Sun Mar 18 23:18:24 CET 2012 Hi again community, the time has finally come. I really enjoy working on the Slackintosh project but the grace period of one month has passed so it's time to close even the -stable branch. I want to thanks again Adrian for running this project together, Volkerding for keeping up our favourite Linux distribution, Andreas "fizban" Liebschner for helping us setting up the repository with scripts and suggestions (where are you, man?) and finally YOU, the community. Thanks for running along with us, we really cared about everything you suggested us. One of our users, Jesse, is willing to take a look into Slackintosh so, maybe, you will see Slackware for PowerPC running again. Who knows? In the meanwhile you should try one of the other PowerPC distribution out there: Debian, Gentoo, Crux PPC and Yellow Dog Linux. They all have good PPC support. Or why not testing out one the BSD? OpenBSD, FreeBSD and NetBSD they all support New World ROM machines. Thank you again for enjoying this project. Explore new solutions and have fun! Take care, Marco +--------------------------+ Thu Mar 1 00:25:30 CET 2012 patches/packages/libpng-1.2.47-powerpc-1_slack12.1.tgz: Upgraded. All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57, respectively, fail to correctly validate a heap allocation in png_decompress_chunk(), which can lead to a buffer-overrun and the possibility of execution of hostile code on 32-bit systems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 (* Security fix *) +--------------------------+ Fri Feb 17 08:15:41 CET 2012 Hi community, Slackintosh-current has not received any update in the last 15 months: it's time to close this branch and give it up to maintenance to anyone who will eventually step up. Both me and Adrian lerned a lot of things from running this distribution but we do not not have enough time to keep it up to date. I will keep building security patches for Slackintosh-12.1 for another month, after that the Slackintosh-12.1 branch will be close too. If you want to take care of the -12.1 branch or the -current one and start merging back new packages from Slackware-current, write to us at and we'll help you set up a new development environment. Thank you for running along with us in this adventure. Your ideas, inputs and tips were always really appreciated. Take care, Marco +--------------------------+ Sun Feb 12 23:46:22 CET 2012 patches/packages/apr-util-1.4.1-powerpc-1_slack12.1.tgz: Upgraded. Version bump for httpd upgrade. patches/packages/freetype-2.4.8-powerpc-1_slack12.1.tgz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 (* Security fix *) patches/packages/httpd-2.2.22-powerpc-1_slack12.1.tgz: Upgraded. *) SECURITY: CVE-2011-3368 (cve.mitre.org) Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton] *) SECURITY: CVE-2011-3607 (cve.mitre.org) Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames] *) SECURITY: CVE-2011-4317 (cve.mitre.org) Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton] *) SECURITY: CVE-2012-0021 (cve.mitre.org) mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format string is in use and a client sends a nameless, valueless cookie, causing a denial of service. The issue existed since version 2.2.17. PR 52256. [Rainer Canavan ] *) SECURITY: CVE-2012-0031 (cve.mitre.org) Fix scoreboard issue which could allow an unprivileged child process could cause the parent to crash at shutdown rather than terminate cleanly. [Joe Orton] *) SECURITY: CVE-2012-0053 (cve.mitre.org) Fix an issue in error responses that could expose "httpOnly" cookies when no custom ErrorDocument is specified for status code 400. [Eric Covener] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 (* Security fix *) patches/packages/openssl-0.9.8t-powerpc-1_slack12.1.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 (* Security fix *) patches/packages/openssl-solibs-0.9.8t-powerpc-1_slack12.1.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050 (* Security fix *) patches/packages/php-5.3.10-powerpc-1_slack12.1.tgz: Upgraded. Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 (* Security fix *) patches/packages/proftpd-1.3.4a-powerpc-1_slack12.1.tgz: Upgraded. This update fixes a use-after-free() memory corruption error, and possibly other unspecified issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130 (* Security fix *) patches/packages/vsftpd-2.3.5-powerpc-1_slack12.1.tgz: Upgraded. Minor version bump, this also works around a hard to trigger heap overflow in glibc (glibc zoneinfo caching vuln). For there to be any possibility to trigger the glibc bug within vsftpd, the non-default option "chroot_local_user" must be set in /etc/vsftpd.conf. Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-) Nevertheless: (* Security fix *) +--------------------------+ Fri Jan 13 00:26:15 CET 2012 patches/packages/glibc-zoneinfo-2011i_2011n-noarch-1.tgz: Upgraded. The long awaited glibc-zoneinfo patch is here. New upstream homepage: http://www.iana.org/time-zones +--------------------------+ Wed Nov 23 09:48:18 CET 2011 patches/packages/bind-9.4_ESV_R5_P1-powerpc-1_slack12.1.tgz: Upgraded. --- 9.4-ESV-R5-P1 released --- 3218. [security] Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [RT #26590] (* Security fix *) +--------------------------+ Fri Nov 18 22:20:03 CET 2011 patches/packages/bind-9.4_ESV_R5-powerpc-1_slack12.1.tgz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 (* Security fix *) patches/packages/httpd-2.2.21-powerpc-1_slack12.1.tgz: Upgraded. Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348 Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. [] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 (* Security fix *) patches/packages/php-5.3.8-powerpc-1_slack12.1.tgz: Upgraded. Security fixes vs. 5.3.6 (5.3.7 was not usable): Updated crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash in error_log(). Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt(). Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483 For those upgrading from PHP 5.2.x, be aware that quite a bit has changed, and it will very likely not 'drop in', but PHP 5.2.x is not supported by php.net any longer, so there wasn't a lot of choice in the matter. We're not able to support a security fork of PHP 5.2.x here either, so you'll have to just bite the bullet on this. You'll be better off in the long run. :) (* Security fix *) glibc patches will take a little longer, stay tuned :) +--------------------------+ Tue Aug 2 21:46:00 CEST 2011 patches/packages/libpng-1.2.46-powerpc-1_slack12.1.tgz: Upgraded. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 (* Security fix *) This package has been built using this command line: ARCH="powerpc" ./libpng.SlackBuild as I'm trying to introduce less changes to upstream sources and to rely on SlackBuilds portability features. +--------------------------+ Tue Jun 21 20:46:39 CEST 2011 patches/packages/fetchmail-6.3.20-powerpc-1_slack12.1.tgz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt (* Security fix *) +--------------------------+ Sat May 28 15:46:21 CEST 2011 patches/packages/bind-9.4_ESV_R4_P1-powerpc-1_slack12.1.tgz: Upgraded. This release fixes security issues: * A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] * Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631] For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 Slackintosh note: I had some errors building libisc.la, but the build looks just fine. If anything is not working as expected, report back and I'll take a deeper look into it. (* Security fix *) +--------------------------+ Thu May 26 09:54:37 CEST 2011 patches/packages/apr-1.4.5-powerpc-1_slack12.1.tgz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 (* Security fix *) patches/packages/apr-util-1.3.12-powerpc-1_slack12.1.tgz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). patches/packages/httpd-2.2.19-powerpc-1_slack12.1.tgz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. +--------------------------+ Thu Apr 21 10:08:24 CEST 2011 patches/packages/rdesktop-1.6.0-powerpc-2_slack12.1.tgz: Rebuilt. Patched a traversal vulnerability (disallow /.. requests). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1595 (* Security fix *) +--------------------------+ Tue Apr 19 10:20:38 CEST 2011 patches/packages/acl-2.2.50-powerpc-1_slack12.1.tgz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent symlink attacks. Thanks to Martijn Dekker for the notification. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4411 (* Security fix *) +--------------------------+ Mon Apr 11 09:53:20 CEST 2011 patches/packages/libtiff-3.8.2-powerpc-5_slack12.1.tgz: Rebuilt. Patched overflows that could lead to arbitrary code execution when parsing a malformed image file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 (* Security fix *) +--------------------------+ Thu Apr 7 12:39:30 CEST 2011 patches/packages/dhcp-3.1_ESV_R1-powerpc-1_slack12.1.tgz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997 (* Security fix *) patches/packages/xrdb-1.0.9-powerpc-1_slack12.1.tgz: Upgraded. This fixes a security issue where improperly sanitized input could lead to privilege escalation or arbitrary command execution as root. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0465 (* Security fix *) +--------------------------+ Wed Apr 6 18:32:02 CEST 2011 patches/packages/proftpd-1.3.3e-powerpc-1_slack12.1.tgz: Upgraded. Fixes CVE-2011-1137 (badly formed SSH messages cause DoS). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137 (* Security fix *) +--------------------------+ Mon Mar 28 14:03:47 CEST 2011 patches/packages/apr-1.3.12-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/apr-util-1.3.10-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/bind-9.4_ESV_R4-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/cups-1.3.11-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/expat-2.0.1-powerpc-2_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-2.7-powerpc-12_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-i18n-2.7-noarch-12_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-solibs-2.7-powerpc-12_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-debug-2.7-powerpc-12_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-profile-2.7-powerpc-12_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/glibc-zoneinfo-2.7-noarch-12_slack12.0.tgz: Upgraded (* Security fix *) patches/packages/httpd-2.2.17-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/irssi-0.8.15-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/openssl-0.9.8r-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/openssl-solibs-0.9.8r-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/php-5.2.17-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/pidgin-2.7.11-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/poppler-0.6.4-powerpc-3_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/proftpd-1.3.3d-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/rdesktop-1.6.0-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/samba-3.0.37-powerpc-4_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/subversion-1.5.9-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/sudo-1.7.4p6-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/vim-gvim-7.1.330-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/xpdf-3.02pl5-powerpc-1_slack12.1.tgz: Upgraded (* Security fix *) patches/packages/mkinitrd-1.3.2-powerpc-3_1.tgz: Rebuilt. patches/packages/slackpkg-2.70.4-noarch-1.tgz: Upgraded. Hello everybody again! This batch of updates brings us in sync with Slackware 12.1. For all the gory details about changes and upgrades, take a look at http://slackware.osuosl.org/slackware-12.1/ChangeLog.txt Have fun! +--------------------------+ Tue Sep 21 10:26:06 CEST 2010 patches/packages/bzip2-1.0.6-powerpc-1_slack12.1.tgz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 (* Security fix *) +--------------------------+ Mon Sep 20 09:28:11 CEST 2010 patches/packages/samba-3.0.37-powerpc-3_slack12.1.tgz: Upgraded. This upgrade fixes a buffer overflow in the sid_parse() function. For more information, see: http://www.samba.org/samba/security/CVE-2010-3069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3069 (* Security fix *) patches/packages/sudo-1.7.4p4-powerpc-3_slack12.1.tgz: Upgraded. This fixes a flaw that could lead to privilege escalation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956 (* Security fix *) +--------------------------+ Mon Aug 30 13:32:46 CEST 2010 The xorg-server packages took less then expected, here they're! patches/packages/xorg-server-1.4.2-powerpc-2_slack12.1.tgz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2240 (* Security fix *) patches/packages/xorg-server-xnest-1.4.2-powerpc-2_slack12.1.tgz: Rebuilt. patches/packages/xorg-server-xvfb-1.4.2-powerpc-2_slack12.1.tgz: Rebuilt. +--------------------------+ Mon Aug 30 10:02:45 CEST 2010 Batch of security updates! The X11 stuff is lagging a bit behind, it will be ready in the next few days. patches/packages/gnupg2-2.0.9-powerpc-2_slack12.1.tgz: Rebuilt. Patched to fix "Realloc Bug with X.509 certificates in GnuPG". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 (* Security fix *) patches/packages/httpd-2.2.16-powerpc-1_slack12.1.tgz: Upgraded. Fix Handling of requests without a path segment. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 (* Security fix *) patches/packages/php-5.2.14-powerpc-1_slack12.1.tgz: Upgraded. Fixed several security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html (* Security fix *) patches/packages/pidgin-2.7.3-powerpc-1_slack12.1.tgz: Upgraded. This fixes a crash due to malformed X-Status messages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 (* Security fix *) +--------------------------+ Thu Jul 1 11:49:37 CEST 2010 patches/packages/libtiff-3.8.2-powerpc-4_slack12.1.tgz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 (* Security fix *) patches/packages/libpng-1.2.44-powerpc-1_slack12.1.tgz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 (* Security fix *) +--------------------------+ Mon Jun 28 14:13:42 CEST 2010 patches/packages/bind-9.4.3_P5-powerpc-1_slack12.1.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 (* Security fix *) patches/packages/samba-3.0.37-powerpc-2_slack12.1.tgz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 (* Security fix *) +--------------------------+ Wed May 19 10:20:25 CEST 2010 patches/packages/pidgin-2.7.0-powerpc-1_slack12.1.tgz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 (* Security fix *) +--------------------------+ Mon May 17 09:22:55 CEST 2010 patches/packages/fetchmail-6.3.17-powerpc-1_slack12.1.tgz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 (* Security fix *) +--------------------------+ Fri Apr 23 12:43:14 CEST 2010 patches/packages/sudo-1.7.2p6-powerpc-1_slack12.1.tgz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html (* Security fix *) +--------------------------+ Tue Apr 6 11:54:20 CEST 2010 patches/packages/mozilla-thunderbird-2.0.0.24-powerpc-1.tgz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Sat Apr 3 23:18:53 CEST 2010 Happy Easter! Here're the latest patches: patches/packages/openssl-0.9.8n-powerpc-1_slack12.1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 (* Security fix *) patches/packages/openssl-solibs-0.9.8n-powerpc-1_slack12.1.tgz: Upgraded. patches/packages/proftpd-1.3.3-powerpc-2_slack12.1.tgz: Rebuilt. patches/packages/seamonkey-1.1.19-powerpc-1_slack12.1.tgz: Upgraded. Upgraded to seamonkey-1.1.19. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Thu Mar 11 15:29:11 CET 2010 patches/packages/httpd-2.2.15-powerpc-1_slack12.1.tgz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 (* Security fix *) patches/packages/openssl-0.9.8m-powerpc-2_slack12.1.tgz: Rebuilt. patches/packages/openssl-solibs-0.9.8m-powerpc-2_slack12.1.tgz: Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. patches/packages/pidgin-2.6.6-powerpc-1_slack12.1.tgz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 (* Security fix *) +--------------------------+ Wed Mar 3 09:44:59 CET 2010 patches/packages/openssl-0.9.8m-powerpc-1_slack12.1.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 (* Security fix *) patches/packages/openssl-solibs-0.9.8m-powerpc-1_slack12.1.tgz: Upgraded. patches/packages/proftpd-1.3.3-powerpc-1_slack12.1.tgz: Upgraded. +--------------------------+ Tue Jan 26 13:12:41 CET 2010 patches/packages/httpd-2.2.14-powerpc-1_slack12.1.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 (* Security fix *) patches/packages/php-5.2.12-powerpc-1_slack12.1.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 (* Security fix *) patches/packages/pidgin-2.6.5-powerpc-1_slack12.1.tgz : Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 (* Security fix *) +--------------------------+ Sun Dec 13 21:54:01 CET 2009 patches/packages/gimp-2.4.7-powerpc-1_slack12.1.tgz: Upgraded. This fixes integer overflows in the image handling plugins that could lead to the execution of arbitrary code or an application crash if a malicious image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570 (* Security fix *) +--------------------------+ Fri Dec 11 09:33:56 CET 2009 patches/packages/ntp-4.2.4p8-powerpc-1_slack12.1.tgz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 (* Security fix *) +--------------------------+ Mon Dec 7 00:07:16 CET 2009 patches/packages/bind-9.4.3_P4-powerpc-1_slack12.1.tgz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 (* Security fix *) +--------------------------+ Tue Nov 17 09:57:11 CET 2009 patches/packages/openssl-0.9.8h-powerpc-4_slack12.1.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) patches/packages/openssl-solibs-0.9.8h-powerpc-4_slack12.1.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) +--------------------------+ Thu Oct 29 15:41:13 CET 2009 patches/packages/amarok-1.4.10-powerpc-1_slack12.1_1.tgz: Rebuilt. And here it is! This time looks like there is the amarok binary, let me know if it runs ok or it needs some more tweaking. +--------------------------+ Thu Oct 29 14:50:35 CET 2009 Last amarok update broke the package down, sorry for the inconvenience, I'm working on it :-P patches/packages/poppler-0.6.4-powerpc-2_slack12.1.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) patches/packages/xpdf-3.02pl4-powerpc-1_slack12.1.tgz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) +--------------------------+ Sun Oct 18 23:29:13 CEST 2009 patches/packages/gnutls-2.8.4-powerpc-1_slack12.1.tgz: This contains a correct fix for the NUL in CN/SAN SSL vulnerability. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 (* Security fix *) patches/packages/pidgin-2.6.3-powerpc-1_slack12.1.tgz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 (* Security fix *) +--------------------------+ Thu Oct 15 11:05:18 CEST 2009 "[tap tap tap]... Is this thing on? ;-)" Hell, yes, it is! Sorry to all the Slackintosh users for the long downtime (more than one year!) but several things happened. First thing first I think that everybody should thanks Adrian for all the work he did in the past, he chooses to quit developing Slackintosh but he's still keeping the web server up. So, yes, this has become a one man project again. My goal right now is to keep Slackintosh 12.1 up to date, while slowly starting to have a -current tree up and running soon. This all alone doesn't explain the downtime: I also had a serious hardware failure, my PowerBook G4 broke down but Adrian was so keen to give me a mac-mini: all of the work has been done on that machine. Mix it up with several real-life events and now you can get an idea of why Slackintosh disappeared from the face of the earth during last thirteen months ;-) Finaly, here's today ChangeLog. Read it carefully as I did some important changes: a new package name schema for packages which are out of sync with the official Slackware tree and firefox and thunderbird package names changed again. Enjoy the new in-sync Slackintosh-12.1! - Marco Bonetti patches/packages/apr-1.3.8-powerpc-1_slack12.1.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/apr-util-1.3.9-powerpc-1_slack12.1.tgz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/bind-9.4.3_P3-powerpc-1_slack12.1.tgz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 (* Security fix *) patches/packages/cdrtools-2.01.01a66-powerpc-2_slack12.1.tgz: Fixed build script to put the charset conversion tables in /usr/lib/siconv. Hopefully this will work correctly with k3b now. Thanks to Krasimir Kazakov for the bug report. Also, I did a version bump to a66, since a57 Schily's build system does not properly work here. patches/packages/cups-1.3.10-powerpc-1_slack12.1.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 (* Security fix *) patches/packages/curl-7.16.2-powerpc-3_slack12.1.tgz: This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 (* Security fix *) patches/packages/cyrus-sasl-2.1.23-powerpc-1_slack12.1.tgz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 (* Security fix *) patches/packages/dhcp-3.1.2p1-powerpc-1_slack12.1.tgz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 (* Security fix *) patches/packages/fetchmail-6.3.11-powerpc-1_slack12.1.tgz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 (* Security fix *) patches/packages/ghostscript-8.62-powerpc-6_slack12.1.tgz: Rebuilt. Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 (* Security fix *) patches/packages/git-1.6.1.3-powerpc-1_slack12.1.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 (* Security fix *) patches/packages/glib2-2.14.6-powerpc-5_slack12.1.tgz: This library has been patched to fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 (* Security fix *) patches/packages/glibc-zoneinfo-2.7-noarch-11_slack12.1.tgz: Upgraded to tzdata2008h for the latest world timezone changes. patches/packages/gnutls-2.6.2-powerpc-2_slack12.1.tgz Patched the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 (* Security fix *) patches/packages/httpd-2.2.13-powerpc-1_slack12.1.tgz: Upgraded. This is a bugfix release. It also upgrades the internal versions of apr and apr-util to address CVE-2009-2412, but Slackware uses the system versions of these libraries which have already been upgraded (see above). patches/packages/kdenetwork-3.5.9-powerpc-3_slack12.1.tgz: Recompiled to fix an issue with connecting to MSN with kopete since the OpenSSL package was updated. Thanks to Jim Diamond for the bug report and testing a recompiled package. patches/packages/kernel-mmap_min_addr-4096-noarch-1.tgz: This package adds an init script to edit /etc/sysctl.conf, adding this config option: vm.mmap_min_addr = 4096 This will configure the kernel to disallow mmap() to userspace of any page lower than 4096, preventing privilege escalation by CVE-2009-2692. This is a hot fix package and will take effect immediately upon installation on any system running a kernel that supports configurable /proc/sys/vm/mmap_min_addr (kernel 2.6.23 or newer). (* Security fix *) patches/packages/lcms-1.18-powerpc-1_slack12.1.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 (* Security fix *) patches/packages/lesstif-0.95.0-powerpc-2_1.tgz: Rebuilt. I had to rebuild lesstif against a small Arch Linux patch, in order to be able to build the updated version of xpdf. Note the _1 as it's the first Slackintosh rebuild out of the Slackware tree. patches/packages/libpng-1.2.37-powerpc-1_slack12.1.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 (* Security fix *) patches/packages/libxml2-2.6.32-powerpc-1_slack12.1.tgz: Upgraded to libxml2-2.6.32 and patched. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 (* Security fix *) patches/packages/mozilla-firefox-2.0.0.20-powerpc-1.tgz: Upgraded to firefox-2.0.0.20. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html Also, package name changed again as I used a modified version of mozilla-firefox.SlackBuild from Slackware64-13.0: you'll need to run "upgradepkg firefox%mozilla-firefox-2.0.0.20-powerpc-1.tgz" to upgrade this package. (* Security fix *) patches/packages/mozilla-thunderbird-2.0.0.23-powerpc-1.tgz: This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html Also, package name changed again as I used mozilla-thunderbird.SlackBuild from Slackware64-13.0: you'll need to run "upgradepkg thunderbird%mozilla-thunderbird-2.0.0.23-powerpc-1.tgz" to upgrade this package. (* Security fix *) patches/packages/net-snmp-5.4.2.1-powerpc-1_slack12.1.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 (* Security fix *) patches/packages/ntp-4.2.4p7-powerpc-1_slack12.1.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Slackware ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 (* Security fix *) patches/packages/openssl-0.9.8h-powerpc-3_slack12.1.tgz: Patched (see below). patches/packages/openssl-solibs-0.9.8h-powerpc-3_slack12.1.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *) patches/packages/php-5.2.11-powerpc-1_slack12.1.tgz: This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 Also, this build has imap enabled. If there are any problems with it, just drop a line and I will rebuild the package. (* Security fix *) patches/packages/pidgin-2.5.9-powerpc-1_slack12.1.tgz: This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 (* Security fix *) patches/packages/ruby-1.8.6_p369-powerpc-1_slack12.1.tgz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 (* Security fix *) patches/packages/samba-3.0.37-powerpc-1_slack12.1.tgz: This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. (On Slackware, it was not installed setuid) Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 (* Security fix *) patches/packages/seamonkey-1.1.18-powerpc-1_slack12.1.tgz: Upgraded. Upgraded to seamonkey-1.1.18. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) patches/packages/subversion-1.5.7-powerpc-1_slack12.1.tgz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt (* Security fix *) patches/packages/udev-118-powerpc-4_slack12.1.tgz: This package has been patched to fix a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 (* Security fix *) patches/packages/xine-lib-1.1.16.3-powerpc-1_slack12.1.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 (* Security fix *) patches/packages/xpdf-3.02pl3-powerpc-1_slack12.1.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 (* Security fix *) patches/packages/xterm-241-powerpc-1_slack12.1.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 (* Security fix *) If you really managed to read all of this ChangeLog entry down until here I think I should thanks you too for showing such Slackintosh love ;-) -- Marco Bonetti (probably the last time I had to sign the entries) +--------------------------+ Sun Sep 7 06:51:03 UTC 2008 patches/packages/python-2.5.2-powerpc-2_slack12.1.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 (* Security fix *) patches/packages/pan-0.133-powerpc-1_slack12.1.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 (* Security fix *) patches/packages/amarok-1.4.10-powerpc-1_slack12.1.tgz: Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune online music library support which could be used by malicious local users to overwrite system files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 (* Security fix *) patches/packages/php-4.4.9-powerpc-1_slack11.0.tgz: Upgraded to php-4.4.9. This upgrades the bundled PCRE library to fix security issues, as well as fixing a few other security related bugs. See the PHP4 ChangeLog for more details: http://www.php.net/ChangeLog-4.php#4.4.9 Please note: PHP4 has been officially discontinued since last year, and reached the announced EOL on 2008-08-08. Sites should consider migrating to a supported release. (* Security fix *) -- Adrian Ulrich +--------------------------+ Fri Aug 1 09:40:33 UTC 2008 n/openssh-5.1p1-powerpc-1_slack12.1.tgz: Upgraded to 5.1.p1 n/bind-9.4.2_P1-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/dnsmasq-2.45-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/fetchmail-6.3.8-powerpc-3_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/gnutls-2.2.5-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/httpd-2.2.9-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) l/libxslt-1.1.24-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/links-2.1-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/mtr-0.73-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/net-snmp-5.4.1.2-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) n/openssl-0.9.8h-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) a/openssl-solibs-0.9.8h-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) NOTE: DO NOT FORGET TO UPGRADE OPENSSH ! l/pcre-7.7-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) d/ruby-1.8.6_p230-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) ap/vim-7.1.330-powerpc-1_slack12.1.tgz: Upgraded (* SECURITY FIX *) -- Adrian Ulrich +--------------------------+ Sat Jun 28 14:53:27 UTC 2008 d/subversion-1.4.4-powerpc-2.tgz: Recompiled with correct libneon version -- Adrian Ulrich +--------------------------+ Sat Jun 7 06:00:29 UTC 2008 mac/hfsutils-3.2.6-powerpc-6.tgz: Recompiled with gentoos largefiles patch n/dhcpcd-2.0.4-powerpc-2: Added missing dhcpcd package n/sendmail-8.14.2-powerpc-2: Added missing sendmail package n/sendmail-cf-8.14.2-noarch-2: Added missing sendmail-cf package -- Adrian Ulrich +--------------------------+ Sat May 31 06:05:33 UTC 2008 xap/firefox-2.0.0.14-powerpc-1.tgz: Upgraded to firefox 2.0.0.14! extra/emacspeak/emacspeak-27.0-powerpc-1.tgz: Upgraded to emacspeak-27.0. extra/parted/parted-1.8.8-powerpc-1.tgz: Upgraded to parted-1.8.8. n/samba-3.0.30-powerpc-1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 (* Security fix *) a/mkinitrd-1.3.2-powerpc-3.tgz: Initialize RAID earlier so that the combination of RAID+LUKS+LVM works. Thanks to Eric Hameleers. xap/rdesktop-1.6.0-powerpc-1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" This package build also includes the new alsa driver (--with-sound=alsa), though I couldn't get local sound redirection. Perhaps it was just my command line error though, so the driver remains included for testing. For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 (* Security fix *) testing/packages/bash-3.2.029-powerpc-1.tgz: Brought up to patchlevel 029. Last time we tried this as our main shell, it was still causing problems with a lot of the scripts out there, but perhaps it will be tried again in the next development cycle. extra/ktorrent/ktorrent-2.2.6-powerpc-1.tgz: Upgraded to ktorrent-2.2.6. -- Adrian Ulrich +--------------------------+ Thu May 29 20:47:36 CEST 2008 ap/ghostscript-8.62-powerpc-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap to attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts). Thanks to ABE Shin-ichi for providing the cidfmap that the new one is based upon. Any errors in the new cidfmap are most likely my own... e/emacs-22.2-powerpc-1.tgz: Upgraded to GNU emacs-22.2. This is the new single tgz, please remove any emacs-21.1* packages after upgrading to this one. f/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411. kde/amarok-1.4.9.1-powerpc-1.tgz: Upgraded to amarok-1.4.9.1. kde/k3b-1.0.4-powerpc-3.tgz: Recompiled against flac-1.2.1. n/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated by netconfig. Thanks to Eric Hameleers for pointing it out. t/xfig-3.2.4-powerpc-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. Thanks to Dario Nicodemi for the patch. xap/gnuplot-4.2.3-powerpc-1.tgz: Upgraded to gnuplot-4.2.3. Thanks again to Jean-Francois L. Blavier. xap/sane-1.0.19-powerpc-2.tgz: Fixed /var/lock permissions. xap/seamonkey-1.1.9-powerpc-1.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) -- Marco Bonetti +--------------------------+ Sun May 25 07:16:26 UTC 2008 xap/gkrellm-2.3.1-powerpc-2.tgz: Recompiled against gnutls-2.2.2. xap/imagemagick-6.3.7_10-powerpc-1.tgz: Upgraded to ImageMagick-6.3.7-10. Changed build script to install Perl modules under vendor_perl. l/libmcs-0.7.0-powerpc-1.tgz: Added libmcs (Used by Audacious) xap/audacious-1.5.0-powerpc-2.tgz: Don't use opcodes that break older computers. Thanks to Elvio Basello and Udo A. Steinberg for the bug reports. Thanks also to Giacomo Lozito for debugging suggestions. The problem was, of course, on my side of things. :-) xap/audacious-plugins-1.5.0-powerpc-2.tgz: Recompiled. xap/pidgin-2.4.1-powerpc-1.tgz: Upgraded to pidgin-2.4.1. ap/cdrtools-2.01.01a38-powerpc-1.tgz: Upgraded to cdrtools-2.01.01a38. ap/dvd+rw-tools-7.1-powerpc-1.tgz: Upgraded to dvd+rw-tools-7.1. xap/xpdf-3.02pl2-powerpc-3.tgz: Upgraded to -3 n/php-5.2.6-powerpc-1.tgz: Upgraded to PHP 5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php xap/mozilla-thunderbird-2.0.0.14-i686-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) ap/man-1.6f-powerpc-1.tgz: Upgraded to man-1.6f. Thanks to Robby Workman. n/net-tools-1.60-powerpc-2.tgz: Recompiled with latest Debian patch. n/nfs-utils-1.1.2-powerpc-1.tgz: Upgraded to nfs-utils-1.1.2. xap/xscreensaver-5.05-i486-1.tgz: Upgraded to xscreensaver-5.05. n/wireless-tools-29-powerpc-3.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. Thanks to bstrik on LQ. ap/lm_sensors-2.10.6-powerpc-1.tgz: Upgraded to lm_sensors-2.10.6. n/mcabber-0.9.7-powerpc-1.tgz: Upgraded to mcabber-0.9.7. a/cxxlibs-6.0.9-powerpc-1.tar: Upgraded to libstdc++ 6.0.9 a/aaa_elflibs-12.1.1-powerpc-1.tgz: Synced with Slackware 12.1 ap/mysql-5.0.51b-powerpc-1.tgz: Upgraded to mysql-5.0.51b (which appears to be nothing more than a version bump...) extra/slackpkg/slackpkg-2.70.4-noarch-1.tgz: Upgraded to slackpkg 2.70.4 kde/koffice-1.6.3-powerpc-3.tgz: Recompiled. a/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails. -- Adrian Ulrich +--------------------------+ Fri May 23 20:28:03 CEST 2008 a/kernel-generic-2.6.24.5-powerpc-2.tgz: Patched to fix a security issue in fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x systems) could lead to a local DoS, or possibly a local root hole. We said we wouldn't make changes now unless something was "critical" -- and it seems we got what we wished for. ;-) This flaw will also be addressed in the kernels for previous releases as soon as possible. The patch itself may be found in source/k/linux-2.6.24.5-CVE-2008-1375-patch/. For additional information (when the CVE candidate is opened), see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375 All the kernel packages below should also be considered security fixes. (* Security fix *) a/kernel-modules-2.6.24.5-powerpc-2.tgz: Patched and recompiled. d/kernel-headers-2.6.24.5-powerpc-2.tgz: Patched and recompiled. k/kernel-source-2.6.24.5-noarch-2.tgz: Patched and recompiled. Please note that our package contains the patched fs/dsnotify.c :) -- Marco Bonetti +--------------------------+ Thu May 22 23:18:38 CEST 2008 a/cups-1.3.7-powerpc-2.tgz: Updated. a/pkgtools-12.1.0-noarch-7.tgz: Updated. a/mkinitrd-1.3.2-powerpc-2.tgz: Updated. a/cryptsetup-1.0.5-powerpc-4.tgz: Updated. And here we go! -- Marco Bonetti +--------------------------+ Thu May 1 06:35:39 UTC 2008 kde/knemo-0.4.8-powerpc-2.tgz: Recompiled. kde/kdenetwork-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeaccessibility-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeaddons-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeadmin-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeartwork-3.5.9-powerpc-2.tgz: Recompiled. kde/kdebase-3.5.9-powerpc-2.tgz: Recompiled. kde/kdebindings-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeedu-3.5.9-powerpc-2.tgz: Recompiled. kde/kdegames-3.5.9-powerpc-2.tgz: Recompiled. kde/kdegraphics-3.5.9-powerpc-3.tgz: Recompiled. kde/kdelibs-3.5.9-powerpc-4.tgz: Recompiled. kde/kdemultimedia-3.5.9-powerpc-3.tgz: Recompiled. kde/kdepim-3.5.9-powerpc-2.tgz: Recompiled. kde/kdesdk-3.5.9-powerpc-2.tgz: Recompiled. kde/kdetoys-3.5.9-powerpc-2.tgz: Recompiled. kde/kdeutils-3.5.9-powerpc-2.tgz: Recompiled. kde/kdevelop-3.5.1-powerpc-2.tgz: Recompiled. kde/kdewebdev-3.5.9-powerpc-2.tgz: Recompiled. tcl/tclx-8.4-powerpc-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "private", this needs -I flags to compile (for now). tcl/tcl-8.4.18-powerpc-1.tgz: Upgraded to tcl8.4.18. tcl/tk-8.4.18-powerpc-1.tgz: Upgraded to tk8.4.18. xap/xfce-4.4.2-powerpc-4.tgz: Fixed the build script to apply a couple of bugfix patches correctly. Thanks to Carlos Corbacho for the bug report. Fixed xfcalendar.desktop (orage) to only show in the Xfce menus. Thanks to Frank Duignan for prompting me to take a closer look. xap/xine-lib-1.1.11.1-powerpc-3.tgz: Upgraded to 1.1.11.1 (* Security Fix *) xap/gimp-2.4.5-powerpc-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK. pasture/gcc-3.4.6/: Removed, since this has gone unchanged since Slackware 12.0. I'm not sure if the one in 12.0's pasture still works, but if it does, and you need it for something, that's where to find it. -- Adrian Ulrich +--------------------------+ Wed Apr 30 07:43:30 UTC 2008 Some small X.org updates: x/pixman-0.10.0-powerpc-4.tgz: Upgraded to pixman-0.10.0 x/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12. x/libpciaccess-0.10-powerpc-1.tgz: Added libpciaccess-0.10. x/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3. x/xrandr-1.2.3-powerpc-1.tgz: Upgraded to xrandr-1.2.3. x/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4. x/rendercheck-1.3-powerpc-1.tgz: Upgraded to rendercheck-1.3. x/xprop-1.0.4-powerpc-1.tgz: Upgraded to xprop-1.0.4. x/xrdb-1.0.5-powerpc-1.tgz: Upgraded to xrdb-1.0.5. x/xset-1.0.4-powerpc-1.tgz: Upgraded to xset-1.0.4. x/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1. x/xfs-1.0.6-powerpc-1.tgz: Upgraded to xfs-1.0.6. x/xinit-1.0.8-powerpc-1.tgz: Upgraded to xinit-1.0.8. x/xkbcomp-1.0.4-powerpc-1.tgz: Upgraded to xkbcomp-1.0.4. x/xcompmgr-1.1.4-powerpc-1.tgz: Added xcompmgr-1.1.4. x/xauth-1.0.3-powerpc-1.tgz: Upgraded to xauth-1.0.3. x/xdm-1.1.7-powerpc-1.tgz: Upgraded to xdm-1.1.7. x/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6. x/xev-1.0.3-powerpc-1.tgz: Upgraded to xev-1.0.3. x/x11perf-1.5-powerpc-1.tgz: Upgraded to x11perf-1.5. x/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4. x/mkfontscale-1.0.4-powerpc-1.tgz: Upgraded to mkfontscale-1.0.4. x/twm-1.0.4-powerpc-1.tgz: Upgraded to twm-1.0.4. x/font-xfree86-type1-1.0.1-noarch-1.tgz: Upgraded to font-xfree86-type1-1.0.1. x/xf86-input-aiptek-1.1.1-powerpc-1.tgz: Upgraded to xf86-input-aiptek-1.1.1. x/xf86-input-joystick-1.3.2-powerpc-1.tgz: Upgraded to xf86-input-joystick-1.3.2. x/xf86-input-mouse-1.3.0-powerpc-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to