgz: Upgraded to tcl-8.4.16. TCL software series/tk-8.4.16-x86_64-1.tgz: Upgraded to tk-8.4.16. X software series/dejavu-ttf-2.20-noarch-1.tgz: Upgraded to dejavu-ttf-2.20. X software series/mesa-7.0.1-x86_64-1.tgz: Upgraded to Mesa 7.0.1. Upgraded to X.Org 7.3: PLEASE NOTE: There are a few known problems with this release. Please let us know if you have solutions to any of these. 1. xf86-video-vesa was not upgraded for the X.Org 7.3 release, and running Terminal or vte under KDE results in an X hang under KDE, or garbage in the terminal under XFce. 2. The following modules were not upgraded in the X.Org 7.3 release and no longer compile: mkcfm, xf86-input-acecad, xf86-input-dmc, xf86-input-void, xf86-video-glide, xf86-video-impact, and xf86-video-wsfb. Odds are good that due to the driver ABI change none of these are currently working. X software series/compiz-0.6.0-x86_64-1: Upgraded to compiz-0.6.0. X software series/compositeproto-0.4-noarch-1: Upgraded to compositeproto-0.4. X software series/iceauth-1.0.2-x86_64-1: Upgraded to iceauth-1.0.2. X software series/ico-1.0.2-x86_64-1: Upgraded to ico-1.0.2. X software series/inputproto-1.4.2.1-noarch-1: Upgraded to inputproto-1.4.2.1. X software series/libICE-1.0.4-x86_64-1: Upgraded to libICE-1.0.4. X software series/libX11-1.1.3-x86_64-1: Upgraded to libX11-1.1.3. X software series/libXaw-1.0.4-x86_64-1: Upgraded to libXaw-1.0.4. X software series/libXcomposite-0.4.0-x86_64-1: Upgraded to libXcomposite-0.4.0. X software series/libXcursor-1.1.9-x86_64-1: Upgraded to libXcursor-1.1.9. X software series/libXfont-1.3.1-x86_64-1: Upgraded to libXfont-1.3.1. X software series/libXi-1.1.3-x86_64-1: Upgraded to libXi-1.1.3. X software series/libXpm-3.5.7-x86_64-1: Upgraded to libXpm-3.5.7. X software series/libXrandr-1.2.2-x86_64-1: Upgraded to libXrandr-1.2.2. X software series/libXrender-0.9.4-x86_64-1: Upgraded to libXrender-0.9.4. X software series/libXtst-1.0.3-x86_64-1: Upgraded to libXtst-1.0.3. X software series/libXxf86dga-1.0.2-x86_64-1: Upgraded to libXxf86dga-1.0.2. X software series/pixman-0.9.5-x86_64-1: Added pixman-0.9.5. X software series/renderproto-0.9.3-noarch-1: Upgraded to renderproto-0.9.3. X software series/sessreg-1.0.3-x86_64-1: Upgraded to sessreg-1.0.3. X software series/setxkbmap-1.0.4-x86_64-1: Upgraded to setxkbmap-1.0.4. X software series/xbacklight-1.1-x86_64-1: Added xbacklight-1.1. X software series/xcalc-1.0.2-x86_64-1: Upgraded to xcalc-1.0.2. X software series/xclock-1.0.3-x86_64-1: Upgraded to xclock-1.0.3. X software series/xconsole-1.0.3-x86_64-1: Upgraded to xconsole-1.0.3. X software series/xcursorgen-1.0.2-x86_64-1: Upgraded to xcursorgen-1.0.2. X software series/xdm-1.1.6-x86_64-1: Upgraded to xdm-1.1.6. X software series/xdriinfo-1.0.2-x86_64-1: Upgraded to xdriinfo-1.0.2. X software series/xf86-input-aiptek-1.0.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-acecad-1.2.0-x86_64-1.tgz: Removed (not compiling). X software series/xf86-input-calcomp-1.1.1-x86_64-1: Upgraded to xf86-input-calcomp-1.1.1. X software series/xf86-input-citron-2.2.1-x86_64-1: Added xf86-input-citron-2.2.1. X software series/xf86-input-digitaledge-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-dynapro-1.1.1-x86_64-1: Added xf86-input-dynapro-1.1.1. X software series/xf86-input-elo2300-1.1.1-x86_64-1: Added xf86-input-elo2300-1.1.1. X software series/xf86-input-elographics-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-evdev-1.1.5-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-fpit-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-hyperpen-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-jamstudio-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-joystick-1.2.3-x86_64-1: Upgraded to xf86-input-joystick-1.2.3. X software series/xf86-input-keyboard-1.2.2-x86_64-1: Upgraded to xf86-input-keyboard-1.2.2. X software series/xf86-input-magellan-1.1.1-x86_64-1: Upgraded to xf86-input-magellan-1.1.1. X software series/xf86-input-magictouch-1.0.0.5-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-microtouch-1.1.1-x86_64-1: Added xf86-input-microtouch-1.1.1. X software