Thu Aug 12 19:30:51 UTC 2010 As advised, Slackware ARM 12.2 support ended on 31 July 2010. Currently, Slackware ARM 13.1 is the next stable release - please upgrade for continued support. Wed Jun 30 13:16:36 UTC 2010 patches/packages/libpng-1.2.44-arm-1_slack12.2.tgz: Upgraded. This fixes out-of-bounds memory write bugs that could lead to crashes or the execution of arbitrary code, and a memory leak bug which could lead to application crashes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 (* Security fix *) patches/packages/libtiff-3.8.2-arm-4_slack12.2.tgz: Rebuilt. This fixes image structure handling bugs that could lead to crashes or execution of arbitrary code if a specially-crafted TIFF image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 (* Security fix *) +--------------------------+ Sat Jun 26 07:12:47 UTC 2010 patches/packages/bind-9.4.3_P5-arm-1_slack12.2.tgz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 (* Security fix *) +--------------------------+ Sat Jun 19 12:46:13 UTC 2010 patches/packages/samba-3.2.15-arm-2.tgz: Rebuilt. Patched a buffer overflow in smbd that allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 (* Security fix *) +--------------------------+ Wed May 19 09:30:08 UTC 2010 patches/packages/pidgin-2.7.0-arm-1_slack12.2.tgz: Upgraded. Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1. The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 (* Security fix *) +--------------------------+ Mon May 17 11:46:57 UTC 2010 patches/packages/fetchmail-6.3.17-arm-1_slack12.2.tgz: Upgraded. A crafted header or POP3 UIDL list could cause a memory leak and crash leading to a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 (* Security fix *) +--------------------------+ Mon Apr 26 09:43:33 UTC 2010 patches/packages/irssi-0.8.15-arm-1_slack12.2.tgz: Upgraded. From the NEWS file: - Check if an SSL certificate matches the hostname of the server we are connecting to. - Fix crash when checking for fuzzy nick match when not on the channel. Reported by Aurelien Delaitre (SATE 2009). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 (* Security fix *) +--------------------------+ Wed Apr 21 11:19:58 UTC 2010 patches/packages/sudo-1.7.2p6-arm-1_slack12.2.tgz: Upgraded. This update fixes security issues that may give a user with permission to run sudoedit the ability to run arbitrary commands. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1163 http://www.gratisoft.us/sudo/alerts/sudoedit_escalate.html http://www.gratisoft.us/sudo/alerts/sudoedit_escalate2.html (* Security fix *) +--------------------------+ Mon Apr 5 20:35:39 UTC 2010 patches/packages/mozilla-firefox-3.0.19-arm-1_slack12.2.tgz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) patches/packages/mozilla-thunderbird-2.0.0.24-arm-1_slack12.2.tgz: Upgraded. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Wed Mar 31 09:48:20 UTC 2010 patches/packages/openssl-0.9.8n-arm-1_slack12.2.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 (* Security fix *) patches/packages/openssl-solibs-0.9.8n-arm-1_slack12.2.tgz: Upgraded. patches/packages/proftpd-1.3.3-arm-2_slack12.2.tgz: Rebuilt against OpenSSL 0.9.8n. +--------------------------+ Thu Mar 11 10:40:33 UTC 2010 patches/packages/pidgin-2.6.6-arm-1_slack12.2.tgz: Upgraded. This fixes a few denial-of-service flaws as well as other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 (* Security fix *) +--------------------------+ Wed Mar 10 10:36:10 UTC 2010 patches/packages/httpd-2.2.15-arm-1_slack12.2.tgz: Upgraded. This update addresses a few security issues. mod_ssl: A partial fix for the TLS renegotiation prefix injection attack by rejecting any client-initiated renegotiations. mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent when request headers indicate a request body is incoming; not a case of HTTP_INTERNAL_SERVER_ERROR. mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. [This is the most serious flaw, but does not affect Linux systems] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425 (* Security fix *) patches/packages/openssl-0.9.8m-arm-2_slack12.2.tgz: Rebuilt. patches/packages/openssl-solibs-0.9.8m-arm-2_slack12.2.tgz: Rebuilt. The OpenSSL package has been patched and recompiled to revert a change that broke decrypting some files encrypted with previous versions of OpenSSL. This same fix appears in the latest upstream snapshots. +--------------------------+ Mon Mar 8 15:11:29 UTC 2010 patches/packages/mozilla-firefox-3.0.18-arm-1_slack12.2.tgz: Upgraded. Upgraded to firefox-3.0.18. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) +--------------------------+ Mon Mar 1 11:37:29 UTC 2010 patches/packages/openssl-0.9.8m-arm-1_slack12.2.tgz: Upgraded. This OpenSSL update contains some security related bugfixes. For more information, see the included CHANGES and NEWS files, and: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 (* Security fix *) patches/packages/openssl-solibs-0.9.8m-arm-1_slack12.2.tgz: Upgraded. patches/packages/proftpd-1.3.3-arm-1_slack12.2.tgz: Upgraded. +--------------------------+ Mon Jan 25 20:54:14 UTC 2010 patches/packages/httpd-2.2.14-arm-1_slack12.2.tgz: Upgraded. This fixes a couple of security bugs when using mod_proxy_ftp. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 (* Security fix *) patches/packages/php-5.2.12-arm-1_slack12.2.tgz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 (* Security fix *) patches/packages/pidgin-2.6.5-arm-1_slack12.2.tgz: Upgraded. This fixes a directory traversal vulnerability in Pidgin's MSN protocol handling that may allow attackers to download arbitrary files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013 (* Security fix *) +--------------------------+ Fri Dec 18 17:18:33 UTC 2009 patches/packages/mozilla-firefox-3.0.16-arm-1_slack12.2.tgz: Upgraded. Upgraded to firefox-3.0.16. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) +--------------------------+ Sat Dec 12 14:10:42 UTC 2009 patches/packages/gimp-2.4.7-arm-2_slack12.2.tgz: Rebuilt. This fixes integer overflows in the image handling plugins that could lead to the execution of arbitrary code or an application crash if a malicious image is loaded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570 (* Security fix *) +--------------------------+ Thu Dec 10 18:47:38 UTC 2009 patches/packages/ntp-4.2.4p8-arm-1_slack12.2.tgz: Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 (* Security fix *) +--------------------------+ Thu Dec 3 19:13:04 UTC 2009 patches/packages/bind-9.4.3_P4-arm-1_slack12.2.tgz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 (* Security fix *) +--------------------------+ Mon Nov 16 22:21:33 UTC 2009 patches/packages/openssl-0.9.8i-arm-4_slack12.2.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) patches/packages/openssl-solibs-0.9.8i-arm-4_slack12.2.tgz: Rebuilt. Patched to disable SSL renegotiation. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 (* Security fix *) +--------------------------+ Tue Nov 3 08:19:31 UTC 2009 patches/packages/mozilla-firefox-3.0.15-arm-1_slack12.2.tgz: Upgraded. Upgraded to firefox-3.0.15. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) +--------------------------+ Thu Oct 29 08:36:00 UTC 2009 patches/packages/poppler-0.8.5-arm-2.tgz: Rebuilt. This updated package includes patches based on xpdf 3.02pl4. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) patches/packages/xpdf-3.02pl4-arm-1.tgz: Upgraded. This update fixes several security issues that could lead to an application crash, or execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 (* Security fix *) +--------------------------+ Sun Oct 18 11:32:24 BST 2009 patches/packages/gnutls-2.8.4-arm-1_slack12.2.tgz: This contains a correct fix for the NUL in CN/SAN SSL vulnerability. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 (* Security fix *) patches/packages/pidgin-2.6.3-arm-1_slack12.2.tgz: This update fixes an issue where a remote user can cause libpurple-based clients to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 (* Security fix *) +--------------------------+ Sun Oct 4 22:33:05 BST 2009 patches/packages/php-5.2.11-arm-1_slack12.2.tgz: Upgraded. This release fixes some possible security issues, all of which have "unknown impact and attack vectors". For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293 (* Security fix *) patches/packages/samba-3.2.15-arm-1.tgz: Upgraded. This update fixes the following security issues. A misconfigured /etc/passwd with no defined home directory could allow security restrictions to be bypassed. mount.cifs could allow a local user to read the first line of an arbitrary file if installed setuid. (On Slackware, it was not installed setuid) Specially crafted SMB requests could cause a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 (* Security fix *) +--------------------------+ Mon Sep 14 21:18:01 BST 2009 patches/packages/mozilla-firefox-3.0.14-arm-1_slack12.2.tgz: Upgraded to firefox-3.0.14. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) +--------------------------+ Wed Sep 9 10:14:18 BST 2009 patches/packages/seamonkey-1.1.18-arm-1_slack12.2.tgz: Upgraded. Upgraded to seamonkey-1.1.18. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Mon Aug 31 18:50:12 BST 2009 patches/packages/mtd-utils-310809-arm-1.tgz: Upgraded to a snapshot on 31st August 2009 to fix "a bad bug" in mkfs.ubifs. Fixed build script to include documentation in the package. +--------------------------+ Fri Aug 21 13:46:03 BST 2009 patches/packages/mozilla-thunderbird-2.0.0.23-arm-1.tgz: Upgraded. This upgrade fixes a security bug. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Thu Aug 20 10:18:07 BST 2009 patches/packages/pidgin-2.5.9-arm-1_slack12.2.tgz: This update fixes a bug in Pidgin's MSN protocol implementation can allow a remote attacker to send a malicious MSN message to a Pidgin user, which will possibly cause arbitrary code to be executed as that user. This issue was discovered by Federico Muttis of Core Security Technologies. For more information, see: http://www.coresecurity.com/content/libpurple-arbitrary-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 (* Security fix *) +--------------------------+ Wed Aug 19 17:19:00 BST 2009 patches/packages/sendmail-8.14.3-arm-1_slack12.2.tgz: Rebuilt to fix empty sendmail config files. patches/packages/sendmail-cf-8.14.3-noarch-1_slack12.2.tgz: Rebuilt. +--------------------------+ Wed Aug 19 09:34:19 BST 2009 a/kernel-modules-kirkwood-2.6.30.5_kirkwood-arm-1.tgz a/kernel-modules-versatile-2.6.30.5_versatile-arm-1.tgz a/kernel_kirkwood-2.6.30.5-arm-1.tgz a/kernel_versatile-2.6.30.5-arm-1.tgz k/kernel-source-2.6.30.5-noarch-1.tgz patches/packages/kernel-source-2.6.30.5-noarch-1.tgz patches/packages/kernel-modules-kirkwood-2.6.30.5_kirkwood-arm-1.tgz patches/packages/kernel-modules-versatile-2.6.30.5_versatile-arm-1.tgz patches/packages/kernel_kirkwood-2.6.30.5-arm-1.tgz patches/packages/kernel_versatile-2.6.30.5-arm-1.tgz: These packages in "patches" are copies of the kernels and modules from the a/ series. To upgrade the kernels, please follow the procedure below in the change log entry dates "Wed Aug 12 21:34:44 BST 2009", substituting the kernel package names for the new ones in this update. Upgraded to Linux 2.6.30.5. JFS filesystem support has been removed. Writing data to a JFS filesystem results in a kernel panic. Even though users could have mounted JFS partitions read-only, I think it's safer to remove JFS support to prevent accidental corruption; you can always compile the JFS module back into the Kernel if you wish by installing the kernel-source package, selecting JFS as a module and building modules. Curiously, JFS on the new EABI port, with the same kernel configuration works perfectly! Thanks to Gary Royal for the report. This Kernel update also addresses a bug in proto_ops structures which could allow a user to use the kernel sendpage operation to execute arbitrary code in page zero. This could allow local users to gain escalated privileges. This flaw was discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 (* Security fix *) isolinux/*initrd*.img: Rebuilt Kirkwood and Versatile installers to include Linux 2.6.30.5 kernel modules. kernels/kirkwood/* kernels/versatile/*: Upgraded to Linux 2.6.30.5. Whilst it is not Slackware policy to update packages and files in the main tree after a release, I feel that security of users' JFS filesystems warrants this irregular practice. If you have Slackware ARM 12.2 already installed, you only need to concern yourself with the packages in the "patches" directory - listed above. The update of the packages in the "slackware/a/" directory are to ensure that *new* installations of Slackware ARM do not pose the risk of damaging users' JFS filesystems. +--------------------------+ Sat Aug 15 10:57:26 BST 2009 patches/packages/curl-7.19.6-arm-1_slack12.2.tgz: This update fixes a security issue where a zero byte embedded in an SSL or TLS certificate could fool cURL into validating the security of a connection to a system that the certificate was not issued for. It has been reported that at least one Certificate Authority allowed such certificates to be issued. For more information, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 (* Security fix *) +--------------------------+ Wed Aug 12 21:34:44 BST 2009 patches/packages/kernel_kirkwood-2.6.30.4-arm-1.tgz patches/packages/kernel-modules-kirkwood-2.6.30.4_kirkwood-arm-1.tgz patches/packages/kernel-source-2.6.30.4-noarch-1.tgz patches/packages/kernel_versatile-2.6.30.4-arm-1.tgz patches/packages/kernel-modules-versatile-2.6.30.4_versatile-arm-1.tgz: Upgraded to Linux 2.6.30.4. This is a recommended upgrade. Disabled the debug feature of the MMC driver, which prevents messages like these from filling up /var/log/debug: mmc0: req failed (CMD5): -110, retrying... mvsdio mvsdio: cmd 5 (hw state 0x20f8) mvsdio mvsdio: intr 0x8813 intr_en 0x4001 hw_state 0x20f8 mvsdio mvsdio: err 0x0201 INSTALLATION INSTRUCTIONS: ========================== Marvell SheevaPlug users ------------------------ If you're using the standard Slackware setup (having followed the INSTALL_SHEEVAPLUG.TXT document), you may update your kernel and its associated kernel modules like this: upgradepkg kernel_kirkwood-2.6.30.4-arm-1.tgz upgradepkg kernel-modules-kirkwood-2.6.30.4_kirkwood-arm-1.tgz You may also wish to update your installed kernel sources: upgradepkg kernel-source-2.6.30.4-noarch-1.tgz You can now reboot your SheevaPlug - no further configuration is required. QEMU emulation: ARM Versatile users ----------------------------------- If you're using the standard Slackware setup (having followed the INSTALL_QEMU.TXT document), you may update your kernel and its associated kernel modules like this: upgradepkg kernel_versatile-2.6.30.4-arm-1.tgz upgradepkg kernel-modules-versatile-2.6.30.4_versatile-arm-1.tgz You may also wish to update your installed kernel sources: upgradepkg kernel-source-2.6.30.4-noarch-1.tgz QEMU cannot access inside the ARM Linux filesystem - the kernel and initial RAM disk ("initrd") needs to also be available on the local filesystem of the x86 host PC where you will run QEMU. On your *x86 host PC* computer: Example: cd /export/armhost scp "root@192.168.1.20:/boot/{zImage-versatile,initrd-versatile.gz}" . 192.168.1.20 and /export/armhost are examples used in the INSTALL_QEMU.TXT document: you must change these to reflect the directory path and IP address you chose for your installation. If you have disabled root logins, you can use a normal user account instead. If you have not enabled the SSH server on your Slackware ARM installation, you can scp in the other direction: from the Slackware ARM OS to your x86 host PC. You can now shutdown the running Slackware ARM OS, and restart QEMU which will boot into the new kernel. +--------------------------+ Tue Aug 11 14:30:20 BST 2009 patches/packages/httpd-2.2.13-arm-1_slack12.2.tgz: Upgraded. This is a bugfix release. It also upgrades the internal versions of apr and apr-util to address CVE-2009-2412, but Slackware uses the system versions of these libraries which have already been upgraded. +--------------------------+ Sat Aug 8 10:47:28 BST 2009 patches/packages/apr-1.3.8-arm-1_slack12.2.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/apr-util-1.3.9-arm-1_slack12.2.tgz: Upgraded. Fix overflow in rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *) patches/packages/httpd-2.2.12-arm-2_slack12.2.tgz: Rebuilt. Recompiled against the new apr and apr-util. This allows external modules to be built without having to edit the new apr/apr-util version numbers into the httpd config files. patches/packages/subversion-1.5.7-arm-1_slack12.2.tgz: Upgraded. Fixed heap overflow vulnerability on server and client. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt (* Security fix *) +--------------------------+ Thu Aug 6 09:57:28 BST 2009 patches/packages/fetchmail-6.3.11-arm-1_slack12.2.tgz: Upgraded. This update fixes an SSL NUL prefix impersonation attack through NULs in a part of a X.509 certificate's CommonName and subjectAltName fields. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666 (* Security fix *) +--------------------------+ Tue Aug 4 08:28:14 BST 2009 patches/packages/mozilla-firefox-3.0.13-arm-1_slack12.2.tgz: Upgraded. This fixes a couple of security issues. For more information, see: http://www.mozilla.org/security/announce/2009/mfsa2009-42.html http://www.mozilla.org/security/announce/2009/mfsa2009-43.html (* Security fix *) +--------------------------+ Mon Aug 3 15:34:45 BST 2009 patches/packages/httpd-2.2.12-arm-1_slack12.2.tgz: Upgraded. This update fixes some security issues (from the CHANGES file): *) SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. PR 39605. [Joe Orton, Ruediger Pluem] *) SECURITY: CVE-2009-1195 (cve.mitre.org) Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it. [Jonathan Peatfield , Joe Orton, Ruediger Pluem, Jeff Trawick] *) SECURITY: CVE-2009-1890 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration, where a remote attacker can force a proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton] *) SECURITY: CVE-2009-1191 (cve.mitre.org) mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org) The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules. These last three CVEs were addressed in Slackware previously with an update to new system apr and apr-util packages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956 (* Security fix *) +--------------------------+ Fri Jul 31 14:44:15 BST 2009 patches/packages/bind-9.4.3_P3-arm-1_slack12.2.tgz: Upgraded. This BIND update fixes a security problem where a specially crafted dynamic update message packet will cause named to exit resulting in a denial of service. An active remote exploit is in wide circulation at this time. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 https://www.isc.org/node/479 (* Security fix *) patches/packages/mozilla-firefox-3.0.12-arm-1_slack12.2.tgz: Upgraded. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) +--------------------------+ Tue Jul 21 10:01:25 BST 2009 patches/packages/at-3.1.10-arm-2_slack12.2.tgz: Corrected ownerships and permissions on binaries and directories to allow 'at' to work for non-root users. Thanks to Peter Wang for the report. +--------------------------+ Wed Jul 15 13:36:10 BST 2009 patches/packages/dhcp-3.1.2p1-arm-1_slack12.2.tgz: Upgraded. A stack overflow vulnerability was fixed in dhclient that could allow remote attackers to execute arbitrary commands as root on the system, or simply terminate the client, by providing an over-long subnet-mask option. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 (* Security fix *) +--------------------------+ Mon Jul 13 09:11:40 BST 2009 patches/packages/php-5.2.10-arm-2_slack12.2.tgz: Rebuilt. Installed the pear.php.net.reg and pecl.php.net.reg files from php-5.2.9, since the ones installed by php-5.2.10 are broken. Thanks to Mike Peachey for the bug report. For anybody producing 3rd party packages for Slackware ARM version 12.2, please suffix the package build numbers with "_slack12.2". Example: mypackage-1.00-arm-1_slack12.2.tgz This is because newer releases of Slackware ARM will be using the EABI (Embedded ABI), making its user space incompatible with Slackware ARM 12.2; so it's important to identify which version of Slackware ARM your packages are built for. +--------------------------+ Thu Jul 2 22:46:59 BST 2009 patches/packages/httpd-2.2.11-arm-1_slack12.2.tgz: Upgraded. This needed a recompile against the new apr package to fix building new modules, and an upgrade to the latest stable version (as long as we're under the hood) seemed like it would also be a good idea. patches/packages/php-5.2.10-arm-1_slack12.2.tgz: Upgraded. +--------------------------+ Wed Jul 1 18:47:20 BST 2009 patches/packages/ghostscript-8.64-arm-2_slack12.2.tgz: Rebuilt. Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 (* Security fix *) +--------------------------+ Mon Jun 29 19:55:08 BST 2009 This is Slackware version 12.2 release for the ARM architecture; compiled for armv4, little endian, "old ABI". Please see http://www.armedslack.org for links to the installation documents for the ARM Versatile in QEMU and the Marvell SheevaPlug. A big thanks to everyone who has provided support in the build and testing process! Stuart Winter a/kernel-modules-kirkwood-2.6.30_kirkwood-arm-2.tgz: Rebuilt. a/kernel-modules-versatile-2.6.30_versatile-arm-2.tgz: Rebuilt. a/kernel_kirkwood-2.6.30-arm-2.tgz: Rebuilt. a/kernel_versatile-2.6.30-arm-2.tgz: Rebuilt. k/kernel-source-2.6.30-noarch-2.tgz: Rebuilt. n/samba-3.2.13-arm-1.tgz: Upgraded. This upgrade fixes the following security issues: o CVE-2009-1888: In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a data value can potentially affect access control when "dos filemode" is set to "yes". o CVE-2009-1886: In Samba 3.2.0 to 3.2.12 (inclusive), the smbclient commands dealing with file names treat user input as a format string to asprintf. With a maliciously crafted file name smbclient can be made to execute code triggered by the server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1886 (* Security fix *) x/x11-skel-7.1-arm-5.tgz: Allow selection of the Window Manager during the Slackware installer on the 'SheevaPlug'. Even though these devices are headless, the VNC server takes its default Window manager configuration from the main system settings. xap/mozilla-thunderbird-2.0.0.22-arm-1.tgz: Upgraded to thunderbird-2.0.0.22. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) extra/tightvnc-1.3.10-arm-1.tgz: Added tightvnc. This is especially useful for running graphical applications on the headless ARM devices such as the Marvell SheevaPlug. isolinux/initrd-versatile.img: Upgraded to the latest Slackware installer. isolinux/uinitrd-kirkwood.img: Upgraded to the latest Slackware installer. kernels/kirkwood/*: Rebuilt kernel. kernels/versatile/*: Rebuilt kernel. +--------------------------+ Thu Jun 25 19:00:09 BST 2009 xap/seamonkey-1.1.17-arm-1.tgz: Upgraded to seamonkey-1.1.17. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Sat Jun 20 11:25:46 BST 2009 This is release candidate 6. Apart from any security updates, and further documentation tweaks, we're waiting for Linux 2.6.30.1 to be released, and then Slackware ARM will be released! a/aaa_elflibs-12.2.0-arm-4.tgz: Rebuilt to include the latest libraries. a/mkinitrd-1.3.4-arm-3.tgz: Updated /usr/doc/mkinitrd-1.3.4/README.initrd to include the process of updating the initrd for the SheevaPlug. d/ruby-1.8.7_p174-arm-1.tgz: Upgraded. This fixes a denial of service issue caused by the BigDecimal method handling large input values improperly that may allow attackers to crash the interpreter. The issue affects most Rails applications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904 (* Security fix *) l/apr-1.3.5-arm-1.tgz: Upgraded. l/apr-util-1.3.7-arm-1.tgz: Upgraded. Fix underflow in apr_strmatch_precompile. Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955 (* Security fix *) l/libpng-1.2.37-arm-1.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 (* Security fix *) xap/mozilla-firefox-3.0.11-arm-1.tgz: Upgraded to firefox-3.0.11. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) INSTALL_SHEEVAPLUG.TXT: Renamed to make it easier to identify. INSTALL_QEMU.TXT: Renamed to make it easier to identify. Added details about setting the root password (because of the lack of RTC on the QEMU/Versatile platform). Thanks to Wybrand Lohman for the suggestion. Changed references to 'armedslack-current' to 'armedslack-12.2' in both documents, ready for release. +--------------------------+ Thu Jun 11 20:54:15 BST 2009 This is release candidate 5. a/kernel-modules-kirkwood-2.6.30_kirkwood-arm-1.tgz: Upgraded to Linux 2.6.30. a/kernel-modules-versatile-2.6.30_versatile-arm-1.tgz: Upgraded to Kernel modules from Linux 2.6.30. a/kernel_kirkwood-2.6.30-arm-1.tgz: Upgraded to Linux 2.6.30. a/kernel_versatile-2.6.30-arm-1.tgz: Upgraded to Linux 2.6.30. k/kernel-source-2.6.30-noarch-1.tgz: Upgraded to Linux 2.6.30 source. isolinux/initrd-versatile.img: Rebuilt installer to include Kernel modules for Linux 2.6.30. isolinux/uinitrd-kirkwood.img: Rebuilt installer to include Kernel modules for Linux 2.6.30. kernels/kirkwood/*: Upgraded to Linux 2.6.30 Kernel & initrd. kernels/versatile/*: Upgraded to Linux 2.6.30 Kernel & initrd. +--------------------------+ Thu Jun 4 08:26:50 BST 2009 n/ntp-4.2.4p7-arm-1.tgz: Upgraded to ntp-4.2.4p7. Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 allows remote attackers to execute arbitrary code. This does not affect the Slackware ntpd as it does not link with openssl. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 (* Security fix *) +--------------------------+ Wed Jun 3 18:53:51 BST 2009 a/kernel-modules-kirkwood-2.6.30rc8_kirkwood-arm-1.tgz: Upgraded to Linux 2.6.30rc8. Removed many drivers for hardware which simply cannot be put into a SheevaPlug (and I'd assume many of the development/reference boards that are supported by the 'Kirkwood' series). a/kernel-modules-versatile-2.6.30rc8_versatile-arm-1.tgz: Upgraded to Linux 2.6.30rc8 kernel modules. a/kernel_kirkwood-2.6.30rc8-arm-1.tgz: Upgraded to Linux 2.6.30-rc8. a/kernel_versatile-2.6.30rc8-arm-1.tgz: Upgraded to Linux 2.6.30-rc8. a/mtd-utils-20090531-arm-1.tgz: Added mtd-utils to interact with the NAND flash on the Kirkwood SoC family, and others. Thanks to Philip Langdale for the suggestion and build script. k/kernel-source-2.6.30rc8-noarch-1.tgz: Upgraded to Linux 2.6.30-rc8 Kernel source. isolinux/*: Upgraded installers. kernels/*: Upgraded Versatile & Kirkwood kernels. +--------------------------+ Thu May 28 18:30:36 BST 2009 a/kernel-modules-kirkwood-2.6.30rc6_kirkwood-arm-2.tgz: Rebuilt. a/kernel-modules-versatile-2.6.30rc6_versatile-arm-2.tgz: Added the 'mmc' modules for SD card support. a/kernel_kirkwood-2.6.30rc6-arm-2.tgz: Rebuilt. a/kernel_versatile-2.6.30rc6-arm-2.tgz: Rebuilt. a/less-418-arm-2.tgz: Added 'xz' decompression support. k/kernel-source-2.6.30rc6-noarch-2.tgz: Rebuilt. xap/pidgin-2.5.6-arm-2.tgz: Upgraded to pidgin-2.5.6. This version fixes security issues that could lead to a denial of service or the execution of arbitrary code as the user running Pidgin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 (* Security fix *) isolinux/initrd-versatile.img: Rebuilt. isolinux/uinitrd-kirkwood.img: Added 'mmc' modules for SD card support. Thanks to Philip Langdale for the suggestion. kernels/kirkwood/*: Rebuilt Kernels. kernels/versatile/*: Rebuilt Kernels. +--------------------------+ Sun May 17 10:18:19 BST 2009 This is the first update of Slackware ARM to include support for the Marvell Kirkwood family, which includes the SheevaPlug device. Please consider the Kernel (and Kernel modules and initrds) to be of alpha quality. Also note that this is a release candidate of Linxu 2.6.30 - this is because 2.6.30 will be the first version of the kernel to include all of the support necessary for the 'SheevaPlug'. The rest of Slackware ARM remains stable, and is currently at release candidate 4. Please test the Kirkwood support! QEMU_INSTALL.TXT: Updated QEMU installation document to have the new name of the Slackware Installer image. The previous Slackware ARM installer followed the Slackware convention, being called /isolinux/initrd.img. Because each ARM architecture requires its own set of Kernel modules, we now ship an installer per architecture to avoid having a single installer image that won't fit into RAM. SHEEVAPLUG_INSTALL.TXT: New document detailing installation of Slackware ARM onto the Marvell SheevaPlug device. a/etc-12.2-noarch-3.tgz: If the package is being installed on the Marvell SheevaPlug platform, allow root logins on /dev/ttyS0. a/gpm-1.20.3-arm-3.tgz: Patched the mouse setup script to silently exit if it finds itself running on a Marvell SheevaPlug device, since these are headless units. a/kbd-1.15-arm-3.tgz: Added missing /bin/loadkeys. a/kernel-modules-kirkwood-2.6.30rc6_kirkwood-arm-1.tgz: Added Linux 2.6.30rc6 Kernel modules for the Marvell Kirkwood series, which includes the 'SheevaPlug' device. a/kernel-modules-versatile-2.6.30rc6_versatile-arm-1.tgz: Upgraded to Linux 2.6.30rc6 Kernel modules for the ARM Versatile platform. a/kernel_kirkwood-2.6.30rc6-arm-1.tgz: Added Linux 2.6.30rc6 for the Marvell Kirkwood series - which includes the 'SheevaPlug' device. a/kernel_versatile-2.6.30rc6-arm-1.tgz: Upgraded to Linux 2.6.30rc6 for the ARM Versatile platform. a/mkinitrd-1.3.4-arm-1.tgz: Upgraded to mkinitrd-1.3.4, and include the new keymaps from kbd-1.15. a/sysvinit-scripts-1.2-noarch-15.tgz: Patched the post install script to open a serial login on ttyS0, if running on a Marvell SheevaPlug: s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100 ap/slackpkg-2.71.2-noarch-1.tgz: Upgraded to slackpkg-2.71.2. k/kernel-source-2.6.30rc6-noarch-1.tgz: Upgraded to Linux 2.6.30rc6 source. n/cyrus-sasl-2.1.23-arm-1.tgz: Upgraded to cyrus-sasl-2.1.23. This fixes a buffer overflow in the sasl_encode64() function that could lead to crashes or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 (* Security fix *) n/bind-9.4.3_P1-arm-2.tgz: Patched install script to use /dev/urandom so that rndc-confgen doesn't hang during the installer. When the Slackware installer is running, most ARM devices have very little going on that will generate enough interrupts for the random entropy pool, so the install script would sit for hours, possibly indefinitely. xap/xpdf-3.02pl3-arm-1.tgz: Rebuilt to include the architecture in the package file name. x/x11-skel-7.1-arm-4.tgz: Patched the Window Manager selection script to exit if it finds itself running on a Marvell SheevaPlug device, since these are headless units. extra/slacktrack-2.03-arm-1.tgz: Upgraded to slacktrack-2.03. isolinux/initrd-versatile.img: Rebuilt Slackware installer for the ARM Versatile platform. This used to be called 'initrd.img', but now that we're officially supporting more than one architecture, each of which needs its own Kernel modules, we need to have separate installers. isolinux/uinitrd-kirkwood.img: Added a Slackware installer for the Kirkwood series, which includes the Marvell Sheevaplug. kernels/kirkwood/uImage-kirkwood: Added a 'uImage' of Linux 2.6.30rc6 for the Marvell Kirkwood series (which includes the SheevaPlug). kernels/kirkwood/uinitrd-kirkwood: Added a generic initial RAM disk for Linux 2.6.30rc6 on the Marvell Kirkwood series. All of the kirkwood files are formatted for the Das U-Boot Linux loader (which is what the Sheevaplug uses for its boot loader). kernels/versatile/*: Upgraded to Linux 2.6.30rc6 for the ARM Versatile platform. +--------------------------+ Sun May 10 10:14:22 BST 2009 a/kbd-1.15-arm-2.tgz: Modified /var/log/setup/setup.setconsolefont which is the setup script run from the Slackware installer. It will exit quietly if it finds itself running on a 'SheevaPlug' device. This is because the SheevaPlug only has a serial console where you can't display console fonts, and the installer will be conducted via SSH where the user won't be able to see the result of the console font either. a/tar-1.22-arm-1.tgz: Upgraded to tar-1.22. a/xz-4.999.8beta-arm-1.tgz: Added xz compression tools. n/gnutls-2.6.2-arm-2.tgz: Patched the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 (* Security fix *) xap/xpdf-3.02pl3-1.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 (* Security fix *) +--------------------------+ Tue May 5 07:58:13 BST 2009 This is Slackware ARM v12.2, release candidate 4. a/kbd-1.15-arm-1.tgz: Upgraded to kbd-1.15. Many of the fonts in kbd-1.13 were causing 'setfont' to return a 'ignoring trailing garbage' message, and setfont in the installer was segfaulting. Patched 'setconsolefont' to chroot into the target filesystem when running the 'setfont' tool. a/u-boot-tools-2009.03-arm-1.tgz: Added the tools from the Das U-Boot package. These are to create the image files required for a system using the U-Boot Linux loader. isolinux/initrd.img: Rebuilt. Exclude busybox 'setfont' utility. +--------------------------+ Sun May 3 11:33:15 BST 2009 This is Slackware ARM v12.2, release candidate 3. a/kbd-1.12-arm-4.tgz: Removed old Acorn RiscPC keymaps required for Linux 2.4, since we no longer support the RiscPC or Linux 2.4. a/pcmciautils-015-arm-2.tgz: Added symlinks in /lib/udev that the udev rules files expect to find. ap/slackpkg-2.71.1-noarch-2.tgz: Upgraded to slackpkg-2.71.1. Added the list of FTP mirrors for ARMedslack 'current' and the upcoming version 12.2. Patched to use ARMedslack's GPG key rather than Slackware's. To use slackpkg, you simply need to uncomment one of the appropriate ARMedslack mirrors from the bottom of /etc/slackpkg/mirrors, and run # slackpkg update l/hal-0.5.11-arm-6.tgz: Removed a /etc/rc.d/rc.hald.new~ backup file. n/netatalk-2.0.3-arm-2.tgz: Rebuilt to include the missing install script code to handle '.new' configuration files. Also rebuilt without XFS filesystem quota support because netatalk doesn't build against the most recent Kernels. n/yptools-2.9-arm-3.tgz: Rebuilt to include the missing install script code to handle '.new' configuration files. xap/seyon-2.20c-arm-2.tgz: Rebuilt to include the missing install script code to handle '.new' configuration files. +--------------------------+ Sat May 2 10:26:38 BST 2009 d/ruby-1.8.7_p160-arm-1.tgz: Upgraded to ruby-1.8.7-p160. This update fixes a DoS in REXML. For details, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ (* Security fix *) +--------------------------+ Wed Apr 29 20:50:26 BST 2009 This is Slackware ARM v12.2, release candidate 2. a/aaa_elflibs-12.2.0-arm-3.tgz: Rebuilt with the latest component libraries. a/cpio-2.9.90-arm-1.tgz: Upgraded to cpio-2.9.90 pre-release. cpio-2.9 could create files which could be extracted with another version of cpio, or cpio-2.9 on an x86, but running natively would bail out with "premature end of file". a/cups-1.3.10-arm-1.tgz: Upgraded to cups-1.3.10. This fixes several security issues, including an integer overflow in the TIFF decoder, a failure to properly verify the Host HTTP header, and several problems with PDF handling (the new CUPS uses a wrapper rather than embedded code taken from xpdf). These issues could result in a denial of service or the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 (* Security fix *) a/kernel-modules-versatile-2.6.29.2_versatile-arm-1.tgz: Upgraded to Linux 2.6.29.2 Kernel modules for the ARM Versatile platform. a/kernel_versatile-2.6.29.2-arm-1.tgz: Upgraded to Linux 2.6.29.2 for the ARM Versatile platform. a/mkinitrd-1.3.3-arm-3.tgz: Adapted document /usr/doc/mkinitrd/README.initrd for ARM platforms. k/kernel-source-2.6.29.2-noarch-1.tgz: Upgraded to Linux 2.6.29.2 source. kernels/versatile/*: Upgraded to Linux 2.6.29.2 Kernel & rebuilt initrd. xap/mozilla-firefox-3.0.10-arm-1.tgz: Upgraded to firefox-3.0.10. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) isolinux/initrd.img: Rebuilt installer to include Linux 2.6.29.2 Kernel modules. +--------------------------+ Fri Apr 24 18:59:29 BST 2009 a/dialog-1.1_20080819-arm-2.tgz: Patched to make the minimum height of checkboxes and menuboxes 4. This fixes a bug where installer menus were taller than they needed to be, and in some cases filled the screen overwriting the information at the top. a/udev-141-arm-1.tgz: Upgraded to udev-141. This upgrade fixes a local root hole and a denial of service issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 (* Security fix *) xap/mozilla-firefox-3.0.9-arm-1.tgz: Upgraded to firefox-3.0.9. This fixes some security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html (* Security fix *) isolinux/initrd.img: For the ARM Versatile platform, use tune2fs -i0 to switch off fsck checks for ext* filesystems. Thanks to Niels Horn for the report. +--------------------------+ Sun Apr 19 09:53:31 BST 2009 This is release candidate 1 for ARMedslack 12.2. xap/gxine-0.5.903-arm-1.tgz: Upgraded to gxine-0.5.903. xap/seamonkey-1.1.16-arm-2.tgz: Added symlink for seamonky-nspr -> nspr, so that gxine will build. extra/brltty-3.10-arm-1.tgz: Upgraded to brltty-3.10. extra/inn-2.4.5-arm-1.tgz: Upgraded to inn-2.4.5. extra/ktorrent-2.2.8-arm-1.tgz: Upgraded to ktorrent-2.2.8. extra/wicd-1.5.9-arm-1.tgz: Added wicd-1.5.9. +--------------------------+ Wed Apr 15 22:23:36 BST 2009 a/mkinitrd-1.3.3-arm-2.tgz: Patched the initrd's /init script to allow the user to specify the root filesystem type as "%auto%" which will let the Kernel figure out which filesystem you're using. +--------------------------+ Sun Apr 12 16:53:15 BST 2009 xap/seamonkey-1.1.16-arm-1.tgz: Upgraded to seamonkey-1.1.16. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Fri Apr 10 22:03:17 BST 2009 a/cpio-2.9-arm-1.tgz: Upgraded to cpio-2.9. a/e2fsprogs-1.41.4-arm-1.tgz: Upgraded to e2fsprogs-1.41.4. a/jfsutils-1.1.13-arm-1.tgz: Upgraded to jfsutils-1.1.13. a/kernel-modules-versatile-2.6.29.1_versatile-arm-1.tgz: Upgraded to Linux 2.6.29.1 Kernel modules for the ARM Versatile platform. a/kernel_versatile-2.6.29.1-arm-1.tgz: Upgraded to Linux 2.6.29.1 for the ARM Versatile platform. a/ntfs-3g-2009.2.1-arm-1.tgz: Upgraded to ntfs-3g-2009 version 2.1. a/openssl-solibs-0.9.8i-arm-3.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *) a/reiserfsprogs-3.6.21-arm-1.tgz: Upgraded to reiserfsprogs-3.6.21. ap/alsa-utils-1.0.18-arm-1.tgz: Upgraded to alsa-utils-1.0.18. ap/texinfo-4.13a-arm-3.tgz: Fixed 'missing' /usr/info/dir.new file - which was gzipped, so never got put into place as /usr/info/dir. k/kernel-source-2.6.29.1-noarch-1.tgz: Upgraded to Linux 2.6.29.1 Kernel source. l/alsa-lib-1.0.18-arm-1.tgz: Upgraded to alsa-lib-1.0.18. l/alsa-oss-1.0.17-arm-1.tgz: Upgraded to alsa-oss-1.0.17. l/cairo-1.8.6-arm-1.tgz: Upgraded to cairo-1.8.6. n/openssl-0.9.8i-arm-3.tgz: Patched to fix possible crashes as well as a (fairly unlikely) case where an invalid signature might verify as valid. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 (* Security fix *) n/php-5.2.9-arm-1.tgz: Upgraded to php-5.2.9. This update fixes a few security issues: - Fixed a crash on extract in zip when files or directories entry names contain a relative path. - Fixed security issue in imagerotate(), background colour isn't validated correctly with a non truecolour image. (CVE-2008-5498) Reported by Hamid Ebadi, APA Laboratory. - Fixed a segfault when malformed string is passed to json_decode(). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 (* Security fix *) x/scim-1.4.7-arm-4.tgz: Moved symlink creation code in the package install script to the head of the script, so that /usr/bin/gtk-query-immodules-2.0 could run. xap/audacious-1.5.1-arm-2.tgz: Recompiled. xap/audacious-plugins-1.5.1-arm-2.tgz: Patched to fix amidi-plug plugin. xap/mozilla-firefox-3.0.8-arm-1.tgz: Upgraded to Mozilla Firefox v3.0.8. xap/mozilla-thunderbird-2.0.0.21-arm-1.tgz: Upgraded to thunderbird-2.0.0.21. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) xap/xine-lib-1.1.16.3-arm-1.tgz: Upgraded to xine-lib-1.1.16.3. - Fix another possible int overflow in the 4XM demuxer. (ref. TKADV2009-004, CVE-2009-0385) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 (* Security fix *) isolinux/initrd.img: Rebuilt Slackware installer using the latest binaries. kernels/versatile/*: Upgraded to Linux 2.6.29.1 Kernel and rebuilt the new initrd. /QEMU_INSTALL.TXT: Added a new document detailing how to install Slackware ARM inside QEMU emulator. +--------------------------+ Fri Apr 3 18:51:09 BST 2009 slackware/: Updated the 'maketag' scripts to have the same sized text box sizes as Slackware for the menu dialogs. Fixed the problem where the 'expert' menus didn't select the packages; added an informational dialog box saying "Processing package selections" to look at whilst we're writing the tag files based on the selections. This isn't in Slackware but it can take a few seconds to process the data on a slow ARM CPU, and I like the dialog box :-) n/iwlwifi-4965-ucode-228.57.2.21-fw-1.tgz: Rebuilt to add the missing build number in the package file name. +--------------------------+ Thu Apr 2 23:28:35 BST 2009 a/aaa_base-12.2.0-noarch-2.tgz: Updated root's initial email. a/aaa_elflibs-12.2.0-arm-2.tgz: Added libcap, needed for coreutils. Added libidn, liblber, and libldap, needed by libcurl. a/etc-12.2-noarch-2.tgz: Added "netdev" group, required for new HAL config. a/kernel_versatile-2.6.28.9-arm-1.tgz: Upgraded to Linux 2.6.28.9 for the ARM Versatile platform. In preparation for other ARM platforms, I've switched to a more 'generic' Slackware style Kernel, where most drivers are compiled as modules. You now need an initial RAM disk ('initrd') to boot the OS with this Kernel; the initrd can be found in: /kernels/versatile/initrd-versatile.gz It contains all of the standard file systems, SCSI and network drivers that are required to boot the ARM Versatile platform. If you need additional modules at boot time, you can easily create a new initrd using the 'mkinitrd' command. There's also a handy helper script which can be found at: /usr/share/mkinitrd/mkinitrd_command_generator.sh The source/k/kernel.SlackBuild script contains the full command used to create the initrd shipped in ARMedslack. I tried Linux 2.6.29, and got the system booting as normal but after sustained network traffic (unpacking a Kernel!), the network interface stopped working - it looked good, the device was up - but the network was dead and I couldn't revive it. The rest of the OS seemed intact. I couldn't work out what the problem was. I tried both a modular and the previous monolithic kernel configuration - neither worked. Also, removed the 'parport_pc' module because it was segfaulting when loaded, due to us not including ISA support. a/kernel-modules-versatile-2.6.28.9_versatile-arm-1.tgz: Added new package exclusively for ARM Versatile Linux Kernel modules. a/kernel-modules--arm-: Removed. This used to be an all-in-one Kernel modules package for each supported architecture, but since embedded devices are tight on space, it's best to be able to install just the modules for your specific architecture. a/mkinitrd-1.3.3-arm-2.tgz: Using new '/init' script from alienBOB & PiterPUNK; patched it to allow overriding of the root filesystem type and LUKS device. This is needed because we need to ship a generic initrd for the modular kernel, and we can't make one during the installer since (usually) the installer doesn't have access to the location where the kernel and the initrd would live (usually on flash or a native OS, in the case of Acorn/RISC OS machines). Also, added alienBOB & PiterPUNK's script: /usr/share/mkinitrd/mkinitrd_command_generator.sh which helps give you the command line to re-build your initrd, based on your running system -- it works for me! a/module-init-tools-3.6-arm-1.tgz: Patched modprobe to not complain if /sys is not mounted. a/pciutils-2.2.10-arm-2.tgz: Added missing /usr/share/pci.ids. k/kernel-source-2.6.28.9-noarch-1.tgz: l/glib2-2.16.6-arm-2.tgz: Patched to fix overflows that are possible security holes. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 (* Security fix *) l/hal-0.5.11-arm-4.tgz: Recompiled. Included new configuration from Slackware-current (post v12.2). Removed the patch to prevent HAL from loading on the ARM Versatile platform - previously QEMU had crashed because of a problem with the LSI SCSI driver. Tested with QEMU v0.10.1 and Linux 2.6.28.9 - it seems stable now. l/hal-info-20090330-noarch-1.tgz: Upgraded to hal-info-20090330. l/lcms-1.18-arm-1.tgz: Upgraded to lcms-1.18. This update fixes security issues discovered in LittleCMS by Chris Evans. These flaws could cause program crashes (denial of service) or the execution of arbitrary code as the user of the lcms-linked program. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733 (* Security fix *) n/dhcpcd-3.2.3-arm-1.tgz: Upgraded to dhcpcd-3.2.3. n/wireless-tools-29-arm-4.tgz: Quell errors from a checking for /proc/wireless. This was driving me mad! ;-) slackware/{tinstall.sh,tupgrade.sh}: Removed. These were ancient install & upgrade scripts prior to porting the installer for ARMedslack. They can now be found at: ftp.armedslack.org/armedslack/loft/old-scripts There currently are still some references to them in the documentation, and I'll weed that out prior to the release of 12.2. bootware/*: Removed this directory since it only contains an ancient '!LinLoader' for RISC OS on the Iyonix - which is no longer supported. For historical reference, the Iyonix LinLoader can be found in ftp.armedslack.org/armedslack/loft/bootware/iyonix/slackboot-iyonix.zip kernels/versatile: Moved ARM Versatile platform Kernel into its own directory. Added Kernel 'config' file, a gzipped System.map and an initrd. kernels/versatile/initrd-versatile.gz: Added the generic initial ram disk ('initrd') for the ARM Versatile platform. This is required for the new modular Kernel. To boot it, you will need to specify a few kernel command line options - the location of the root filesystem, and the filesystem used: root=/dev/xxx rootfs= example: root=/dev/sda2 rootfs=ext3 It's also possible to rebuild the initrd using the 'mkinitrd' tool, but for first boot at least, you'll need to manually specify these to your boot loader since the default configuration in the initrd most likely won't match your installation. isolinux/initrd.img: Upgraded to the latest initrd from the Slackware Team's stash. (This installer will eventually be merged into slackware-current). The installer now includes udev, so you no longer need to run the 'network' script as you would in Slackware (I expect this script will be phased out when the udev-enabled installer makes it into Slackware). The Kernel modules are also now included, since we now have a modular Kernel. All filesystems supported by Slackware are now available. Updated script that switches off the fsck checks to update the fsck field of /etc/fstab. Previously it used tune2fs -i0 to turn off fsck checks, but this only works for ext* filesystems. Thanks to Jim Hawkins for the bit of script to do this. I still need to update some of the on-screen messages in the installer. Thanks to Eric Hameleers (alienBOB) for a lot of work on this! +--------------------------+ Wed Mar 18 17:58:10 GMT 2009 In preparing to release this tree as ARMedslack-12.2 (a port of Slackware-12.2), I've done a fair bit of tidying up of the tree - including removal of some ancient packages that had long since been removed from Slackware, and some additional checks. There is still more to go before the release, but we're getting close! a/aaa_base-12.2.0-noarch-1.tgz: Fixed an extra "../" at the beginning of the /var/X11R6 symlink. Bumped /etc/slackware-version version number in preparation for a stable release, and updated the initial emails. a/aaa_elflibs-12.2.0-arm-1.tgz: Updated the initial "starter" library package to the latest versions in -current. a/kernel-modules-2.6.28.7-arm-1.tgz: Upgraded to Linux 2.6.28.7 Kernel modules. a/kernel_versatile-2.6.28.7-arm-1.tgz: Upgraded to Linux 2.6.28.7 Kernel for the ARM Versatile platform. a/lvm2-2.02.40-arm-1.tgz: Rebuilt. ap/cdrtools-2.01.01a57-arm-1.tgz: Fixed build script to put the charset conversion tables in /usr/lib/siconv. Also the previous builds had got temporary build paths embedded into two of the binaries - fixed build script to include the proper filesystem paths. ap/ghostscript-fonts-std-8.11-noarch-1.tgz: Added ghostscript-fonts-std. ap/radeontool-1.5-arm-1.tgz: Added radeontool-1.5. d/git-1.6.1.3-arm-1.tgz: Upgraded to git-1.6.1.3. This fixes a vulnerability where running git-diff or git-grep on a hostile git repository would result in the execution of arbirary code as the git user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546 (* Security fix *) d/kernel-headers-2.6.28.7-arm-1.tgz: Upgraded to Linux 2.6.28.7 Kernel headers. k/kernel-source-2.6.28.7-noarch-1.tgz: Upgraded to Linux 2.6.28.7 Kernel source. kde/amarok-1.4.10-arm-1.tgz: Upgraded to amarok-1.4.10. kde/k3b-1.0.5-arm-1.tgz: Upgraded to k3b-1.0.5. kde/kdeaccessibility-3.5.10-arm-1.tgz: Upgraded to kdeaccessibility-3.5.10. kde/kdeaddons-3.5.10-arm-1.tgz: Upgraded to kdeaddons-3.5.10. kde/kdeadmin-3.5.10-arm-1.tgz: Upgraded to kdeadmin-3.5.10. kde/kdeartwork-3.5.10-arm-1.tgz: Upgraded to kdeartwork-3.5.10. kde/kdebase-3.5.10-arm-1.tgz: Upgraded to kdebase-3.5.10. kde/kdebindings-3.5.10-arm-1.tgz: Upgraded to kdebindings-3.5.10. kde/kdeedu-3.5.10-arm-1.tgz: Upgraded to kdeedu-3.5.10. kde/kdegames-3.5.10-arm-1.tgz: Upgraded to kdegames-3.5.10. kde/kdegraphics-3.5.10-arm-1.tgz: Upgraded to kdegraphics-3.5.10. This adds libgphoto2 support. kde/kdelibs-3.5.10-arm-1.tgz: Upgraded to kdelibs-3.5.10. kde/kdemultimedia-3.5.10-arm-1.tgz: Upgraded to kdemultimedia-3.5.10. This adds libgstreamer support to JuK. kde/kdenetwork-3.5.10-arm-1.tgz: Upgraded to kdenetwork-3.5.10. kde/kdepim-3.5.10-arm-1.tgz: Upgraded to kdepim-3.5.10. kde/kdesdk-3.5.10-arm-1.tgz: Upgraded to kdesdk-3.5.10. kde/kdetoys-3.5.10-arm-1.tgz: Upgraded to kdetoys 3.5.10. kde/kdeutils-3.5.10-arm-1.tgz: Upgraded to kdeutils-3.5.3. kde/kdevelop-3.5.3-arm-1.tgz: Upgraded to kdevelop-3.5.3. kde/kdewebdev-3.5.10-arm-1.tgz: Upgraded to kdewebdev-3.5.3. kde/knemo-0.4.8-arm-3.tgz: Rebuilt. kde/koffice-1.6.3-arm-4.tgz: Rebuilt. kdei/k3b-i18n-1.0.5-noarch-1.tgz: Upgraded to k3b-i18n-1.0.5. kdei/kde-i18n-*3.5.10-noarch-1.tgz: Upgraded to KDE 3.5.10 Internationalisations. kdei/koffice-l10n-*-1.6.3-noarch-2.tgz: Rebuilt all Koffice 1.6.3 Internationalisations. l/aspell-en-6.0_0-noarch-2.tgz: Copied from /extra. For some reason the build script in the l/ series hadn't done this originally. l/babl-0.0.22-arm-1.tgz: Added babl-0.0.22. l/gegl-0.0.20-arm-1.tgz: Added gegl-0.0.20. l/libpng-1.2.35-arm-1.