fix a copy/paste bug when switching between the virtual consoles and X. Thanks to Daryl Bunce for reporting the problem. x/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0. x/xf86-video-intel-2.2.1-powerpc-1.tar.gz: Upgraded to 2.2.1 x/xf86-video-nv-2.1.8-powerpc-1.tgz: Upgraded to xf86-video-nv-2.1.8. x/xf86-video-apm-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-apm-1.2.0. x/xf86-video-ast-0.85.0-powerpc-1.tgz: Upgraded to xf86-video-ast-0.85.0. x/xf86-video-chips-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-chips-1.2.0. x/xf86-video-cirrus-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-cirrus-1.2.0. x/xf86-video-glint-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-glint-1.2.0. x/xf86-video-i128-1.3.0-powerpc-1.tgz: Upgraded to xf86-video-i128-1.3.0. x/xf86-video-i740-1.2.0-i486-1.tgz: Upgraded to xf86-video-i740-1.2.0. x/xf86-video-s3-0.6.0-powerpc-1.tgz: Upgraded to xf86-video-s3-0.6.0. x/xf86-video-s3virge-1.10.0-powerpc-1.tgz: Upgraded to xf86-video-s3virge-1.10.0. x/xf86-video-sis-0.10.0-powerpc-1.tgz: Upgraded to xf86-video-sis-0.10.0. x/xf86-video-sisusb-0.9.0-powerpc-1.tgz: Upgraded to xf86-video-sisusb-0.9.0. x/xf86-video-rendition-4.2.0-i486-1.tgz: Upgraded to xf86-video-rendition-4.2.0. x/compiz-0.7.4-powerp-1.tgz: Upgraded to compiz-0.7.4. x/luit-1.0.3-powerpc-1.tgz: Upgraded to luit-1.0.3. x/xf86-video-radeonhd-1.2.1-powerpc-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1. x/xf86-video-dummy-0.3.0-powerpc-1.tgz: Upgraded to xf86-video-dummy-0.3.0. x/xf86-video-fbdev-0.4.0-powerpc-1.tgz: Upgraded to xf86-video-fbdev-0.4.0. x/xf86-video-v4l-0.2.0-powerpc-1.tgz: Upgraded to xf86-video-v4l-0.2.0. x/xf86-video-voodoo-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-voodoo-1.2.0. x/xf86-video-tseng-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-tseng-1.2.0. x/xf86-video-savage-2.2.0-powerpc-1.tgz: Upgraded to xf86-video-savage-2.2.0. x/xf86-video-siliconmotion-1.6.0-powerpc-1.tgz: Upgraded to xf86-video-siliconmotion-1.6.0. x/xf86-video-ark-0.7.0-powerpc-1.tgz: Upgraded to xf86-video-ark-0.7.0. x/xf86-video-neomagic-1.2.0-powerpc-1.tgz: Upgraded to xf86-video-neomagic-1.2.0. x/xf86-video-tdfx-1.4.0-powerpc-1.tgz: Upgraded to xf86-video-tdfx-1.4.0. libX11-1.1.4-powerpc-1.tgz: Upgraded to libX11-1.1.4. libXScrnSaver-1.1.3-powerpc-1.tgz: Upgraded to libXScrnSaver-1.1.3. libXfont-1.3.2-powerpc-1.tgz: Upgraded to libXfont-1.3.2. libXinerama-1.0.3-powerpc-1.tgz: Upgraded to libXinerama-1.0.3. libXv-1.0.4-powerpc-1.tgz: Upgraded to libXv-1.0.4. libxkbfile-1.0.5-powerpc-1.tgz: Upgraded to libxkbfile-1.0.5. libXext-1.0.4-powerpc-1.tgz: Upgraded to libXext-1.0.4. m17n-lib-1.5.0-powerpc-2.tgz: Fixed --mandir. Thanks to Kris Karas. xf86-video-ati-6.8.0-powerpc-1.tgz: Upgraded to xf86-video-ati-6.8.0. xf86-video-intel-2.2.1-powerpc-1.tgz: Upgraded to xf86-video-intel-2.2.1. xf86-video-mga-1.4.8-powerpc-1.tgz: Upgraded to xf86-video-mga-1.4.8. xf86-video-trident-1.3.0-powerpc-1.tgz: Upgraded to xf86-video-trident-1.3.0. x/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629. x/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.24. x/scim-1.4.7-powerpc-6.tgz: Fixed locale example typo in profile.d scripts. x/sinhala_lklug-font-ttf-20060929-noarch-1.tgz: Added sinhala_lklug-font-ttf-20060929. x/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901. x/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23. Thanks to Eric Hameleers for noticing the new release (only linked from the Chinese version of the development website :-) l/imlib-1.9.15-powerpc-3.tgz: Patched to fix rendering issues on Intel graphics card (and maybe others) l/libmtp-0.2.6.1-powerpc-1.tgz: Upgraded to libmtp-0.2.6.1. l/libpng-1.2.27-powerpc-1.tgz: Upgraded to 1.2.27 (* Security Fix *) -- Adrian Ulrich +--------------------------+ Tue Apr 29 14:02:13 UTC 2008 a/glibc-solibs-2.7-powerpc-11.tgz: Recompiled with 2.6.24.5 headers a/glibc-zoneinfo-2.7-noarch-11.tgz: Recompiled with 2.6.24.5 headers l/glibc-2.7-powerpc-11.tgz: Recompiled with 2.6.24.5 headers l/glibc-i18n-2.7-noarch-11.tgz: Recompiled with 2.6.24.5 headers l/glibc-profile-2.7-powerpc-11.tgz: Recompiled with 2.6.24.5 headers a/kernel-generic-2.6.24.5-powerpc-1.tgz: Upgraded to 2.6.24.5 a/kernel-modules-2.6.24.5-powerpc-1.tgz: Upgraded to 2.6.24.5 d/kernel-headers-2.6.24.5-powerpc-1.tgz: Upgraded to 2.6.24.5 k/kernel-source-2.6.24.5-noarch-1.tgz: Upgraded to 2.6.24.5 -- Adrian Ulrich +--------------------------+ Sun Apr 20 23:55:39 CEST 2008 a/bzip2-1.0.5-powerpc-1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 (* Security fix *) a/ed-0.9-powerpc-2.tgz: Fixed missing man page. Thanks to Selkfoster. a/smartmontools-5.38-powerpc-1.tgz: Upgraded to smartmontools-5.38. d/cscope-15.6-powerpc-1.tgz: Upgraded to cscope-15.6. d/git-1.5.5-powerpc-1.tgz: Upgraded to git-1.5.5. n/bind-9.4.2-powerpc-2.tgz: Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Thanks to Luis. Upgraded to the latest named.root file. Thanks to giovanni. n/dhcp-3.0.6-powerpc-1.tgz: Upgraded to dhcp-3.0.6. n/gnupg-1.4.9-powerpc-1.tgz: Upgraded to gnupg-1.4.9. n/gnupg2-2.0.9-powerpc-1.tgz: Upgraded to gnupg-2.0.9. n/iproute2-2.6.16_060323-powerpc-2.tgz: Fixed hardcoded "/usr/local/lib/iptables" path in two places within the source. Thanks to Marco Berizzi. n/iptables-1.4.0-powerpc-1.tgz: Upgraded to iptables-1.4.0. Thanks to giovanni for testing this version and suggesting it as a safe upgrade. On x86, explicitly set i486 compile flags (though this is the compiler's default anyway). Thanks to kanedaaa. n/lftp-3.7.0-powerpc-1.tgz: Upgraded to lftp-3.7.0. n/libgcrypt-1.4.0-powerpc-2.tgz: Recompiled to include the static library. n/libgpg-error-1.6-powerpc-3.tgz: Recompiled to include the static library. n/links-2.1pre33-powerpc-1.tgz: Upgraded to links-2.1pre33. n/mailx-12.3-powerpc-1.tgz: Upgraded to mailx-12.3. Thanks again to Jean-Francois L. Blavier. n/ncftp-3.2.1-powerpc-1.tgz: Upgraded to ncftp-3.2.1. n/nmap-4.60-powerpc-3.tgz: Fixed the build script (third time's the charm?) to use DESTDIR and remove the one item (useless, IMHO, within a package system) that still can't get DESTDIR right: uninstall_zenmap. Thanks to Conraid and Mauro Ghisoni for walking me through this one. :-) n/openssh-5.0p1-powerpc-1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 (* Security fix *) n/rsync-3.0.2-powerpc-1.tgz: Upgraded to rsync-3.0.2. From the NEWS file: "BUG FIXES: - Fixed a potential buffer overflow in the xattr code." This is the security advisory, as the issue was present in -current only. (* Security fix *) n/sendmail-8.14.2-powerpc-2.tgz: Recompiled. Fixed issues in the install script with properly adding the smmsp user/group. Thanks to Valentin Stoykov. When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Thanks to Strykar. Fixed typos at the top of example .mc files. Thanks to Bart Dumon. Clamp down on security in the defaults some more by requiring authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations. Thanks to Leonardo Roman. n/sendmail-cf-8.14.2-noarch-2.tgz n/tcpdump-3.9.8-powerpc-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8.: n/wget-1.11.1-powerpc-1.tgz: Upgraded to wget-1.11.1. n/whois-4.7.26-powerpc-1.tgz: Upgraded to whois-4.7.26. n/wireless-tools-29-powerpc-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. Thanks to Ken L. and Masanori Kobayasi for reporting the issue. n/wpa_supplicant-0.5.10-powerpc-1.tgz: Upgraded to wpa_supplicant-0.5.10. -- Marco Bonetti +--------------------------+ Sat Apr 12 12:01:31 CEST 2008 l/dbus-python-0.82.4-powerpc-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. Thanks to Robby Workman. l/fribidi-0.10.9-powerpc-1.tgz: Upgraded to fribidi-0.10.9. l/glib2-2.14.6-powerpc-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to /etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run first, setting the $LANG variable which these scripts require. Thanks to Carl Bartels. l/libaio-0.3.106-powerpc-1.tgz: Added libaio-0.3.106 (asynchronous I/O library). -- Marco Bonetti +--------------------------+ Sat Apr 12 11:14:43 CEST 2008 d/cmake-2.4.8-powerpc-1.tgz: Upgraded to cmake-2.4.8. d/guile-1.8.4-powerpc-1.tgz: Upgraded to guile-1.8.4. Thanks to Jean-Francois L. Blavier for the upgrade suggestion. d/m4-1.4.11-powerpc-1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 (* Security fix *) d/mercurial-1.0-powerpc-1.tgz: Upgraded to mercurial-1.0. d/pkg-config-0.23-powerpc-2.tgz: Prevent unwanted output during package install. d/ruby-1.8.6_p114-powerpc-1.tgz: Upgraded to ruby-1.8.6-p114. -- Marco Bonetti +--------------------------+ Tue Apr 8 23:49:43 CEST 2008 a/glibc-solibs-2.7-powerpc-9.tgz: Recompiled. a/glibc-zoneinfo-2.7-noarch-9.tgz: Rebuilt. l/glibc-2.7-powerpc-9.tgz: Recompiled to fix a bad sln symlink (noticed by many, thanks). l/glibc-i18n-2.7-noarch-9.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-9.tgz: Recompiled. -- Marco Bonetti +--------------------------+ Sat Apr 5 13:07:42 CEST 2008 ap/alsa-utils-1.0.15-powerpc-3.tgz: Don't load the mixer settings until after the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using sed and tr instead. Thanks to Tomas Matejicek for the patch. ap/dmapi-2.2.8_1-powerpc-1.tgz: Upgraded to dmapi-2.2.8_1. ap/hplip-2.8.4-powerpc-1.tgz: Upgraded to hplip-2.8.4. ap/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the POSIX pthread_* man pages this time. Thanks to Rastislav Stanik. ap/mysql-5.0.51a-powerpc-2.tgz: Modified /etc/rc.d/rc.mysqld's database installation instructions to take into consideration that the mysql user no longer has a login shell. In addition, the admin is told to consider locking the database server down even further (if possible) by using the mysql_secure_installation utility. Thanks again to Noel. ap/vim-7.1.285-powerpc-1.tgz: Upgraded to vim-7.1.285. ap/xfsdump-2.2.48_1-powerpc-1.tgz: Upgraded to xfsdump-2.2.48_1. ap/zsh-4.3.6-powerpc-1.tgz: Upgraded to zsh-4.3.6. Thanks to Haakon Riiser for alerting me to the new release. xap/vim-gvim-7.1.285-powerpc-1.tgz: Upgraded to vim-7.1.285. This is the GTK+ version of vim (gvim). The normal vim package is also required. -- Marco Bonetti +--------------------------+ Thu Apr 3 23:24:54 CEST 2008 a/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this seems to be a de-facto standard directory and (for example) XFce will give an error if it is missing and one tries to change the desktop image. Thanks to Chess Griffin for reporting this. Bumped version number of package, and of /etc/slackware-version. a/acl-2.2.47_1-powerpc-1.tgz: Upgraded to acl-2.2.47_1. a/attr-2.4.41_1-powerpc-1.tgz: Upgraded to attr-2.4.41_1. a/cups-1.3.7-powerpc-1.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 (* Security fix *) a/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell". Thanks to Noel for the suggestion. a/kernel-generic-2.6.24.4-powerpc-2.tgz: Updated. a/kernel-modules-2.6.24.4-powerpc-2.tgz: Updated. Added CONFIG_SCSI_MULTI_LUN=y. a/mdadm-2.6.4-powerpc-1.tgz: Upgraded to mdadm-2.6.4. a/pciutils-2.2.10-powerpc-1.tgz: Upgraded to pciutils-2.2.10. a/sysvinit-2.86-powerpc-6.tgz: Fixed the /sbin/initscript path to match the man pages. Thanks to Michiel Broek for the patch. a/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make rescan-scsi-bus unneccessary). Thanks to Kem Prims for the bug report. Keep /usr/share/mime's mime.cache file updated. a/util-linux-2.12r-powerpc-6.tgz: Removed. See below. a/util-linux-ng-2.13.1-powerpc-1.tgz: Added util-linux-ng-2.13.1, which replaces the old util-linux package. To install, either use upgradepkg with the "%" option, or do this: installpkg util-linux-ng-2.13.1-i486-1.tgz ; removepkg util-linux ; installpkg util-linux-ng-2.13.1-i486-1.tgz Thanks to Robby Workman for a lot of help with this package update. a/xfsprogs-2.9.7_1-powerpc-1.tgz: Upgraded to xfsprogs-2.9.7_1. d/gdb-6.8-powerpc-1.tgz: Upgraded to gdb-6.8. l/hal-0.5.10-powerpc-2.tgz: Recompiled with --enable-umount-helper, which allows non-root users to umount hotplugged devices from the command line. Thanks to Robby Workman for the suggestion. l/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317. l/libglade-2.6.2-powerpc-2.tgz: Rebuilt with --libdir=/usr/lib. Without this, libglade-2.0.la incorrectly inserts '/usr/local/lib' in the .la file. Thanks to Steve Kennedy for the bug report. l/libgsf-1.14.8-powerpc-1.tgz: Upgraded to libgsf-1.14.8. -- Marco Bonetti +--------------------------+ Wed Apr 2 23:54:06 CEST 2008 a/glibc-solibs-2.7-powerpc-9.tgz: Recompiled against 2.6.24.4 headers. a/glibc-zoneinfo-2.7-noarch-9.tgz: Upgraded to tzdata2008b. l/glibc-2.7-powerpc-9.tgz: Recompiled against 2.6.24.4 headers. Upgraded to tzdata2008b. l/glibc-i18n-2.7-noarch-9.