series/xf86-input-mouse-1.2.3-x86_64-1: Upgraded to xf86-input-mouse-1.2.3. X software series/xf86-input-mutouch-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-palmax-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-penmount-1.2.1-x86_64-1: Added xf86-input-penmount-1.2.1. X software series/xf86-input-spaceorb-1.1.1-x86_64-1: Upgraded to xf86-input-spaceorb-1.1.1. X software series/xf86-input-summa-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-tek4957-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-ur98-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-input-vmmouse-12.4.3-x86_64-1: Upgraded to xf86-input-vmmouse-12.4.3. X software series/xf86-input-void-1.1.0-x86_64-1.tgz: Removed (not compiling). X software series/xf86-video-apm-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ark-0.6.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ast-0.81.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-ati-6.7.195-x86_64-1: Upgraded to xf86-video-ati-6.7.195. X software series/xf86-video-chips-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-cirrus-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-cyrix-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-dummy-0.2.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-fbdev-0.3.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-glint-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i128-1.2.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i740-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-i810-1.7.4-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-imstt-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-intel-2.1.1-x86_64-1: Upgraded to xf86-video-intel-2.1.1. X software series/xf86-video-mga-1.9.100-x86_64-1: Upgraded to xf86-video-mga-1.9.100. X software series/xf86-video-neomagic-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-newport-0.2.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-nsc-2.8.3-x86_64-1: Upgraded to xf86-video-nsc-2.8.3. X software series/xf86-video-nv-2.1.5-x86_64-1: Upgraded to xf86-video-nv-2.1.5. X software series/xf86-video-rendition-4.1.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-s3-0.5.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-s3virge-1.9.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-savage-2.1.3-x86_64-1: Upgraded to xf86-video-savage-2.1.3. X software series/xf86-video-siliconmotion-1.5.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-sis-0.9.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-sisusb-0.8.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tdfx-1.3.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tga-1.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-trident-1.2.3-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-tseng-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-v4l-0.1.1-x86_64-3: Recompiled against xorg-server-1.4. X software series/xf86-video-vesa-1.3.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-vga-4.1.0-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-via-0.2.2-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86-video-vmware-10.15.2-x86_64-1: Upgraded to xf86-video-vmware-10.15.2. X software series/xf86-video-voodoo-1.1.1-x86_64-2: Recompiled against xorg-server-1.4. X software series/xf86dgaproto-2.0.3-noarch-1: Upgraded to xf86dgaproto-2.0.3. X software series/xfs-1.0.5-x86_64-1.tgz: Upgraded to xfs-1.0.5. X software series/xgamma-1.0.2-x86_64-1: Upgraded to xgamma-1.0.2. X software series/xhost-1.0.2-x86_64-1: Upgraded to xhost-1.0.2. X software series/xinit-1.0.7-x86_64-1: Upgraded to xinit-1.0.7. X software series/xmag-1.0.2-x86_64-1: Upgraded to xmag-1.0.2. X software series/xman-1.0.3-x86_64-1: Upgraded to xman-1.0.3. X software series/xmessage-1.0.2-x86_64-1: Upgraded to xmessage-1.0.2. X software series/xmodmap-1.0.3-x86_64-1: Upgraded to xmodmap-1.0.3. X software series/xorg-server-1.4-x86_64-1: Upgraded to xorg-server-1.4. X software series/xorg-server-xdmx-1.4-x86_64-1: Upgraded to xorg-server-xdmx. X software series/xorg-server-xnest-1.4-x86_64-1: Upgraded to xorg-server-xnest-1.4. X software series/xorg-server-xvfb-1.4-x86_64-1: Upgraded to xorg-server-xvfb-1.4. X software series/xprop-1.0.3-x86_64-1: Upgraded to xprop-1.0.3. X software series/xrandr-1.2.2-x86_64-1: Upgraded to xrandr-1.2.2. X software series/xrdb-1.0.4-x86_64-1: Upgraded to xrdb-1.0.4. X software series/xset-1.0.3-x86_64-1: Upgraded to xset-1.0.3. X software series/xsetroot-1.0.2-x86_64-1: Upgraded to xsetroot-1.0.2. X software series/xtrans-1.0.4-noarch-1: Upgraded to xtrans-1.0.4. X software series/xvinfo-1.0.2-x86_64-1: Upgraded to xvinfo-1.0.2. X software series/xwininfo-1.0.3-x86_64-1: Upgraded to xwininfo-1.0.3. XAP software series/fluxbox-1.0.0-x86_64-1.tgz: Upgraded to fluxbox-1.0.0. XAP software series/imagemagick-6.3.6_0-x86_64-1.tgz: Upgraded to ImageMagick-6.3.6-0. XAP software series/mozilla-firefox-2.0.0.7-x86_64-1.tgz: Upgraded to mozilla-firefox-2.0.0.7. XAP software series/pidgin-2.2.1-x86_64-1.tgz: Upgraded to pidgin-2.2.1. XAP software series/vim-gvim-7.1.138-x86_64-1.tgz: Upgraded to vim-7.1.138 with GTK+ extensions. XAP software series/xine-lib-1.1.8-x86_64-1.tgz: Upgraded to xine-lib-1.1.8. XAP software series/xscreensaver-5.03-x86_64-1.tgz: Upgraded to xscreensaver-5.03. EXTRA software/ktorrent/ktorrent-2.2.2-x86_64-1.tgz: Upgraded to ktorrent-2.2.2. EXTRA software/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-x86_64-1.tgz: Removed. This does not compile with Linux 2.6.23.1, and no newer version is out. EXTRA software/xf86-video-ati-6.6.3/xf86-video-ati-6.6.3-x86_64-3.tgz: Removed. If there are still problems with the ATI driver we'll have to look at them again. There's a proposed patch around here somewhere. isolinux/initrd.img: Upgraded to jfsutils-1.1.12. isolinux/network.dsk: Added 2.6.23.1 SMP modules. isolinux/pcmcia.dsk: Added 2.6.23.1 SMP modules. kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.1. kernels/test26.s/*: Removed. testing/packages/linux-2.6.22/*: Removed. testing/packages/svgalib_helper-1.9.25_2.6.22-x86_64-2.tgz: Removed. testing/packages/bash-3.2.025-x86_64-1.tgz: Upgraded to bash-3.2.025. -|--------------------------|- Fri Sep 14 11:37:32 EEST 2007 L software series/jre-6u2-x86_64-2.tgz: Recompiled. Fixed /usr/lib/java -> jre1.6.0_02 symlink. EXTRA software/jdk-6/jdk-6u2-x86_64-3.tgz: Recompiled. Fixed /usr/lib/java -> jdk1.6.0_02 symlink. Thanks to Virgil Moldoveanu for reporting this. -|--------------------------|- Sun Sep 2 12:54:30 EEST 2007 EXTRA software/jdk-6/jdk-6u2-x86_64-2.tgz: Fixed a bug in the improvement to the /etc/profile.d/ scripts where it would mess up the $MANPATH. Sorry about that, folks. The JRE package was not affected. BTW, any time a security upgrade package mentioned in an advisory is "missing", it probably means a mistake like this was made. In those cases, look for a newer package, and verify the authenticity using "gpg --verify" and the .asc file. -|--------------------------|- Sat Sep 1 10:55:05 EEST 2007 L software series/jre-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Runtime Environment Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. EXTRA software/jdk-6/jdk-6u2-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition Development Kit Version 6.0 update 2. This update addresses code errors which could possibly be leveraged to compromise system security, though we know of no existing exploits. This update consists of the official Java(TM) binaries repackaged in Bluewhite64's package format, and may be used on any version of Bluewhite64 that is based on glibc. For more information, see: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 [*** Security fix ***] An additional change was made to the script that Bluewhite64 uses to set environment variables for Java(TM). Now, after the $JAVA_HOME variable is set, the next variable settings make use of it, rather than hard-coding the path to $JAVA_HOME. This does not fix a bug, but is certainly better scripting style. -|--------------------------|- Tue Aug 28 23:41:03 EEST 2007 TESTING/packages/ia32-emulation/ia32-lib32-0.2.3-x86_64-1.tgz: Added libxslt-1.1.20, libstdc++.so.5.0.7 and libutil-2.5.so from Slackware 12.0. Thanks! This libs will help you to install and run programs like ATI drivers or wine ;). [*** UPDATE ***] -|--------------------------|- Fri Aug 24 22:36:50 EEST 2007 N software series/tcpdump-3.9.7-x86_64-1.