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt (* Security fix *) l/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added tango-icon-theme-extras package. The source build script had been in ARMedslack's source tree for a while, and I think I'd accidentally wiped the older build of this package. n/curl-7.19.4-arm-1.tgz: Upgraded to curl-7.19.4. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 (* Security fix *) x/scim-1.4.7-arm-3.tgz: Recompiled. x/scim-bridge-0.4.14-arm-2.tgz: Recompiled. x/wqy-zenhei-font-ttf-0.6.26_0-noarch-1.tgz: Added font wqy-zenhei-font-ttf-0.6.26_0. x/xterm-241-arm-1.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 (* Security fix *) +--------------------------+ Sat Feb 21 21:29:03 GMT 2009 x/xf86-video-openchrome-0.2.903-arm-1.tgz: Added xf86-video-openchrome-0.2.903. x/xf86-video-radeonhd-1.2.3-arm-1.tgz: Upgraded to xf86-video-radeonhd-1.2.3. x/xf86-video-s3virge-1.10.1-arm-1.tgz: Upgraded to xf86-video-s3virge-1.10.1. x/xf86-video-savage-2.2.1-arm-1.tgz: Upgraded to xf86-video-savage-2.2.1. x/xf86-video-vmware-10.16.5-arm-1.tgz: Upgraded to xf86-video-vmware-10.16.5 x/xkeyboard-config-1.4-noarch-1.tgz: Upgraded to xkeyboard-config-1.4. +--------------------------+ Fri Feb 20 18:04:56 GMT 2009 x/dejavu-fonts-ttf-2.27-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.27. x/compiz-0.7.8-arm-1.tgz: Upgraded to compiz-0.7.8. x/xf86-input-acecad-1.2.2-arm-1.tgz: Added xf86-input-acecad-1.2.2. x/xf86-input-calcomp-1.1.2-arm-1.tgz: Upgraded to xf86-input-calcomp-1.1.2. x/xf86-input-digitaledge-1.1.1-arm-1.tgz: xf86-input-digitaledge-1.1.1. x/xf86-input-dmc-1.1.2-arm-1.tgz: Added xf86-input-dmc-1.1.2. x/xf86-input-dynapro-1.1.2-arm-1.tgz: Upgraded to xf86-input-dynapro-1.1.2. x/xf86-input-elo2300-1.1.2-arm-1.tgz: Upgraded to xf86-input-elo2300-1.1.2. x/xf86-input-elographics-1.2.3-arm-1.tgz: Upgraded to xf86-input-elographics-1.2.3. x/xf86-input-evdev-2.0.8-arm-1.tgz: Upgraded to xf86-input-evdev-2.0.8. x/xf86-input-fpit-1.2.0-arm-1.tgz: Upgraded to xf86-input-fpit-1.2.0. x/xf86-input-hyperpen-1.2.0-arm-1.tgz: Upgraded to xf86-input-hyperpen-1.2.0. x/xf86-input-jamstudio-1.2.0-arm-1.tgz: Upgraded to xf86-input-jamstudio-1.2.0. x/xf86-input-joystick-1.3.3-arm-1.tgz: Upgraded to xf86-input-joystick-1.3.3. x/xf86-input-keyboard-1.3.1-arm-1.tgz: Upgraded to xf86-input-keyboard-1.3.1. x/xf86-input-magellan-1.2.0-arm-1.tgz: Upgraded to xf86-input-magellan-1.2.0. x/xf86-input-microtouch-1.2.0-arm-1.tgz: Upgraded to xf86-input-microtouch-1.2.0. x/xf86-input-mutouch-1.2.1-arm-1.tgz: Upgraded to xf86-input-mutouch-1.2.1. x/xf86-input-palmax-1.2.0-arm-1.tgz: Upgraded to xf86-input-palmax-1.2.0. x/xf86-input-penmount-1.3.0-arm-1.tgz: Upgraded to xf86-input-penmount-1.3.0. x/xf86-input-summa-1.2.0-arm-1.tgz: Upgraded to xf86-input-summa-1.2.0. x/xf86-input-synaptics-0.15.2-arm-1.tgz: Added xf86-input-synaptics-0.15.2. x/xf86-input-tek4957-1.2.0-arm-1.tgz: Upgraded to xf86-input-tek4957-1.2.0. x/xf86-input-void-1.1.1-arm-1.tgz: Added xf86-input-void-1.1.1. x/xf86-video-ati-6.9.0-arm-1.tgz: Upgraded to xf86-video-ati-6.9.0. x/xf86-video-cirrus-1.2.1-arm-1.tgz: Upgraded to xf86-video-cirrus-1.2.1. x/xf86-video-glint-1.2.1-arm-1.tgz: Upgraded to xf86-video-glint-1.2.1. x/xf86-video-i128-1.3.1-arm-1.tgz: Upgraded to xf86-video-i128-1.3.1. x/xf86-video-intel-2.4.3-arm-1.tgz: Upgraded to xf86-video-intel-2.4.3. x/xf86-video-mga-1.4.9-arm-1.tgz: Upgraded to xf86-video-mga-1.4.9. x/xf86-video-neomagic-1.2.1-arm-1.tgz: Upgraded to xf86-video-neomagic-1.2.1. x/xf86-video-nv-2.1.12-arm-1.tgz: Upgraded to xf86-video-nv-2.1.12. x/xf86-video-r128-6.8.0-arm-1.tgz: Added xf86-video-r128-6.8.0. +--------------------------+ Wed Feb 18 13:09:39 GMT 2009 a/genpower-1.0.5-arm-2.tgz: Patched genpowerfail to halt the machine during a power failure rather than causing it to reboot over and over. a/hdparm-9.3-arm-1.tgz: Upgraded to hdparm-9.3. a/mkinitrd-1.3.3-arm-1.tgz: Fixed a few bugs in the previous mkinitrd package: If a kernel version is requested with the -k option and modules are needed to build the initrd, exit with an error if no matching /lib/modules/ tree is present. Usually an incorrect kernel version was supplied. When adding kernel modules to the initrd, be more verbose showing success and failure copying each module. With some newer kernels, "/dev/root" might be returned by mount as the root device, but this will not work as an initrd root device. If mount returns /dev/root, look at the /dev/root symlink to determine the actual root device and use that so that the root device does not need to be supplied with -r. In the call to /sbin/modprobe used to determine module dependencies, use the option --ignore-install to avoid catching "install" lines under /etc/modprobe.d/ when modules that use these are added to the initrd. This prevents /sbin/modprobe from being copied over busybox, breaking the initrd. a/ntfs-3g-1.5130-arm-1.tgz: Upgraded to ntfs-3g-1.5130. a/openssl-solibs-0.9.8i-arm-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) a/pciutils-2.2.10-arm-1.tgz: Updated pci.ids. a/sysvinit-2.86-arm-4.tgz: rc.M will now start rc.wicd and rc.snmpd if those scripts are executable; also removed the reference to the old rc.hplip script. Modifed rc.K to shut down acpid using rc.acpid. Changed /proc/bus/usb mounting in rc.S to use the options from /etc/fstab if there is an entry for it there. Edited rc.S to clear temporary files better. rc.M, rc.6, and rc.K will now not output additional information when running accton, as the new binary already does that. a/udev-135-arm-1.tgz: Upgraded to udev-135. Include a new /etc/modprobe.d/uhci-hci to make sure that the ehci-hcd module is always loaded before uhci-hci. (Remove any obsolete /etc/modprobe.d/uhci-hci config file after upgrade) a/usbutils-0.73-arm-2.tgz: Updated usb.ids. ap/cdrtools-2.01.01a53-arm-1.tgz: Upgraded to cdrtools-2.01.01a53. ap/dmidecode-2.10-arm-1.tgz: Upgraded to dmidecode-2.10. ap/ghostscript-8.64-arm-1.tgz: Upgraded to ghostscript-8.64. Patched to remove a dependency on the experimental cairo output driver, which brings in dependencies on many X libraries. ap/gutenprint-5.2.2-arm-1.tgz: Upgraded to gutenprint-5.2.2. Edited setup.06.gutenprint, which still had the old path to the PPD files. Fixed PPD generation in install script. ap/lsscsi-0.21-arm-1.tgz: Upgraded to lsscsi-0.21. ap/man-pages-3.15-noarch-1.tgz: Upgraded to man-pages-3.15. ap/mc-4.6.1_20070623p14-arm-2.tgz: Patched to fix a bug where moving or copying a file could cause mc to crash. ap/pm-utils-1.2.3-arm-1.tgz: Upgraded to pm-utils-1.2.3. ap/slackpkg-2.70.5-noarch-1.tgz: Upgraded to slackpkg-2.70.5-noarch-1. ap/sqlite-3.6.6.2-arm-1.tgz: Upgraded to sqlite-3.6.6.2. d/ruby-1.8.7_p72-arm-1.tgz: Recompiled with a patch to fix short name constants. l/dbus-1.2.6-arm-1.tgz: Upgraded to dbus-1.2.6. l/dbus-glib-0.78-arm-1.tgz: Upgraded to dbus-glib-0.78. l/hal-0.5.11-arm-3.tgz: Modified hal.conf to use the plugdev group correctly. l/hal-info-20081127-noarch-1.tgz: Upgraded to hal-info-20081127. l/libgphoto2-2.4.3-arm-2.tgz: Added README.jl2005a. Although the driver for this proprietary chipset is not built by default, the README is useful to let people know why that is (and perhaps as a warning to steer clear of these cameras unless you happen to be an expert in reverse engineering compression formats). Restored README files for camera libraries that were not previously included. A pointer to the API documentation has also been added to the docs directory. l/libgsf-1.14.10-arm-1.tgz: Upgraded to libgsf-1.14.10. n/alpine-2.00-arm-1.tgz: Upgraded to alpine-2.00. n/bind-9.4.3_P1-arm-1.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 (* Security fix *) n/bluez-utils-3.36-arm-3.tgz: Changes in the dbus version used in Slackware 12.2 (and in -current) to increase security had some unintended side effects, and bluez was one of the things that broke. However, by using the dbus bluetooth.conf file from bluez-4, this version of bluez can be made to work again. The newer version of the .conf file has been merged into this package, and changed from a .conf.new to a plain .conf to ensure that it replaces the other version. n/bridge-utils-1.2-arm-2.tgz: Patched to fix a corner case where brctl does not work if the name of the bridge is "bridge". n/dnsmasq-2.46-arm-1.tgz: Upgraded to dnsmasq-2.46. n/ethtool-6-arm-1.tgz: Upgraded to ethtool-6. n/imapd-2.00-arm-1.tgz: Upgraded to imapd from alpine-2.00. n/lftp-3.7.8-arm-1.tgz: Upgraded to lftp-3.7.8. n/network-scripts-12.2-noarch-1.tgz: Removed the automatic DHCP timeout reduction in rc.inet1, since the kernel is not reliably returning correct information about that. If the default 30 second timeout is too long, it can be shortened in rc.inet1.conf. Patched rc.ip_forward to reapply any non-default ipv4 parameters after turning ipv4 forwarding on or off, as doing that clears them. Patched rc.inet1 to filter output from "modprobe -c" that begins with #, preventing spurious error messages. Allow rc.inet1.conf to override MAXNICS value in rc.inet1. Added rc.inet1.8 and rc.inet1.conf.5 manpages. Removed duplicated code in rc.inet1 default case. Don't try to reset ipv4 parameters in rc.ip_forward unless /etc/sysctl.conf exists. n/ntp-4.2.4p6-arm-1.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) Also edited rc.ntpd to add status support for pm-utils. n/openssl-0.9.8i-arm-2.tgz: Patched to fix the return value EVP_VerifyFinal, preventing malformed signatures from being considered good. This flaw could possibly allow a 'man in the middle' attack. For more information, see: http://www.openssl.org/news/secadv_20090107.txt http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) n/php-5.2.8-arm-1.tgz: Upgraded to php-5.2.8. This is a bugfix release that reverts a change that broke magic_quotes_gpc. n/samba-3.2.7-arm-1.tgz: Upgraded to samba-3.2.7. This fixes a security issue. From the WHATSNEW.txt file: "This is a security release in order to address CVE-2009-0022. o CVE-2009-0022 In Samba 3.2.0 to 3.2.6, in setups with registry shares enabled, access to the root filesystem ("/") is granted when connecting to a share called "" (empty string) using old versions of smbclient (before 3.0.28). The original security announcement for this and past advisories can be found http://www.samba.org/samba/security/" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 (* Security fix *) n/wireless-tools-29-arm-3.tgz: Patched rc.wireless to take the interface down and retry if setting the mode fails. tcl/expect-5.44.1.11-arm-2.tgz: Recompiled. tcl/tcl-8.5.5-arm-1.tgz: Upgraded to tcl-8.5.5. tcl/tk-8.5.5-arm-1.tgz: Upgraded to tk-8.5.5. x/xdg-utils-20090202cvs-noarch-1.tgz: This update fixes two security issues. First, use of xdg-open in /etc/mailcap was found to be unsafe -- xdg-open passes along downloaded files without indicating what mime type they initially presented themselves as, leaving programs further down the processing chain to discover the file type again. This makes it rather trivial to present a script (such as a .desktop file) as a document type (like a PDF) so that it looks safe to click on in a browser, but will result in the execution of an arbitrary script. It might be safe to send files to trusted applications in /etc/mailcap, but it does not seem to be safe to send files to xdg-open in /etc/mailcap. This package will comment out calls to xdg-open in /etc/mailcap if they are determined to have been added by a previous version of this package. If you've made any local customizations to /etc/mailcap, be sure to check that there are no uncommented calls to xdg-open after installing this update. Thanks to Manuel Reimer for discovering this issue. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 Another bug in xdg-open fails to sanitize input properly allowing the execution of arbitrary commands. This was fixed in the xdg-utils repository quite some time ago (prior to the inclusion of xdg-utils in Slackware), but was never fixed in the official release of xdg-utils. The sources for xdg-utils in Slackware have now been updated from the repo to fix the problem. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 (* Security fix *) xap/gftp-2.0.19-arm-1.tgz: Upgraded to gftp-2.0.19. xap/mozilla-firefox-2.0.0.20-arm-1.tgz: Upgraded to Mozilla Firefox 2.0.0.20. I also tried version 3.0.6 but it still exhibits the same problem as last time. I built an x86 version using the ARMedslack build script, and that worked so it's most likey not a combination of build options. xap/mozilla-thunderbird-2.0.0.19-arm-1.tgz: Upgraded to thunderbird-2.0.0.19. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) xap/pidgin-2.5.2-arm-2.tgz: Patched to accept certificates signed with rsa-md5. Other SSL libraries accept this, so GnuTLS should as well. xap/seamonkey-1.1.14-arm-1.tgz: Upgraded to seamonkey-1.1.14. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Mon Nov 24 09:12:37 GMT 2008 a/acpid-1.0.8-arm-1.tgz: Upgraded to acpid-1.0.8. /etc/acpi/acpi_handler.sh will be installed as a .new with future upgrades, but since whatever version already installed on the system owns /etc/acpi/acpi_handler.sh, it will still be overwritten one more time when this update is installed. If you've customized your script, be sure to back it up before upgrading. a/mkinitrd-1.3.2-arm-4.tgz: Fixed a bug where unless -F was the first option given, other command line options would not override the contents of /etc/mkinitrd.conf as documented in the man page. ap/hplip-2.8.10-arm-1.tgz: Upgraded to hplip-2.8.10. ap/pm-utils-1.2.2.1-arm-1.tgz: Added pm-utils-1.2.2.1. ap/slackpkg-2.70.4-noarch-1.tgz: Added slackpkg-2.70.4. ap/texinfo-4.13a-arm-2.tgz: Patched the install script to replace /usr/info/dir if the topmost node is missing. e/emacs-22.3-arm-2.tgz: Rebuilt using emacs PNG icon from the sources. l/libxml2-2.6.32-arm-2.tgz: Patched and recompiled. This fixes vulnerabilities including denial of service, or possibly the execution of arbitrary code as the user running a libxml2 linked application if untrusted XML content is parsed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 (* Security fix *) n/curl-7.19.2-arm-1.tgz: Upgraded to curl-7.19.2. n/ntp-4.2.4p5-arm-1.tgz: Upgraded to ntp-4.2.4p5. n/sendmail-8.14.3-arm-1.tgz: Upgraded to sendmail-8.14.3. n/sendmail-cf-8.14.3-noarch-1.tgz: Upgraded to sendmail-8.14.3 config files. extra/slacktrack/slacktrack-2.01-noarch-1.tgz: Upgraded to slacktrack-2.01. xap/mozilla-thunderbird-2.0.0.18-arm-1.tgz: Upgraded to thunderbird-2.0.0.18. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) +--------------------------+ Tue Nov 18 22:47:25 GMT 2008 n/net-snmp-5.4.2.1-arm-1.tgz: Upgraded to net-snmp-5.4.2.1. This fixes a problem where a user with read access could cause snmpd to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 (* Security fix *) xap/mozilla-firefox-2.0.0.18-arm-1.tgz: Upgraded to firefox-2.0.0.18. This fixes some security issues: For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html (* Security fix *) +--------------------------+ Thu Nov 13 16:32:41 GMT 2008 a/cups-1.3.9-arm-1.tgz: Upgraded to cups-1.3.9. This update fixes three vulnerabilities in the SGI image format filter, the texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three of these could result in a denial of service, and the plotter filter issue could possibly be used to execute code as the print spooler user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 (* Security fix *) a/device-mapper-1.02.28-arm-1.tgz: Upgraded to device-mapper-1.02.28. a/e2fsprogs-1.41.3-arm-1.tgz: Upgraded to e2fsprogs-1.41.2. a/glibc-solibs-2.7-arm-7.tgz: Recompiled. a/glibc-zoneinfo-2.7-noarch-7.tgz: Rebuilt. Upgraded to tzdata2008h to keep up with more DST and other timezone changes. a/gpm-1.20.3-arm-2.tgz: Recompiled. Removed mention of 'RiscPC' from the 'mouseconfig' tool. a/grep-2.5.3-arm-1.tgz: Upgraded to grep-2.5.3. a/kernel-modules-2.6.27.6-arm-1.tgz: Upgraded to Linux 2.6.27.6 kernel modules. a/kernel_versatile-2.6.27.6-arm-1.tgz: Upgraded to Linux 2.6.27.6 for Versatile. a/lvm2-2.02.40-arm-1.tgz: Upgraded to lvm2-2.02.40. a/module-init-tools-3.5-arm-1.tgz: Upgraded to module-init-tools-3.5. a/ntfs-3g-1.5012-arm-1.tgz: Upgraded to ntfs-3g-1.5012. a/openssl-solibs-0.9.8i-arm-1.tgz: Upgraded to openssl-0.9.8i. a/pcmciautils-015-arm-1.tgz: Upgraded to pcmciautils-015. a/reiserfsprogs-3.6.20-arm-1.tgz: Upgraded to reiserfsprogs-3.6.20. a/udev-130-arm-1.tgz: Upgraded to udev-130. a/xfsprogs-2.10.1_1-arm-1.tgz: Upgraded to xfsprogs-2.10.1-1. ap/acct-6.4pre1-arm-1.tgz: Upgraded to acct-6.4pre1 to support the new kernel accounting file format (and the older log formats). ap/cdparanoia-III_10.2-arm-1.tgz: Upgraded to cdparanoia-III-10.2. ap/cdrtools-2.01.01a50-arm-1.tgz: Upgraded to cdrtools-2.01.01a50. Removed the version of mkiosofs that produced RISC OS ('Archimedes') filesystems because it no longer compiles, and ARMedslack no longer supports the RiscPC. ap/flac-1.2.1-arm-1.tgz: Recompiled to bring back the XMMS plugin. ap/gphoto2-2.4.3-arm-1.tgz: Upgraded to gphoto2-2.4.3. ap/hplip-2.8.9-arm-1.tgz: Upgraded to hplip-2.8.9. ap/lm_sensors-3.0.3-arm-1.tgz: Upgraded to lm_sensors-2.10.7. ap/madplay-0.15.2b-arm-2.tgz: Recompiled. ap/mysql-5.0.67-arm-1.tgz: Upgraded to mysql-5.0.67. ap/rpm-4.4.2.3-arm-1.tgz: Upgraded to rpm-4.4.2.3. ap/sqlite-3.6.4-arm-1.tgz: Upgraded to sqlite-3.6.4. ap/texinfo-4.13a-arm-1.tgz: Upgraded to texinfo-4.13a. d/autoconf-2.63-noarch-1.tgz: Upgraded to autoconf-2.63. d/automake-1.10.1-noarch-1.tgz: Upgraded to automake-1.10.1. d/cmake-2.6.2-arm-1.tgz: Upgraded to cmake-2.6.2. d/doxygen-1.5.7-arm-1.tgz: Upgraded to doxygen-1.5.7. d/gcc-4.2.4-arm-2.tgz: Recompiled. d/gcc-g++-4.2.4-arm-2.tgz: Recompiled. d/gcc-gfortran-4.2.4-arm-2.tgz: Recompiled. d/gcc-gnat-4.2.4-arm-2.tgz: Recompiled. d/gcc-java-4.2.4-arm-2.tgz: Recompiled. d/gcc-objc-4.2.4-arm-2.tgz: Recompiled. d/git-1.6.0.3-arm-1.tgz: Upgraded to git-1.6.0.3. d/intltool-0.40.5-arm-1.tgz: Upgraded to intltool-0.40.5. d/kernel-headers-2.6.27.6-arm-1.tgz: Upgraded to Linux 2.6.27.6 Kernel headers. d/libtool-1.5.26-arm-1.tgz: Upgraded to libtool-1.5.26. d/m4-1.4.12-arm-1.tgz: Upgraded to m4-1.4.12. d/ruby-1.8.6_p230-arm-1.tgz: Upgraded to ruby-1.8.7-p72. d/subversion-1.5.4-arm-1.tgz: Upgraded to subversion-1.5.4. k/kernel-source-2.6.27.6-noarch-1.tgz: Upgraded to Linux 2.6.27.6 Kernel source. l/apr-1.3.3-arm-1.tgz: Upgraded to apr-1.3.3. l/apr-util-1.3.4-arm-1.tgz: Upgraded to apr-util-1.3.4. l/beecrypt-4.1.2-arm-1.tgz: Added beecrypt-4.1.2 (required for rpm). l/dbus-1.2.4-arm-1.tgz: Upgraded to dbus-1.2.4. l/dbus-glib-0.76-arm-1.tgz: Upgraded to dbus-glib-0.76. l/dbus-python-0.83.0-arm-1.tgz: Upgraded to dbus-python-0.83.0. l/desktop-file-utils-0.15-arm-1.tgz: Upgraded to desktop-file-utils-0.15. l/fuse-2.7.4-arm-2.tgz: Moved udev rules to /lib/udev/rules.d/. l/glibc-2.7-arm-7.tgz: Recompiled. Upgraded to the most recent tzdata2008h to keep up with more DST and other timezone changes. l/glibc-i18n-2.7-noarch-7.tgz: Rebuilt. l/glibc-profile-2.7-arm-7.tgz: Recompiled. l/gst-plugins-base-0.10.21-arm-1.tgz: Upgraded to gst-plugins-base-0.10.21. l/gstreamer-0.10.21-arm-1.tgz: Upgraded to gstreamer-0.10.21. l/hal-0.5.11-arm-2.tgz: Rebuilt. l/hal-info-20081022-noarch-1.tgz: Upgraded to hal-info-20081022. l/hicolor-icon-theme-0.10-noarch-2.tgz: Rebuilt. l/libcap-2.14-arm-1.tgz: Upgraded to libcap-2.14. l/libglade-2.6.3-arm-1.tgz: Upgraded to libglade-2.6.3. l/libgphoto2-2.4.3-arm-1.tgz: Upgraded to libgphoto2-2.4.3 l/libmtp-0.3.3-arm-1.tgz: Upgraded to libmtp-0.3.3. l/libnjb-2.2.6-arm-1.tgz: Moved udev rules to /lib/udev/rules.d/. l/librsvg-2.22.3-arm-1.tgz: Upgraded to librsvg-2.22.3. l/neon-0.28.3-arm-1.tgz: Upgraded to neon-0.28.3. l/parted-1.8.8-arm-1.tgz: Moved from extra/. Compiled with LVM2 support. l/pilot-link-0.12.3-arm-5.tgz: Moved udev rules to /lib/udev/rules.d/. l/shared-mime-info-0.51-arm-1.tgz: Upgraded to shared-mime-info-0.51. n/bluez-hcidump-1.42-arm-1.tgz: Upgraded to bluez-hcidump-1.42. n/bluez-libs-3.36-arm-2.tgz: udev rules moved to /lib/udev/rules.d/ n/bluez-utils-3.36-arm-2.tgz: udev rules moved to /lib/udev/rules.d/ n/gnutls-2.6.2-arm-1.tgz: Upgraded to gnutls-2.6.2. From the gnutls-2.6.2 NEWS file: Fix crash in X.509 validation code for self-signed certificates. The patch to fix the security problem GNUTLS-SA-2008-3 introduced a problem for certificate chains that contained just one self-signed certificate. Reported by Michael Meskes in . (* Security fix *) n/httpd-2.2.10-arm-1.tgz: Upgraded to httpd-2.2.10. n/iproute2-2.6.26-arm-1.tgz: Upgraded to iproute2-2.6.26. n/iptables-1.4.2-arm-1.tgz: Upgraded to iptables-1.4.2. n/iwlwifi-3945-ucode-15.28.2.8-fw-1.tgz: Upgraded to iwlwifi-3945-ucode-15.28.2.8 n/iwlwifi-4965-ucode-228.57.2.21-fw-.tgz: Upgraded to iwlwifi-4965-ucode-228.57.2.21. n/iwlwifi-5000-ucode-5.4.A.11-fw-1.tgz: Added iwlwifi-5000-ucode-5.4.A.11. n/lftp-3.7.4-arm-1.tgz: Upgraded to lftp-3.7.4. n/links-2.2-arm-1.tgz: Upgraded to links-2.2. n/mcabber-0.9.9-arm-1.tgz: Upgraded to mcabber-0.9.9. n/ncftp-3.2.2-arm-1.tgz: Upgraded to ncftp-3.2.2. n/nfs-utils-1.1.4-arm-1.tgz: Upgraded to nfs-utils-1.1.4. n/nmap-4.76-arm-1.tgz: Upgraded to nmap-4.76. n/obexftp-0.22-arm-2.tgz: Recompiled. n/openobex-1.3-arm-2.tgz: Recompiled. n/openssl-0.9.8i-arm-1.tgz: Upgraded to openssl-0.9.8i. n/proftpd-1.3.1-arm-3.tgz: Recompiled. This seems to be picky about having an exact version of OpenSSL. n/samba-3.2.4-arm-1.tgz: Upgraded to samba-3.2.4. n/slrn-0.9.9p1-arm-1.tgz: Upgraded to slrn-0.9.9p1. n/tcpdump-4.0.0-arm-1.tgz: Upgraded to libpcap-1.0.0 and tcpdump-4.0.0. n/telnet-0.17-arm-2.tgz: Recompiled. There's a problem with /usr/sbin/in.telnetd that appeared recently in ARMedslack: on some occasions, exiting from your login shell will cause in.telnetd to cause a DoS on the server (unresponsive) until either in.telnetd is killed or the telnet client is closed. I'm not sure what is causing this at the moment. n/vsftpd-2.0.7-arm-1.tgz: Upgraded to vsftpd-2.0.7 (this now requires libcap). n/wget-1.11.4-arm-1.tgz: Upgraded to wget-1.11.4. tcl/expect-5.44.1.11-arm-1.tgz: Upgraded to expect-5.44.1.11. x/beforelight-1.0.2-arm-2.tgz: Recompiled to remove some temporary build paths which'd crept into the package due to it having a broken DESTDIR implementation. x/scim-1.4.7-arm-2.tgz: Recompiled against new gtk+. x/xdg-utils-1.0.2-noarch-2.tgz: Fixed a post-install cosmetic bug. xap/audacious-1.5.1-arm-1.tgz: Upgraded to audacious-1.5.1. xap/audacious-plugins-1.5.1-arm-1.tgz: Upgraded to audacious-plugins-1.5.1. xap/fluxbox-1.1.1-arm-1.tgz: Upgraded to fluxbox-1.1.1. xap/gimp-2.4.7-arm-1.tgz: Upgraded to gimp-2.4.7. xap/gkrellm-2.3.2-arm-1.tgz: Upgraded to gkrellm-2.3.2 compiled against lm_sensors-3.0.3. xap/imagemagick-6.4.3_10-arm-1.tgz: Upgraded to ImageMagick 6.4.2-5. xap/mozilla-firefox-2.0.0.17-arm-1.tgz: Upgraded to Mozilla Firefox v2.0.0.17. I tried compiling v3.0.3 but without turning off -Werror, it wouldn't compile. Once compiled, no content was ever shown inside its windows so you couldn't even see the licence agreement. So we'll stick with version 2 for now. xap/mozilla-thunderbird-2.0.0.17-arm-1.tgz: Upgraded to thunderbird-2.0.0.17. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html (* Security fix *) xap/pidgin-2.5.2-arm-1.tgz: Upgraded to pidgin-2.5.2. xap/sane-1.0.19-arm-2.tgz: Moved udev rules to /lib/udev/rules.d/. xap/seamonkey-1.1.13-arm-1.tgz: Upgraded to seamonkey 1.1.13. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) xap/windowmaker-20060427cvs-arm-1.tgz: Switched to a patched CVS snapshot to get this compiling again with gcc 4.x. xap/x3270-3.3.7p8-arm-1.tgz: Upgraded to x3270-3.3.7p8. xap/xchat-2.8.6-arm-1.tgz: Upgraded to xchat-2.8.6. xap/xfce-4.4.3-arm-1.tgz: Upgraded to xfce-4.4.3. xap/xine-lib-1.1.15-arm-1.tgz: Upgraded to xine-lib-1.1.15. xap/xlockmore-5.26.1-arm-1.tgz: Upgraded to xlockmore-5.26.1. xap/xmms-1.2.11-arm-1.tgz: Added xmms-1.2.11. xap/xsane-0.996-arm-1.tgz: Upgraded to xsane-0.996. xap/xscreensaver-5.07-arm-1.tgz: Upgraded to xscreensaver-5.07. isolinux/initrd.img: Updated to the latest Slackware installer and the most recent tools. +--------------------------+ Thu Oct 2 16:23:06 BST 2008 ap/ghostscript-8.63-arm-1.tgz: Upgraded to ghostscript-8.63. ap/gphoto2-2.4.2-arm-1.tgz: Added gphoto2-2.4.2. ap/hplip-2.8.7-arm-1.tgz: Upgraded to hplip-2.8.7. ap/man-pages-3.08-noarch-1.tgz: Upgraded to man-pages-3.08 and man-pages-posix-2003-a. ap/sox-14.1.0-arm-1.tgz: Upgraded to sox-14.1.0. ap/sqlite-3.6.2-arm-1.tgz: Added sqlite-3.6.2 d/bin86-0.16.16-arm-1.tgz: Removed. I tried to build d/dev86 but it won't compile on ARM; besides it's not overly useful as an ARM package. d/flex-2.5.35-arm-1.tgz: Upgraded to flex-2.5.35. d/guile-1.8.5-arm-1.tgz: Upgraded to guile-1.8.5. d/python-2.5.2-arm-3.tgz: Recompiled against Tcl/Tk 8.5.4. e/emacs-22.3-arm-1.tgz: Upgraded to emacs-22.3. l/enchant-1.4.2-arm-1.tgz: Added enchant-1.4.2. l/gtkspell-2.0.14-arm-1.tgz: Added gtkspell-2.0.14. l/libgphoto2-2.4.2-arm-1.tgz: Added libgphoto2-2.4.2. l/libraw1394-2.0.0-arm-1.tgz: Added libraw1394-2.0.0. l/libvisual-plugins-0.4.0-arm-1.tgz: Added libvisual-plugins-0.4.0. These create some cool special effects with Amarok. l/pycairo-1.6.4-arm-1.tgz: Upgraded to pycairo-1.6.4. l/pygobject-2.15.4-arm-1.tgz: Upgraded to pygobject-2.15.4. n/alpine-1.10-arm-1.tgz: Added alpine-1.10, a Pine replacement. n/pine-4.64-arm-3.tgz: Removed. Replaced with n/alpine. n/bluez-libs-3.36-arm-1.tgz: Upgraded to bluez-libs-3.36. n/bluez-utils-3.36-arm-1.tgz: Upgraded to bluez-utils-3.36. n/curl-7.19.0-arm-1.tgz: Upgraded to curl-7.19.0. n/dhcpcd-2.0.8-arm-1.tgz: Upgraded to dhcpcd-2.0.8. n/getmail-4.8.2-noarch-1.tgz: Upgraded to getmail-4.8.2. n/imapd-1.10-arm-1.tgz: Upgraded to imapd/ipop3d daemons from alpine-1.10. n/iptables-1.4.1.1-arm-1.tgz: Upgraded to iptables-1.4.1.1. n/irssi-0.8.12-arm-2.tgz: Recompiled against perl-5.10.0. n/net-snmp-5.4.1.2-arm-2.tgz: Recompiled against perl-5.10.0. n/obexftp-0.22-arm-1.tgz: Upgraded to obexftp-0.22. n/rp-pppoe-3.10-arm-1.tgz: Upgraded to rp-pppoe-3.10. n/rsync-3.0.4-arm-1.tgz: Upgraded to rsync-3.0.4. n/samba-3.2.3-arm-1.tgz: Upgraded to samba-3.2.3. tcl/expect-5.43-arm-3.tgz: Forcably recompiled against Tcl/Tk 8.5.4. tcl/hfsutils-3.2.6-arm-2.tgz: Recompiled against tcl-8.5.4. tcl/tcl-8.5.4-arm-1.tgz: Upgraded to tcl-8.5.4. tcl/tclx-8.4-arm-3.tgz: Recompiled against tcl-8.5.4. tcl/tix-8.4.3-arm-1.tgz: Upgraded to Tix-8.4.3. Evidently tixwish is no longer supported. tcl/tk-8.5.4-arm-1.tgz: Upgraded to tk-8.5.4. x/dejavu-fonts-ttf-2.26-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.26. x/dri2proto-1.1-arm-1.tgz: Added dri2proto-1.1. x/fontconfig-2.6.0-arm-1.tgz: Upgraded to fontconfig-2.6.0. x/inputproto-1.4.4-noarch-1.tgz: Upgraded to inputproto-1.4.4. x/libX11-1.1.5-arm-1.tgz: Upgraded to libX11-1.1.5. x/libXau-1.0.4-arm-1.tgz: Upgraded to libXau-1.0.4. x/libXft-2.1.13-arm-1.tgz: Upgraded to libXft-2.1.13. x/libXrandr-1.2.3-arm-1.tgz: Upgraded to libXrandr-1.2.3. x/libXxf86vm-1.0.2-arm-1.tgz: Upgraded to libXxf86vm-1.0.2. x/liberation-fonts-ttf-1.04-noarch-1.tgz: Upgraded to liberation-fonts-1.04. x/m17n-lib-1.5.2-arm-1.tgz: Upgraded to m17n-{db,docs,lib}-1.5.2. x/mesa-7.0.3-arm-1.tgz: Upgraded to mesa-7.0.3. x/randrproto-1.2.2-noarch-1.tgz: Upgraded to randrproto-1.2.2. x/xcb-proto-1.1-noarch-1.tgz: Upgraded to xcb-proto-1.1. x/xdg-utils-1.0.2-noarch-1.tgz: Added xdg-utils-1.0.2. x/xextproto-7.0.3-noarch-1.tgz: Upgraded to xextproto-7.0.3. x/xf86-input-joystick-1.3.2-arm-1.tgz: Fixed misplaced man page. x/xf86driproto-2.0.4-noarch-1.tgz: Upgraded to xf86driproto-2.0.4. x/xproto-7.0.13-noarch-1.tgz: Upgraded to xproto-7.0.13. x/x11-lib-7.3-arm-1.tgz: Removed. The package description for this said it contains X11 headers, but all it contained was an out of date copy of x/pixman. +--------------------------+ Mon Sep 22 18:44:02 BST 2008 a/acpid-1.0.7b1-arm-1.tgz: Shut down acpid cleanly on halt/reboot. Erase any /usr/share/icons/icon-theme.cache that should not be there. a/bash-3.1.017-arm-2.tgz: Recompiled. a/coreutils-6.12-arm-1.tgz: Upgraded to coreutils-6.12. a/cups-1.3.8-arm-1.tgz: Upgraded to cups-1.3.8. Removed SysV style /etc/rc?.d directories which had crept in. a/e2fsprogs-1.41.1-arm-1.tgz: Upgraded to e2fsprogs-1.41.1 a/etc-12.2-noarch-1.tgz: Do not set LC_ALL POSIX in /etc/csh.login. a/gawk-3.1.6-arm-1.tgz: Upgraded to gawk-3.1.6. a/glibc-solibs-2.7-arm-6.tgz: Recompiled against Linux 2.6.24.7. a/glibc-zoneinfo-2.7-noarch-6.tgz: Rebuild from tzcode/tzdata2008e. a/kernel-modules-2.6.24.7-arm-2.tgz: Recompiled with gcc 4.2.4. a/kernel_versatile-2.6.24.7-arm-1.tgz: Recompiled with gcc 4.2.4. a/less-418-arm-1.tgz: Upgraded to less-418. a/ntfs-3g-1.2812-arm-1.tgz: Upgraded to ntfs-3g-1.2812. a/sysvinit-scripts-1.2-noarch-14.tgz: Shut down acpid cleanly on halt/reboot. Erase any /usr/share/icons/icon-theme.cache that should not be there. a/util-linux-ng-2.14.1-arm-1.tgz: Upgraded to util-linux-ng-2.14.1. ap/cdparanoia-III10pre0-arm-1.tgz: Fixed missing slack-desc. ap/mc-4.6.1_20070623p14-arm-1.tgz: Upgraded to mc-4.6.1_20070623p14. ap/nano-2.0.9-arm-1.tgz: Upgraded to nano-2.0.9. ap/vim-7.2-arm-1.tgz: Upgraded to vim-7.2.018. d/cmake-2.6.1-arm-1.tgz: Upgraded to cmake-2.6.1. d/cvs-1.11.23-arm-1.tgz: Upgraded to cvs-1.11.23. d/doxygen-1.5.6-arm-1.tgz: Upgraded to doxygen-1.5.6. d/gcc-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/gcc-g++-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/gcc-gfortran-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/gcc-gnat-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/gcc-java-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/gcc-objc-4.2.4-arm-1.tgz: Upgraded to gcc-4.2.4. d/git-1.6.0.2-arm-1.tgz: Upgraded to git-1.6.0.2. d/intltool-0.40.3-arm-1.tgz: Added intltool-0.40.3. d/kernel-headers-2.6.24.7-arm-1.tgz: Upgraded to Linux 2.6.24.7 Kernel headers. d/mercurial-1.0.2-arm-1.tgz: Upgraded to mercurial-1.0.2. d/perl-5.10.0-arm-1.tgz: Upgraded to perl-5.10.0. d/subversion-1.5.2-arm-1.tgz: Upgraded to subversion-1.5.2. k/kernel-source-2.6.24.7-noarch-1.tgz: Upgraded to Linux 2.6.24.7 Kernel source. l/arts-1.5.10-arm-1.tgz: Upgraded to arts-1.5.10. l/atk-1.23.5-arm-1.tgz: Upgraded to atk-1.23.5. l/cairo-1.6.4-arm-1.tgz: Upgraded to cairo-1.6.4. l/freetype-2.3.7-arm-1.tgz: Upgraded to freetype-2.3.7. l/fuse-2.7.4-arm-1.tgz: Upgraded to fuse-2.7.4. l/glib2-2.16.6-arm-1.tgz: Upgraded to glib2-2.16.6. l/glibc-2.7-arm-6.tgz: Recompiled against Linux 2.6.24.7. l/glibc-i18n-2.7-noarch-6.tgz: Rebuilt. l/glibc-profile-2.7-arm-6.tgz: Recompiled against Linux 2.6.24.7. l/gmime-2.2.23-arm-1.tgz: Upgraded to gmime-2.2.23. l/gmp-4.2.3-arm-1.tgz: Upgraded to gmp-4.2.3. l/gnome-icon-theme-2.23.92-noarch-1.tgz: Upgraded to gnome-icon-theme-2.23.92. l/gst-plugins-base-0.10.20-arm-1.tgz: Added gst-plugins-base-0.10.20. l/gstreamer-0.10.20-arm-1.tgz: Added gstreamer-0.10.20. l/gtk+2-2.12.12-arm-1.tgz: Upgraded to gtk+-2.12.12. l/hal-0.5.11-arm-1.tgz: Upgraded to hal-0.5.11. I tried this version and it still causes QEMU to crash, so /etc/rc.d/rc.hal still bails out if it detects 'Versatile' CPU type. l/hal-info-20080508-noarch-1.tgz: Upgraded to hal-info-20080508. l/icon-naming-utils-0.8.7-arm-1.tgz: Upgraded to icon-naming-utils. l/libmtp-0.3.1-arm-1.tgz: Upgraded to libmtp-0.3.1. l/liboil-0.3.15-arm-1.tgz: Added liboil-0.3.14. l/libpng-1.2.32-arm-1.tgz: Upgraded to libpng-1.2.32. l/librsvg-2.22.2-arm-1.tgz: Upgraded to librsvg-2.22.2. l/libxml2-2.6.32-arm-1.tgz: Upgraded to libxml2-2.6.32. l/pango-1.20.5-arm-1.tgz: Upgraded to pango-1.20.5. l/parted-1.8.8-arm-1.tgz: Moved from /extra (this is now a HAL dependency). l/pilot-link-0.12.3-arm-3.tgz: Recompiled against perl-5.10.0. l/poppler-0.8.5-arm-1.tgz: Upgraded to poppler-0.8.5. n/bind-9.4.2_P1-arm-1.tgz: Rebuilt. Fixed the package name to switch '-' in the version number with a '_'. n/openssh-5.1p1-arm-2.tgz: Recompiled. n/yptools-2.9-arm-2.tgz: Added missing /var/yp/Makefile.new extra/slacktrack/slacktrack-2.00-noarch-1.tgz: Upgraded to slacktrack-2.00. x/pixman-0.12.0-arm-1.tgz: Upgraded to pixman-0.12.0. xap/vim-gvim-7.2-arm-1.tgz: Upgraded to vim-7.2.018 (GTK+ add-on package). isolinux/initrd.img: Patched /usr/lib/setup/slackinstall to direct stderr into /tmp/installpkg-error.log on the system's filesystem. This helps track down any problems coming from the package post- installation scripts. +--------------------------+ Tue Sep 2 19:20:57 BST 2008 I've decided to drop RiscPC support from ARMedslack from this update onwards. The original intention of this port was to produce a Linux distribution for the RiscPC, but various Kernel and user space drivers are no longer maintained, which is holding back ARMedslack development. I've moved all of the RiscPC packages and sources into the 'unsupported' directory which can be found at ftp://ftp.armedslack.org/armedslack/unsupported/RiscPC Added /PACKAGES.TXT (including individual subdir versions) and /FILELIST.TXT so that the installer's FTP/HTTP installation method works. a/kernel_riscpc-2.6.23.17-arm-1.tgz: Removed. Moved into the /unsupported/RiscPC directory. a/kernel-modules-2.6.24.7-arm-1.tgz: Upgraded to Linux 2.6.24.7 Kernel modules. a/kernel_versatile-2.6.24.7-arm-1.tgz: Upgraded to Linux 2.6.24.7 for ARM Versatile. k/kernel-source-2.6.24.7-noarch-1.tgz: Upgraded to Linux 2.6.24.7 Kernel source. a/pkgtools-12.1.0-noarch-4.tgz: Removed surplus /sbin/makepkg~ backup file. n/samba-3.0.32-arm-1.tgz: Upgraded to samba-3.0.32. This is a bugfix release. See the WHATSNEW.txt file in the Samba docs for details on what has changed. a/slocate-3.1-arm-2.tgz: Added missing config files and updatedb symlink. Thanks to Darren Austin for the report. bootware/riscpc/slackb.zip: Removed. Moved into the /unsupported/RiscPC directory. isolinux/initrd.img: Rebuilt to included the most up to date tools for the installer. Removed the 'acorn-fdisk' binary since RiscPC support has been dropped. +--------------------------+ Fri Aug 29 18:30:09 BST 2008 kde/amarok-1.4.10-arm-1.tgz: Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune online music library support which could be used by malicious local users to overwrite system files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 (* Security fix *) /GPG-KEY: Added ARMedslack Linux Project GPG key. All of the packages have been signed with the new ARMedslack GPG key. Also, the package description .txt files have been re-created for all packages to ensure that they are up to date. You can import the GPG key into your keyring using either of the two methods below: Retrieving from the key server: gpg --recv-keys 456723FD \ --keyserver hkp://subkeys.pgp.net Import directly from the root of the 'armedslack-current' directory tree: gpg --import GPG-KEY +--------------------------+ Fri Aug 15 17:06:45 BST 2008 kde/kdenetwork-3.5.9-arm-2.tgz: Recompiled (with a small patch) against the new OpenSSL, which fixes connecting to MSN with kopete. extra/emacspeak/emacspeak-27.0-arm-2.tgz: Added missing package description. +--------------------------+ Wed Aug 6 15:21:20 BST 2008 d/python-2.5.2-arm-2.tgz: Patched various overflows and other security problems. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 (* Security fix *) xap/pan-0.133-arm-1.tgz: Upgraded to pan-0.133. This update fixes a buffer overflow in pan-0.128 through pan-0.132 when processing .nzb files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 (* Security fix *) extra/brltty/brltty-3.9-arm-1.tgz: Upgraded to brltty-3.9. +--------------------------+ Sun Aug 3 09:00:02 BST 2008 a/hdparm-8.9-arm-1.tgz: Upgraded to hdparm-8.9. a/openssl-solibs-0.9.8h-arm-1.tgz: Upgraded to OpenSSL 0.9.8h shared libraries (see below). (* Security fix *) a/sysvinit-scripts-1.0-noarch-13.tgz: For now, quiet error output from update-mime-database, since KDE4 causes some "noise". ap/vim-7.1.330-arm-1.tgz: Upgraded to vim-7.1.330. This fixes several security issues related to the automatic processing of untrusted files. For more information, see: http://www.rdancer.org/vulnerablevim.html (* Security fix *) l/libxslt-1.1.24-arm-1.tgz: Upgraded to libxslt-1.1.24. A buffer overflow when processing XSL stylesheets could result in the execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 (* Security fix *) l/pcre-7.7-arm-1.tgz: Upgraded to pcre-7.7. Tavis Ormandy of the Google Security Team found a buffer overflow triggered when handling certain regular expressions. This could lead to a crash or possible execution of code as the user of the PCRE-linked application. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 (* Security fix *) n/fetchmail-6.3.8-arm-2.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 (* Security fix *) n/httpd-2.2.9-arm-1.tgz: Upgraded to httpd-2.2.9. This release fixes flaws which could allow XSS attacks. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 (* Security fix *) n/links-2.1-arm-1.tgz: Upgraded to links-2.1. Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs." For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329 (* Security fix *) n/mtr-0.73-arm-1.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). (* Security fix *) n/net-snmp-5.4.1.2-arm-1.tgz: Upgraded to net-snmp-5.4.1.2. A vulnerability was discovered where an attacked could spoof an authenticated SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was found that could be exploited if an application using the net-snmp perl modules connects to a malicious server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292 (* Security fix *) n/openldap-client-2.3.43-arm-1.tgz: Upgraded to openldap-2.3.43. This release fixes a security issue in slapd (our package does not ship it.) n/openssh-5.1p1-arm-1.tgz: Upgraded to openssh-5.1p1. When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or it is possible to be unable to log back into sshd! n/openssl-0.9.8h-arm-1.tgz: Upgraded to OpenSSL 0.9.8h. The Codenomicon TLS test suite uncovered security bugs in OpenSSL. If OpenSSL was compiled using non-default options (Slackware's package is not), then a malicious packet could cause a crash. Also, a malformed TLS handshake could also lead to a crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or it is possible to be unable to log back into sshd! (* Security fix *) n/proftpd-1.3.1-arm-2.tgz: Recompiled against new OpenSSL, since this evidently checks the OpenSSL version and will only run against the libraries it was compiled against. A small patch was also added to account for changes in the system includes. xap/mozilla-thunderbird-2.0.0.16-arm-1.tgz: xap/vim-gvim-7.1.330-arm-1.tgz: Upgraded to vim-gvim-7.1.330. See "vim" above for details. (* Security fix *) extra/emacspeak/emacspeak-27.0-arm-1.tgz: Upgraded to emacspeak-27.0. extra/ktorrent/ktorrent-2.2.7-arm-1.tgz: Upgraded to ktorrent-2.2.6. extra/slackpkg/slackpkg-2.70.4-noarch-1.tgz: Added slackpkg. +--------------------------+ Thu Jul 24 20:10:50 BST 2008 a/ntfs-3g-1.2712-arm-1.tgz: Upgraded to ntfs-3g-1.2712. This has been compiled to use the internal FUSE library rather than the system FUSE library. The benefit of this is that if /bin/ntfs-3g is make setuid root, then non-root users can use it to mount NTFS partitions if /etc/fstab allows it. Also, this version of ntfs-3g would require the CVS version of external FUSE, so that helped make this an easy choice. n/dnsmasq-2.45-arm-1.tgz: Upgraded to dnsmasq-2.45. It was discovered that earlier versions of dnsmasq have DNS cache weaknesses that are similar to the ones recently discovered in BIND. This new release minimizes the risk of cache poisoning. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 (* Security fix *) x/wqy-zenhei-font-ttf-0.6.26_0-noarch-1.tgz-0.6.26-noarch-1.tgz: Upgraded to wqy-zenhei-font-ttf-0.6.26-0. x/xf86-video-ati-6.9.0-arm-1.tgz: Upgraded to xf86-video-ati-6.9.0. x/xf86-video-intel-2.3.2-arm-1.tgz: Upgraded to xf86-video-intel-2.3.2. x/xf86-video-mach64-6.8.0-arm-1.tgz: Added xf86-video-mach64-6.8.0. This can be used alone with driver type "mach64" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. x/xf86-video-nv-2.1.10-arm-1.tgz: Upgraded to xf86-video-nv-2.1.10. x/xf86-video-r128-6.8.0-arm-1.tgz: Added xf86-video-r128-6.8.0. This can be used alone with driver type "r128" in xorg.conf, or with type "ati" using both this package and the ati driver package as a wrapper. +--------------------------+ Fri Jul 18 19:24:53 BST 2008 a/e2fsprogs-1.41.0-arm-1.tgz: Upgraded to e2fsprogs-1.41.0. a/mkinitrd-1.3.2-arm-3.tgz: Initialize RAID earlier so that the combination of RAID+LUKS+LVM works. a/util-linux-ng-2.14-arm-1.tgz: Upgraded to util-linux-ng-2.14. d/nasm-2.03.01-arm-1.tgz: Upgraded to nasm-2.03.01. d/ruby-1.8.6_p230-arm-1.tgz: Upgraded to ruby-1.8.6-p230. This fixes a number of security related bugs in Ruby which could lead to a denial of service (DoS) condition or allow execution of arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 (* Security fix *) n/bind-9.4.2-P1-arm-1.tgz: Upgraded to bind-9.4.2-P1. This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache Poisoning Issue. This is the summary of the problem from the BIND site: "A weakness in the DNS protocol may enable the poisoning of caching recurive resolvers with spoofed data. DNSSEC is the only full solution. New versions of BIND provide increased resilience to the attack." It is suggested that sites that run BIND upgrade to one of the new packages in order to reduce their exposure to DNS cache poisoning attacks. For more information, see: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 (* Security fix *) n/dnsmasq-2.43-arm-1.tgz: Upgraded to dnsmasq-2.43. n/gnutls-2.2.5-arm-1.tgz: Upgraded to GnuTLS version 2.2.5. This updated package fixes bugs which can lead to a denial of service (DoS) in programs linked with GnuTLS. Thanks to Ossi Herrala and Jukka Taimisto from the CROSS project at Codenomicon Ltd. for finding and reporting the problems, and to Simon Josefsson and Nikos Mavrogiannopoulos for researching the issues and developing patches, and to Andreas Metzler for noting and reporting a problem with one of the original patches. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 (* Security fix *) x/compiz-0.7.6-arm-1.tgz: Upgraded to compiz-0.7.6. x/xorg-server-1.4.2-arm-1.tgz: Upgraded xorg-server to address denial of service and possible arbitrary code execution flaws reported in xorg-server 1.4 prior to 1.4.2. For more information about the issues patched, please refer to: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362 (* Security fix *) x/xorg-server-xnest-1.4.2-arm-1.tgz: Security fixes (see CVE entries above). (* Security fix *) x/xorg-server-xvfb-1.4.2-arm-1.tgz: Security fixes (see CVE entries above). (* Security fix *) xap/mozilla-firefox-2.0.0.16-arm-1.tgz: Upgraded to firefox-2.0.0.16. This release closes several possible security vulnerabilities and bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/pidgin-2.4.3-arm-1.tgz: Upgraded to pidgin-2.4.3. This updates pidgin to work with the changed ICQ protocol. xap/seamonkey-1.1.11-arm-1.tgz: Upgraded to Seamonkey 1.1.11. This release fixes some more security vulnerabilities. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html (* Security fix *) +--------------------------+ Mon Jun 23 18:01:20 BST 2008 ap/ash-0.4.0-arm-1.tgz: Recompiled. This was the last ancient package that had an "armv3" architecture name. +--------------------------+ Tue Jun 3 19:20:38 BST 2008 d/gcc-java-4.2.3-arm-2.tgz: Added GCC Java compiler. Thanks to Sunil Amitkumar Janki for reminding me to re-check whether the Java compiler would build for ARM. gcc-gnat still doesn't build though. n/samba-3.0.30-arm-1.tgz: Upgraded to samba-3.0.30. This is a security release in order to address CVE-2008-1105 ("Boundary failure when parsing SMB responses can result in a buffer overrun"). For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 (* Security fix *) xap/rdesktop-1.6.0-arm-1.tgz: Upgraded to rdesktop-1.6.0. According to the rdesktop ChangeLog, this contains a: "* Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)" This package build also includes the new alsa driver (--with-sound=alsa), though I couldn't get local sound redirection. Perhaps it was just my command line error though, so the driver remains included for testing. For more information on the security issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 (* Security fix *) extra/parted/parted-1.8.8-arm-1.tgz: Upgraded to parted-1.8.8. +--------------------------+ Fri May 9 18:02:51 BST 2008 a/cups-1.3.7-arm-2.tgz: Applied patch str2790 to fix crash bugs in the PNG image filter. The issues are not believed to be capable of either a DoS (at worst, it simply crashes the filter processing the current job and does not crash the scheduler daemon, which just moves on to the next job in the print queue), nor arbitrary code execution (data from the image is never stored in the affected tile array). Still, it seems to be worth fixing here just in case. The CUPS bug report may be found here: http://www.cups.org/str.php?L2790 a/mkinitrd-1.3.2-arm-2.tgz: Updated the version numbers in README.initrd and manpage. ap/lm_sensors-2.10.6-arm-1.tgz: Upgraded to lm_sensors-2.10.6. ap/mysql-5.0.51b-arm-1.tgz: Upgraded to mysql-5.0.51b kde/kdelibs-3.5.9-arm-2.tgz: Patched to fix a security problem. From the KDE advisory: "If start_kdeinit is installed as setuid root, a local user might be able to send unix signals to other processes, cause a denial of service or even possibly execute arbitrary code." This issue affects KDE 3.5.5 through KDE 3.5.9. We recommend upgrading to the new kdelibs package as soon as possible. For more information, see: http://www.kde.org/info/security/advisory-20080426-2.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671 (* Security fix *) l/imlib-1.9.15-arm-3.tgz: Patched to fix rendering issues on Intel and possibly other graphics chipsets. l/libmtp-0.2.6.1-arm-1.tgz: Upgraded to libmtp-0.2.6.1. l/libpng-1.2.27-arm-1.tgz: Upgraded to libpng-1.2.27. This fixes various bugs, the most important of which have to do with the handling of unknown chunks containing zero-length data. Processing a PNG image that contains these could cause the application using libpng to crash (possibly resulting in a denial of service), could potentially expose the contents of uninitialized memory, or could cause the execution of arbitrary code as the user running libpng (though it would probably be quite difficult to cause the execution of attacker-chosen code). We recommend upgrading the package as soon as possible. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt (* Security fix *) n/php-5.2.6-arm-1.tgz: Upgraded to PHP 5.2.6. This version of PHP contains many fixes and enhancements. Some of the fixes are security related, and the PHP release announcement provides this list: * Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz. * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh. * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. * Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser. * Upgraded bundled PCRE to version 7.6 When last checked, CVE-2008-0599 was not yet open. However, additional information should become available at this URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 The list reproduced above, as well as additional information about other fixes in PHP 5.2.6 may be found in the PHP release announcement here: http://www.php.net/releases/5_2_6.php n/wireless-tools-29-arm-2.tgz: Increased the sleep time after bringing up an interface to 3 seconds, since some of the new drivers need the additional time to fully initialize. x/xf86-input-joystick-1.3.2-arm-1.tgz: Upgraded to xf86-input-joystick-1.3.2. xap/mozilla-thunderbird-2.0.0.14-arm-1.tgz: Upgraded to thunderbird-2.0.0.14. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird (* Security fix *) +--------------------------+ Fri Apr 25 07:44:25 BST 2008 ap/mysql-5.0.51a-arm-3.tgz: Edited rc.mysql to fix a missing '=' in the example for mysql_install_db. e/emacs-22.2-arm-1.tgz: Upgraded to Emacs version 22.2. n/mcabber-0.9.7-arm-1.tgz: Upgraded to mcabber-0.9.7. n/wireless-tools-29-arm-2.tgz: Make sure that HWADDR in rc.wireless is all uppercase. xap/mozilla-firefox-2.0.0.14-arm-1.tgz: Upgraded to firefox-2.0.0.14. This upgrade fixes a potential security bug. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/xine-lib-1.1.11.1-armv4-2.tgz: Recompiled, with --without-speex (we didn't ship the speex library in Slackware anyway, but for reference this issue would be CVE-2008-1686), and with --disable-nosefart (the recently reported as insecurely demuxed NSF format). As before in -2, this package fixes the two regressions mentioned in the release notes for xine-lib-1.1.12: http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=965 +--------------------------+ Tue Apr 15 21:01:11 BST 2008 a/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this seems to be a de-facto standard directory and (for example) XFce will give an error if it is missing and one tries to change the desktop image. Bumped version number of package, and of /etc/slackware-version. a/acl-2.2.47_1-arm-1.tgz: Upgraded to acl-2.2.47_1. a/attr-2.4.41_1-arm-1.tgz: Upgraded to attr-2.4.41_1. a/bzip2-1.0.5-arm-1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 (* Security fix *) a/cryptsetup-1.0.5-arm-2.tgz: Recompiled against static libgpg-error and got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent the error "Command failed: Key processing error: No hash backend found" when creating a new cryptographic volume. a/cups-1.3.7-arm-1.tgz: Upgraded to cups-1.3.7. This version of CUPS fixes some buffer overflows in the GIF image filter and in cgiCompileSearch. Those running CUPS servers should upgrade. For more information on these security issues, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 (* Security fix *) a/cxxlibs-6.0.9-arm-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3. a/ed-0.9-arm-2.tgz: Fixed missing man page. Thanks to Selkfoster. a/etc-12.1-noarch-3.tgz: Add root to the groups audio, cdrom, video, plugdev, and floppy. Root already has access to most of these devices, but it doesn't hurt to provide an example for people who edit /etc/groups manually. a/glibc-solibs-2.7-arm-5.tgz: Recompiled against 2.6.23.17 headers. a/glibc-zoneinfo-2.7-noarch-5.tgz: Upgraded to tzdata2008b. a/kernel-modules-2.6.23.17-arm-1.tgz: Upgraded to Linux 2.6.23.17 Kernel modules. a/kernel_riscpc-2.6.23.17-arm-1.tgz: Upgraded to Linux 2.6.23.17 RiscPC Kernel. ** Note: This Kernel on my RiscPC isn't stable - lost interrupts on one of the RapIDE IDE discs. I am going to strip down the hardware & replace the disc because I'm not sure where the problem lies. ** a/kernel_versatile-2.6.23.17-arm-1.tgz: Upgraded to Linux 2.6.23.17 Versatile Kernel. a/mdadm-2.6.4-arm-1.tgz: Upgraded to mdadm-2.6.4. a/mkinitrd-1.3.2-arm-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. a/ntfs-3g-1.2310-arm-1.tgz: Added back ntfsprogs-2.0.0, using (for now) --disable-ntfsmount. It is still needed to manage NTFS partitions even if we use the kernel driver or NTFS-3G to mount them. a/pciutils-2.2.10-arm-1.tgz: Upgraded to pciutils-2.2.10. a/shadow-4.0.3-arm-3.tgz: Took plugdev out of CONSOLE_GROUPS in /etc/login.defs, since DBUS doesn't know about group memberships added that way. Users not actually listed in /etc/groups as part of groups such as plugdev wouldn't be able to use those devices even at the console when logging in through a graphical login manager such as XDM, KDM, or GDM. Stuart Winter enhanced the command-line adduser tool. Quote from the adduser program history: "* To facilitate use of the automatic mounting features of HAL, allow the admin to easily add users to the default groups: audio,cdrom,video,plugdev,floppy The default is not to add new users to these groups. And by the way, this script is "adduser from Slackware" not "superadduser from Gentoo" ;-)" If you trust your users, this is the correct way to give them access to these devices. adduser will automatically edit /etc/groups for you. If you do not trust your users and you give them access to these groups, they may create mischief from afar with this access, so be aware of the security implications. a/smartmontools-5.38-arm-1.tgz: Upgraded to smartmontools-5.38. a/sysvinit-2.86-arm-4.tgz: Fixed the /sbin/initscript path to match the man pages. a/sysvinit-scripts-1.0-noarch-12.tgz: Keep any icon-theme.cache files updated. a/udev-118-arm-2.tgz: Fixed two broken symbolic links in /sbin. a/util-linux-2.12r-arm-4.tgz: Removed. See below. a/util-linux-ng-2.13.1-arm-1.tgz: Added util-linux-ng-2.13.1, which replaces the old util-linux package. To install, either use upgradepkg with the "%" option, or do this: installpkg util-linux-ng-2.13.1-arm-1.tgz ; removepkg util-linux ; installpkg util-linux-ng-2.13.1-arm-1.tgz a/xfsprogs-2.9.7_1-arm-1.tgz: Upgraded to xfsprogs-2.9.7_1. ap/alsa-utils-1.0.15-arm-1.tgz: Don't load the mixer settings until after the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using sed and tr instead. Set reasonable volume defaults if there are none in /etc/asound.state. ap/cdrtools-2.01.01a38-arm-1.tgz: Upgraded to cdrtools-2.01.01a38. ap/dmapi-2.2.8_1-arm-1.tgz: Upgraded to dmapi-2.2.8_1. ap/dvd+rw-tools-7.1-arm-1.tgz: Upgraded to dvd+rw-tools-7.1. ap/ghostscript-8.62-arm-2.tgz: Fixed cidfmap for printing with the wqy-zenhei.ttf font. /usr/share/ghostscript/8.62/lib/cidfmap will attempt support for Simplified Chinese (though Traditional Chinese and Korean will still require cidfmap changes and additional fonts). ap/hplip-2.8.4-arm-1.tgz: Upgraded to hplip-2.8.4. ap/man-1.6f-arm-1.tgz: Upgraded to man-1.6f. ap/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the POSIX pthread_* man pages this time. ap/mysql-5.0.51a-arm-2.tgz: Modified /etc/rc.d/rc.mysqld's database installation instructions to take into consideration that the mysql user no longer has a login shell. In addition, the admin is told to consider locking the database server down even further (if possible) by using the mysql_secure_installation utility. ap/vim-7.1.285-arm-1.tgz: Upgraded to vim-7.1.285. ap/zsh-4.3.6-arm-1.tgz: Upgraded to zsh-4.3.6. d/cmake-2.4.8-arm-1.tgz: Upgraded to cmake-2.4.8. d/cscope-15.6-arm-1.tgz: Upgraded to cscope-15.6. d/gdb-6.8-arm-1.tgz: Upgraded to gdb-6.8. d/git-1.5.5-arm-1.tgz: Upgraded to git-1.5.5. d/guile-1.8.4-arm-1.tgz: Upgraded to guile-1.8.4. d/kernel-headers-2.6.23.17-arm-1.tgz: Upgraded to Linux Kernel headers v2.6.23.17. d/m4-1.4.11-arm-1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 (* Security fix *) d/mercurial-1.0-arm-1.tgz: Upgraded to mercurial-1.0. d/pkg-config-0.23-arm-2.tgz: Prevent unwanted output during package install. d/ruby-1.8.6_p114-arm-1.tgz: Upgraded to ruby-1.8.6-p114. e/emacs-22.2-arm-1.tgz: Upgraded to GNU emacs-22.2. f/linux-howtos-20080323-noarch-1.tgz: Upgraded to the latest Linux HOWTOs. k/kernel-source-2.6.23.17-noarch-1.tgz: Upgraded to Linux Kernel source, v2.6.23.17. kde/amarok-1.4.9.1-arm-1.tgz: Upgraded to amarok-1.4.9.1. kde/k3b-1.0.4-arm-1.tgz: Upgraded to k3b-1.0.4. kde/kde*-3.5.9-arm-1.tgz: Upgraded to KDE 3.5.9. kde/knemo-0.4.8-arm-3.tgz: Recompiled. kde/koffice-1.6.3-arm-3.tgz: Recompiled. kdei/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9. kdei/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4. l/alsa-lib-1.0.15-arm-1.tgz: Upgraded to alsa-lib-1.0.15. l/alsa-oss-1.0.15-arm-1.tgz: Upgraded to alsa-oss-1.0.15. l/dbus-python-0.82.4-arm-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. l/fribidi-0.10.9-arm-2.tgz: Recompiled to fix slack-desc. l/glib2-2.14.6-arm-3.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to /etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run first, setting the $LANG variable which these scripts require. l/glibc-2.7-arm-5.tgz: Recompiled against 2.6.23.17 headers. Upgraded to tzdata2008b. l/glibc-i18n-2.7-noarch-5.tgz: Rebuilt. l/glibc-profile-2.7-arm-5.tgz: Recompiled against 2.6.23.17 headers. l/gnome-icon-theme-2.22.0-noarch-1.tgz: l/hal-0.5.10-arm-3.tgz: Recompiled with --enable-umount-helper, which allows non-root users to umount hotplugged devices from the command line. l/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317. l/libaio-0.3.106-arm-1.tgz: Added libaio-0.3.106 (asynchronous I/O library). l/libglade-2.6.2-arm-2.tgz: Rebuilt with --libdir=/usr/lib. Without this, libglade-2.0.la incorrectly inserts '/usr/local/lib' in the .la file. l/libgsf-1.14.8-arm-1.tgz: Upgraded to libgsf-1.14.8. n/bind-9.4.2-arm-1.tgz: Upgraded to bind-9.4.2 Patched rc.bind to add a short wait after starting named, so that the startup script doesn't match "named " with a failing startup and too quick a check. Upgraded to the latest named.root file. n/bitchx-1.1-arm-1.tgz: This had been removed accidentally earlier in the development cycle. Applied Gentoo patches to enable it to build, and also update default list of various IRC network hosts. n/dhcp-3.0.6-arm-1.tgz: Upgraded to dhcp-3.0.6. n/epic4-2.8-arm-1.tgz: Upgraded to epic4-2.8. n/gnupg-1.4.9-arm-1.tgz: Upgraded to gnupg-1.4.9. n/gnupg2-2.0.9-arm-1.tgz: Upgraded to gnupg-2.0.9. n/iproute2-2.6.16_060323-arm-2.tgz: Fixed hardcoded "/usr/local/lib/iptables" path in two places within the source. n/iptables-1.4.0-arm-1.tgz: Upgraded to iptables-1.4.0. n/ipw2100-fw-1.3-fw-1.tgz: Added ipw2100-fw-1.3. n/ipw2200-fw-3.0-fw-1.tgz: Added ipw2200-fw-3.0. n/iwlwifi-3945-ucode-2.14.1.5-fw-1.tgz: Added Intel 3945 wireless firmware. n/iwlwifi-4965-ucode-4.44.1.20-fw-1.tgz: Added Intel 4965 wireless firmware. n/lftp-3.7.0-arm-1.tgz: Upgraded to lftp-3.7.0. n/libgcrypt-1.4.0-arm-2.tgz: Recompiled to include the static library. n/libgpg-error-1.6-arm-3.tgz: Recompiled to include the static library. n/links-2.1pre33-arm-1.tgz: Upgraded to links-2.1pre33. n/mailx-12.3-arm-1.tgz: Upgraded to mailx-12.3. n/ncftp-3.2.1-arm-1.tgz: Upgraded to ncftp-3.2.1. n/net-tools-1.60-arm-2.tgz: Recompiled with latest Debian patch. n/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example generated by netconfig. n/nfs-utils-1.1.2-arm-1.tgz: Upgraded to nfs-utils-1.1.2. n/nmap-4.60-arm-1.tgz: Upgraded to nmap-4.60. n/openssh-5.0p1-arm-1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 (* Security fix *) n/rsync-3.0.2-arm-1.tgz: Upgraded to rsync-3.0.2. From the NEWS file: "BUG FIXES: - Fixed a potential buffer overflow in the xattr code." This is the security advisory, as the issue was present in -current only. (* Security fix *) n/rt61-firmware-1.2-fw-1.tgz: Added rt61-firmware-1.2. n/rt71w-firmware-1.8-fw-1.tgz: Added rt71w-firmware-1.8. n/sendmail-8.14.2-arm-2.tgz: Recompiled. Fixed issues in the install script with properly adding the smmsp user/group. Thanks to Valentin Stoykov. When using SSL/TLS, disable SSLv2 by default. Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Thanks to Strykar. Fixed typos at the top of example .mc files. Thanks to Bart Dumon. Clamp down on security in the defaults some more by requiring authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations. n/sendmail-cf-8.14.2-noarch-2.tgz: Rebuilt. n/tcpdump-3.9.8-arm-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8. n/wget-1.11.1-arm-1.tgz: Upgraded to wget-1.11.1. n/whois-4.7.26-arm-1.tgz: Upgraded to whois-4.7.26. n/wpa_supplicant-0.5.10-arm-1.tgz: Upgraded to wpa_supplicant-0.5.10. n/zd1211-firmware-1.4-fw-1.tgz: Added ZD1211 USB WLAN firmware. t/xfig-3.2.4-arm-2.tgz: Patched to fix a wrong XFIGLIBDIR that was causing some minor errors. tcl/tcl-8.4.18-arm-1.tgz: Upgraded to tcl8.4.18. tcl/tclx-8.4-arm-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now considered "private", this needs -I flags to compile (for now). tcl/tk-8.4.18-arm-1.tgz: Upgraded to tk8.4.18. x/anthy-9100e-arm-1.tgz: Added anthy-9100e. x/compiz-0.7.4-arm-1.tgz: Upgraded to compiz-0.7.2. x/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.23. x/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias; The install scripts will make it. x/font-xfree86-type1-1.0.1-noarch-3.tgz: Upgraded to font-xfree86-type1-1.0. x/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3. x/libX11-1.1.4-arm-1.tgz: Upgraded to libX11-1.1.4. x/libXScrnSaver-1.1.3-arm-1.tgz: Upgraded to libXScrnSaver-1.1.3. x/libXext-1.0.4-arm-1.tgz: Upgraded to libXext-1.0.4. x/libXfont-1.3.2-arm-1.tgz: Upgraded to libXfont-1.3.2. x/libXinerama-1.0.3-arm-1.tgz: Upgraded to libXinerama-1.0.3. x/libXmu-1.0.4-arm-1.tgz: Upgraded to libXmu-1.0.4. x/libXv-1.0.4-arm-1.tgz: Upgraded to libXv-1.0.4. x/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0. x/libhangul-0.0.7-arm-1.tgz: Added libhangul-0.0.7. x/libpciaccess-0.10-arm-1.tgz: Added libpciaccess-0.10. x/libxkbfile-1.0.5-arm-1.tgz: Upgraded to libxkbfile-1.0.5. x/luit-1.0.3-arm-1.tgz: Upgraded to luit-1.0.3. x/m17n-lib-1.5.0-arm-1.tgz: Added m17n-lib-1.5.0. x/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4. x/mkfontscale-1.0.4-arm-1.tgz: Upgraded to mkfontscale-1.0.4. x/pixman-0.10.0-arm-1.tgz: Symlink the headers into /usr/include to temporarily accommodate software that isn't yet using pixman.pc to get the -I/usr/include/pixman-1/ include path. x/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4. x/rendercheck-1.3-arm-1.tgz: Upgraded to rendercheck-1.3. x/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629. x/scim-1.4.7-arm-1.tgz: Added scim-1.4.7. x/scim-anthy-1.2.4-arm-1.tgz: Added scim-anthy-1.2.4. x/scim-bridge-0.4.14-arm-1.tgz: Added scim-bridge-0.4.14. x/scim-hangul-0.3.2-arm-1.tgz: Added scim-hangul-0.3.2 x/scim-m17n-0.2.2-arm-1.tgz: Added scim-m17n-0.2.2. x/scim-pinyin-0.5.91-arm-1.tgz: Added scim-pinyin-0.5.91. x/scim-tables-0.5.7-arm-1.tgz: Added scim-tables-0.5.7. x/sinhala_lklug-font-ttf-20060929-noarch-1.tgz: Added sinhala_lklug-font-ttf-20060929. x/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901. x/twm-1.0.4-arm-3.tgz: Upgraded to twm-1.0.4. x/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6. x/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Added wqy-zenhei fonts as a starter font. x/x11perf-1.5-arm-1.tgz: Upgraded to x11perf-1.5. x/xauth-1.0.3-arm-1.tgz: Upgraded to xauth-1.0.3. x/xcompmgr-1.1.4-arm-1.tgz: Added xcompmgr-1.1.4. x/xdm-1.1.7-arm-1.tgz: Upgraded to xdm-1.1.7. x/xev-1.0.3-arm-1.tgz: Upgraded to xev-1.0.3. x/xf86-input-aiptek-1.1.1-arm-3.tgz: Upgraded to xf86-input-aiptek-1.1.1. x/xf86-input-mouse-1.3.0-arm-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to + fix a copy/paste bug when switching between the virtual consoles and X. x/xf86-video-*-arm-3.tgz: Upgraded to latest video drivers for a number of chipsets. x/xfs-1.0.6-arm-1.tgz: Upgraded to xfs-1.0.6. x/xinit-1.0.8-arm-1.tgz: Upgraded to xinit-1.0.8. x/xinput-1.3.0-arm-1.tgz: Added xinput-1.3.0. x/xkbcomp-1.0.4-arm-1.tgz: Upgraded to xkbcomp-1.0.4. x/xprop-1.0.4-arm-1.tgz: Upgraded to xprop-1.0.4. x/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12. x/xrandr-1.2.3-arm-1.tgz: Upgraded to xrandr-1.2.3. x/xrdb-1.0.5-arm-1.tgz: Upgraded to xrdb-1.0.5. x/xterm-232-arm-1.tgz: Upgraded to xterm-232. x/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1. xap/audacious-1.5.0-armv4-1.tgz: Upgraded to audacious-1.5.0. xap/audacious-plugins-1.5.0-armv4-1.tgz: Upgraded to audacious-plugins-1.5.0. xap/gimp-2.4.5-arm-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK. xap/gnuplot-4.2.3-arm-1.tgz: Upgraded to gnuplot-4.2.3. xap/mozilla-firefox-2.0.0.13-arm-1.tgz: Upgraded to firefox-2.0.0.13 (Bon Echo). This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/pidgin-2.4.1-arm-1.tgz: Upgraded to pidgin-2.4.1. xap/sane-1.0.19-arm-1.tgz: Upgraded sane-backends to version 1.0.19. xap/seamonkey-1.1.9-arm-1.tgz: Upgraded to seamonkey-1.1.9. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) xap/vim-gvim-7.1.285-arm-1.tgz: Upgraded to vim-7.1.285. This is the GTK+ version of vim (gvim). The normal vim package is also required. xap/xfce-4.4.2-arm-3.tgz: Fixed the build script to apply a couple of bugfix patches correctly. Thanks to Carlos Corbacho for the bug report. Fixed xfcalendar.desktop (orage) to only show in the Xfce menus. xap/xine-lib-1.1.11.1-armv4-1.tgz: Earlier versions of xine-lib suffer from an integer overflow which may lead to a buffer overflow that could potentially be used to gain unauthorized access to the machine if a malicious media file is played back. File types affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 (* Security fix *) xap/xscreensaver-5.05-arm-1.tgz: Upgraded to xscreensaver-5.05. bootware/riscpc/slackb.zip: Rebuilt to include the latest initrd.img & upgraded to Linux 2.6.23.17. As a work around, added pre-defined VRAM boot lines to the GRUB configuration because GRUB still has a bug where occasionally it does not find any VRAM, so nothing appears on the console (your monitor). You can now boot the installer with 512K VRAM and the installed OS with 2048K, and also try to let GRUB figure out the VRAM itself. This should help where users see no output on the console (me included!). Thanks to Jim Hawkins for pointing me at a similar problem on the netwinder mailing list. isolinux/initrd.img: Updated to the latest Slackware installer scripts and the latest binaries from ARMedslack's packages. Replaced util-linux with util-linux-ng, and included the mount.nfs helper from the nfs-utils package. +--------------------------+ Mon Mar 24 13:43:07 GMT 2008 n/irssi-0.8.12-arm-1.tgz: Upgraded to irssi-0.8.12. xap/gkrellm-2.3.1-arm-2.tgz: Recompiled against gnutls-2.2.2. xap/imagemagick-6.3.7_10-arm-1.tgz: Upgraded to ImageMagick-6.3.7-10. Changed build script to install Perl modules under vendor_perl. xap/mozilla-thunderbird-2.0.0.12-i686-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-01.html These are the related CVE entries: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 (* Security fix *) xap/mozilla-thunderbird-2.0.0.12-arm-1.tgz: xap/pidgin-2.4.0-arm-1.tgz: Upgraded to pidgin-2.4.0 and pidgin-encryption-3.0. xap/xfce-4.4.2-arm-2.tgz: Patched a memory leak. The recompile also seemed to pick up new exo and pygtk features. bootware/riscpc/slackb.zip: Rebuilt to include the latest initrd.img. isolinux/initrd.img: Updated to the latest Slackware installer scripts and the latest binaries from ARMedslack's packages. +--------------------------+ Sun Mar 23 11:48:34 GMT 2008 a/cups-1.3.6-arm-1.tgz: Upgraded to cups-1.3.6. Rebuilt with -fno-stack-protector so that the binaries don't segfault. Thanks to Jim Hawkins for help with this. a/e2fsprogs-1.40.8-arm-1.tgz: Upgraded to e2fsprogs-1.40.8. a/ed-0.9-arm-1.tgz: Upgraded to ed-0.9. a/gettext-0.17-arm-1.tgz: Upgraded to gettext-0.17. a/glibc-solibs-2.7-arm-4.tgz: Recompiled with -fno-stack-protector. a/glibc-zoneinfo-2.7-noarch-4.tgz: Upgraded to tzdata2008a. a/gpm-1.20.3-arm-1.tgz: Upgraded to gpm 1.20.3pre3 from Debian because gpm 1.20.1 won't compile anymore. Re-jigged the ARMedslack patch which removes all but the PS/2 & USB mice from /var/log/setup.mouse. I'm not sure whether any of these additional mice are required for any ARM devices. The recent Slackware update to this package added "imps2, which works well with KVM boxes". If anybody needs anything like this, let me know! a/hdparm-8.6-arm-1.tgz: Upgraded to hdparm-8.6. a/inotify-tools-3.13-arm-1.tgz: Upgraded to inotify-tools-3.13. a/kernel-modules-2.6.23.16-arm-2.tgz: Symlinked /etc/rc.d/rc.modules-$VERSION to /etc/rc.d/rc.modules-$VERSION-{riscpc,versatile} so that the the modules script is loaded from /etc/rc.d/rc.S. I'd updated the kernel modules package some time ago to cater for loading of rc.modules-$VERSION, but hadn't noticed that Slackware now calls rc.modules-$(uname -r). a/ntfs-3g-1.2310-arm-1.tgz: Added ntfs-3g. a/pcmciautils-014-arm-3.tgz: Improved the default configuration to work with more hardware. a/pkgtools-12.1.0-noarch-3.tgz: Added fuse to the installer's boot-start (setup.services) menu. Patched makepkg to test gzipped files properly. makepkg now warns of two more common mistakes -- dropping man pages in /usr/share/man, or (now) using site_perl in a non-local package. a/sysvinit-scripts-1.0-noarch-11.tgz: Update gtk.immodules from rc.M at boot. Removed /etc/rc.d/rc.scanluns. Modified rc.S to start FUSE. a/udev-118-arm-1.tgz: Upgraded to udev-118. Blacklist old bcm43xx driver (b43 and b43legacy are the recommended drivers now). a/usbutils-0.73-arm-1.tgz: Upgraded to usbutils-0.73 with fresh usb.ids. ap/cdrtools-2.01.01a37-arm-1.tgz: Upgraded to cdrtools-2.01.01a3 ap/flac-1.2.1-arm-1.tgz: Upgraded to flac-1.2.1. ap/foomatic-filters-3.0_20080211-arm-1.tgz: Upgraded to foomatic-filters-3.0_20080211. ap/ghostscript-8.62-arm-1.tgz: Upgraded to ghostscript-8.62. This new release of GPL Ghostscript fixes a buffer overflow. Thanks very much to ABE Shin-ichi for configuring and testing much improved support for CJK output! :-) For more information on the security issue, please see: http://scary.beasts.org/security/CESA-2008-001.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 Thanks to Chris Evans and Will Drewry of Google Security for their work on discovering and demonstrating the overflow. (* Security fix *) ap/gutenprint-5.0.2-arm-1.tgz: Upgraded to gutenprint-5.0.2. ap/hplip-2.8.2-arm-1.tgz: Upgraded to hplip-2.8.2. ap/lm_sensors-2.10.5-arm-1.tgz: Upgraded to lm_sensors-2.10.5 ap/vorbis-tools-1.2.0-arm-1.tgz: Upgraded to vorbis-tools-1.2.0 d/doxygen-1.5.5-arm-1.tgz: Upgraded to doxygen-1.5.5. d/gcc*-4.2.3-arm-2.tgz: Recompiled to disable libssp (stack-protector),however ./configure's --disable-libssp doesn't work, so the -fstack-protector option still exists. Since the packages still work, and I've rebuilt using binutils 2.17 (which is more stable than v2.18), we'll roll with these new builds. Debian has a bug report about this, so once it gets fixed, I'll roll an updated package. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469517 d/gettext-tools-0.17-arm-1.tgz: Upgraded to tools for gettext-0.17. d/git-1.5.4.3-arm-1.tgz: Upgraded to git-1.5.4.2. d/gperf-3.0.3-arm-3.tgz: Recompiled. Previously gperf would segfault when building the hal package. It works now! I'm not sure why this is, but it could be a combination of the gcc upgrade & glibc rebuild. d/m4-1.4.10-arm-1.tgz: Upgraded to m4-1.4.10. Thanks to Kyle Guinn for reporting that m4-1.4.9 had a serious calculation bug. d/oprofile-0.9.2-arm-4.tgz: Recompiled. d/perl-5.8.8-arm-5.tgz: Use vendor_perl for Slackware-added Perl modules, not site_perl. Try not to clobber an existing perllocal.pod. Added XML::Simple perl module for icon-naming-utils. d/pkg-config-0.23-arm-1.tgz: Upgraded to pkg-config-0.23. d/python-2.5.2-arm-1.tgz: Upgraded to Python-2.5.2. f/linux-howtos-20080323-noarch-1.tgz: Upgraded to Linux-HOWTOs-20080323. l/arts-1.5.9-arm-1.tgz: Upgraded to arts-1.5.9. l/atk-1.22.0-arm-1.tgz: Upgraded to atk-1.22.0. l/cairo-1.4.14-arm-1.tgz: Upgraded to cairo-1.4.14. l/dbus-1.1.20-arm-1.tgz: Upgraded to dbus-1.1.20. l/dbus-glib-0.74-arm-2.tgz: Rebuilt. l/dbus-qt3-0.70-arm-2.tgz: Rebuilt. l/desktop-file-utils-0.14-arm-1.tgz: Upgraded to desktop-file-utils-0.14. l/fribidi-0.10.9-arm-1.tgz: Upgraded to fribidi-0.10.9. l/fuse-2.7.3-arm-1.tgz: Added FUSE, a userspace filesystem interface. l/glib2-2.14.6-arm-2.tgz: Added /etc/profile.d/ scripts so that GTK+ will use the $LANG variable instead of forcing UTF-8. Set G_BROKEN_FILENAMES=1, and if the locale is UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the G_BROKEN_FILENAMES setting). This should get us a little closer with UTF. l/glibc-2.7-arm-4.tgz: Upgraded to tzdata2008a & compiled without gcc's slack-protector (libssp) option; which with gcc 4.2.3 creates broken code that can cause the binaries to segfault. Thanks greatly to Jim Hawkins for figuring that one out! l/glibc-i18n-2.7-noarch-4.tgz: Rebuilt. l/glibc-profile-2.7-arm-4.tgz: Rebuilt. l/gmime-2.2.17-arm-1.tgz: Upgraded to gmime-2.2.17. l/gmp-4.2.2-arm-1.tgz: Upgraded to gmp-4.2.2. l/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0. l/gtk+2-2.12.9-arm-1.tgz: Upgraded to gtk+-2.12.9. l/hal-info-20080313-noarch-1.tgz: Upgraded to hal-info-200803 l/hicolor-icon-theme-0.10-noarch-2.tgz: Upgraded to hicolor-icon-theme-0.10. l/icon-naming-utils-0.8.6-arm-1.tgz: Added utilities for naming icons. l/lcms-1.17-arm-1.tgz: Upgraded to lcms-1.17. l/libart_lgpl-2.3.20-arm-1.tgz: Upgraded to libart_lgpl-2.3.20. l/libcddb-1.3.0-arm-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins) l/libcdio-0.79-arm-1.tgz: Added libcdio-0.79. (needed by audacio l/libglade-2.6.2-arm-1.tgz: Upgraded to libglade-2.6.2. l/libgtkhtml-2.11.1-arm-1.tgz: Upgraded to libgtkhtml-2.11.1. l/libidl-0.8.10-arm-1.tgz: Upgraded to libIDL-0.8.10. l/libidn-1.5-arm-1.tgz: Upgraded to libidn-1.5. l/libieee1284-0.2.11-arm-2.tgz: Upgraded to libieee1284-0.2 l/libmcs-0.7.0-arm-1.tgz: Added libmcs-0.7.0 (replaces mcs pack l/libmng-1.0.10-arm-1.tgz: Upgraded to libmng-1.0.10. l/libpng-1.2.25-arm-1.tgz: Upgraded to libpng-1.2.25. l/librsvg-2.22.1-arm-1.tgz: Upgraded to librsvg-2.22.1. l/libtheora-1.0beta2-arm-1.tgz: Upgraded to libtheora-1.0beta2. l/libwpd-0.8.14-arm-1.tgz: Upgraded to libwpd-0.8.14. l/mcs-0.4.1-arm-2.tgz: Removed. l/mpfr-2.3.1-arm-1.tgz: Upgraded to mpfr-2.3.1. l/ncurses-5.6-arm-2.tgz: Applied all official patches. l/pango-1.20.0-arm-1.tgz: Upgraded to pango-1.20.0. l/pcre-7.6-arm-1.tgz: Upgraded to pcre-7.6. l/pilot-link-0.12.3-arm-2.tgz: Upgraded to pilot-link-0.12.3. l/poppler-0.6.4-arm-1.tgz: Upgraded to poppler-0.6.4. Activated --enable-xpdf-headers option. l/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0. l/pygtk-2.12.1-arm-2.tgz: Recompiled. l/qca-1.0-arm-2.tgz: Rebuilt for Qt 3.3.8b. l/qca-tls-1.0-arm-4.tgz: Rebuilt for Qt 3.3.8b. l/qt-3.3.8b-arm-1.tgz: Upgraded to qt-x11-free-3.3.8b. l/readline-5.2-arm-2.tgz: Applied all official patches. l/sdl-1.2.13-arm-1.tgz: Upgraded to SDL-1.2.13, SDL_image-1.2.6, SDL_mixer-1.2.8, SDL_net-1.2.7, and SDL_ttf-2.0.9. l/shared-mime-info-0.23-arm-1.tgz: Upgraded to shared-mime-info-0.23. l/slang-2.1.3-arm-1.tgz: Upgraded to slang-2.1.3. l/startup-notification-0.9-arm-1.tgz: Upgraded to startup-notification-0.9. l/taglib-1.5-arm-1.tgz: Upgraded to taglib-1.5. l/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme. l/vte-0.16.12-arm-1.tgz: Upgraded to vte-0.16.12. l/wavpack-4.41.0-arm-1.tgz: Added wavpack-4.41.0. This is needed for audacious WAV format support. n/bluez-hcidump-1.41-arm-1.tgz: Upgraded to bluez-hcidump-1.41. n/bluez-libs-3.26-arm-1.tgz: Upgraded to bluez-libs-3.26. n/bluez-utils-3.26-armv4-1.tgz: Upgraded to bluez-utils-3.26. n/dnsmasq-2.41-arm-1.tgz: Upgraded to dnsmasq-2.41. n/gnupg2-2.0.8-arm-1.tgz: Upgraded to gnupg2-2.0.8. n/gnutls-2.2.2-arm-1.tgz: Upgraded to gnutls-2.2.2. n/gpgme-1.1.6-arm-1.tgz: Upgraded to gpgme-1.1.6. n/iptraf-3.0.0-arm-2.tgz: Absorbed the latest Debian patch. n/libassuan-1.0.4-arm-1.tgz: Upgraded to libassuan-1.0.4. n/libgcrypt-1.4.0-arm-1.tgz: Upgraded to libgcrypt-1.4.0. n/libgpg-error-1.6-arm-2.tgz: Recompiled. n/libksba-1.0.3-arm-1.tgz: Upgraded to libksba-1.0.3. n/mcabber-0.9.6-arm-1.tgz: Upgraded to mcabber-0.9.6. n/net-snmp-5.4-arm-4.tgz: Recompiled to use vendor_perl. n/obexftp-0.21-arm-2.tgz: Recompiled to use vendor_perl. n/pinentry-0.7.5-arm-1.tgz: Upgraded to pinentry-0.7.5. n/rsync-3.0.0-arm-1.tgz: Upgraded to rsync-3.0.0. n/samba-3.0.28a-arm-1.tgz: Upgraded to samba-3.0.28a. n/wget-1.11-arm-1.tgz: Upgraded to wget-1.11. n/wireless-tools-29-arm-1.tgz: Upgraded to wireless-tools-29. n/wpa_supplicant-0.5.9-arm-1.tgz: Upgraded to wpa_supplicant-0.5.9. xap/xpdf-3.02-arm-2.tgz: Added support for Arabic, simplified and traditional Chinese, Hebrew, Japanese, Korean, Thai, and Turkish (in addition to the Cyrillic, Greek, and Latin2 support that had already been included). Added an icon and .desktop file. +--------------------------+ Tue Feb 26 19:28:28 GMT 2008 a/cups-1.3.5-arm-1.tgz: Upgraded to cups 1.3.5. I did try 1.3.6 but 