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-9.tgz: Recompiled against 2.6.24.4 headers. -- Marco Bonetti +--------------------------+ Tue Apr 1 22:24:05 CEST 2008 a/kernel-generic-2.6.24.4-powerpc-1.tgz: Upgraded to Linux 2.6.24.4 kernel. a/kernel-modules-2.6.24.4-powerpc-1.tgz Upgraded to Linux 2.6.24.4 kernel modules. d/kernel-headers-2.6.24.4-powerpc-1.tgz: Upgraded to Linux 2.6.24.4 kernel headers. k/kernel-source-2.6.24.4-noarch-1.tgz: Upgraded to Linux 2.6.24.4 kernel source. Added CONFIG_FB_RIVA=y and CONFIG_FB_RIVA_BACKLIGHT=y, if you're running a nvidia video card and getting wrong sized characters at the console framebuffer, try to append "video=rivafb" to your running kernel arguments. Remember that our default yaboot configuration ships with an OpenFirmwareFB only solution (linux-failsafe) which should *ALWAYS* work, however, this kind of framebuffer doesn't support nice things like backlight. As a side note: I think you've probably noticed that Slackintosh development was slowing down, while upstream Slackware is evolving very fast. That's because we're going to trash our old PowerPC machines for newer, shinier Intel Mac. This development tree will be soon abandoned in favour of a brand new unofficial Slackware port: Slackintosh/x86! -- Marco Bonetti +--------------------------+ Sat Mar 29 00:58:41 CET 2008 a/etc-12.1-noarch-2.tgz: Add root to the groups audio, cdrom, video, plugdev, and floppy. Root already has access to most of these devices, but it doesn't hurt to provide an example for people who edit /etc/groups manually. a/shadow-4.0.3-powerpc-15.tgz: Took plugdev out of CONSOLE_GROUPS in /etc/login.defs, since DBUS doesn't know about group memberships added that way. Users not actually listed in /etc/groups as part of groups such as plugdev wouldn't be able to use those devices even at the console when logging in through a graphical login manager such as XDM, KDM, or GDM. Stuart Winter enhanced the command-line adduser tool. Quote from the adduser program history: "* To facilitate use of the automatic mounting features of HAL, allow the admin to easily add users to the default groups: audio,cdrom,video,plugdev,floppy The default is not to add new users to these groups. And by the way, this script is "adduser from Slackware" not "superadduser from Gentoo" ;-)" If you trust your users, this is the correct way to give them access to these devices. adduser will automatically edit /etc/groups for you. If you do not trust your users and you give them access to these groups, they may create mischief from afar with this access, so be aware of the security implications. a/udev-118-powerpc-3.tgz: Fixed two broken symbolic links in /sbin. Thanks to Piter Punk for fixing the script, and to Fred Emmott for noticing the problem and letting us know. ap/ntfsprogs-2.0.0-powerpc-2.tgz: Added back ntfsprogs-2.0.0, using (for now) --disable-ntfsmount. It is still needed to manage NTFS partitions even if we use the kernel driver or NTFS-3G to mount them. Thanks to Matteo Nunziati for the information. n/epic4-2.8-powerpc-1.tgz: Upgraded to epic4-2.8. n/irssi-0.8.12-powerpc-1.tgz: Upgraded to irssi-0.8.12. n/nmap-4.60-powerpc-1.tgz: Upgraded to nmap-4.60. Zenmap still isn't working because we don't include sqlite, but a zenmap .desktop file was added anyway, and some paths in a script were fixed. Thanks to Mauro Ghisoni for pointing out the bad paths in Paths.py. -- Marco Bonetti +--------------------------+ Tue Mar 25 21:35:35 CET 2008 n/bluez-hcidump-1.41-powerpc-1.tgz: Upgraded to bluez-hcidump-1.41. n/bluez-libs-3.26-powerpc-1.tgz: Upgraded to bluez-libs-3.26. n/bluez-utils-3.26-powerpc-1.tgz: Upgraded to bluez-utils-3.26. n/dnsmasq-2.41-powerpc-1.tgz: Upgraded to dnsmasq-2.41. n/gnupg2-2.0.8-powerpc-1.tgz: Upgraded to gnupg2-2.0.8. n/gnutls-2.2.2-powerpc-1.tgz: Upgraded to gnutls-2.2.2. n/gpgme-1.1.6-powerpc-1.tgz: Upgraded to gpgme-1.1.6. n/iptraf-3.0.0-powerpc-2.tgz: Absorbed the latest Debian patch. (thanks! :-) Also thanks to Marin Glibic for pointing it out, since it adds support for the legacy Ralink 2500 driver. n/libassuan-1.0.4-powerpc-1.tgz: Upgraded to libassuan-1.0.4. n/libgcrypt-1.4.0-powerpc-1.tgz: Upgraded to libgcrypt-1.4.0. n/libgpg-error-1.6-powerpc-2.tgz: Recompiled. n/libksba-1.0.3-powerpc-1.tgz: Upgraded to /libksba-1.0.3. n/mcabber-0.9.6-powerpc-1.tgz: Upgraded to mcabber-0.9.6. n/net-snmp-5.4-powerpc-6.tgz: Recompiled to use vendor_perl. n/obexftp-0.21-powerpc-2.tgz: Recompiled to use vendor_perl. n/pinentry-0.7.5-powerpc-1.tgz: Upgraded to pinentry-0.7.5. n/rsync-3.0.0-powerpc-1.tgz: Upgraded to rsync-3.0.0. n/samba-3.0.28a-powerpc-1.tgz: Upgraded to samba-3.0.28a. n/wget-1.11-powerpc-1.tgz: Upgraded to wget-1.11. n/wireless-tools-29-powerpc-1.tgz: Upgraded to wireless-tools-29. n/wpa_supplicant-0.5.9-powerpc-1.tgz: Upgraded to wpa_supplicant-0.5.9. Thanks to Eric Hameleers. I haven't added the new firmware packages as I don't think anyone will ever be able to or want to use them on a powerpc machine. However if they'll become of any use drop us a line and I'll upload them (or grab them straight from upstream: they're just a repack of the original compressed archive in which they're distributed). -- Marco Bonetti +--------------------------+ Mon Mar 24 21:34:32 CET 2008 a/pkgtools-12.1.0-noarch-6.tgz: Fixed bogus bad gzipped file warnings. ap/ghostscript-8.62-powerpc-3.tgz: Fixed default cidfmap installation. -- Marco Bonetti +--------------------------+ Sun Mar 23 03:13:17 CET 2008 ap/alsa-utils-1.0.15-powerpc-2.tgz: Set reasonable volume defaults if there are none in /etc/asound.state. Thanks to Eric Hameleers. ap/cdrtools-2.01.01a37-powerpc-1.tgz: Upgraded to cdrtools-2.01.01a37. ap/flac-1.2.1-powerpc-1.tgz: Upgraded to flac-1.2.1. ap/ghostscript-8.62-powerpc-2.tgz: Upgraded to ghostscript-8.62. This new release of GPL Ghostscript fixes a buffer overflow. Thanks very much to ABE Shin-ichi for configuring and testing much improved support for CJK output! :-) For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 Thanks to Chris Evans and Will Drewry of Google Security for their work on discovering and demonstrating the overflow. Also, fixed the gs_res.ps file for CJK. (I'd forgotten to apply a patch...) Thanks again to ABE Shin-ichi! (* Security fix *) ap/gutenprint-5.0.2-powerpc-1.tgz: Upgraded to gutenprint-5.0.2. ap/hplip-2.8.2-powerpc-2.tgz: Upgraded to hplip-2.8.2. Fixed udev rules. Thanks to Michael Wagner. ap/linuxdoc-tools-0.9.21-powerpc-5.tgz: Upgraded to asciidoc-8.2.5, docbook-utils-0.6.14-13.fc9, docbook-xsl-1.73.2, docbook-xsl-doc-1.73.2, gtk-doc-1.9, libsgmls-perl_1.03ii-32.diff, linuxdoc-tools_0.9.21-0.11, sgml-common-0.6.3-23.fc9, and xmlto-0.0.20. Thanks to Richard Hoyle for pointing out some missing asciidoc files under /etc/asciidoc. ap/lm_sensors-2.10.5-powerpc-2.tgz: Upgraded to lm_sensors-2.10.5. Fixed incorrect install path. ap/vorbis-tools-1.2.0-powerpc-1.tgz: Upgraded to vorbis-tools-1.2.0. -- Marco Bonetti +--------------------------+ Sat Mar 22 12:27:22 CET 2008 a/e2fsprogs-1.40.8-powerpc-1.tgz: Upgraded to e2fsprogs-1.40.8. a/ed-0.9-powerpc-1.tgz: Upgraded to ed-0.9. World's greatest line editor. a/gpm-1.20.1-powerpc-5.tgz: Default item to imps2. If you use a Synaptics pad with the third party driver, you may have to change this setting. Also, this package has been patched to compile on Amd64 and PowerPC boxes, as we do not have any more OPEN_MAX in linux/limits.h, so we use _SC_OPEN_MAX instead. See Debian bug report #455427 also: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=455427 a/hdparm-8.6-powerpc-1.tgz: Upgraded to hdparm-8.6. a/inotify-tools-3.13-powerpc-1.tgz: Upgraded to inotify-tools-3.13. a/mkinitrd-1.3.1-powerpc-4.tgz: Uhmm... several patches :-P See upstream ChangeLog.txt for more informations. a/ntfs-3g-1.2310-powerpc-1.tgz: New package. a/pcmciautils-014-powerpc-4.tgz: Improved the default configuration to work with more hardware. Thanks to Piter Punk. a/pkgtools-12.1.0-noarch-5.tgz: Default making a USB boot stick to off. a/sysvinit-scripts-1.2-noarch-18.tgz: Removed /etc/rc.d/rc.scanluns. a/udev-118-powerpc-2.tgz: Blacklist old bcm43xx driver (b43 and b43legacy are the recommended drivers now). a/usbutils-0.73-powerpc-2.tgz: Don't compress usb.ids (this breaks HAL). Thanks to Robby Workman for the report. -- Marco Bonetti +--------------------------+ Fri Mar 21 21:25:29 CET 2008 d/git-1.5.4.3-powerpc-2.tgz: Rebuilt against repackaged perl-5.8.8. l/pilot-link-0.12.3-powerpc-3.tgz: Rebuilt against repackaged perl-5.8.8. The broken perl package caused those programs to install cruft inside /. Should be fixed now :) -- Marco Bonetti +--------------------------+ Fri Mar 21 19:32:09 CET 2008 d/perl-5.8.8-powerpc-7.tgz: Repackaged. Fix a small doinst.sh architecture glitch. -- Marco Bonetti +--------------------------+ Fri Mar 21 10:41:04 UTC 2008 d/perl-5.8.8-powerpc-6.tgz: Use vendor_perl for Slackware-added Perl modules, not site_perl. Really, I think perl's handling of this (and other issues like the registry-like handling of perllocal.pod) is flawed, but this is better than nothing. IMHO, something like /usr/local/lib/perl5/site_perl/ would fit much better with the FHS's recommendations. Try not to clobber an existing perllocal.pod (hard to do after the fact, so make backups if you care...) d/m4-1.4.10-i486-1.tgz: Upgraded to m4-1.4.10. Thanks to Kyle Guinn for d/pkg-config-0.23-powerpc-1.tgz: Upgraded to pkg-config-0.23. d/doxygen-1.5.5-powerpc-1.tgz: Upgraded to doxygen-1.5.5. d/git-1.5.4.3-powerpc-1.tgz: Upgraded to git-1.5.4.3. Switched to vendor_perl l/dbus-1.1.20-powerpc-1.tgz: Upgraded to dbus-1.1.20. Thanks to Robby Workman l/dbus-glib-0.74-powerpc-2.tgz: Rebuilt. l/dbus-qt3-0.70-powerpc-2.tgz: Rebuilt. l/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0. l/startup-notification-0.9-powerpc-1.tgz: Upgraded to startup-notification-0.9. l/pygtk-2.12.1-powerpc-2.tgz: Robby said it would help to recompile this. l/atk-1.22.0-powerpc-1.tgz: Upgraded to atk-1.22.0. l/libglade-2.6.2-powerpc-1.tgz: Upgraded to libglade-2.6.2. l/libgtkhtml-2.11.1-powerpc-1.tgz: Upgraded to libgtkhtml-2.11.1. l/vte-0.16.12-powerpc-1.tgz: Upgraded to vte-0.16.12. l/arts-1.5.9-powerpc-2.tgz: Recompiled. l/gtk+2-2.12.9-powerpc-1.tgz: Upgraded to gtk+-2.12.9. l/hal-info-20080313-noarch-1.tgz: Upgraded to l/hal-info-20080313. l/lcms-1.17-powerpc-1.tgz: Upgraded to lcms-1.17. l/libart_lgpl-2.3.20-powerpc-1.tgz: Upgraded to libart_lgpl-2.3.20. l/pango-1.20.0-powerpc-1.tgz: Upgraded to pango-1.20.0. l/wavpack-4.41.0-powerpc-1.tgz: Added wavpack-4.41.0. l/fuse-2.7.3-powerpc-1.tgz: Added FUSE, a userspace filesystem interface. l/pilot-link-0.12.3-powerpc-2.tgz: Fixed missing perl modules and man pages. l/pango-1.19.4-powerpc-1.tgz: Upgraded to pango-1.19.4. l/pilot-link-0.12.3-powerpc-1.tgz: Upgraded to pilot-link-0.12.3. l/qca-1.0-powerpc-4.tgz: Recompiled. l/qca-tls-1.0-powerpc-6.tgz: Recompiled. l/qt-3.3.8b-powerpc-2.tgz: Recompiled against gcc-4.2.3. l/mcs-0.4.1-powerpc-2.tgz: Removed. l/gmime-2.2.17-powerpc-1.tgz: Upgraded to gmime-2.2.17. l/mpfr-2.3.1-powerpc-1.tgz: Upgraded to mpfr-2.3.1. l/libpng-1.2.25-powerpc-1.tgz: Upgraded to libpng-1.2.25. l/libmng-1.0.10-powerpc-1.tgz: Upgraded to libmng-1.0.10. l/gmp-4.2.2-powerpc-1.tgz: Upgraded to gmp-4.2.2. d/python-2.5.2-powerp-1.tgz: Upgraded to Python-2.5.2. l/sdl-1.2.13-powerpc-2.tgz: SDL_mixer looks for timidity files in /usr/lib/timidity rather than /usr/local/lib/timidity. Thanks to Dan Church for the bug report. l/libidl-0.8.10-powerpc-1.tgz: Upgraded to libIDL-0.8.10. l/fribidi-0.10.9-powerpc-1.tgz: Upgraded to fribidi-0.10.9. l/libidn-1.5-powerpc-1.tgz: Upgraded to libidn-1.5. l/libieee1284-0.2.11-powerpc-1.tgz: Upgraded to libieee1284-0.2.11. l/libxml2-2.6.31-powerpc-2.tgz: Moved the man pages to the right location. Thanks to Tomas Szepe. l/libtheora-1.0beta2-powerpc-1.tgz: Upgraded to libtheora-1.0beta2. l/hicolor-icon-theme-0.10-noarch-1.tgz: Since XFce adds a few hicolor icons of its own, make sure the hicolor icon-cache is updated at the end of the installation. Thanks to Michael Wagner for the bug report. l/libcddb-1.3.0-powerpc-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins) l/libcdio-0.79-powerpc-1.tgz: Added libcdio-0.79. (needed by audacious-plugins) l/slang-2.1.3-i486-1.tgz: Upgraded to slang-2.1.3. l/librsvg-2.22.1-i486-1.tgz: Upgraded to librsvg-2.22.1. l/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme. l/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added Tango theme extra icons. l/libwpd-0.8.14-powerpc-1.tgz: Upgraded to libwpd-0.8.14. l/glib2-2.14.6-powerpc-3.tgz: Set G_BROKEN_FILENAMES=1, and if the locale is UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the G_BROKEN_FILENAMES setting). This should get us a little closer with UTF. Thanks to Dave Minton for pointing out the issue to Robby Workman, who (in turn), sent it in to me l/pcre-7.6-powerpc-1.tgz: Upgraded to pcre-7.6. l/readline-5.2-powerpc-3.tgz: Applied all official patches. l/glibc-2.7-powerpc-8: Fixed ld.so.1 -> ld-2.7.so symlink a/glibc-solibs-2.7-powerpc-8: Fixed ld.so.1 -> ld.2.7.so symlink -- Adrian Ulrich +--------------------------+ Wed Mar 19 21:04:19 CET 2008 a/kernel-generic-2.6.24.3-powerpc-2.tgz: Updated. Forgot the CONFIG_PMAC_BACKLIGHT_LEGACY=y option, now pbbuttonsd should correctly work again. Sorry :-P -- Marco Bonetti +--------------------------+ Tue Mar 18 22:15:07 CET 2008 a/gettext-0.17-powerpc-2.tgz: Upgraded to gettext-0.17. d/gettext-tools-0.17-powerpc-2.tgz: Upgraded to tools for gettext-0.17. mac/b43-fwcutter-011-powerpc-1.tgz: New package. mac/bcm43xx-fwcutter-006-powerpc-1.tgz: Moved to /pasture pasture/bcm43xx-fwcutter-006-powerpc-1.tgz: Newer 2.6.24.x kernels ship with b43 and b43legacy wireless drivers for use with the new mac80211 stack and the old bcm43xx driver if it's still needed. Users are encouraged to use either b43 or b43legacy for their cards and b43-fwcutter is needed to extract firmwares in such cases, if you still have to go along with bcm43xx, you'll have to stick with bcm43xx-fwcutter for a little longer. Read official documentation at: http://www.linuxwireless.org/en/users/Drivers/bcm43xx -- Marco Bonetti +--------------------------+ Mon Mar 17 20:35:54 CET 2008 a/glibc-solibs-2.7-powerpc-7.tgz: Recompiled against Linux 2.6.24.3 headers. a/glibc-zoneinfo-2.7-noarch-7.tgz: Upgraded to tzdata2008a. l/glibc-2.7-powerpc-7.tgz: Recompiled against Linux 2.6.24.3 headers. l/glibc-i18n-2.7-noarch-7.