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 [*** Security fix ***] -|--------------------------|- Sun Aug 12 11:36:59 EEST 2007 XAP software series/gimp-2.2.17-x86_64-1.tgz: Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding certain image types. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949 [*** Security fix ***] L software series/poppler-0.5.4-x86_64-3.tgz: Patched to fix an integer overflow in code borrowed from xpdf. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] L software series/qt-3.3.8-x86_64-4.tgz: Patched to fix several format string bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 [*** Security fix ***] XAP software series/seamonkey-1.1.4-x86_64-1.tgz: Upgraded to seamonkey-1.1.4. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] XAP software series/packages/xpdf-3.02pl1-x86_64-1.tgz: Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly be leveraged to run arbitrary code if a malicious PDF file is processed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 [*** Security fix ***] -|--------------------------|- Sat Aug 4 14:10:07 EEST 2007 XAP software series/mozilla-thunderbird-2.0.0.6-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/mozilla-firefox-2.0.0.6-x86_64-1.tgz: Upgraded to firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] -|--------------------------|- Fri Jul 27 11:47:24 EEST 2007 XAP software series/bind-9.4.1_P1-x86_64-1.tgz: Upgraded to bind-9.4.1_P1 to fix security issues. The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1. The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak. For more information on these issues, see: http://www.isc.org/index.pl?/sw/bind/bind-security.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 [*** Security fix ***] XAP software series/mozilla-thunderbird-2.0.0.5-x86_64-1.tgz: Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine with Firefox it is susceptible to similar vulnerabilities. This update fixes the same issues fixed in the recent Firefox patch. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird [*** Security fix ***] XAP software series/seamonkey-1.1.3-x86_64-1.tgz: Upgraded to seamonkey-1.1.3. This is presumably a security update, but the details on the net have been sparse. So far nothing has appeared at the usual URL, but I would treat this as a security update unless it is announced as otherwise. For more information (if/when it appears), see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey [*** Security fix ***] A software series/mkinitrd-1.1.3-x86_64-4.tgz: Fixed a minor bug in mkinitrd where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were not affected by this bug, so most people won't run into it (which is probably why it wasn't spotted in development here). XAP software series/mozilla-firefox-2.0.0.5-x86_64-1.tgz: Upgraded to firefox-2.0.0.5. This upgrade fixes a couple of minor security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox [*** Security fix ***] XAP software series/xf86-video-intel-2.1.0-x86_64-1.tgz: Added additional chipsets. XAP software series/xf86-video-nv-2.1.2-x86_64-1.tgz: Added additional chipsets. -|--------------------------|- Mon Jul 16 14:57:22 EEST 2007 X software series/xf86-video-v4l-0.1.1-x86_64-2.tgz: Patched to fix X.org server crash (only on 64-bit arch) when xvinfo or other programs like xdtv try to use v4l driver. This is happens only if you have v4l loaded in your xorg.conf file. Thanks to Casteyde Christian for reporting this. usb-and-pxe-installers/*: Fixed missing lib64->lib symlink in initrd.img which prevent installing Bluewhite64 12.0 from a bootable USB stick. Thanks to Bogdan Bordea for reporting and testing the new initrd.img. -|--------------------------|- Tue Jul 10 01:24:59 EEST 2007 This is Bluewhite64 Linux 12.0! THANKS to ALL for helping on this release! Don't forget to read the CHANGES_AND_HINTS.TXT file for more information about changes. I hope you find Bluewhite64 to be useful! ;) -|--------------------------|-