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-7.tgz: Recompiled against Linux 2.6.24.3 headers. -- Marco Bonetti +--------------------------+ Sat Mar 15 11:51:01 CET 2008 a/kernel-generic-2.6.24.3-powerpc-1.tgz: Upgraded to Linux 2.6.24.3. a/kernel-modules-2.6.24.3-powerpc-1.tgz: Upgraded to Linux 2.6.24.3. d/kernel-headers-2.6.24.3-powerpc-1.tgz: Upgraded to Linux 2.6.24.3. k/kernel-source-2.6.24.3-noarch-1.tgz: Upgraded to Linux 2.6.24.3. -- Marco Bonetti +--------------------------+ Thu Mar 6 21:24:08 CET 2008 a/kernel-generic-2.6.23.16-powerpc-2.tgz: Rebuilt against newer gcc. a/kernel-modules-2.6.23.16-powerpc-2.tgz: Rebuilt against newer gcc. d/binutils-2.17.50.0.17-powerpc-2.tgz: Rebuilt against newer gcc. d/gcc-4.2.3-powerpc-1.tgzi: Upgraded to gcc-4.2.3. d/gcc-g++-4.2.3-powerpc-1.tgz: Upgraded to gcc-4.2.3. d/gcc-gfortran-4.2.3-powerpc-1.tgz: Upgraded to gcc-4.2.3. d/gcc-java-4.2.3-powerpc-1.tgz: Upgraded to gcc-4.2.3. d/gcc-objc-4.2.3-powerpc-1.tgz: Upgraded to gcc-4.2.3. d/oprofile-0.9.2-powerpc-6.tgz: Rebuilt against newer gcc. d/kernel-headers-2.6.23.16-powerpc-2.tgz: Rebuilt against newer gcc. k/kernel-source-2.6.23.16-noarch-2.tgz: Rebuilt against newer gcc. extra/mol/kernel-generic-2.6.21.7-powerpc-3.tgz: Rebuilt against newer gcc. extra/mol/kernel-headers-2.6.21.7-powerpc-3.tgz: Rebuilt against newer gcc. extra/mol/kernel-modules-2.6.21.7-powerpc-3.tgz: Rebuilt against newer gcc. extra/mol/kernel-source-2.6.21.7-powerpc-3.tgz: Rebuilt against newer gcc. extra/mol/mol-0.9.72.1_2.6.21.7-powerpc-3.tgz: Rebuilt against newer gcc. -- Marco Bonetti +--------------------------+ Sat Feb 23 20:42:05 UTC 2008 a/mkinitrd-1.3.1-powerpc-1.tgz: Upgraded to 1.3.1 kdei/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4. kdei/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9. l/arts-1.5.9-i486-1.tgz: Upgraded to arts-1.5.9. kde/k3b-1.0.4-powerpc-1.tgz: Upgraded to k3b-1.0.4. kde/kdewebdev-3.5.9-powerpc-1.tgz: Upgraded to kdewebdev-3.5.9. kde/kdepim-3.5.9-powerpc-1.tgz: Upgraded to kdepim-3.5.9. kde/kdevelop-3.5.1-powerpc-1.tgz: Upgraded to kdevelop-3.5.1. kde/kdeaccessibility-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdeadmin-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdebindings-3.5.9-powerpc-1.tgz: Upgraded to kdebindings-3.5.9. kde/kdeartwork-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdebase-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdeedu-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdegames-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdegraphics-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdelibs-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdemultimedia-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdenetwork-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdesdk-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdetoys-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdeutils-3.5.9-powerpc-1.tgz: Upgraded to 3.5.9 kde/kdeaddons-3.5.9-powerpc-1.tgz: Upgraded to kdeaddons-3.5.9. -- Adrian Ulrich +--------------------------+ Sat Feb 23 10:50:07 UTC 2008 a/cups-1.3.6-powerpc-1.tgz: Upgraded to cups-1.3.6. ap/foomatic-filters-3.0_20080211-powerpc-1.tgz: Upgraded to foomatic-filters-3.0_20080211. d/git-1.5.4.2-powerpc-1.tgz: Upgraded to git-1.5.4.2. d/perl-5.8.8-powerpc-5.tgz: Added XML::Simple perl module for icon-naming-utils. l/gtk+2-2.12.8-powerpc-1.tgz: Upgraded to gtk+-2.12.8. l/qca-tls-1.0-powerpc-5.tgz: Rebuilt for Qt 3.3.8b. l/qt-3.3.8b-powerpc-1.tgz: Upgraded to qt-x11-free-3.3.8b. l/desktop-file-utils-0.14-powerpc-1.tgz: Upgraded to desktop-file-utils-0.14. l/gnome-icon-theme-2.20.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.20.0. l/hicolor-icon-theme-0.10-noarch-1.tgz: Upgraded to hicolor-icon-theme-0.10. l/icon-naming-utils-0.8.6-powerpc-1.tgz: Added utilities for naming icons. l/librsvg-2.20.0-powerpc-1.tgz: Upgraded to librsvg-2.20.0. l/ncurses-5.6-powerpc-3.tgz: Applied all official patches. l/shared-mime-info-0.23-powerpc-1.tgz: Upgraded to shared-mime-info-0.23. l/taglib-1.5-powerpc-1.tgz: Upgraded to taglib-1.5. l/poppler-0.6.4-powerpc-1.tgz: Upgraded to poppler-0.6.4. Activated --enable-xpdf-headers option (thanks to Jonathan Woithe). l/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0. -- Adrian Ulrich +--------------------------+ Fri Feb 22 18:17:25 UTC 2008 l/cairo-1.4.14-powerpc-1.tgz: Upgraded to cairo-1.4.14. x/libhangul-0.0.7-powerpc-1.tgz: Added libhangul-0.0.7. l/libmusicbrainz-2.1.4-powerpc-2.tgz: Removed. l/libtunepimp-0.4.2-powerpc-3.tgz: Removed. x/xterm-232-powerpc-1.tgz: Upgraded to xterm-232 x/m17n-lib-1.5.0-powerpc-1.tgz: Added m17n-lib-1.5.0. x/anthy-9100e-powerpc-1.tgz: Added anthy-9100e. x/scim-bridge-0.4.14-powerpc-2.tgz: Added scim-bridge x/scim-anthy-1.2.4-powerpc-1.tgz: Added scim-anthy-1.2.4. x/scim-hangul-0.3.2-powerpc-1.tgz: Added scim-hangul-0.3.2. x/scim-m17n-0.2.2-powerpc-1.tgz: Added scim-m17n-0.2.2. x/scim-pinyin-0.5.91-powerpc-1.tgz: Added scim-pinyin-0.5.91. x/scim-tables-0.5.7-powerpc-1.tgz: Added scim-tables-0.5.7. x/scim-1.4.7-powerpc-2.tgz: Don't try to use SCIM as the input method if the package has been removed, or use scim-bridge if that package is not installed. Remove the LANG variables and give a pointer to the lang.* scripts. Install script bugfix. l/libmad-0.15.1b-powerpc-3.tgz: A certain popular project has begun to require "mad.pc", a pkgconfig file which has never been provided with libmad. As much as I'd prefer not to be a lemming, sometimes doing what's right is not the same as doing what has to be done. Probably the project's developers didn't even know mad.pc wasn't a vanilla file. This is a good example of why every distro should not fork every package, especially as libmad's library/headers couldn't be in more obvious locations. Perhaps this package doesn't see much upstream attention any more (I don't know), but does it really _need_ a .pc file? -- Adrian Ulrich +--------------------------+ Wed Feb 20 22:05:18 CET 2008 ap/mysql-5.0.51a-powerpc-1.tgz: Upgraded to mysql-5.0.51a. We're catching up, however firefox is slowing us down a little :( -- Marco Bonetti +--------------------------+ Fri Feb 15 23:34:36 CET 2008 n/httpd-2.2.8-powerpc-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 (* Security fix *) xap/seamonkey-1.1.8-powerpc-1.tgz: Upgraded to seamonkey-1.1.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) -- Marco Bonetti +--------------------------+ Thu Feb 14 21:19:57 CET 2008 a/kernel-generic-2.6.23.16-powerpc-1.tgz: Fix February 2008 local root exploit. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600 (* Security fix *) a/kernel-modules-2.6.23.16-powerpc-1.tgz: Fix February 2008 local root exploit. (* Security fix *) d/kernel-headers-2.6.23.16-powerpc-1.tgz: Fix February 2008 local root exploit. (* Security fix *) k/kernel-source-2.6.23.16-noarch-1.tgz: Fix February 2008 local root exploit. (* Security fix *) extra/mol/kernel-generic-2.6.21.7-powerpc-2.tgz: Fix February 2008 local root exploit. (* Security fix *) -- Marco Bonetti +--------------------------+ Sun Feb 10 11:16:27 UTC 2008 a/glibc-solibs-2.7-powerpc-6.tgz: Recompiled against 2.6.23.15. Bumped everything to -6 since glibc-zoneinfo has been at -5 already. a/glibc-zoneinfo-2.7-noarch-6.tgz: Rebuilt. l/glibc-2.7-powerpc-6.tgz: Recompiled against 2.6.23.15. l/glibc-i18n-2.7-noarch-6.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-6.tgz: Recompiled against 2.6.23.15. a/device-mapper-1.02.24-powerpc-1.tgz: Upgraded to device-mapper.1.02.24. Thanks to Piter Punk for the help. a/lvm2-2.02.33-powerpc-1.tgz: Upgraded to LVM2.2.02.33. Thanks to Piter Punk for the help. xap/xine-lib-1.1.10.1-powerpc-1.tgz: Upgraded to xine-lib-1.1.10.1. a/kernel-generic-2.6.23.15-powerpc-1.tgz: Upgraded to 2.6.23.15 a/kernel-modules-2.6.23.15-powerpc-1.tgz: Upgraded to 2.6.23.15 d/kernel-headers-2.6.23.15-powerpc-1.tgz: Upgraded to 2.6.23.15 k/kernel-source-2.6.23.15-noarch-1.tgz: Upgraded to 2.6.23.15 -- Adrian Ulrich +--------------------------+ Fri Feb 8 20:30:39 CET 2008 kde/kdesdk-3.5.8-powerpc-2.tgz: Recompiled to pick up new apr/neon/svn libs. kde/kdevelop-3.5.0-powerpc-2.tgz: Recompiled to pick up new apr/neon/svn libs. xap/audacious-1.4.6-powerpc-1.tgz: Upgraded to audacious-1.4.6. xap/audacious-plugins-1.4.5-powerpc-1.tgz: Upgraded to audacious-plugins-1.4.5. Now with an upgraded neon library, this uses neon for http/https transport. Thanks to Giacomo Lozito. -- Marco Bonetti +--------------------------+ Sun Feb 3 22:34:49 CET 2008 a/e2fsprogs-1.40.5-powerpc-1.tgz: Upgraded to e2fsprogs-1.40.5. l/apr-1.2.12-powerpc-1.tgz: Upgraded to apr-1.2.12. l/apr-util-1.2.12-powerpc-1.tgz: Upgraded to apr-util-1.2.12. l/neon-0.26.4-powerpc-1.tgz: Upgraded to neon-0.26.4. First run of updates, audacious and kdevelop are arriving in few days :-) -- Marco Bonetti +--------------------------+ Sat Feb 2 18:44:53 CET 2008 ap/alsa-utils-1.0.15-powerpc-1.tgz: Upgraded to alsa-utils-1.0.15. d/ruby-1.8.6_p111-powerpc-2.tgz: Rebuilt to keep in sync with Slackware, previous build was already fixed. kde/amarok-1.4.8-powerpc-1.tgz: Upgraded to amarok-1.4.8. l/alsa-lib-1.0.15-powerpc-1.tgz: Upgraded to alsa-lib-1.0.15. l/alsa-oss-1.0.15-powerpc-1.tgz: Upgraded to alsa-oss-1.0.15. x/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias. The install scripts will make it. Thanks to Piter Punk. x/libXmu-1.0.4-powerpc-1.tgz: Upgraded to libXmu-1.0.4. x/xf86-video-nv-2.1.7-powerpc-1.tgz: Upgraded to xf86-video-nv-2.1.7. x/xinput-1.3.0-powerpc-1.tgz: Added xinput-1.3.0. xap/audacious-1.4.5-powerpc-1.tgz: Upgraded to audacious-1.4.5. xap/audacious-plugins-1.4.4-powerpc-1.tgz: Upgraded to audacious-plugins-1.4.4. extra/slackpkg/slackpkg-2.70-noarch-1.tgz: Upgraded to slackpkg-2.70. Thanks to Piter Punk. -- Marco Bonetti +--------------------------+ Sat Feb 2 00:19:50 CET 2008 l/atk-1.21.5-powerpc-1.tgz: Upgraded to atk-1.21.5. l/gtk+2-2.12.7-powerpc-1.tgz: Upgraded to gtk+2-2.12.7. l/libgpod-0.6.0-powerpc-1.tgz: Upgraded to libgpod-0.6.0. l/libmowgli-0.6.0-powerpc-1.tgz: Added libmowgli-0.6.0, which is needed by Audacious. l/libmtp-0.2.5-powerpc-1.tgz: Upgraded to libmtp-0.2.5. l/libxml2-2.6.31-powerpc-1.tgz: Upgraded to libxml2-2.6.31. l/pango-1.19.3-powerpc-1.tgz: Upgraded to pango-1.19.3. mac/bcm43xx-fwcutter-006-powerpc-1.tgz: Upgraded to bcm43xx-fwcutter-006. mac/mol-0.9.72_2.6.21.5-powerpc-1.tgz: Removed, newer kernels break MOL. See the extra/ set below. xap/xine-lib-1.1.10-powerpc-1.tgz: Upgraded to xine-lib-1.1.10. extra/mol/kernel-generic-2.6.21.7-powerpc-1.tgz: Kernel Linux 2.6.21.7. extra/mol/kernel-headers-2.6.21.7-powerpc-1.tgz: Kernel Linux 2.6.21.7. extra/mol/kernel-modules-2.6.21.7-powerpc-1.tgz: Kernel Linux 2.6.21.7. extra/mol/kernel-source-2.6.21.7-powerpc-1.tgz: Kernel Linux 2.6.21.7. extra/mol/mol-0.9.72.1_2.6.21.7-powerpc-1.tgz: MOL 0.9.72.1, this is the latest stable release. It has been built against Linux kernel 2.6.21.7, one of the latest source tree known to correctly build and run MOL. -- Marco Bonetti +--------------------------+ Tue Jan 15 20:20:35 CET 2008 ap/nano-2.0.7-powerpc-1.tgz: Upgraded to nano-2.0.7. d/mercurial-0.9.5-powerpc-1.tgz: Upgraded to mercurial-0.9.5. d/ruby-1.8.6_p111-powerpc-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111. extra/slacktrack/slacktrack-1.32-powerpc-1.tgz: Renamed. l/atk-1.20.0-powerpc-1.tgz: Upgraded to atk-1.20.0. l/glib2-2.14.5-powerpc-1.tgz: Upgraded to glib-2.14.5. l/gtk+2-2.12.4-powerpc-1.tgz: Upgraded to gtk+-2.12.4. l/libxml2-2.6.30-powerpc-1.tgz: Upgraded to libxml2-2.6.30. l/libxslt-1.1.22-powerpc-1.tgz: Upgraded to libxslt-1.1.22. l/pango-1.19.2-powerpc-1.tgz: Upgraded to pango-1.19.2. l/pycairo-1.4.12-powerpc-1.tgz: Added pycairo-1.4.12. Thanks to Eric Hameleers. l/pygobject-2.14.1-powerpc-1.tgz: Added pygobject-2.14.1. Thanks to Erik Hanson and SBo (slackbuilds.org). l/pygtk-2.12.1-powerpc-1.tgz: Added pygtk-2.12.1. Thanks to Erik Hanson, Andrew Brouwers, and SBo. l/pyrex-0.9.6.4-powerpc-1.tgz: Added Pyrex-0.9.6.4. Thanks to David Somero. x/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE** Upgraded to version 2.22. x/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3. x/xf86-video-ati-6.7.197-powerpc-1.tgz: Upgraded to xf86-video-ati-6.7.197. x/xf86-video-radeonhd-1.1.0-powerpc-1.tgz: Upgraded to xf86-video-radeonhd-1.1.0. xap/seamonkey-1.1.7-powerpc-2.tgz: Use the system cairo to avoid a compile error. Thanks to Eric Hameleers for helping to figure this out. Patched a Makefile.in to avoid another compile error with the new GTK+. Thanks to the BLFS contributors for posting the solution to this. xap/vim-gvim-7.1.138-powerpc-1.tgz: Renamed. -- Marco Bonetti +--------------------------+ Thu Jan 3 19:44:09 CET 2008 a/glibc-zoneinfo-2.7-noarch-5.tgz: Some deja vu. ;-) Upgraded to tzdata2007k. A new year should be started with the latest timezone data, so here it is. Happy holidays, and a happy new year to all! :-) -- Marco Bonetti +--------------------------+ Tue Dec 25 02:45:48 CET 2007 mac/gtkpbbuttons-0.6.10-powerpc-1.tgz: Upgraded to gtkpbbuttons-0.6.10. mac/pbbuttonsd-0.8.1a-powerpc-1.tgz: Upgraded to pbbuttonsd-0.8.1a. Merry Christmas from the Slacktintosh team :-) -- Marco Bonetti +--------------------------+ Mon Dec 24 18:36:47 CET 2007 a/*: Added missing sources. ap/cdparanoia-III10pre0-powerpc-1.tgz: Upgraded to cdparanoia-III-10pre0. ap/*: Added missing sources. d/*: Added missing sources. extra/ktorrent/ktorrent-2.2.4-powerpc-1.tgz: Upgraded to ktorrent-2.2.4. extra/*: Added missing sources. f/linux-howtos-20071214-noarch-1.tgz: Upgraded to linux-howtos-20071214. n/*: Added missing sources. xap/*: Added missing sources. Christmas cleaning! Expect some more stuff in these days :-) -- Marco Bonetti +--------------------------+ Sun Dec 23 23:11:28 CET 2007 a/glibc-solibs-2.7-powerpc-4.tgz: Rebuilt against Linux 2.6.23.12 kernel headers. a/glibc-zoneinfo-2.7-noarch-4.tgz: Upgraded to tzdata2007j. a/kernel-generic-2.6.23.12-powerpc-1.tgz: Upgraded to Linux 2.6.23.12. a/kernel-modules-2.6.23.12-powerpc-1.tgz: Upgraded to Linux 2.6.23.12. d/kernel-headers-2.6.23.12_smp-i386-1.tgz: Upgraded to Linux 2.6.23.12. k/kernel-source-2.6.23.12_smp-noarch-1.tgz: Upgraded to Linux 2.6.23.12. l/glibc-2.7-powerpc-4.tgz: Rebuilt against Linux 2.6.23.12 kernel headers. l/glibc-i18n-2.7-noarch-4.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-4.tgz: Rebuilt against Linux 2.6.23.12 headers. l/libgsf-1.14.7-powerpc-1.tgz: Upgraded to libgsf-1.14.7. Mac-on-Linux has been left out from this kernel upgrade cycle: it's not yet ready for 2.6.23 kernels. -- Marco Bonetti +--------------------------+ Sat Dec 22 13:41:52 CET 2007 a/pkgtools-12.1.0-noarch-2.tgz: Fixed a regex bug in a grep in installpkg that could cause packages that do not conform to the FHS (those containing single- character top-level directories) to not be removable or upgradeable through the pkgtools. Thanks to Johnny Morano for pointing this ancient bug out. Made the top-line with -infobox more terse since some of the package names have become too long to fit, and were disturbing the infobox's formatting. -- Marco Bonetti +--------------------------+ Mon Dec 17 06:18:16 CET 2007 d/clisp-2.41a-powerpc-2.tgz: Updated. Old package was missing all clisp binaries. Fixed. Thanks to Joost Kremers for spotting the issue. -- Marco Bonetti +--------------------------+ Sun Dec 16 18:01:32 CET 2007 ap/hplip-2.7.10-powerpc-2.tgz: Rebuilt with some fixes to the build script. Thanks to Robby Workman. -- Marco Bonetti +--------------------------+ Sat Dec 15 21:04:46 CET 2007 kde/amarok-1.4.7-powerpc-2.tgz: Recompiled against libmtp-0.2.4. -- Marco Bonetti +--------------------------+ Sat Dec 15 15:45:19 UTC 2007 xap/xfce-4.4.2-powerpc-1.tgz: Upgraded to xfce-4.4.2. Thanks to Robby Workman for the build script. This fixes a minor security bug in Terminal: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 l/hal-info-20071212-noarch-1.tgz: Upgraded to hal-info-20071212. xap/gkrellm-2.3.1-powerpc-1.tgz: Upgraded to gkrellm-2.3.1. xap/pidgin-2.3.1-powerpc-1.tgz: Upgraded to pidgin-2.3.1. xap/xchat-2.8.4-powerpc-1.tgz: Upgraded to xchat-2.8.4. a/mkinitrd-1.3.0-powerpc-4.tgz: Fixed a bug that could cause modprobe to attempt to load the same module more than once (due to whitespace differences in the initramfs's load_kernel_modules script). Thanks to Piter Punk. ap/ghostscript-8.61-powerpc-1.tgz: Upgraded to ghostscript-8.61. This is still under the GPL -- just FYI, I do not know why the package name changed. This package replaces gnu-ghostscript-8.60.0-powerpc-2. n/bluez-hcidump-1.40-powerpc-1.tgz: Upgraded to bluez-hcidump-1.40. n/bluez-libs-3.22-powerpc-1.tgz: Upgraded to bluez-libs-3.22. n/bluez-utils-3.22-powerpc-1.tgz: Upgraded to bluez-utils-3.22. Thanks to Piter Punk for updating the udev rules. n/gnupg2-2.0.7-powerpc-1.tgz: Upgraded to gnupg2-2.0.7. n/gnutls-2.0.4-powerpc-1.tgz: Upgraded to gnutls-2.0.4. n/gpgme-1.1.5-powerpc-1.tgz: Upgraded to gpgme-1.1.5. n/libassuan-1.0.3-powerpc-1.tgz: Upgraded to libassuan-1.0.3. n/libgpg-error-1.6-powerpc-1.tgz: Upgraded to libgpg-error-1.6. n/libksba-1.0.2-powerpc-1.tgz: Upgraded to libksba-1.0.2. kde/kdemultimedia-3.5.8-powerpc-2.tgz: Rebuilt without libxine support (still broken on powerpc) x/xf86-input-joystick-1.3.1-powerpc-1.tgz: Upgraded to xf86-input-joystick-1.3.1. x/xf86-video-radeonhd-1.0.0-powerpc-1.tgz: Added xf86-video-radeonhd-1.0.0. x/xorg-server-1.4.0.90-powerpc-1.tgz: Upgraded to xorg-server-1.4.0.90. x/xorg-server-xnest-1.4.0.90-powerpc-1.tgz: Upgraded to xorg-server-xnest-1.4.0.90. x/xorg-server-xvfb-1.4.0.90-powerpc-1.tgz: Upgraded to xorg-server-xvfb-1.4.0.90. xap/imagemagick-6.3.7_4-powerpc-1.tgz: Upgraded to ImageMagick-6.3.7-4. n/mcabber-0.9.5-powerpc-1.tgz: Upgraded to mcabber-0.9.5. n/pinentry-0.7.4-powerpc-1.tgz: Upgraded to pinentry-0.7.4. l/libpng-1.2.24-powerpc-1.tgz: Upgraded to libpng-1.2.24. ap/mysql-5.0.51-powerpc-1.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 (* Security fix *) n/nmap-4.50-powerpc-1.tgz: Upgraded to nmap-4.50. n/proftpd-1.3.1-powerpc-1.tgz: Upgraded to proftpd-1.3.1. -- Adrian Ulrich +--------------------------+ Thu Dec 13 22:37:44 CET 2007 a/hdparm-7.7-powerpc-1.tgz: Upgraded to hdparm-7.7. Moved hdparm binary to /sbin (suggested by Tsomi). a/inotify-tools-3.12-powerpc-1.tgz: Added inotify-tools-3.12. Thanks to Eric Hameleers for the build script. l/cairo-1.4.12-powerpc-1.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 (* Security fix *) l/gamin-0.1.9-powerpc-1.tgz: Upgraded to gamin-0.1.9. l/libmtp-0.2.4-powerpc-1.tgz: Upgraded to libmtp-0.2.4. Thanks to Piter Punk for updating the udev rules. l/libnjb-2.2.6-powerpc-2.tgz: Updated udev rules. Thanks to Piter Punk. l/vte-0.16.10-powerpc-1.tgz: Upgraded to vte-0.16.10. -- Marco Bonetti +--------------------------+ Tue Dec 11 21:03:01 CET 2007 n/samba-3.0.28-powerpc-1.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ (* Security fix *) -- Marco Bonetti +--------------------------+ Sat Dec 8 13:32:29 UTC 2007 xap/gimp-2.4.2-powerpc-1.tgz: Upgraded to gimp-2.4.2. a/glibc-solibs-2.7-powerpc-3.tgz: Fixed incorrect version numbers in the install script. Thanks to guru for the bug report. a/glibc-zoneinfo-2.7-noarch-3.tgz: Rebuilt. l/glibc-2.7-powerpc-3.tgz: Fixed incorrect version numbers in the install script. Thanks to guru for the bug report. l/glibc-i18n-2.7-noarch-3.tgz: Rebuilt. l/glibc-profile-2.7-powerpc-3.tgz: Rebuilt. ap/cdrtools-2.01.01a36-powerpc-1.tgz: Upgraded to cdrtools-2.01.01a36. a/mkinitrd-1.3.0-powerpc-3.tgz: Fixed a missing '--parents' in a cp command. a/kernel-generic-2.6.23.9-powerpc-1.tgz: Upgraded to 2.6.23.9 a/kernel-modules-2.6.23.9-powerpc-1.tgz: Upgraded to 2.6.23.9 d/kernel-headers-2.6.23.9-powerpc-1.tgz: Upgraded to 2.6.23.9 k/kernel-source-2.6.23.9_smp-noarch-2.tgz: Upgraded to 2.6.23.9 kde/koffice-1.6.3-powerpc-2.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) xap/mozilla-thunderbird-2.0.0.9-powerpc-1.tgz: Upgraded to 2.0.0.9 (* SECURITY FIX *) kde/kdevelop-3.5.0-powerpc-1.tgz: Upgraded to kdevelop-3.5.0. kde/kdewebdev-3.5.8-powerpc-1.tgz: Upgraded to kdewebdev-3.5.8. kde/kdetoys-3.5.8-powerpc-1.tgz: Upgraded to kdetoys-3.5.8. -- Adrian Ulrich +--------------------------+ Fri Dec 7 19:25:25 UTC 2007 kde/amarok-1.4.7-powerpc-1.tgz: Upgraded to amarok-1.4.7. kde/kdepim-3.5.8-powerpc-1.tgz: Upgraded to kdepim-3.5.8. xap/xscreensaver-5.04-powerpc-1.tgz: Upgraded to xscreensaver-5.04. kde/k3b-1.0.3-powerpc-1.tgz: Upgraded to k3b-1.0.3. kde/kdeaddons-3.5.8-powerpc-1.tgz: Upgraded to kdeaddons-3.5.8. kdei/kde-i18n-*-3.5.8-noarch-1.tgz: Upgraded to kde-i18n-3.5.8. -- Adrian Ulrich +--------------------------+ Sun Dec 2 20:40:01 CET 2007 xap/firefox-2.0.0.11-powerpc-1.tgz: Upgraded to Firefox 2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the feature that affected some web pages and extensions. xap/seamonkey-1.1.7-powerpc-1.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) -- Marco Bonetti +--------------------------+ Sun Dec 2 12:55:15 UTC 2007 extra/ktorrent/ktorrent-2.2.2-powerpc-1.tgz: Upgraded to ktorrent-2.2.2. testing/packages/bash-3.2.025-powerpc-1.tgz: Upgraded to bash-3.2.025. n/rsync-2.6.9-powerpc-2.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html (* Security fix *) xap/gimp-2.4.1-i486-1.tgz: Upgraded to gimp-2.4.1. kde/kdeedu-3.5.8-powerpc-1.tgz: Upgraded to kdeedu-3.5.8. kde/kdegraphics-3.5.8-powerpc-2.tgz: kde/kdesdk-3.5.8-powerpc-1.tgz: Upgraded to kdesdk-3.5.8. kde/kdemultimedia-3.5.8-powerpc-1.tgz: Upgraded to kdemultimedia-3.5.8. kde/kdenetwork-3.5.8-powerpc-1.tgz: Upgraded to kdenetwork-3.5.8. kde/kdeadmin-3.5.8-powerpc-1.tgz: Upgraded to kdeadmin-3.5.8. kde/kdeartwork-3.5.8-powerpc-1.tgz: Upgraded to kdeartwork-3.5.8. kde/kdegames-3.5.8-powerpc-1.tgz: Upgraded to kdegames-3.5.8. kde/kdeaccessibility-3.5.8-powerpc-1.tgz: Upgraded to 3.5.8 kde/kdebase-3.5.8-powerpc-1.tgz: Upgraded to 3.5.8 kde/kdebindings-3.5.8-powerpc-1.tgz: Upgraded to 3.5.8 kde/kdelibs-3.5.8-powerpc-2.tgz: Upgraded to 3.5.8 kde/kdeutils-3.5.8-powerpc-1.tgz: Upgraded to kdeutils-3.5.8. extra/linux-wlan-ng/linux-wlan-ng-0.2.8_2.6.21.5-i486-1.tgz: Removed. -- Adrian Ulrich +--------------------------+ Wed Nov 28 19:12:32 CET 2007 xap/firefox-2.0.0.10-powerpc-1.tgz: Upgraded to firefox-2.0.0.10. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) -- Marco Bonetti +--------------------------+ Sat Nov 24 20:18:50 UTC 2007 x/xf86-video-intel-2.2.0-powerpc-1.tgz: Upgraded to xf86-video-intel-2.2.0 x/xf86-video-sis-0.9.4-powerpc-1.tgz: Upgraded to xf86-video-sis-0.9.4. x/xf86-video-ati-6.7.196-powerpc-1.tgz: Upgraded to xf86-video-ati-6.7.196. x/xorg-server-1.4-powerpc-4.tgz: Recompiled without input hotplugging support. x/xorg-server-xnest-1.4-powerpc-4.tgz: Rebuilt. x/xorg-server-xvfb-1.4-powerpc-4.tgz: Rebuilt. x/xf86-input-evdev-1.2.0-powerpc-1.tgz: Upgraded to xf86-input-evdev-1.2.0. x/xf86-input-joystick-1.3.0-powerpc-1.tgz: Upgraded to xf86-input-joystick-1.3.0. x/libXft-2.1.12-powerpc-2.tgz: Recompiled to fix issues with bold font rendering xap/xpdf-3.02pl2-powerpc-1.tgz: Upgraded to xpdf-3.02pl2. (* SECURITY FIX *) xap/pan-0.132-powerpc-1.tgz: Upgraded to pan-0.132. xap/imagemagick-6.3.6_0-powerpc-1.tgz: Upgraded to ImageMagick-6.3.6-0. xap/pidgin-2.2.2-powerpc-1.tgz: Upgraded to pidgin-2.2.2. l/libpng-1.2.23-powerpc-1.tgz: Upgraded to libpng 1.2.23 (* SECURITY FIX *) xap/fluxbox-1.0.0-powerpc-1.tgz: Upgraded to fluxbox-1.0.0. xap/vim-gvim-7.1.138-powerpc-1.tgz: Upgraded to vim-7.1.138 with GTK+ extensions. xap/xine-lib-1.1.8-powerpc-1.tgz: Upgraded to xine-lib-1.1.8. l/qt-3.3.8-powerpc-5.tgz: Added back the library symlinks into /usr/lib, without which kdelibs does not compile. -- Adrian Ulrich +--------------------------+ Wed Nov 21 21:38:08 CET 2007 n/httpd-2.2.6-powerpc-1.tgz: Upgraded to httpd-2.2.6. n/links-2.1pre31-powerpc-1.tgz: Upgraded to links-2.1pre31. n/network-scripts-12.0-noarch-5.tgz: Updated. n/openldap-client-2.3.38-powerpc-1.tgz: Upgraded to openldap-client-2.3.38. n/php-5.2.5-powerpc-1.tgz: Upgraded to php-5.2.5. n/wpa_supplicant-0.5.8-powerpc-1.tgz: Upgraded to wpa_supplicant-0.5.8. tcl/expect-5.43.0-powerpc-2.tgz: Rebuilt against tcl-8.4.16. tcl/tcl-8.4.16-powerpc-1.tgz: Upgraded to tcl-8.4.16. tcl/tk-8.4.16-powerpc-1.tgz: Upgraded to tk-8.4.16. -- Marco Bonetti +--------------------------+ Mon Nov 19 22:21:43 CET 2007 l/dbus-glib-0.74-powerpc-1.tgz: Upgraded to dbus-glib-0.74. l/libao-0.8.8-powerpc-1.tgz: Upgraded to libao-0.8.8. l/libgpod-0.5.2-powerpc-1.tgz: Upgraded to libgpod-0.5.2. l/libnjb-2.2.6-powerpc-1.tgz: Upgraded to libnjb-2.2.6. l/libtheora-1.0beta1-powerpc-1.tgz: Upgraded to libtheora-1.0beta1. l/libvorbis-1.2.0-powerpc-1.tgz: Upgraded to libvorbis-1.2.0. l/libwnck-2.18.3-powerpc-1.tgz: New package Support library for compiz. l/poppler-0.6.2-powerpc-1.tgz: Upgraded to poppler-0.6.2. -- Marco Bonetti +--------------------------+ Sun Nov 18 16:45:41 UTC 2007 l/gtk+2-2.10.14-powerpc-1.tgz: Upgraded to gtk+-2.10.14. n/mcabber-0.9.4-powerpc-1.tgz: Upgraded to mcabber-0.9.4. d/git-1.5.3.3-powerpc-1.tgz: Upgraded to git-1.5.3.3. a/cups-1.3.4-powerpc-1.tgz: Upgraded to cups-1.3.4. (* SECURITY FIX *) n/sendmail-8.14.2-powerpc-1.tgz: Upgraded to sendmail-8.14.2. n/sendmail-cf-8.14.2-noarch-1.tgz: Upgraded to sendmail-8.14.2 config files. l/pcre-7.4-powerpc-1.tgz: Upgraded to pcre-7.4. n/samba-3.0.27-powerpc-1.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 (* Security fix *) ap/vim-7.1.138-powerpc-1.tgz: Upgraded to vim-7.1.138. ap/foomatic-filters-3.0_20070919-powerpc-1.tgz: Added. This is a printer filter required to use Gutenprint or HPLIP with CUPS. ap/gutenprint-5.0.1-powerpc-2.tgz: Added gutenprint-5.0.1, which is the new version of (and name for) gimp-print. ap/gnu-ghostscript-8.60.0-powerpc-1.tgz: Added gnu-ghostscript-8.60.0. This replaces the espgs (ESP Ghostscript) package. ap/hplip-2.7.9-powerpc-1.tgz: Upgraded to hplip-2.7.9. Note that this no longer requires daemons to be started at boot time, so any /etc/rc.d/rc.hplip script can be removed. ap/espgs-8.15.4-powerpc-2.tgz: Removed. This is replaced by gnu-ghostscript. ap/gimp-print-4.2.7-powerpc-2.tgz: Removed. This is replaced by gutenprint. x/mesa-7.0.2-i486-1.tgz: Upgraded to mesa-7.0.2. l/hal-0.5.10-powerpc-1.tgz: Upgraded to hal-0.5.10. l/hal-info-20071011-noarch-1.tgz: Upgraded to hal-info-20071011. -- Adrian Ulrich +--------------------------+ Sat Nov 3 16:21:19 UTC 2007 l/glib2-2.12.13-powerpc-1.tgz: Upgraded to glib-2.12.13. Upgraded to X.Org 7.3: PLEASE NOTE: There are a few known problems with this release. Please let us know if you have solutions to any of these. 1. xf86-video-vesa was not upgraded for the X.Org 7.3 release, and running Terminal or vte under KDE results in an X hang under KDE, or garbage in the terminal under XFce. 2. The following modules were not upgraded in the X.Org 7.3 release and no longer compile: mkcfm, xf86-input-acecad, xf86-input-dmc, xf86-input-void, xf86-video-glide, xf86-video-impact, and xf86-video-wsfb. Odds are good that due to the driver ABI change none of these are currently working. 3. xf86-video-amd doesn't compile on ppc. Anyone cares? x/pixman-0.9.6-powerpc-1.tgz: Added pixman-0.9.6 x/glproto-1.4.9-noarch-1.tgz: Upgraded to glproto-1.4.9. x/xorg-server-1.4-powerpc-1: Upgraded to xorg-server-1.4. x/xorg-server-xdmx-1.4-powerpc-1: Upgraded to xorg-server-xdmx. x/xorg-server-xnest-1.4-powerpc-1: Upgraded to xorg-server-xnest-1.4. x/xorg-server-xvfb-1.4-powerpc-1: Upgraded to xorg-server-xvfb-1.4. x/xprop-1.0.3-powerpc-1: Upgraded to xprop-1.0.3. x/xrandr-1.2.2-powerpc-1: Upgraded to xrandr-1.2.2. x/xrdb-1.0.4-powerpc-1: Upgraded to xrdb-1.0.4. x/xset-1.0.3-powerpc-1: Upgraded to xset-1.0.3. x/xsetroot-1.0.2-powerpc-1: Upgraded to xsetroot-1.0.2. x/xtrans-1.0.4-noarch-1: Upgraded to xtrans-1.0.4. x/xvinfo-1.0.2-powerpc-1: Upgraded to xvinfo-1.0.2. x/xwininfo-1.0.3-powerpc-1: Upgraded to xwininfo-1.0.3. x/xf86dgaproto-2.0.3-noarch-1: Upgraded to xf86dgaproto-2.0.3. x/xfs-1.0.5-powerpc-1.tgz: Upgraded to xfs-1.0.5. x/xgamma-1.0.2-powerpc-1: Upgraded to xgamma-1.0.2. x/xhost-1.0.2-powerpc-1: Upgraded to xhost-1.0.2. x/xinit-1.0.7-powerpc-1: Upgraded to xinit-1.0.7. x/xmag-1.0.2-powerpc-1: Upgraded to xmag-1.0.2. x/xman-1.0.3-powerpc-1: Upgraded to xman-1.0.3. x/xmessage-1.0.2-powerpc-1: Upgraded to xmessage-1.0.2. x/xmodmap-1.0.3-powerpc-1: Upgraded to xmodmap-1.0.3. x/xf86-video-apm-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-ark-0.6.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-ast-0.81.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-ati-6.7.195-powerpc-1: Upgraded to xf86-video-ati-6.7.195. x/xf86-video-chips-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-cirrus-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-cyrix-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-dummy-0.2.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-fbdev-0.3.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-glint-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-i128-1.2.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-i740-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-i810-1.7.4-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-imstt-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-intel-2.1.1-powerpc-1: Upgraded to xf86-video-intel-2.1.1. x/xf86-video-mga-1.9.100-powerpc-1: Upgraded to xf86-video-mga-1.9.100. x/xf86-video-neomagic-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-newport-0.2.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-nsc-2.8.3-powerpc-1: Upgraded to xf86-video-nsc-2.8.3. x/xf86-video-nv-2.1.5-powerpc-1: Upgraded to xf86-video-nv-2.1.5. x/xf86-video-rendition-4.1.3-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-s3-0.5.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-s3virge-1.9.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-savage-2.1.3-powerpc-1: Upgraded to xf86-video-savage-2.1.3. x/xf86-video-siliconmotion-1.5.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-sis-0.9.3-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-sisusb-0.8.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-tdfx-1.3.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-tga-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-trident-1.2.3-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-tseng-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-v4l-0.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-vesa-1.3.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-vga-4.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-via-0.2.2-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-video-vmware-10.15.2-powerpc-1: Upgraded to xf86-video-vmware-10.15.2. x/xf86-video-voodoo-1.1.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-aiptek-1.0.1-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-calcomp-1.1.1-powerpc-1: Upgraded to xf86-input-calcomp-1.1.1. x/xf86-input-citron-2.2.1-powerpc-1: Added xf86-input-citron-2.2.1. x/xf86-input-digitaledge-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-dynapro-1.1.1-powerpc-1: Added xf86-input-dynapro-1.1.1. x/xf86-input-elo2300-1.1.1-powerpc-1: Added xf86-input-elo2300-1.1.1. x/xf86-input-elographics-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-evdev-1.1.5-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-fpit-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-hyperpen-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-jamstudio-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-joystick-1.2.3-powerpc-1: Upgraded to xf86-input-joystick-1.2.3. x/xf86-input-keyboard-1.2.2-powerpc-1: Upgraded to xf86-input-keyboard-1.2.2. x/xf86-input-magellan-1.1.1-powerpc-1: Upgraded to xf86-input-magellan-1.1.1. x/xf86-input-magictouch-1.0.0.5-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-microtouch-1.1.1-powerpc-1: Added xf86-input-microtouch-1.1.1. x/xf86-input-mouse-1.2.3-powerpc-1: Upgraded to xf86-input-mouse-1.2.3. x/xf86-input-mutouch-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-palmax-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-penmount-1.2.1-powerpc-1: Added xf86-input-penmount-1.2.1. x/xf86-input-spaceorb-1.1.1-powerpc-1: Upgraded to xf86-input-spaceorb-1.1.1. x/xf86-input-summa-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-tek4957-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/xf86-input-ur98-1.1.0-powerpc-2: Recompiled against xorg-server-1.4. x/renderproto-0.9.3-noarch-1: Upgraded to renderproto-0.9.3. x/sessreg-1.0.3-powerpc-1: Upgraded to sessreg-1.0.3. x/setxkbmap-1.0.4-powerpc-1: Upgraded to setxkbmap-1.0.4. x/xbacklight-1.1-powerpc-1: Upgraded to xbacklight-1.1. x/xcalc-1.0.2-powerpc-1: Upgraded to xcalc-1.0.2. x/xclock-1.0.3-powerpc-1: Upgraded to xclock-1.0.3. x/xconsole-1.0.3-powerpc-1: Upgraded to xconsole-1.0.3. x/xcursorgen-1.0.2-powerpc-1: Upgraded to xcursorgen-1.0.2. x/xdm-1.1.6-powerpc-1: Upgraded to xdm-1.1.6. x/xdriinfo-1.0.2-powerpc-1: Upgraded to xdriinfo-1.0.2. x/compiz-0.6.0-powerpc-1: Upgraded to compiz-0.6.0. x/compositeproto-0.4-noarch-1: Upgraded to compositeproto-0.4. x/iceauth-1.0.2-powerpc-1: Upgraded to iceauth-1.0.2. x/ico-1.0.2-powerpc-1: Upgraded to ico-1.0.2. x/inputproto-1.4.2.1-noarch-1: Upgraded to inputproto-1.4.2.1. x/libICE-1.0.4-powerpc-1: Upgraded to libICE-1.0.4. x/libX11-1.1.3-powerpc-1: Upgraded to libX11-1.1.3. x/libXaw-1.0.4-powerpc-1: Upgraded to libXaw-1.0.4. x/libXcomposite-0.4.0-powerpc-1: Upgraded to libXcomposite-0.4.0. x/libXcursor-1.1.9-powerpc-1: Upgraded to libXcursor-1.1.9. x/libXfont-1.3.1-powerpc-1: Upgraded to libXfont-1.3.1. x/libXi-1.1.3-powerpc-1: Upgraded to libXi-1.1.3. x/libXpm-3.5.7-powerpc-1: Upgraded to libXpm-3.5.7. x/libXrandr-1.2.2-powerpc-1: Upgraded to libXrandr-1.2.2. x/libXrender-0.9.4-powerpc-1: Upgraded to libXrender-0.9.4. x/libXtst-1.0.3-powerpc-1: Upgraded to libXtst-1.0.3. x/libXxf86dga-1.0.2-powerpc-1: Upgraded to libXxf86dga-1.0.2. ap/mysql-5.0.45-powerpc-1.tgz: Upgraded to mysql-5.0.45. x/mesa-7.0.1-powerpc-1.tgz: Upgraded to Mesa 7.0.1. x/dejavu-ttf-2.21-noarch-1.tgz: Upgraded to dejavu-ttf-2.21. l/vte-0.16.8-powerpc-1.tgz: Upgraded to vte-0.16.8. l/pcre-7.3-powerpc-1.tgz: Upgraded to pcre-7.3. l/freetype-2.3.5-powerpc-1.tgz: Upgraded to freetype-2.3.5. l/poppler-0.6.1-powerpc-1.tgz: Upgraded to poppler-0.6.1. l/poppler-data-0.1.1-noarch-1.tgz: Upgraded to poppler-data-0.1.1, and fixed l/librsvg-2.18.2-powerpc-1.tgz: Upgraded to librsvg-2.18.2. l/libpng-1.2.22-powerpc-1.tgz: Upgraded to libpng-1.2.22. a/openssl-solibs-0.9.8g-powerpc-1.tgz: Upgraded to openssl-solibs-0.9.8g. n/openssh-4.7p1-powerpc-3.tgz: Recompiled against openssl-0.9.8g. n/openssl-0.9.8g-powerpc-1.tgz: Upgraded to openssl-0.9.8g. -- Adrian Ulrich +--------------------------+ Thu Nov 1 17:41:06 CET 2007 a/cups-1.3.3-powerpc-1.tgz: Upgraded to cups-1.3.3. a/dialog-1.1_20070930-powerpc-1.tgz: Upgraded to dialog-1.1_20070930. a/etc-12.1-noarch-1.tgz: Upgraded to etc-12.1. a/jfsutils-1.1.12-powerpc-1.tgz: Upgraded to jfsutils-1.1.12. a/mkinitrd-1.2.0-powerpc-1.tgz: Upgraded to mkinitrd-1.2.0. a/pkgtools-12.1.0-noarch-1.tgz: Upgraded to pkgtools-12.1.0. a/sysvinit-scripts-1.2-noarch-14.tgz: Updated to sysvinit-scripts-1.2. a/udev-116-powerpc-1.tgz: Upgraded udev-116. -- Marco Bonetti +--------------------------+ Sat Oct 20 10:58:38 UTC 2007 l/glibc-2.5-powerpc-5.tgz: Recompiled against 2.6.23.1 kernel headers. l/glibc-i18n-2.5-noarch-5.tgz: Rebuilt. l/glibc-profile-2.5-powerpc-5.tgz: Recompiled against 2.6.23.1 kernel headers. a/glibc-solibs-2.5-powerpc-5.tgz: Recompiled against 2.6.23.1 kernel headers. a/glibc-zoneinfo-2.5-noarch-5.tgz: Upgraded to tzcode2007h and tzdata2007h. a/module-init-tools-3.4-powerpc-1.tgz: Upgraded to module-init-tools-3.4. a/kernel-modules-2.6.23.1-powerpc-1.tgz: Upgraded to 2.6.23.1 a/kernel-generic-2.6.23.1-powerpc-1.tgz: Upgraded to 2.6.23.1 d/kernel-headers-2.6.23.1-powerpc-1.tgz: Upgraded to 2.6.23.1 k/kernel-source-2.6.23.1_smp-noarch-1.tgz: Upgraded to 2.6.23.1 n/openssh-4.7p1-powerpc-1.tgz: Upgraded to openssh-4.7p1. From the OpenSSH release notes: "Security bugs resolved in this release: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec." While it's fair to say that we here at Slackware don't see how this could be leveraged to compromise a system, a) the OpenSSH people (who presumably understand the code better) characterize this as a security bug, b) it has been assigned a CVE entry, and c) OpenSSH is one of the most commonly used network daemons. Better safe than sorry. More information should appear here eventually: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752 (* Security fix *) n/openssl-0.9.8f-powerpc-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Slackware is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) (* Security fix *) -- Adrian Ulrich +--------------------------+ Sat Oct 20 08:43:27 GMT 2007 Synced with Slackintosh 12.0 -- Adrian Ulrich +--------------------------+