'man/mantohtml' segfaulted during the build, and 1.3.5's didn't; and since we need the build to succeed before makepkg can be invoked, it seemed logical to choose something that met that requirement ;-) a/device-mapper-1.02.24-arm-1.tgz: Upgraded to device-mapper.1.02.24. a/e2fsprogs-1.40.6-arm-1.tgz: Upgraded to e2fsprogs-1.40.6. a/glibc-solibs-2.7-arm-3.tgz: Recompiled against Linux 2.6.23.16 headers. a/glibc-zoneinfo-2.7-noarch-3.tgz: Rebuilt. a/kernel-modules-2.6.23.16-arm-1.tgz: Upgraded to Linux 2.6.23.16 kernel modules for the RiscPC & ARM Versatile platforms. a/kernel_riscpc-2.6.23.16-arm-1.tgz: Upgraded to Linux 2.6.23.16 RiscPC Kernel. a/kernel_versatile-2.6.23.16-arm-1.tgz: Upgraded to Linux 2.6.23.16 ARM Versatile Kernel. I looked at Linux 2.6.24.2 but the RapIDE driver was modified in Linux 2.6.24 and the ARMedslack rapide.c patch needs updating. Anybody want to? :-) The diff between the kernels previous to 2.6.24: http://www.linuxhq.com/kernel/v2.6/24/drivers/ide/arm/rapide.c Discussion of why it was changed: http://kerneltrap.org/mailarchive/linux-kernel/2008/2/8/772844 The current ARMedslack patch for Linux 2.6.23: armedslack-current/source/k/sources/linux-2.6/patches/rapide.patch-2.6.23.12 a/lvm2-2.02.33-arm-1.tgz: Upgraded to LVM2.2.02.33. a/mkinitrd-1.3.1-arm-1.tgz: Merged patches for LVM/LUKS, hibernate, and RAID. a/sysvinit-scripts-1.0-noarch-10.tgz: Patched /etc/rc.d/rc.S for some of changes to LUKS handling in the initrd. ap/mysql-5.0.51a-arm-1.tgz: Upgraded to mysql-5.0.51a. d/binutils-2.17.50.0.17-arm-2.tgz: Recompiled. I did try 2.18.50.0.4 but it created a 3GB Kernel image file. My research indicated that it's a problem with objdump. I found that downgrading to this version made a working Kernel, so we'll stick with this one for now. d/gcc-4.2.3-arm-1.tgz: Upgraded to gcc-4.2.3. d/gcc-g++-4.2.3-arm-1.tgz: Upgraded to gcc-4.2.3 (C++). d/gcc-gfortran-4.2.3-arm-1.tgz: Upgraded to gcc-4.2.3 (FORTRAN). d/gcc-objc-4.2.3-arm-1.tgz: Upgraded to gcc-4.2.3 (Objective-C). The gcc Java package still isn't being built. I'm not sure whether it works yet. I noticed a thread about it on the Fedora ARM mailing list but thought it only had support for big endian ARM; but I've been wrong before. If anybody really wants this package and knows it works, I'll add it back into the build script. d/kernel-headers-2.6.23.16-arm-1.tgz: Upgraded to Linux 2.6.23.16 Kernel headers. d/subversion-1.4.6-arm-1.tgz: Upgraded to subversion-1.4.6. k/kernel-source-2.6.23.16-noarch-1.tgz: Upgraded to Linux 2.6.23.16 Kernel source. kde/amarok-1.4.8-arm-1.tgz: Upgraded to amarok-1.4.8. kde/kdesdk-3.5.8-arm-2.tgz: Recompiled to pick up new apr/neon/svn libs. A couple of bugzilla-related files have now appeared in the package. kde/kdevelop-3.5.0-arm-2.tgz: Recompiled to pick up new apr/neon/svn libs. l/apr-1.2.12-arm-1.tgz: Upgraded to apr-1.2.12. l/apr-util-1.2.12-arm-1.tgz: Upgraded to apr-util-1.2.12. l/atk-1.21.5-arm-1.tgz: Upgraded to atk-1.21.5. l/glib2-2.14.6-arm-1.tgz: Upgraded to glib-2.14.6. l/glibc-2.7-arm-3.tgz: Recompiled with gcc-4.2.3 & Kernel headers v2.6.23.16; also fixed a bug in the build script which meant that /etc/nscd.conf.new was an empty file. l/glibc-i18n-2.7-noarch-3.tgz: Rebuilt. l/gtk+2-2.12.7-arm-1.tgz: Upgraded to gtk+-2.12.7. l/libgpod-0.6.0-arm-1.tgz: Upgraded to libgpod-0.6.0 (major version bu l/libmad-0.15.1b-arm-2.tgz: Added 'mad.pc' pkgconfig file. l/libmowgli-0.6.0-arm-1.tgz: Added libmowgli-0.6.0, which is needed by Audacious. l/libmtp-0.2.5-arm-1.tgz: Upgraded to libmtp-0.2.5. l/libxml2-2.6.31-arm-1.tgz: Upgraded to libxml2-2.6.31. l/neon-0.26.4-arm-1.tgz: Upgraded to neon-0.26.4. l/pango-1.19.3-arm-1.tgz: Upgraded to pango-1.19.3. n/httpd-2.2.8-arm-1.tgz: Upgraded to httpd-2.2.8. This fixes security and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 (* Security fix *) xap/audacious-1.4.6-armv4-1.tgz: Upgraded to audacious-1.4.6. xap/audacious-plugins-1.4.5-armv4-1.tgz: Upgraded to audacious-plugins-1.4.5. Now with an upgraded neon library, this uses neon for http/https transport. xap/gimp-2.4.4-arm-1.tgz: Upgraded to gimp-2.4.4. xap/mozilla-firefox-2.0.0.12-arm-1.tgz: Upgraded to Bon Echo (firefox) 2.0.0.12. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/seamonkey-1.1.8-arm-1.tgz: Upgraded to seamonkey-1.1.8. xap/xine-lib-1.1.10.1-armv4-1.tgz: Upgraded to xine-lib-1.1.10.1. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.23.16 & included the latest initrd.img. isolinux/initrd.img: Upgraded to the latest initrd.img from Slackware which has a number of improvements. Directly from the Slackware ChangeLog: "Massive overhaul, primarily the work and initiative of Eric Hameleers. Work above and beyond the call of duty. If we gave out medals of honor, this would deserve one. :-) The installer now supports network installs from not just NFS, but also HTTP and FTP. Please be nice to our mirrors -- this feature is _intended_ for use within private networks from your own "site". Work is also underway to fully support unattended/remote installs. The installer has both a small ssh and sshd (dropbear). Thanks again Eric! This is something that's been on the drawing board for many years." +--------------------------+ Wed Jan 16 19:27:37 GMT 2008 l/atk-1.20.0-arm-1.tgz: Upgraded to atk-1.20.0. l/glib2-2.14.5-arm-1.tgz: Upgraded to glib-2.14.5. l/gtk+2-2.12.4-arm-1.tgz: Upgraded to gtk+-2.12.4. l/libxml2-2.6.30-arm-1.tgz: Upgraded to libxml2-2.6.30. l/libxslt-1.1.22-arm-2.tgz: Upgraded to libxslt-1.1.22. l/pango-1.19.2-arm-1.tgz: Upgraded to pango-1.19.2. l/pycairo-1.4.12-arm-1.tgz: Added pycairo-1.4.12 l/pygtk-2.12.1-arm-1.tgz: Added pygtk-2.12.1. l/pygobject-2.14.1-arm-1.tgz: Added pygobject-2.14.1. l/pyrex-0.9.6.4-arm-1.tgz: Added Pyrex-0.9.6.4. xap/seamonkey-1.1.7-arm-2.tgz: Use the system cairo to avoid a compile error. Thanks to Eric Hameleers for helping to figure this out. Patched a Makefile.in to avoid another compile error with the new GTK+. Thanks to the BLFS contributors for posting the solution to this. +--------------------------+ Fri Jan 4 21:24:05 GMT 2008 a/glibc-solibs-2.7-arm-2.tgz: Upgraded to glibc-2.7 compiled against Linux 2.6.23.12 kernel headers. a/glibc-zoneinfo-2.7-noarch-2.tgz: Upgraded to tzdata2007k. a/kernel-modules-2.6.23.12-arm-1.tgz: Upgraded to Linux 2.6.23.12 Kernel modules. a/kernel_riscpc-2.6.23.12-arm-1.tgz: Upgraded to Linux 2.6.23.12 for the RiscPC. a/kernel_versatile-2.6.23.12-arm-1.tgz: Upgraded to Linux 2.6.23.12 for the ARM Versatile platform. ** Please note: XFS filesystem support has been removed from both RiscPC & Versatile Kernels because the filesystem crashes and shuts downs on the RiscPC, and on the Versatile it can't even mount the newly created filesystem. It doesn't seem obvious what the problem is, so for now XFS has been removed from the Kernel but the user-space tools remain in the distribution & are available in the installer initrd. ** a/pkgtools-12.1.0-noarch-2.tgz: Fixed a regex bug in a grep in installpkg that could cause packages that do not conform to the FHS (those containing single- character top-level directories) to not be removable or upgradeable through the pkgtools. Thanks to Johnny Morano for pointing this ancient bug out. Made the top-line with -infobox more terse since some of the package names have become too long to fit, and were disturbing the infobox's formatting. ap/alsa-utils-1.0.14-arm-1.tgz: Upgraded to alsa-utils-1.0.14. ap/nano-2.0.7-arm-1.tgz: Upgraded to nano-2.0.7. d/kernel-headers-2.6.23.12-arm-1.tgz: Upgraded to Linux v2.6.23.12 Kernel headers. d/mercurial-0.9.5-arm-1.tgz: Upgraded to mercurial-0.9.5. d/ruby-1.8.6_p111-arm-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111. k/kernel-source-2.6.23.12-noarch-1.tgz: Upgraded to Linux Kernel source version 2.6.23.12. l/alsa-oss-1.0.14-arm-1.tgz: Upgraded to alsa-oss-1.0.14. l/glibc-2.7-arm-2.tgz: Rebuilt against Linux 2.6.23.12 kernel headers. l/glibc-i18n-2.7-noarch-2.tgz: Rebuilt. l/hal-0.5.10-arm-2.tgz: Re-added patch to stop HAL loading on ARM Versatile. Later Slackware HAL packages install /etc/rc.d/rc.hal as rc.hal.new and I hadn't noticed; so if you'd installed HAL in a qemu ARM Versatile system & had selected it to start at boot, your system wouldn't boot properly. l/libgsf-1.14.7-arm-1.tgz: Upgraded to libgsf-1.14.7. x/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE** Upgraded to version 2.22. x/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3. x/xf86-input-joystick-1.3.1-arm-1.tgz: Upgraded to xf86-input-joystick v1.3.1. x/xf86-video-ati-6.7.197-arm-1.tgz: Upgraded to xf86-video-ati-6.7.197. x/xf86-video-radeonhd-1.0.0-arm-1.tgz: Added xf86-video-radeonhd. x/xorg-server-1.4.0.90-arm-1.tgz: Upgraded to xorg-server-1.4.0.90. x/xorg-server-xnest-1.4.0.90-arm-1.tgz: Upgraded to xorg-server-xnest-1.4.0.90. x/xorg-server-xvfb-1.4.0.90-arm-1.tgz: Upgraded to xorg-server-xvfb-1.4.0.90. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.23.12 & included the latest initrd.img. isolinux/initrd.img: Upgraded to the latest installpkg. If the ARM Versatile platform is detected, offer to disable fsck checks for the filesystems found in /etc/fstab. This is because the QEMU ARM target does not have RTC support, so each filesystem is fsck'd on every boot - and because a reboot is required after each check, there is an almost never ending cycle of fsck/reboot. I wouldn't suggest disabling fsck checks normally, but until QEMU has RTC support, I consider this a necessity. +--------------------------+ Sun Dec 16 15:12:39 GMT 2007 a/inotify-tools-3.12-arm-1.tgz: Added inotify-tools-3.12. ap/mysql-5.0.51-arm-1.tgz: Upgraded to mysql-5.0.51. This release fixes several bugs, including some security issues. However, it also includes a potentially incompatible change, so be sure to read the release notes before upgrading. It is possible that some databases will need to be fixed in order to work with this (and future) releases: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 (* Security fix *) f/linux-howtos-20071216-noarch-1.tgz: Upgraded to Linux HOWTOs 20071216. l/hal-info-20071212-noarch-1.tgz: Upgraded to hal-info-20071212. n/nmap-4.50-arm-1.tgz: Upgraded to nmap-4.50. xap/imagemagick-6.3.7_4-arm-1.tgz: Upgraded to ImageMagick-6.3.7-4. +--------------------------+ Sat Dec 15 14:05:06 GMT 2007 ap/cdparanoia-III10pre0-arm-1.tgz: Upgraded to cdparanoia-III-10pre0. ap/hplip-2.7.10-arm-2.tgz: Rebuilt with some fixes to the build script. kde/amarok-1.4.7-arm-2.tgz: Recompiled against libmtp-0.2.4. l/cairo-1.4.12-arm-1.tgz: Upgraded to cairo-1.4.12. This fixes a possible security risk when decoding PNG files that may have been maliciously tampered with: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 (* Security fix *) l/libmtp-0.2.4-arm-1.tgz: Upgraded to libmtp-0.2.4. l/libnjb-2.2.6-arm-2.tgz: Updated udev rules. l/vte-0.16.10-arm-1.tgz: Upgraded to vte-0.16.10. n/bluez-hcidump-1.40-arm-1.tgz: Upgraded to bluez-hcidump-1.40. n/bluez-libs-3.22-arm-1.tgz: Upgraded to bluez-libs-3.22. n/bluez-utils-3.22-arm-1.tgz: Upgraded to bluez-utils-3.22. n/gnupg2-2.0.7-arm-1.tgz: Upgraded to gnupg2-2.0.7. n/gnutls-2.0.4-arm-1.tgz: Upgraded to gnutls-2.0.4. n/gpgme-1.1.5-arm-1.tgz: Upgraded to gpgme-1.1.5. n/libassuan-1.0.3-arm-1.tgz: Upgraded to libassuan-1.0.3. n/libgpg-error-1.6-arm-1.tgz: Upgraded to libgpg-error-1.6. n/libksba-1.0.2-arm-1.tgz: Upgraded to libksba-1.0.2. n/mcabber-0.9.5-arm-1.tgz: Upgraded to mcabber-0.9.5. n/pinentry-0.7.4-arm-1.tgz: Upgraded to pinentry-0.7.4. n/proftpd-1.3.1-arm-1.tgz: Upgraded to proftpd-1.3.1. n/rsync-2.6.9-arm-2.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html (* Security fix *) n/samba-3.0.28-arm-1.tgz: Upgraded to samba-3.0.28. Samba 3.0.28 is a security release in order to address a boundary failure in GETDC mailslot processing that can result in a buffer overrun leading to possible code execution. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 http://www.samba.org/samba/history/samba-3.0.28.html http://secunia.com/secunia_research/2007-99/advisory/ (* Security fix *) xap/gimp-2.4.2-arm-1.tgz: Upgraded to gimp-2.4.2. xap/gkrellm-2.3.1-arm-1.tgz: Upgraded to gkrellm-2.3.1. xap/mozilla-firefox-2.0.0.11-arm-1.tgz: Upgraded to firefox-2.0.0.11. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/pidgin-2.3.1-arm-1.tgz: Upgraded to pidgin-2.3.1. xap/xchat-2.8.4-arm-1.tgz: Upgraded to xchat-2.8.4. xap/xfce-4.4.2-arm-1.tgz: Upgraded to xfce-4.4.2. This fixes a minor security bug in Terminal: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 (* Security fix *) +--------------------------+ Fri Dec 7 19:07:29 GMT 2007 a/glibc-solibs-2.7-arm-1.tgz: Upgraded to glibc-2.7 & compiled against Linux 2.6.23.9 kernel headers. a/glibc-zoneinfo-2.7-noarch-1.tgz: Upgraded to tzdata2007i. a/hdparm-7.7-arm-1.tgz: Upgraded to hdparm-7.7. Moved hdparm binary to /sbin. a/kernel-modules-2.6.23.9-arm-1.tgz: Upgraded to Linux 2.6.23.9 for all supported ARM architectures (RiscPC & Versatile). a/kernel_riscpc-2.6.23.9-arm-1.tgz: Upgraded to Linux 2.6.23.9 for the RiscPC. a/kernel_versatile-2.6.23.9-arm-1.tgz: Upgraded to Linux 2.6.23.9 for the Versatile. a/mkinitrd-1.3.0-arm-1.tgz: Upgraded to mkinitrd-1.3.0. ap/cdrtools-2.01.01a36-arm-1.tgz: Upgraded to cdrtools-2.01.01a36. ap/ghostscript-8.61-arm-1.tgz: Upgraded to ghostscript-8.61. This is still under the GPL -- just FYI, I do not know why the package name changed. This package replaces gnu-ghostscript-8.60.0-arm-2. ap/gnu-ghostscript-8.60.0-arm-2.tgz: Removed. Replaced by ap/ghostscript. d/kernel-headers-2.6.23.9-arm-1.tgz: Upgraded to Linux 2.6.23.9 Kernel headers. l/gamin-0.1.9-arm-1.tgz: Upgraded to gamin-0.1.9. l/glibc-2.7-arm-1.tgz: Upgraded to glibc-2.7, built against Linux 2.6.23.9 kernel headers. * NOTE: Packages for -current built after this batch of packages (up to * the datestamp above) will be linked against glibc-2.7 and _may_ not work * on systems running earlier versions of glibc (such as Slackware 12.0 * systems running glibc-2.5). l/glibc-i18n-2.7-noarch-1.tgz: Upgraded to glibc-2.7 locale files. x/compiz-0.6.2-arm-1.tgz: Upgraded to compiz-0.6.2. x/dejavu-ttf-2.21-noarch-1.tgz: Upgraded to dejavu-ttf-2.21. x/glproto-1.4.9-noarch-1.tgz: Upgraded to glproto-1.4.9 x/libXft-2.1.12-arm-1.tgz: Recompiled to fix issues with bold font rendering. x/mesa-7.0.2-arm-1.tgz: Upgraded to mesa-7.0.2. x/pixman-0.9.6-arm-1.tgz: Upgraded to pixman-0.9.6. x/xf86-input-evdev-1.2.0-arm-1.tgz: Upgraded to xf86-input-evdev-1.2.0. x/xf86-input-joystick-1.3.0-arm-1.tgz: Upgraded to xf86-input-joystick-1.3.0. x/xf86-video-ati-6.7.196-arm-1.tgz: Upgraded to xf86-video-ati-6.7.196. x/xf86-video-intel-2.2.0-arm-1.tgz: Upgraded to xf86-video-intel-2.2.0 x/xf86-video-nv-2.1.6-arm-1.tgz: Upgraded to xf86-video-nv. x/xf86-video-sis-0.9.4-arm-1.tgz: Upgraded to xf86-video-sis-0.9.4. x/xorg-server-xdmx-1.4-arm-1.tgz: Removed. x/xorg-server-1.4-arm-2.tgz: Rebuilt against Mesa 7.0.2. Removed support for XDMX, as the code is not maintained and interferes with input hotplug support. No longer includes input hotplugging support. x/xorg-server-xnest-1.4-arm-2.tgz: Rebuilt. x/xorg-server-xvfb-1.4-arm-2.tgz: Rebuilt. xap/pan-0.132-arm-1.tgz: Upgraded to pan-0.132. xap/pidgin-2.2.2-arm-1.tgz: Upgraded to pidgin-2.2.2. xap/seamonkey-1.1.7-arm-1.tgz: Upgraded to seamonkey-1.1.7. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) xap/xpdf-3.02-arm-1.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) xap/xscreensaver-5.04-arm-1.tgz: Upgraded to xscreensaver-5.04. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.23.9 & glibc-2.7. See below for the changes to the installer 'initrd.img': isolinux/initrd.img: Upgraded to glibc-2.7. Added dmidecode. Rebuilt to include the latest versions of the contained applications (this happens with every build of initrd.img, by the way!). Downgraded to bash version 3.1 since this is what is being used in Slackware at the moment. +--------------------------+ Thu Nov 29 19:17:07 GMT 2007 a/cups-1.3.4-arm-1.tgz: Upgraded to cups-1.3.4. An off-by-one error in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 (* Security fix *) a/pkgtools-12.1.0-noarch-1.tgz: Upgraded to pkgtools-12.1.0-noarch-1. Fixed the following issues with removepkg: Fix problem removing packages with a large number of fields. Thanks to Niki Kovacs for noticing this, and to Piter Punk for the patch. Use LC_ALL=C locale, which is much faster with "sort". Thanks to Tsomi. Don't try to remove any package that starts with '-'. This is not a proper package name (usually a typo), and results in the package database being broken as the "package" beginning with '-' is passed along as an option to a command later in the script. Thanks to Jef Oliver. Patched cat_except() to allow the last Slackware package on a partition to be removed (using ROOT=, of course). Thanks to Selkfoster for the patch, and to everyone else who proposed solutions before. This issue really wasn't given the highest priority before, but as long as I was here... Fixed pkgtool to handle much larger numbers of installed packages. Thanks to Gabriele Inghirami for the patch. ap/cdparanoia-IIIalpha9.8-arm-2.tgz: Recompiled with SG_IO patch. ap/gnu-ghostscript-8.60.0-arm-2.tgz: ./configured with --disable-compile-inits option, which disables a new default of compiling in various configuration values (such as paper size) rather than reading them from the traditional config file. kde/kdegraphics-3.5.8-arm-2.tgz: Patched xpdf related bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) kde/koffice-1.6.3-arm-2.tgz: Patched xpdf related bugs. For more information, see: http://www.kde.org/info/security/advisory-20071107-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) l/libpng-1.2.23-arm-1.tgz: Upgraded to libpng-1.2.23. Previous libpng versions may crash when loading malformed PNG files. It is not currently known if this vulnerability can be exploited to execute malicious code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 (* Security fix *) l/pcre-7.4-arm-1.tgz: Upgraded to pcre-7.4. l/poppler-0.6.2-arm-1.tgz: Upgraded to poppler-0.6.2. n/links-2.1pre31-arm-1.tgz: Upgraded to links-2.1pre31. n/mcabber-0.9.4-arm-1.tgz: Upgraded to mcabber-0.9.4. n/openldap-client-2.3.38-arm-1.tgz: Upgraded to openldap-client-2.3.38. n/php-5.2.5-arm-1.tgz: Upgraded to php-5.2.5. This fixes bugs and security issues. For more information, see: http://www.php.net/releases/5_2_5.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 (* Security fix *) n/samba-3.0.27-arm-1.tgz: Upgraded to samba-3.0.27. Samba 3.0.27 is a security release in order to address a stack buffer overflow in nmbd's logon request processing, and remote code execution in Samba's WINS server daemon (nmbd) when processing name registration followed name query requests. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 (* Security fix *) n/sendmail-8.14.2-arm-1.tgz: Upgraded to sendmail-8.14.2. n/sendmail-cf-8.14.2-noarch-1.tgz: Upgraded to sendmail-8.14.2 config files. xap/gimp-2.4.1-arm-1.tgz: Upgraded to gimp-2.4.1. xap/mozilla-thunderbird-2.0.0.9-arm-1.tgz: Upgraded to thunderbird-2.0.0.9. This update fixes the following security related issues: URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36). Crashes with evidence of memory corruption (MFSA 2007-29). OK, so the first one obviously does not affect us. :-) The second fix has to do with the same JavaScript handling problem fixed before in Firefox. JavaScript is not enabled by default in Thunderbird, and the developers (at least in MFSA 2007-36) do not recommend turning it on. For more information, see: http://www.mozilla.org/security/announce/2007/mfsa2007-36.html http://www.mozilla.org/security/announce/2007/mfsa2007-29.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 (* Security fix *) xap/seamonkey-1.1.6-arm-1.tgz: Upgraded to SeaMonkey 1.1.6. This upgrade fixes SeaMonkey's ability to display certain types of web pages. That's about all we could find about it here: http://www.mozilla.org/projects/seamonkey/ +--------------------------+ Fri Oct 26 19:26:26 BST 2007 a/openssl-solibs-0.9.8g-arm-1.tgz: Upgraded to openssl-solibs-0.9.8g. ap/hplip-2.7.10-arm-1.tgz: Upgraded to hplip-2.7.10. kde/kdeaccessibility-3.5.8-arm-1.tgz: Upgraded to kdeaccessibility-3.5.8. kde/kdeaddons-3.5.8-arm-1.tgz: Upgraded to kdeaddons-3.5.8. kde/kdeadmin-3.5.8-arm-1.tgz: Upgraded to kdeadmin-3.5.8. kde/kdeartwork-3.5.8-arm-1.tgz: Upgraded to kdeartwork-3.5.8. kde/kdebase-3.5.8-arm-1.tgz: Upgraded to kdebase-3.5.8. kde/kdebindings-3.5.8-arm-1.tgz: Upgraded to kdebindings-3.5.8. kde/kdegames-3.5.8-arm-1.tgz: kdegames-3.5.8. kde/kdegraphics-3.5.8-arm-1.tgz: kdegraphics-3.5.8. kde/kdelibs-3.5.8-arm-1.tgz: Upgraded to kdelibs-3.5.8. kde/kdemultimedia-3.5.8-arm-1.tgz: Upgraded to kdemultimedia-3.5.8. kde/kdenetwork-3.5.8-arm-1.tgz: Upgraded to kdenetwork-3.5.8. kde/kdepim-3.5.8-arm-1.tgz: Upgraded to kdepim-3.5.8. kde/kdesdk-3.5.8-arm-1.tgz: Upgraded to kdesdk-3.5.8. kde/kdetoys-3.5.8-arm-1.tgz: Upgraded to kdetoys-3.5.8. kde/kdeutils-3.5.8-arm-1.tgz: Upgraded to kdeutils-3.5.8. kde/kdevelop-3.5.0-arm-1.tgz: Upgraded to kdevelop-3.5.0. kde/kdewebdev-3.5.8-arm-1.tgz: Upgraded to kdewebdev-3.5.8. kde/knemo-0.4.8-arm-2.tgz: Recompiled. kde/koffice-1.6.3-arm-2.tgz: Recompiled. kdei/kde-i18n-*-3.5.8-noarch-1.tgz: Upgraded to kde-i18n-3.5.8. l/libpng-1.2.22-arm-1.tgz: Upgraded to libpng-1.2.22. l/librsvg-2.18.2-arm-1.tgz: Upgraded to librsvg-2.18.2. n/openssh-4.7p1-arm-3.tgz: Recompiled against openssl-0.9.8g. n/openssl-0.9.8g-arm-1.tgz: Upgraded to openssl-0.9.8g. xap/gimp-2.4.0-arm-1.tgz: Upgraded to gimp-2.4.0. xap/mozilla-firefox-2.0.0.8-arm-1.tgz: Upgraded to Bon Echo ('firefox') 2.0.0.8. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/seamonkey-1.1.5-arm-1.tgz: Upgraded to seamonkey-1.1.5 This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) +--------------------------+ Fri Oct 19 18:15:08 BST 2007 a/glibc-solibs-2.5-arm-3.tgz: Recompiled against 2.6.23.1 kernel headers. a/glibc-zoneinfo-2.5-noarch-3.tgz: Upgraded to tzcode2007h and tzdata2007h. a/jfsutils-1.1.12-arm-1.tgz: Upgraded to jfsutils-1.1.12. a/kernel-modules-2.6.23.1-arm-1.tgz: Upgraded to RiscPC & Versatile Linux 2.6.23.1 Kernel modules. a/kernel_riscpc-2.6.23.1-arm-1.tgz: Upgraded to Linux 2.6.23.1 RiscPC Kernel. Removed /proc/kconfig to help reduce the size of the Kernel image (you cannot boot the Kernel if it's too large, and recently even with the same Kernel options, the kernel file is getting fat.) Enabled iptables as modules. a/kernel_versatile-2.6.23.1-arm-1.tgz: Upgraded to Linux 2.6.23.1 Versatile Kernel. a/module-init-tools-3.4-arm-1.tgz: Upgraded to module-init-tools-3.4. a/openssl-solibs-0.9.8f-arm-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Slackware is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) (* Security fix *) a/udev-116-arm-1.tgz: Upgraded to udev-116. d/kernel-headers-2.6.23.1-arm-1.tgz: Upgraded to Linux 2.6.23.1 Kernel headers. k/kernel-source-2.6.23.1-noarch-1.tgz: Upgraded to Linux 2.6.23.1. l/glibc-2.5-arm-3.tgz: Recompiled against 2.6.23.1 kernel headers. l/glibc-i18n-2.5-noarch-3.tgz: Rebuilt. l/glibc-profile-2.5-arm-3.tgz: Recompiled against 2.6.23.1 kernel headers. l/hal-0.5.10-arm-1.tgz: Upgraded to hal-0.5.10. l/hal-info-20071011-noarch-1.tgz: Upgraded to hal-info-20071011. l/poppler-0.6.1-arm-1.tgz: Upgraded to poppler-0.6.1. l/poppler-data-0.1.1-noarch-1.tgz: Upgraded to poppler-data-0.1.1. l/qt-3.3.8-arm-3.tgz: Added back the library symlinks into /usr/lib, without which kdelibs does not compile. n/openssh-4.7p1-arm-2.tgz: Recompiled against openssl 0.9.8f. n/openssl-0.9.8f-arm-1.tgz: Upgraded to openssl-0.9.8f. This release fixes two minor security bugs unlikely to pose any threat to most production servers. For more information, see: http://openssl.org/news/secadv_20071012.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 (nothing in Slackware is using this DTLS implementation) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135 (this bug is in a function normally only used for logging or debugging) (* Security fix *) tcl/expect-5.43-arm-2.tgz: Rebuilt against tcl-8.4.16. xap/fluxbox-1.0.0-arm-1.tgz: Upgraded to fluxbox-1.0.0. isolinux/initrd.img: Removed libgpm (which in Slackware may have been interfering with serial console and Speakup installs) & in ARMedslack looks to have fixed the hang experienced when installing n/bind. Upgraded to jfsutils-1.1.12. Upgraded to latest glibc build. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.23.1. +--------------------------+ Tue Oct 9 08:15:00 BST 2007 a/aaa_base-12.0.0-noarch-1.tgz: Updated versions to 12.0. a/dialog-1.1_20070930-arm-1.tgz: Upgraded to dialog-1.1-20070930. a/mkinitrd-1.1.4-arm-1.tgz: Updated to busybox-1.7.2 and dialog-1.1-20070930. ap/gnu-ghostscript-8.60.0-arm-1.tgz: Added gnu-ghostscript-8.60.0. This replaces the espgs (ESP Ghostscript) package. ap/gutenprint-5.0.1-arm-1.tgz: Added gutenprint-5.0.1, which is the new version of (and name for) gimp-print. l/dbus-glib-0.74-arm-1.tgz: Upgraded to dbus-glib-0.74. l/libpng-1.2.21-arm-1.tgz: Upgraded to libpng-1.2.21. l/pcre-7.3-arm-1.tgz: Upgraded to pcre-7.3. tcl/tcl-8.4.16-arm-1.tgz: Upgraded to tcl-8.4.16. tcl/tk-8.4.16-arm-1.tgz: Upgraded to tk-8.4.16. xap/imagemagick-6.3.6_0-arm-1.tgz: Upgraded to ImageMagick-6.3.6-0. xap/pidgin-2.2.1-arm-1.tgz: Upgraded to pidgin-2.2.1. xap/xine-lib-1.1.8-armv4-1.tgz: Upgraded to xine-lib-1.1.8. Upgraded to X.org 7.3.: This Xorg still has a problem with the RiscPC where the arrow keys do not work. Although it is possible to map them using xmodmap, we need it to be working by default. Fixes are welcome! x/appres-1.0.1-arm-1.tgz: Recompiled. x/bdftopcf-1.0.1-arm-1.tgz: Recompiled. x/beforelight-1.0.2-arm-1.tgz: Recompiled. x/bigreqsproto-1.0.2-noarch-1.tgz: Recompiled. x/bitmap-1.0.3-arm-1.tgz: Recompiled. x/compiz-0.6.0-arm-1.tgz: Upgraded to compiz-0.6.0. x/compositeproto-0.4-noarch-1.tgz: Upgraded to compositeproto-0.4. x/editres-1.0.3-arm-1.tgz: Recompiled. x/font-util-1.0.1-arm-1.tgz: Recompiled. x/fonttosfnt-1.0.3-arm-1.tgz: Recompiled. x/fslsfonts-1.0.1-arm-1.tgz: Recompiled. x/fstobdf-1.0.2-arm-1.tgz: Recompiled. x/iceauth-1.0.2-arm-1.tgz: Upgraded to iceauth-1.0.2. x/ico-1.0.2-arm-1.tgz: Upgraded to ico-1.0.2. x/imake-1.0.2-arm-1.tgz: Recompiled. x/inputproto-1.4.2.1-noarch-1.tgz: Upgraded to inputproto-1.4.2.1. x/lbxproxy-1.0.1-arm-1.tgz: Recompiled. x/libFS-1.0.0-arm-1.tgz: Recompiled. x/libICE-1.0.4-arm-1.tgz: Upgraded to libICE-1.0.4. x/libSM-1.0.3-arm-1.tgz: Upgraded to libICE-1.0.4. x/libX11-1.1.3-arm-1.tgz: Upgraded to libX11-1.1.3. x/libXScrnSaver-1.1.2-arm-1.tgz: Recompiled. x/libXTrap-1.0.0-arm-1.tgz: Recompiled. x/libXau-1.0.3-arm-1.tgz: Recompiled. x/libXaw-1.0.4-arm-1.tgz: Upgraded to libXaw-1.0.4. x/libXcomposite-0.4.0-arm-1.tgz: Upgraded to libXcomposite-0.4.0. x/libXcursor-1.1.9-arm-1.tgz: Upgraded to libXcursor-1.1.9. x/libXdamage-1.1.1-arm-1.tgz: Recompiled. x/libXdmcp-1.0.2-arm-1.tgz: Recompiled. x/libXevie-1.0.2-arm-1.tgz: Recompiled. x/libXext-1.0.3-arm-1.tgz: Recompiled. x/libXfixes-4.0.3-arm-1.tgz: Recompiled. x/libXfont-1.3.1-arm-1.tgz: Upgraded to libXfont-1.3.1. x/libXfontcache-1.0.4-arm-1.tgz: Upgraded to libXfont-1.3.1. x/libXft-2.1.12-arm-1.tgz: Upgraded to libXfont-1.3.1. x/libXi-1.1.3-arm-1.tgz: Upgraded to libXi-1.1.3. x/libXinerama-1.0.2-arm-1.tgz: Upgraded to libXi-1.1.3. x/libXmu-1.0.3-arm-1.tgz: Upgraded to libXi-1.1.3. x/libXp-1.0.0-arm-1.tgz: Recompiled. x/libXpm-3.5.7-arm-1.tgz: Upgraded to libXpm-3.5.7. x/libXprintAppUtil-1.0.1-arm-1.tgz: Recompiled. x/libXprintUtil-1.0.1-arm-1.tgz: Recompiled. x/libXrandr-1.2.2-arm-1.tgz: Upgraded to libXrandr-1.2.2. x/libXrender-0.9.4-arm-1.tgz: Upgraded to libXrender-0.9.4. x/libXres-1.0.3-arm-1.tgz: Recompiled. x/libXt-1.0.5-arm-1.tgz: Recompiled. x/libXtst-1.0.3-arm-1.tgz: Upgraded to libXtst-1.0.3. x/libXv-1.0.3-arm-1.tgz: Recompiled. x/libXvMC-1.0.4-arm-1.tgz: Recompiled. x/libXxf86dga-1.0.2-arm-1.tgz: Upgraded to libXxf86dga-1.0.2. x/libXxf86misc-1.0.1-arm-1.tgz: Recompiled. x/libXxf86vm-1.0.1-arm-1.tgz: Recompiled. x/libdmx-1.0.2-arm-1.tgz: Recompiled. x/libfontenc-1.0.4-arm-1.tgz: Recompiled. x/liblbxutil-1.0.1-arm-1.tgz: Recompiled. x/liboldX-1.0.1-arm-1.tgz: Recompiled. x/libxcb-1.0-arm-3.tgz: Recompiled. x/libxkbfile-1.0.4-arm-1.tgz: Recompiled. x/libxkbui-1.0.2-arm-1.tgz: Recompiled. x/listres-1.0.1-arm-1.tgz: Recompiled. x/lndir-1.0.1-arm-1.tgz: Recompiled. x/luit-1.0.2-arm-1.tgz: Recompiled. x/makedepend-1.0.1-arm-1.tgz: Recompiled. x/mkcomposecache-1.2-arm-1.tgz: Recompiled. x/mkfontscale-1.0.3-arm-1.tgz: Recompiled. x/oclock-1.0.1-arm-1.tgz: Recompiled. x/proxymngr-1.0.1-arm-1.tgz: Recompiled. x/randrproto-1.2.1-noarch-1.tgz: Recompiled. x/recordproto-1.13.2-noarch-1.tgz: Recompiled. x/rendercheck-1.2-arm-1.tgz: Recompiled. x/rgb-1.0.1-arm-1.tgz: Recompiled. x/rstart-1.0.2-arm-1.tgz: Recompiled. x/sessreg-1.0.3-arm-1.tgz: Upgraded to sessreg-1.0.3. x/setxkbmap-1.0.4-arm-1.tgz: Upgraded to setxkbmap-1.0.4. x/showfont-1.0.1-arm-1.tgz: Recompiled. x/smproxy-1.0.2-arm-1.tgz: Recompiled. x/twm-1.0.3-arm-3.tgz: Recompiled. x/viewres-1.0.1-arm-1.tgz: Recompiled. x/x11-driver-7.3-arm-1.tgz: Recompiled. x/x11-lib-7.3-arm-1.tgz: Recompiled. x/x11perf-1.4.1-arm-1.tgz: Recompiled. x/xauth-1.0.2-arm-1.tgz: Recompiled. x/xbacklight-1.1-arm-1.tgz: Upgraded to xbacklight-1.1. x/xbiff-1.0.1-arm-1.tgz: Recompiled. x/xcalc-1.0.2-arm-1.tgz: Upgraded to xcalc-1.0.2. x/xclipboard-1.0.1-arm-1.tgz: Recompiled. x/xclock-1.0.3-arm-1.tgz: Upgraded to xclock-1.0.3. x/xcmsdb-1.0.1-arm-1.tgz: Recompiled. x/xconsole-1.0.3-arm-1.tgz: Upgraded to xconsole-1.0.3. x/xcursorgen-1.0.2-arm-1.tgz: Upgraded to xcursorgen-1.0.2. x/xdbedizzy-1.0.2-arm-1.tgz: Recompiled. x/xditview-1.0.1-arm-1.tgz: Recompiled. x/xdm-1.1.6-arm-1.tgz: Upgraded to xdm-1.1.6. x/xdpyinfo-1.0.2-arm-1.tgz: Recompiled. x/xdriinfo-1.0.2-arm-1.tgz: Upgraded to xdriinfo-1.0.2. x/xedit-1.0.2-arm-1.tgz: Recompiled. x/xev-1.0.2-arm-1.tgz: Recompiled. x/xeyes-1.0.1-arm-1.tgz: Recompiled. x/xf86-input-aiptek-1.0.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-calcomp-1.1.1-arm-1.tgz: Upgraded to xf86-input-calcomp-1.1.1. x/xf86-input-citron-2.2.1-arm-1.tgz: Added xf86-input-citron-2.2.1. x/xf86-input-digitaledge-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-dynapro-1.1.1-arm-1.tgz: Added xf86-input-dynapro-1.1.1. x/xf86-input-elo2300-1.1.1-arm-1.tgz: Added xf86-input-elo2300-1.1.1. x/xf86-input-elographics-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-evdev-1.1.5-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-fpit-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-hyperpen-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-jamstudio-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-joystick-1.2.3-arm-1.tgz: Upgraded to xf86-input-joystick-1.2.3. x/xf86-input-keyboard-1.2.2-arm-1.tgz: Upgraded to xf86-input-keyboard-1.2.2. x/xf86-input-magellan-1.1.1-arm-1.tgz: Upgraded to xf86-input-magellan-1.1.1. x/xf86-input-magictouch-1.0.0.5-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-microtouch-1.1.1-arm-1.tgz: Added xf86-input-microtouch-1.1.1. x/xf86-input-mouse-1.2.3-arm-1.tgz: Upgraded to xf86-input-mouse-1.2.3. x/xf86-input-mutouch-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-palmax-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-penmount-1.2.1-arm-1.tgz: Added xf86-input-penmount-1.2.1. x/xf86-input-spaceorb-1.1.1-arm-1.tgz: Upgraded to xf86-input-spaceorb-1.1.1. x/xf86-input-summa-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-tek4957-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-input-ur98-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-apm-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-ark-0.6.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-ast-0.81.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-ati-6.7.195-arm-1.tgz: Upgraded to xf86-video-ati-6.7.195. x/xf86-video-chips-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-cirrus-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-cyrix-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-dummy-0.2.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-fbdev-0.3.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-glint-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-i128-1.2.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-i740-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-i810-1.7.4-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-imstt-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-mga-1.9.100-arm-1.tgz: Upgraded to xf86-video-mga-1.9.100. x/xf86-video-neomagic-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-newport-0.2.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-nsc-2.8.3-arm-1.tgz: Upgraded to xf86-video-nsc-2.8.3. x/xf86-video-nv-2.1.5-arm-1.tgz: Upgraded to xf86-video-nv-2.1.3. x/xf86-video-rendition-4.1.3-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-s3-0.5.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-s3virge-1.9.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-savage-2.1.3-arm-1.tgz: Upgraded to xf86-video-savage-2.1.3. x/xf86-video-siliconmotion-1.5.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-sis-0.9.3-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-sisusb-0.8.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-tdfx-1.3.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-tga-1.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-trident-1.2.3-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-tseng-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-v4l-0.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-vesa-1.3.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-vga-4.1.0-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-via-0.2.2-arm-3.tgz: Recompiled against xorg-server-1.4. x/xf86-video-vmware-10.15.2-arm-1.tgz: Upgraded to xf86-video-vmware-10.15.1. x/xf86-video-voodoo-1.1.1-arm-3.tgz: Recompiled against xorg-server-1.4. x/xfd-1.0.1-arm-1.tgz: Recompiled. x/xfindproxy-1.0.1-arm-1.tgz: Recompiled. x/xfontsel-1.0.2-arm-1.tgz: Recompiled. x/xfs-1.0.5-arm-1.tgz: Upgraded to xfs-1.0.5. x/xfsinfo-1.0.1-arm-1.tgz: Recompiled. x/xfwp-1.0.1-arm-1.tgz: Recompiled. x/xgamma-1.0.2-arm-1.tgz: Upgraded to xgamma-1.0.2 x/xgc-1.0.1-arm-1.tgz: Recompiled. x/xhost-1.0.2-arm-1.tgz: Upgraded to xhost-1.0.2. x/xinit-1.0.7-arm-1.tgz: Upgraded to xinit-1.0.7. x/xkbcomp-1.0.3-arm-1.tgz: Recompiled. x/xkbevd-1.0.2-arm-1.tgz: Recompiled. x/xkbprint-1.0.1-arm-1.tgz: Recompiled. x/xkbutils-1.0.1-arm-1.tgz: Recompiled. x/xkill-1.0.1-arm-1.tgz: Recompiled. x/xload-1.0.2-arm-1.tgz: Recompiled. x/xlogo-1.0.1-arm-1.tgz: Recompiled. x/xlsatoms-1.0.1-arm-1.tgz: Recompiled. x/xlsclients-1.0.1-arm-1.tgz: Recompiled. x/xlsfonts-1.0.2-arm-1.tgz: Recompiled. x/xmag-1.0.2-arm-1.tgz: Upgraded to xmag-1.0.2. x/xman-1.0.3-arm-1.tgz: Upgraded to xman-1.0.3. x/xmessage-1.0.2-arm-1.tgz: Upgraded to xmessage-1.0.2. x/xmh-1.0.1-arm-1.tgz: Recompiled. x/xmodmap-1.0.3-arm-1.tgz: Upgraded to xmodmap-1.0.3. x/xmore-1.0.1-arm-1.tgz: Recompiled. x/xorg-server-1.4-arm-1.tgz: Upgraded to xorg-server-1.4. x/xorg-server-xdmx-1.4-arm-1.tgz: Upgraded to xorg-server-xdmx. x/xorg-server-xnest-1.4-arm-1.tgz: Upgraded to xorg-server-xnest-1.4. x/xorg-server-xvfb-1.4-arm-1.tgz: Upgraded to xorg-server-xvfb-1.4. x/xorg-sgml-doctools-1.2-noarch-1.tgz: Recompiled. x/xphelloworld-1.0.1-arm-1.tgz: Recompiled. x/xplsprinters-1.0.1-arm-1.tgz: Recompiled. x/xpr-1.0.2-arm-1.tgz: Recompiled. x/xprehashprinterlist-1.0.1-arm-1.tgz: Recompiled. x/xprop-1.0.3-arm-1.tgz: Upgraded to xprop-1.0.3. x/xproto-7.0.10-noarch-1.tgz: Rebuilt. x/xrandr-1.2.2-arm-1.tgz: Upgraded to xrandr-1.2.2. x/xrdb-1.0.4-arm-1.tgz: Upgraded to xrdb-1.0.4. x/xrefresh-1.0.2-arm-1.tgz: Recompiled. x/xrx-1.0.1-arm-1.tgz: Recompiled. x/xset-1.0.3-arm-1.tgz: Upgraded to xset-1.0.3. x/xsetmode-1.0.0-arm-1.tgz: Upgraded to xset-1.0.3. x/xsetpointer-1.0.1-arm-1.tgz: Upgraded to xset-1.0.3. x/xsetroot-1.0.2-arm-1.tgz: Upgraded to xsetroot-1.0.2. x/xsm-1.0.1-arm-1.tgz: Recompiled. x/xstdcmap-1.0.1-arm-1.tgz: Recompiled. x/xtrans-1.0.4-noarch-1.tgz: Recompiled. x/xtrap-1.0.2-arm-1.tgz: Recompiled. x/xvidtune-1.0.1-arm-1.tgz: Recompiled. x/xvinfo-1.0.2-arm-1.tgz: Upgraded to xvinfo-1.0.2. x/xwd-1.0.1-arm-1.tgz: Recompiled. x/xwininfo-1.0.3-arm-1.tgz: Upgraded to xwininfo-1.0.3. x/xwud-1.0.1-arm-1.tgz: Recompiled. +--------------------------+ Fri Sep 28 07:58:51 BST 2007 a/cups-1.3.3-arm-1.tgz: Upgraded to cups-1.3.3. a/etc-12.1-noarch-1.tgz: Added "tape" group. a/udev-115-arm-1.tgz: Upgraded to udev-115. ap/foomatic-filters-3.0-20070919-arm-1.tgz: Added. This is a printer filter required to use Gutenprint or HPLIP with CUPS. ap/hplip-2.7.9-arm-1.tgz: Upgraded to hplip-2.7.9. Note that this no longer requires daemons to be started at boot time, so any /etc/rc.d/rc.hplip script can be removed. ap/mysql-5.0.45-arm-1.tgz: Upgraded to mysql-5.0.45. ap/vim-7.1.138-arm-1.tgz: Upgraded to vim-7.1.138. kde/amarok-1.4.7-arm-1.tgz: Upgraded to amarok-1.4.7. kde/k3b-1.0.3-arm-1.tgz: Upgraded to k3b-1.0.3. kdei/k3b-i18n-1.0.3-noarch-1.tgz: Added k3b-i18n-1.0.3. l/libao-0.8.8-arm-1.tgz: Upgraded to libao-0.8.8. l/libgpod-0.5.2-arm-1.tgz: Upgraded to libgpod-0.5.2. l/libnjb-2.2.6-arm-1.tgz: Upgraded to libnjb-2.2.6. l/libpng-1.2.20-arm-1.tgz: Upgraded to libpng-1.2.20. l/libtheora-1.0beta1-arm-1.tgz: Upgraded to libtheora-1.0beta1. l/libvorbis-1.2.0-arm-1.tgz: Upgraded to libvorbis-1.2.0. l/libwnck-2.18.3-arm-1.tgz: Added libwnck-2.18.3. l/vte-0.16.8-arm-1.tgz: Upgraded to vte-0.16.8. n/network-scripts-12.0-noarch-3.tgz: Mount CIFS partitions. xap/mozilla-firefox-2.0.0.7-arm-1.tgz: Upgraded to Bon Echo (Mozilla Firefox) 2.0.0.7. xap/vim-gvim-7.1.138-arm-1.tgz: Upgraded to vim-7.1.138 with GTK+ extensions. xap/xscreensaver-5.03-arm-1.tgz: Upgraded to xscreensaver-5.03. +x/dejavu-ttf-2.20-noarch-1.tgz: Upgraded to dejavu-ttf-2.20. x/mesa-7.0.1-arm-1.tgz: Upgraded to Mesa-7.0.1. +--------------------------+ Fri Sep 21 21:06:33 BST 2007 ap/workbone-2.40-arm-1.tgz: Recompiled. d/git-1.5.3.3-arm-1.tgz: Upgraded to git-1.5.3.3. l/glib2-2.12.13-arm-1.tgz: Upgraded to glib-2.12.13. l/gtk+2-2.10.14-arm-1.tgz: Upgraded to gtk+-2.10.14. n/httpd-2.2.6-arm-1.tgz: Upgraded to httpd-2.2.6. n/php-5.2.4-arm-1.tgz: Upgraded to php-5.2.4. The PHP announcement says this version fixes over 120 bugs as well as "several low priority security bugs." Read more about it here: http://www.php.net/releases/5_2_4.php (* Security fix *) n/ppp-2.4.4-arm-2.tgz: Fixed man page locations. +--------------------------+ Tue Sep 18 07:54:20 BST 2007 a/apmd-3.2.2-arm-2.tgz: Recompiled & compressed man pages. a/cxxlibs-6.0.8-arm-1.tgz: Upgraded to libstdc++.so.6.0.8 from gcc-4.1.1. /usr/lib/libstdc++.so.5.0.7 from gcc-3 remains. This package was built by hand, since the build script refers to gcc-3 in the 'testing' area, which is no longer shipped in ARMedslack-current (to be 12.0). There are likely to be some packages requiring it that did not get a recompile. ap/mpg321-0.2.10-arm-1.tgz: Recompiled. l/freetype-2.3.5-arm-1.tgz: Upgraded to freetype-2.3.5. l/hal-0.5.10-arm-1.tgz: Upgraded to hal-0.5.10rc2. l/hal-info-20070831-noarch-1.tgz: Upgraded to hal-info-20070831. d/ccache-2.4-arm-1.tgz: Recompiled. d/indent-2.2.9-arm-1.tgz: Recompiled. n/autofs-3.1.7-arm-1.tgz: Recompiled. n/metamail-2.7-arm-1.tgz: Recompiled. n/nc-1.10-arm-1.tgz: Recompiled. n/netpipes-4.2-arm-1.tgz: Recompiled. n/newspost-2.1.1-arm-1.tgz: Recompiled. n/pidentd-3.0.19-arm-1.tgz: Recompiled. n/rdist-6.1.5-arm-1.tgz: Recompiled. n/trn-3.6-arm-1.tgz: Recompiled. n/samba-3.0.26a-arm-1.tgz: Upgraded to samba-3.0.26a. This fixes a security issue in all Samba 3.0.25 versions: "Incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin." For more information, see: http://www.samba.org/samba/security/CVE-2007-4138.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 (* Security fix *) n/uucp-1.07-arm-1.tgz: Recompiled. +--------------------------+ Sun Sep 9 20:21:00 BST 2007 kde/kdebase-3.5.7-arm-2.tgz: Patched Konqueror to prevent "spoofing" the URL (i.e. displaying a URL other than the one associated with the page displayed) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 (* Security fix *) kde/kdelibs-3.5.7-arm-2.tgz: Patched Konqueror's supporting libraries to prevent addressbar spoofing. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4225 (* Security fix *) l/libidn-0.6.10-arm-2.tgz: Recompiled. Removed duplicate uncompressed man pages & moved man pages from /usr/share/man into /usr/man. l/netpbm-10.18.12-arm-2.tgz: Recompiled. Removed duplicate uncompressed man pages. l/poppler-0.6-arm-1.tgz: Upgraded to poppler-0.6. n/openssh-4.7p1-arm-1.tgz: Upgraded to openssh-4.7p1. n/samba-3.0.25c-arm-1.tgz: Upgraded to samba-3.0.25c. This fixes some bugs in the samba-3.0.25b release. armedslack-extra/: Moved to a directory named 'unsupported' which can be found at ftp://ftp.armedslack.org/ bootware/riscpc/slackb.zip: Patched GRUB to use a config file named 'grubcfg' rather than 'grub.cfg'. This allows us to have set the RISC OS file type to 'text' so that it can be double-clicked and opened directly from the CD into a text editor. bootware/riscpc/!SlackBt: Added the full exploded tree of !SlackBt (found within slackbt.zip) with RISC OS file types appended in the standard format (filename,XXX). This allows booting directly from an ARMedslack ISO CD image, and from NFS/CIFS using LanMan98 et al. +--------------------------+ Fri Sep 7 18:20:02 BST 2007 a/sysvinit-scripts-1.0-noarch-9.tgz: In /etc/rc.d/rc.M, touch the font dirs in /usr/share/fonts before running fc-cache. On machines that boot with an incorrect system time (ARM Versatile under QEMU, for example), fc-cache will complain that it cannot write to the cache files. Thanks to Jim Hawkins for finding the explanation: http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg266900.html +--------------------------+ Fri Aug 31 09:42:24 BST 2007 a/aaa_elflibs-12.0-arm-1.tgz: Rebuilt with the latest shared objects. a/kernel-modules-2.6.22.6-arm-1.tgz: Upgraded to Linux 2.6.22.6 Kernel modules for the RiscPC & Versatile. a/kernel_riscpc-2.6.22.6-arm-1.tgz: Backed out Acorn Framebuffer patch introduced in the 2.6.22.5 Kernel package -- the patch is now in Xorg. a/kernel_versatile-2.6.22.6-arm-1.tgz: Upgraded to Versatile Linux Kernel version 2.6.22.6. k/kernel-source-2.6.22.6-noarch-1.tgz: Upgraded to Linux 2.6.22.6 Kernel source. x/xorg-server-*-arm-3.tgz: Rebuilt X server packages with a patch from Alan Hourihane to fix the Acorn Framebuffer resolution problem described below in the Sun Aug 26th update for the RiscPC Kernel. extra/bittornado/bittornado-0.3.18-arm-1.tgz: Upgraded to bittornado-0.3.18. extra/blackbox/blackbox-0.70.1-arm-1.tgz: Recompiled, changed --prefix to /usr. extra/ktorrent/ktorrent-2.1.4-arm-1.tgz: Added ktorrent-2.1.1. extra/mpg123/mpg123-0.66-arm-1.tgz: Upgraded to mpg123-0.66. extra/ntfsprogs/ntfsprogs-1.13.1-arm-1.tgz: Added ntfsprogs-1.13.1. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.22.6 Kernel. +--------------------------+ Sun Aug 26 13:30:00 BST 2007 a/glibc-solibs-2.5-arm-2.tgz: Recompiled against Linux 2.6.22.5 headers. a/glibc-zoneinfo-2.5-noarch-2.tgz: Rebuilt. a/kernel-modules-2.6.22.5-arm-1.tgz: Upgraded to Linux 2.6.22.5 Kernel modules for the RiscPC & Versatile. a/kernel_riscpc-2.6.22.5-arm-1.tgz: Upgraded to RiscPC Linux Kernel 2.6.22.5. Using RapIDE patch, submitted as http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4543/1 Using Alan Hourihane's improved version of patch to allow booting of zImage: http://www.arm.linux.org.uk/developer/patches/viewpatch.php?id=4540/1 Patched Acorn Framebuffer - it was modifying yres_virtual to support ypan for accelerated text scrolling which prevented X11 from getting the modes it asked for. Thanks to Jim Hawkins for debugging & writing a patch. a/kernel_versatile-2.6.22.5-arm-1.tgz: Upgraded to Versatile Linux Kernel version 2.6.22.5. d/kernel-headers-2.6.22.5-arm-1.tgz: Upgraded to Linux Kernel headers v2.6.22.5 k/kernel-source-2.6.22.5-noarch-1.tgz: Upgraded to Linux Kernel source, version 2.6.22.5. l/glibc-2.5-arm-2.tgz: Recompiled against Linux 2.6.22.5 headers & upgraded to tzdata2007 & tzcode2007f. l/glibc-i18n-2.5-noarch-2.tgz: Rebuilt. l/glibc-profile-2.5-arm-2.tgz: Recompiled. n/tcpdump-3.9.7-arm-1.tgz: Upgraded to libpcap-0.9.7 & tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 (* Security fix *) isolinux/initrd.img: Rebuilt to include the new glibc built against Linux Kernel headers 2.6.22.5. bootware/riscpc/slackb.zip: Upgraded to Linux Kernel 2.6.22.5. bootware/iyonix/slackboot-iyonix.zip: Added a bunch of Linux stuff that's been sitting on my Iyonix for a while. It has a version of LinLoader (GRUB doesn't exist for the Iyonix), and an old Linux 2.4 Kernel. There is no support for Linux 2.6 at the time of writing, but this 2.4 Kernel will work with ARMedslack-11.0. Perhaps it'll inspire somebody to start a Linux 2.6 port! :-) The Zip archive was made with SparkFS and contains the RISC OS file types. +--------------------------+ Sat Aug 18 10:01:21 BST 2007 a/kernel-modules-2.6.22.3-arm-1.tgz: Upgraded to Linux 2.6.22.3 modules. a/kernel_riscpc-2.6.22.3-arm-1.tgz: Compiled in the RTC driver for Acorn clock; compiled in I2C support & removed a bunch of RTC drivers for hardware that doesn't exist on the RiscPC. Thanks to Alan Hourihane for working out which drivers are required. From the Acorn Framebuffer patch, removed the code that forces 32bpp if 24bpp is chosen. Thanks to Alan Hourihane & Jim Hawkins for the suggestion. a/kernel_versatile-2.6.22.3-arm-1.tgz: Upgraded to Linux 2.6.22.3 for the ARM Versatile platform. a/mkinitrd-1.1.3-arm-1.tgz: Fixed a minor bug in mkinitrd where devices such as /dev/cciss/c0d0p2 (DL360 RAID) were not properly copied to the initramfs. "Normal" (two level) boot devices such as /dev/sda1 were not affected by this bug, so most people won't run into it. a/sysvinit-scripts-1.0-noarch-8.tgz: Removed the RiscPC checks that prevent the hwclock being set. kde/amarok-1.4.6-arm-1.tgz: Upgraded to amarok-1.4.5. kde/k3b-1.0.2-arm-1.tgz: Added k3b. kde/*.tgz: Upgraded to KDE v3.5.7. Note: KDE is now being built with --prefix=/usr, not --prefix=/opt/kde. This makes it much easier to follow freedesktop.org's recommendations for unifying the various Linux desktops. kde/koffice-1.6.3-arm-1.tgz: Upgraded to KOffice v1.6.3. kdei/*.tgz: Upgraded to KDE v3.5.7 & Koffice v1.6.3 internationalisations. k/kernel-source-2.6.22.3-noarch-1.tgz: Upgraded to Linux 2.6.22.3 Kernel source. l/poppler-0.5.4-arm-2.tgz: Patched to fix an integer overflow in code borrowed from xpdf. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 (* Security fix *) l/qt-3.3.8-arm-2.tgz: Patched to fix several format string bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 (* Security fix *) n/bind-9.4.1_P1-arm-1.tgz: Upgraded to bind-9.4.1_P1 to fix security issues. The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1. The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak. For more information on these issues, see: http://www.isc.org/index.pl?/sw/bind/bind-security.php http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 (* Security fix *) x/x11-skel-7.1-arm-3.tgz: Now using RiscPC xorg.conf contributed by Alan Hourihane. xap/gimp-2.2.17-arm-1.tgz: Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding certain image types. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949 (* Security fix *) xap/mozilla-firefox-2.0.0.6-arm-1.tgz: Upgraded to Bon Echo/firefox-2.0.0.6. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox (* Security fix *) xap/seamonkey-1.1.4-arm-1.tgz: Upgraded to seamonkey-1.1.4. This upgrade fixes some more security bugs. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey (* Security fix *) xap/xpdf-3.02-arm-1.tgz: Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly be leveraged to run arbitrary code if a malicious PDF file is processed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 (* Security fix *) bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.22.3. Modified the default hard disk root device to be /dev/hdd2 because that's what my RiscPC uses :-) +--------------------------+ Thu Jul 26 19:33:54 BST 2007 a/elvis-2.2-arm-1.tgz: Recompiled. a/kernel-modules-2.6.22.1-arm-1.tgz: Upgraded to Linux 2.6.22.1 Kernel modules for the RiscPC & Versatile platforms. a/kernel_riscpc-2.6.22.1-arm-1.tgz: Upgraded to Linux 2.6.22.1 RiscPC Kernel. a/kernel_versatile-2.6.22.1-arm-1.tgz: Upgraded to Linux 2.6.22.1 Versatile Kernel. ap/acct-6.3.2-arm-1.tgz: Recompiled. ap/bpe-2.01.00-arm-1.tgz: Recompiled. ap/ispell-3.2.06-arm-1.tgz: Recompiled. ap/lm_sensors-2.10.3-arm-1.tgz: Upgraded to lm_sensors-2.10.3. k/kernel-source-2.6.22.1-noarch-1.tgz: Upgraded to Linux 2.6.22.1 Kernel source. extra/parted/parted-1.8.7-arm-1.tgz: Upgraded to parted-1.8.7. t/tetex-3.0-arm-6.tgz: An often-reported bug in the tetex package has been the missing /var/lib/texmf directory. Some time ago, this was removed for security reasons, since it could possibly be used to overwrite system files by symlinking to them from "font names". The directory, to be useful, had to be world-writable, or at least writable to a tetex group. Then, Mikhail Ulanov suggested setting VARTEXFONTS = $TEXMFVAR, which causes fonts to be built in $HOME/.texmf-var instead. Now TeX is working again for non-root users. t/tetex-doc-3.0-arm-6.tgz: Rebuilt. tcl/tcl-8.4.15-arm-1.tgz: Upgraded to tcl-8.4.15. tcl/tclx-8.4-arm-1.tgz: Upgraded to tclx-8.4. tcl/tk-8.4.15-arm-1.tgz: Upgraded to tk-8.4.15. isolinux/initrd.img: Added sfdisk & built against the Slackware 12.0 initrd data. bootware/riscpc/slackb.zip: Upgraded to Linux 2.6.22.1 & included the new initrd.img installer. +--------------------------+ Thu Jul 12 23:11:09 BST 2007 a/kernel_versatile-2.6.22.1-arm-1.tgz: Upgraded to Linux-2.6.22.1 for ARM Versatile. l/lesstif-0.95.0-arm-4.tgz: Recompiled and patched to fix a header problem when building xpdf. xap/audacious-1.3.2-armv4-1.tgz: Added audacious-1.3.0. Compiled only for ARMv4 because it contains assembler instructions that don't exist for ARMv3, so this package will not work on the RiscPC. xap/audacious-plugins-1.3.5-armv4-1.tgz: Added audacious-plugins-1.3.0. xap/blackbox-0.65.0-arm-1.tgz: Recompiled, changing install prefix to /usr. xap/fluxbox-1.0rc3-arm-1.tgz: Recompiled to change --prefix from /usr/X11R6 (which is now deprecated) to /usr. xap/fvwm-2.4.20-arm-1.tgz: Upgraded to fvwm-2.4.20. xap/gftp-2.0.18-arm-3.tgz: Recompiled. xap/gimp-2.2.15-arm-1.tgz: Upgraded to gimp-2.2.15. xap/gkrellm-2.2.10-arm-1.tgz: Upgraded to gkrellm-2.2.10. xap/gnuplot-4.2.0-arm-1.tgz: Upgraded to gnuplot-4.2.0. xap/gqview-2.1.5-arm-1.tgz: Added gqview-2.1.5. xap/gucharmap-1.10.0-arm-1.tgz: Upgraded to gucharmap-1.10.0. xap/gv-3.6.2-arm-1.tgz: Upgraded to gv-3.6.2. xap/gxine-0.5.11-arm-1.tgz: Upgraded to gxine-0.5.11. xap/imagemagick-6.3.3_9-arm-1.tgz: Upgraded to ImageMagick-6.3.2-5. xap/mozilla-thunderbird-2.0.0.4-arm-1.tgz: Upgraded to thunderbird-1.5.0.9. xap/pan-0.131-arm-1.tgz: Upgraded to pan-0.125. xap/pidgin-2.0.2-arm-1.tgz: Added pidgin-2.0.1, a replacement for GAIM. xap/rxvt-2.7.10-arm-2.tgz: Recompiled, changing install prefix to /usr. xap/sane-1.0.18-arm-3.tgz: Moved libsane.rules to 80-libsane.rules. Got rid of obsolete hotplug files. xap/seamonkey-1.1.2-arm-1.tgz: Upgraded to seamonkey-1.0.7. xap/seyon-2.20c-arm-1.tgz: Recompiled. xap/vim-gvim-7.1.012-arm-1.tgz: Upgraded to vim-7.1.012 for GTK+. This also requires the main VIM package. xap/x3270-3.3.5-arm-1.tgz: Upgraded to x3270-3.3.5. Moved fonts directly into /usr/share/fonts/misc. Moved config file from xap/xchat-2.8.2-arm-1.tgz: Upgraded to xchat-2.8.0. xap/xfce-4.4.1-arm-1.tgz: Upgraded to xfce-4.4.1 & compiled against HAL. xap/xfractint-20.04p04-arm-1.tgz: Upgraded to xfractint-20.04p04. xap/xgames-0.3-arm-1.tgz: Ported to the new glibc/gcc. xap/xine-lib-1.1.7-armv4-1.tgz: Upgraded to xine-lib-1.1.4. xap/xine-ui-0.99.5-arm-1.tgz: Upgraded to xine-ui-0.99.5. xap/xlockmore-5.23-arm-1.tgz: Upgraded to xlockmore-5.23, changed --prefix to /usr. xap/xpdf-3.02-arm-1.tgz: Upgraded to xpdf-3.02. xap/xsane-0.994-arm-1.tgz: Upgraded to xsane-0.994. xap/xscreensaver-5.02-arm-1.tgz: Upgraded to xscreensaver-5.01. xap/xv-3.10a-arm-3.tgz: Recompiled, changing install prefix to /usr. xap/xxgdb-1.12-arm-2.tgz: Recompiled. +--------------------------+ Tue Jul 3 19:03:23 BST 2007 a/hdparm-7.6-arm-1.tgz: Upgraded to hdparm-7.6. a/mkinitrd-1.1.2-arm-3.tgz: Fixed a cosmetic boot-time error if cryptsetup is not used in the initramfs. a/pkgtools-12.0.0-noarch-1.tgz: Added a small script, /usr/bin/htmlview symlink -- programs in Slackware are starting to expect htmlview, which is not yet a standard but seems to be becoming an ad-hoc one. So, adding it probably won't hurt too much, other than possibly stinging other distributions that haven't yet added this by encouraging its use. a/sysvinit-scripts-1.0-noarch-7.tgz: Mount usbfs regardless of whether udev is used. a/udev-111-arm-3.tgz: Make the restart option more through. a/util-linux-2.12r-arm-4.tgz: Patched a problem where umounting by UUID would cause umount to segfault for non-root users. Thanks to Jim Hawkins for patching a number of build failures and pointing me to some other patches he didn't feel like re-inventing ;-) d/binutils-2.17.50.0.17-arm-1.tgz: Upgraded to binutils-2.17.50.0.17. d/git-1.5.2.2-arm-1.tgz: Upgraded to git-1.5.2.2, fixed .packlist paths, and got git-remote working again (Error.pm was previously missing). d/libtool-1.5.24-arm-1.tgz: Upgraded to libtool-1.5.24. d/mercurial-0.9.4-arm-1.tgz: Upgraded to mercurial-0.9.4. d/oprofile-0.9.2-arm-3.tgz: Recompiled against new (binutils) libbfd. d/pkg-config-0.21-arm-3.tgz: Use a symlink to fix broken packages that think /usr/share/pkgconfig is a good place for .pc files. Move any .pc files found to already exist there. d/rcs-5.7-arm-2.tgz: Recompiled. l/cairo-1.4.10-arm-1.tgz: Upgraded to cairo-1.4.10. l/gd-2.0.35-arm-1.tgz: Upgraded to gd-2.0.35. l/gmime-2.2.9-arm-1.tgz: Upgraded to gmime-2.2.9. l/hal-0.5.9.1-arm-1.tgz: Upgraded to hal-0.5.9.1. l/hal-info-20070618-noarch-1.tgz: Upgraded to hal-info-20070618. l/pilot-link-0.12.2-arm-4.tgz: Fixed a bug in pilot-link.m4. n/dhcp-3.0.5-arm-2.tgz: Patched kernel version detection in ./configure, which might make dhclient work. dhcpcd is probably still better though :-) n/httpd-2.2.4-arm-2.tgz: Made the package install script look at the contents of /srv and take care not to wipe out any existing website there, but to back it up instead. n/iptables-1.3.8-arm-1.tgz: Upgraded to iptables-1.3.8. n/network-scripts-12.0-noarch-2.tgz: Removed a silly "sanity check" that figured if you didn't have /bin/telnet that you must not have networking installed. If no explicit DCHP_TIMEOUT is set, then look in /sys to see if the interface has a connection carrier. If not, reduce the DHCP timeout to 3 seconds (which, even if the kernel is wrong, is usually more than enough time for the DHCP server to respond). n/php-5.2.3-arm-2.tgz: Rebuilt with the same options as Slackware-12.0. n/pssh-1.3.1-noarch-1.tgz: Added pssh-1.3.1, python scripts to run openssh tools in parallel. n/samba-3.0.25b-arm-1.tgz: Upgraded to samba-3.0.25b. n/tcpdump-3.9.6-arm-1.tgz: Upgraded to libpcap-0.9.6 and tcpdump-3.9.6. n/whois-4.7.21-arm-1.tgz: Upgraded to whois-4.7.21. xap/mozilla-firefox-2.0.0.4-arm-1.tgz: Upgraded - Thanks to Jim Hawkins for the patch. xap/xmms-1.2.10-arm-4.tgz: Removed. x/x11-skel-7.1-arm-2.tgz: Fixed number of lines in slack-desc. x/*.tgz: Recompiled all of X.org, including a number of updates from Slackware-12.0. +--------------------------+ Fri Jun 22 18:33:25 BST 2007 a/cryptsetup-1.0.5-arm-1.tgz: Added cryptsetup-1.05. a/device-mapper-1.02.19-arm-1.tgz: Split udev rules out of 50-udev-rules into 64-device-mapper.rules in this package. Thanks to Piter Punk. Added a few more ./configure options to ensure that device permissions are the same as for other disk devices. Thanks to Cal Peake. Moved from AP. a/lvm2-2.02.09-arm-1.tgz: Moved from AP. a/mdadm-2.6.1-arm-1.tgz: Moved from AP. a/mt-st-0.9b-arm-1.tgz: Moved from AP. a/mtx-1.3.9-arm-2.tgz: Moved from AP. a/openssl-solibs-0.9.8e-arm-2.tgz: Recompiled. a/pkgtools-12.0.9-noarch-1.tgz: Added rc.snmpd to the services setup menu in the installer. a/quota-3.13-arm-2.tgz: Moved from AP. a/shadow-4.0.3-arm-2.tgz: Added plugdev to the list of groups that a user logging in through /bin/login at the console will automatically be added to. With a login manager such as kdm, users will still need to be added to the plugdev group manually. ap/man-pages-2.55-noarch-1.tgz: Changed the default mode on rc.hplip.new to 644. ap/vim-7.1.012-arm-1.tgz: Upgraded to vim-7.1.012. d/doxygen-1.5.2-arm-1.tgz: Upgraded to doxygen-1.5.2. d/git-1.5.2.1-arm-1.tgz: Upgraded to git-1.5.2.1. d/gperf-3.0.3-arm-1.tgz: Upgraded to gperf-3.0.3. d/p2c-1.21alpha2-arm-1.tgz: Recompiled with gcc4 to get this working again. d/pkg-config-0.21-arm-2.tgz: Recompiled, removing /opt/kde/lib/pkgconfig from PKG_CONFIG_PATH. d/subversion-1.4.4-arm-1.tgz: Upgraded to subversion-1.4.4. Compiled with support for the mod_authz_svn and mod_dav_svn modules for httpd-2.2.4 (apache2). f/linux-howtos-20070609-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070609. l/cairo-1.4.8-arm-1.tgz: Upgraded to cairo-1.4.8. l/esound-0.2.38-arm-1.tgz: Upgraded to esound-0.2.38. l/expat-2.0.1-arm-1.tgz: Upgraded to expat-2.0.1. l/gamin-0.1.8-arm-2.tgz: Changed options to --disable-dnotify and --enable-inotify, which is a superior filesystem tracking method on 2.6.13+ kernels. l/gtk+2-2.10.13-arm-1.tgz: Upgraded to gtk+2-2.10.13. l/hal-0.5.9-arm-2.tgz: Changed the default mode on rc.hald.new to 755. Patched /etc/rc.d/rc.hald to exit if we're running on an ARM Versatile platform. Inside QEMU, the LSI SCSI driver barfs with this version of HAL so it's best turned off for now. l/libexif-0.6.16-arm-1.tgz: Upgraded to libexif-0.6.16. An integer overflow in libexif can crash applications that use the library on malformed images. The upstream advisory indicates that this flaw could also be used to execute arbitrary code in the context of the user, but no exploit is known (by us) to exist among iDefense's researchers or in the wild. But, as a crash bug and heap overflow one must suppose that the possibility exists. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168 (* Security fix *) l/lzo-2.02-arm-1.tgz: Added lzo-2.02. l/mhash-0.9.9-arm-1.tgz: Upgraded to mhash-0.9.9. l/vte-0.16.5-arm-1.tgz: Upgraded to vte-0.16.5. n/bind-9.4.1-arm-1.tgz: Upgraded to bind-9.4.1. n/bluez-utils-3.9-arm-2.tgz: Added "restart" to rc.bluetooth, and rewrote it to be more like the other Slackware rc.* scripts. tries to use "rpc.lockd" (nor contains it), so be sure to upgrade to the new versions of the init scripts. Thanks to Jonathan Woithe for the hint about linking with -lnsl after -lwrap, and for passing along a small patch for a memory leak in mountd. n/dirmngr-1.0.0-arm-1.tgz: Added dirmngr-1.0.0. n/gpa-0.7.5-arm-1.tgz: Added gpa-0.7.5. n/apache-1.3.37-arm-3.tgz: Removed. Replaced with n/httpd. n/httpd-2.2.4-arm-1.tgz: The package formerly known as "apache", upgraded to httpd-2.2.4. n/lynx-2.8.6rel.5-arm-1.tgz: Upgraded to lynx-2.8.6rel.5. Compiled with --with-screen=ncursesw and --enable-widec. n/mcabber-0.9.3-arm-1.tgz: Upgraded to mcabber-0.9.3. n/mutt-1.4.2.3-arm-1.tgz: Upgraded to mutt-1.4.2.3. n/net-snmp-5.4-arm-3.tgz: Recompiled without the --enable-reentrant which was causing snmpd to not work. Added a more simple, Slackware-like rc.snmpd. n/network-scripts-12.0-noarch-1.tgz: Rebuilt to include the better-commented rc.inet1.conf that was added to source/n/network-scripts/ back in May. Thanks to Eric Hameleers for noticing that the package never got a rebuild after that change. n/nfs-utils-1.1.0-arm-1.tgz: Upgraded to nfs-utils-1.1.0. n/nmap-4.20-arm-1.tgz: Upgraded to nmap-4.20. n/obexftp-0.21-arm-1.tgz: Added obexftp-0.21. n/openobex-1.3-arm-1.tgz: Added openobex-1.3. n/openssl-0.9.8e-arm-2.tgz: Added certwatch script. n/openvpn-2.0.9-arm-1.tgz: Added openvpn-2.0.9. n/php-5.2.3-arm-1.tgz: Upgraded to php-5.2.2. n/pinentry-0.7.2-arm-1.tgz: Added pinentry-0.7.2. n/samba-3.0.25a-arm-1.tgz: Upgraded to samba-3.0.25a. This fixes some major (non-security) bugs in samba-3.0.25 -- see the WHATSNEW.txt for details. n/sendmail-8.14.1-arm-1.tgz: Upgraded to sendmail-8.14.1. Changed the default mode on rc.sendmail.new to 644. n/sendmail-cf-8.14.1-noarch-1.tgz: Upgraded to sendmail-8.14.1 config files. n/tcpdump-3.9.5-arm-1.tgz: Upgraded to tcpdump-3.9.5. n/traceroute-1.4a12-arm-1.tgz: Recompiled. n/vlan-1.9-arm-2.tgz: Recompiled. n/wireless-tools-28-arm-4.tgz: Applied a patch from Eric Hameleers to fix a problem reported by Michiel P.H. van Wessem. x/inputproto-1.4.2-noarch-1.tgz: Upgraded to xinputproto-1.4.2. x/xterm-224-arm-1.tgz: Added xterm-224. xap/mozilla-firefox-2*-arm-1.tgz: Removed temporarily because version 2.0.0.4 is building, but segfaults when launched. +--------------------------+ Wed Jun 6 22:09:09 BST 2007 a/coreutils-6.9-arm-1.tgz: Upgraded to coreutils-6.9. a/dialog-1.1_20070528-arm-1.tgz: Upgraded to dialog-1.1_20070528. a/etc-11.1-noarch-5.tgz: Added plugdev group (83). Added apache user and group (80). Added power (84) group to /etc/group. Added haldaemon (82) user to /etc/passwd, group to /etc/group, and empty shadow line to /etc/shadow. a/file-4.21-arm-1.tgz: Upgraded to file-4.21. a/findutils-4.2.31-arm-1.tgz: Upgraded to findutils-4.2.31. a/gettext-0.16.1-arm-2.tgz: Recompiled. a/gpm-1.20.1-arm-2.tgz: Recompiled & removed some crud from the ARM patch for the mouse setup script. a/hdparm-7.4-arm-1.tgz: Upgraded to hdparm-7.4. a/mkinitrd-1.1.2-arm-2.tgz: Added $@ after /sbin/init in the initrd. Added additional options (-C and -L) to mkinitrd to support encrypted a/pciutils-2.2.5-arm-1.tgz: Upgraded to pciutils-2.2.5. a/pkgtools-11.0.9-noarch-3.tgz: Support making a USB boot stick during the installation process as an emergency boot device. Thanks to Eric Hameleers! Added more options to the setup.services menu. This hasn't been tested on ARM yet though... a/reiserfsprogs-3.6.19-arm-2.tgz: Recompiled. a/sdparm-1.01-arm-1.tgz: Added sdparm-1.01. a/sysvinit-scripts-1.0-noarch-6.tgz: In rc.M, start rc.hald if executable. Start rc.ntpd in rc.M (if executable). Moved the LVM init block in rc.S closer to the start of the script (right after udev) to make root-on-LVM (with an appropriate initrd) more feasible. a/udev-111-arm-2.tgz: Upgraded to udev-111. ap/jove-4.16.0.61-arm-1.tgz: Recompiled. ap/lsof-4.78-arm-1.tgz: Upgraded to lsof-4.78. l/arts-1.5.7-arm-1.tgz: Upgraded to arts-1.5.7. l/dbus-1.0.2-arm-2.tgz: Patched rc.messagebus to add a "reload" option to be used after adding users to groups such as plugdev, cdrom, etc. l/dbus-glib-0.73-arm-1.tgz: Upgraded to dbus-glib-0.73. l/desktop-file-utils-0.12-arm-1.tgz: Added BLURB to setup script. l/hal-0.5.9-arm-1.tgz: Added hal-0.5.9. l/hal-info-20070516-noarch-1.tgz: Added hal-info-20070516. l/libexif-0.6.15-arm-1.tgz: Upgraded to libexif-0.6.15. l/libkarma-0.1.0-arm-1.tgz: Upgraded to libkarma-0.1.0. l/libmtp-0.1.5-arm-1.tgz: Upgraded to libmtp-0.1.5. l/libnjb-2.2.5-arm-3.tgz: Moved libnjb.rules to 80-libnjb.rules. Got rid of obsolete hotplug files. l/mcs-0.4.1-arm-2.tgz: slack-desc typo fix. l/pilot-link-0.12.2-arm-3.tgz: Removed empty /usr/share/pilot-link/udev/. l/shared-mime-info-0.21-arm-1.tgz: Upgraded to shared-mime-info-0.21. Added BLURB to setup script. l/t1lib-5.1.0-arm-3.tgz: Corrected the font search path. n/mtr-0.72-arm-1.tgz: Added mtr-0.72. +--------------------------+ Fri May 18 19:55:08 BST 2007 a/etc-11.1-noarch-4.tgz: Added plugdev group (83). a/infozip-5.52-arm-3.tgz: Upgraded zip to version 2.32. a/sysvinit-scripts-1.0-noarch-5.tgz: Removed the sysvinit runlevel directories. a/udev-111-arm-1.tgz: Upgraded to udev-111. ap/man-pages-2.48-noarch-1.tgz: Upgraded to man-pages-2.48. d/git-1.5.1.4-arm-1.tgz: Upgraded to git-1.5.1.4. l/libpng-1.2.18-arm-1.tgz: Upgraded to libpng-1.2.18. A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some libpng applications. This vulnerability has been assigned the identifiers CVE-2007-2445 and CERT VU#684664. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 (* Security fix *) n/apache-1.3.37-arm-3.tgz: Added /srv/www -> /var/www syml n/htdig-3.2.0b6-arm-1.tgz: Upgraded to htdig-3.2.0b6. n/net-snmp-5.4-arm-2.tgz: Added missing /var/lib/net-snmp director n/network-scripts-11.1-noarch-3.tgz: Changed netconfig's method of determining if it is running from the installer. n/php-4.4.7-arm-1.tgz: Upgraded to php-4.4.6. n/portmap-6.0-arm-1.tgz: Upgraded to portmap-6.0. n/samba-3.0.25-arm-1.tgz: Upgraded to samba-3.0.25. Security Fixes included in the Samba 3.0.25 release are: o CVE-2007-2444 Versions: Samba 3.0.23d - 3.0.25pre2 Local SID/Name translation bug can result in user privilege elevation o CVE-2007-2446 Versions: Samba 3.0.0 - 3.0.24 Multiple heap overflows allow remote code execution o CVE-2007-2447 Versions: Samba 3.0.0 - 3.0.24 Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 (* Security fix *) +--------------------------+ Tue May 15 21:14:41 BST 2007 isolinux/initrd.img: Added dhcpcd, ntpdate and upgraded to the latest Slackware installer image. This is now a CPIO archive rather than a loopback filesystem. Removed partprobe. Some partition tables weren't being correctly identified, so I thought this would help - but my testing now reveals partprobe to take forever to do anything. I was running it from 'setup' so to the average user, it'd look like setup had crashed. bootware/riscpc/slackb.zip: Added the new initrd.img. Patched to fix GRUB2 booting problem on a RISC OS 4 machine with 256MBytes of RAM. Thanks to Alan Hourihane for the patch. a/sysvinit-2.86-arm-3.tgz: Removed the sysvinit runlevel directories. a/sysvinit-functions-8.53-arm-1.tgz: Moved all the non-Slackware-like runlevel directories, etc, into this package. If nothing on your machine uses it, it is safe to remove. a/sysvinit-scripts-1.0-noarch-4.tgz: Removed the sysvinit runlevel directories. ap/mt-st-0.9b-arm-1.tgz: Added mt-st.1.gz -> mt.1.gz symlink. n/curl-7.16.2-arm-1.tgz: Upgraded to curl-7.16.2. n/epic4-2.6-arm-1.tgz: Upgraded to epic4-2.6. n/fetchmail-6.3.8-arm-1.tgz: Upgraded to fetchmail-6.3.8. Added "fetchmail is probably not secure" to slack-desc. When we've seldom had a Slackware release that didn't need a fetchmail security advisory before the next Slackware was out, I think that's fair to say. (* Security fix *) n/getmail-4.7.4-noarch-1.tgz: Fixed build script and slack-desc. n/gnupg2-2.0.4-arm-1.tgz: Upgraded to gnupg 2.0.4. n/links-2.1pre28-arm-1.tgz: Upgraded to links-2.1pre28. n/netkit-ntalk-0.17-noarch-2.tgz: Fixed missing /var/spool/rwho. n/netkit-rwho-0.17-arm-1.tgz: Fixed slack-desc. n/ntp-4.2.4p0-arm-1.tgz: Upgraded to ntp-4.2.4p0. n/wireless-tools-28-arm-3.tgz: Applied Eric Hameleers' patch to rc.wireless. +--------------------------+ Mon May 14 21:03:53 BST 2007 a/bash-3.1.017-arm-1.tgz: Downgraded to bash 3.1. a/cups-1.2.11-arm-1.tgz: Upgraded to cups-1.2.11. Only link against OpenSSL, not GnuTLS (as this doesn't add any useful new functionality, only new dependencies). Thanks to Iain Paton for the report. Install any new rc.cups (or rc.cups.new) with the same perms as the old one. a/gzip-1.3.12-arm-1.tgz: Upgraded to gzip-1.3.12. a/mkinitrd-1.1.2-arm-1.tgz: Fixed a bug where modules in the initrd were not being replaced with the newer versions in /lib/modules/$(uname -r) if they existed on the initrd already. a/openssl-solibs-0.9.8e-arm-1.tgz: Upgraded to OpenSSL 0.9.8e shared objects. ap/dvd+rw-tools-7.0-arm-1.tgz: Applied a couple of patches needed to burn with 2.6.21.x kernels with some burners. Thanks to Fedora. ;-) ap/hplip-1.7.4a-arm-1.tgz: Upgraded tp hplip & compiled with net-snmp. d/oprofile-0.9.2-arm-2.tgz: Recompiled against libbfd-2.17.50.0.15.20070418.so from binutils-2.17.50.0.15. d/python-2.5.1-arm-1.tgz: Upgraded to python-2.5.1. l/arts-1.5.6-arm-1.tgz: Upgraded to arts-1.5.6. l/aspell-0.60.5-arm-2.tgz: Recompiled against libncursesw to enable utf8. l/ncurses-5.6-arm-1.tgz: Added /usr/include/ncurses -> /usr/include/ncursesw symlink. l/pilot-link-0.12.2-arm-1.tgz: Upgraded to pilot-link-0.12.2 compiled with support for BlueZ, or Bluetooth(TM). l/qca-1.0-arm-1.tgz: Recompiled. Moved from KDE. l/qca-tls-1.0-arm-3.tgz: Recompiled. Moved from KDE. l/qt-3.3.8-arm-.tgz: Upgraded to qt 3.3.8 Moved from kde/ series. n/bluez-firmware-1.2-arm-1.tgz: Added bluez-firmware-1.2. n/bluez-hcidump-1.34-arm-1.tgz: Added bluez-hcidump-1.34. n/bluez-libs-3.9-arm-1.tgz: Added bluez-libs-3.9. n/bluez-utils-3.9-arm-1.tgz: Added bluez-utils-3.9. Thanks to Jim Hawkins for the patch to make it build. n/gnutls-1.6.2-arm-1.tgz: Upgraded to gnutls-1.6.2. n/iputils-20070202-arm-2.tgz: Fixed permissions on ping and some others. n/lftp-3.5.10-arm-1.tgz: Upgraded to lftp-3.5.10. n/network-scripts-11.1-noarch-2.tgz: Merged fixes from Eric Hameleers. Reduced the default DCHP timeout from 60 to 30 seconds. Added an example of IP aliasing setup to /etc/rc.d/rc.inet1.conf.new. Fixed bug where the rc.inet{1,2}.new files were installed chmod 644 rather than 755. n/openssl-0.9.8e-arm-1.tgz: Upgraded to OpenSSL 0.9.8e. t/transfig-3.2.5-arm-2.tgz: Recompiled. xap/rdesktop-1.5.0-arm-2.tgz: Recompiled, moved from N. t/transfig-3.2.4-i486-2.tgz: Recompiled. +--------------------------+ Wed May 9 21:08:17 BST 2007 a/mkinitrd-1.1.1-arm-1.tgz: Upgraded mkinitrd to 1.1.1. ap/linuxdoc-tools-0.9.21-arm-4.tgz: Rebuilt from source rather than building RPMs. This fixes the catalog problems with the previous builds. d/binutils-2.17.50.0.15-arm-1.tgz: Upgraded to binutils-2.17.50.0.15. d/oprofile-0.9.2-arm-2.tgz: Recompiled against libbfd-2.17.50.0.15.20070418.so from binutils-2.17.50.0.15. l/cairo-1.4.6-arm-1.tgz: Upgraded to cairo-1.4.6. l/glib2-2.12.12-arm-1.tgz: Upgraded to glib-2.12.12. l/gtk+2-2.10.12-arm-1.tgz: Upgraded to gtk+-2.10.12. l/libart_lgpl-2.3.19-arm-1.tgz: Upgraded to libart_lgpl-2.3.19. l/libxml2-2.6.28-arm-1.tgz: Upgraded to libxml2-2.6.28. l/pango-1.16.4-arm-1.tgz: Upgraded to pango-1.16.4. l/poppler-0.5.4-arm-1.tgz: Added poppler-0.5.4. l/poppler-data-0.1-noarch-1.tgz: Added poppler-data-0.1. l/vte-0.16.3-arm-1.tgz: Upgraded to vte-0.16.3. +--------------------------+ Fri May 4 07:00:27 BST 2007 a/pcmciautils-014-arm-2.tgz: Merged patches from Piter Punk. a/sysvinit-functions-8.53-arm-1.tgz: Split the RH-like functions and the supporting binaries out into a new package. /etc/init.d/functions now requires no patching to work on Slackware. a/sysvinit-scripts-1.0-noarch-4.tgz: Removed "functions" and /etc/init.d/ symbolic link. Thanks to Giacomo Picconi for pointing out how the /etc/init.d/ symlink could wipe out existing scripts. a/udev-109-arm-1.tgz: Upgraded to udev-109. Thanks to Piter Punk! Added /dev/ttyUSB* symlinks. ap/dmidecode-2.9-arm-1.tgz: Added dmidecode 2.9. ap/espgs-8.15.4-arm-1.tgz: Upgraded to espgs-8.15.4. ap/lsscsi-0.19-arm-1.tgz: Added lsscsi 0.19. ap/vim-7.0.240-arm-1.tgz: Upgraded to vim-7.0.240. ap/vorbis-tools-1.1.1-arm-4.tgz: Recompiled against the new curl library. d/flex-2.5.33-arm-3.tgz: Rebuilt to include /usr/bin/flex -> /usr/bin/lex legacy symlink. d/ruby-1.8.6-arm-1.tgz: Upgraded to ruby-1.8.6 l/cairo-1.4.4-arm-1.tgz: Upgraded to cairo-1.4.2. l/dbus-1.0.2-arm-1.tgz: Added dbus 1.0.2. l/dbus-glib-0.72-arm-1.tgz: Added dbus-glib-0.72. l/dbus-qt3-0.70-arm-1.tgz: Added dbus-qt3. l/gamin-0.1.8-arm-1.tgz: Added gamin-0.1.8. l/gmime-2.2.4-arm-1.tgz: Added gmime-2.2.4 (used by Pan). l/gtk+2-2.10.11-arm-1.tgz: Upgraded to gtk+2-2.10.11. l/libwpd-0.8.9-arm-1.tgz: Upgraded to libwpd-0.8.9. l/libxslt-1.1.20-arm-2.tgz: Recompiled for Python 2.5. l/pango-1.16.1-arm-1.tgz: Upgraded to pango-1.16.1. l/sdl-1.2.11-arm-3.tgz: Patched SDL_ttf for new freetype. l/vte-0.16.1-arm-1.tgz: Upgraded to vte-0.16.1. n/biff+comsat-0.17-arm-1.tgz: Split from old tcpip package. n/bridge-utils-1.2-arm-1.tgz: Split from old tcpip package. n/bsd-finger-0.17-arm-1.tgz: Split from old tcpip package. n/curl-7.16.1-arm-1.tgz: Upgraded to curl-7.16.1. n/dnsmasq-2.39-arm-1.tgz: Upgraded to dnsmasq-2.39. n/ethtool-5-arm-1.tgz: Split from old tcpip package. n/fetchmail-6.3.6-arm-2.tgz: Recompiled for Python 2.5. n/getmail-4.7.3-noarch-1.tgz: Upgraded to getmail-4.7.3. n/gnupg2-2.0.3-arm-1.tgz: Added gnupg2-2.0.3. n/icmpinfo-1.11-arm-1.tgz: Split from old tcpip package. n/iputils-20070202-arm-1.tgz: Split from old tcpip package. Upgraded to iputils-20070202. n/irssi-0.8.11-arm-1.tgz: Upgraded to irssi-0.8.11. n/libassuan-1.0.1-arm-1.tgz: Added libassuan-1.0.1. n/libksba-1.0.1-arm-1.tgz: Added libksba-1.0.1. n/net-tools-1.60-arm-1.tgz: Split from old tcpip package. n/netdate-bsd4-arm-1.tgz: Split from old tcpip package. n/netkit-bootparamd-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-ftp-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-ntalk-0.17-noarch-1.tgz: Split from old tcpip package. n/netkit-routed-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-rsh-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-rusers-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-rwall-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-rwho-0.17-arm-1.tgz: Split from old tcpip package. n/netkit-timed-0.17-arm-1.tgz: Split from old tcpip package. n/network-scripts-11.1-noarch-1.tgz: Split from old tcpip package. n/netwrite-0.17-arm-1.tgz: Split from old tcpip package. n/pth-2.0.7-arm-1.tgz: Added pth 2.0.7. n/tcp_wrappers-7.6-arm-1.tgz: Split from old tcpip package. n/telnet-0.17-arm-1.tgz: Split from old tcpip package. n/tftp-hpa-0.48-arm-1.tgz: Split from old tcpip package. n/vlan-1.9-arm-1.tgz: Split from old tcpip package. extra/slacktrack/slacktrack-1.31-arm-1.tgz: Upgraded to slacktrack 1.31 build 1. +--------------------------+ Sat Apr 28 11:22:57 BST 2007 a/etc-11.1-noarch-2.tgz: In ld.so.conf, remove /usr/X11R6/lib to prevent it from showing up in ldd paths. Removed /usr/X11R6/bin from the $PATH. a/dialog-1.1_20070409-arm-1.tgz: Upgraded to dialog-1.1-20070409. a/sysvinit-2.86-arm-3.tgz: Patched killall5 (pidof) to add feature from the Red Hat fork. a/sysvinit-scripts-1.0-noarch-3.tgz: Moved /etc/init.d/functions here, as it may need work more often than originally thought. Make a symlink /etc/init.d -> /etc/rc.d/rc.init.d, since that's where many things expect to find the "functions" script. In rc.M, move fc-cache further up and background the process. ap/hplip-1.7.3-arm-1.tgz: Upgraded tp hplip & compiled with net-snmp. ap/ksh93-2007_03_28-arm-1.tgz: Upgraded to ksh93-2007_03_28. ap/mc-4.6.1_20070309-arm-1.tgz: Changed from --with-x=no to --with-x=yes. MC can now load X support dynamically without requiring a hard link (or dependency) on any of the X packages. ap/nano-2.0.6-arm-1.tgz: Upgraded to nano-2.0.6 d/strace-4.5.15-arm-1.tgz: Upgraded to strace-4.5.15. f/linux-howtos-20070412-noarch-1.tgz: Upgraded to Linux-HOWTOs-20070412. l/freetype-2.3.4-arm-1.tgz: Upgraded to freetype-2.3.4. l/lesstif-0.95.0-arm-3.tgz: Recompiled to put the Imake files into the correct place. n/libgpg-error-1.5-arm-1.tgz: Added libgpg-error. n/gnutls-1.6.1-arm-1.tgz: Added gnutls-1.6.1. n/libgcrypt-1.2.4-arm-1.tgz: Added libgcrypt-1.2.4. n/net-snmp-5.4-arm-1.tgz: Added net-snmp. This is needed for HP's network printers, but will probably find other uses as well. x/*.tgz: Rebuilt all of the x/ series packages. A big thanks to Sunil Amitkumar Janki for figuring out the build order of modular X and building the intial packages! +--------------------------+ Mon Apr 23 17:16:31 BST 2007 a/aaa_base-11.1.1-noarch-1.tgz: Removed /var/X11R6/ and /usr/etc directories. Added /srv directory. After backing up any real /usr/X11R6, create a compatibility symlink tree to support all the software out there that'll be looking for /usr/X11R6 a/cups-1.2.10-arm-1.tgz: Upgraded to cups-1.2.10. a/mkinitrd-1.1.0-arm-1.tgz: Added mkinitrd. a/tcsh-6.15.00-arm-1.tgz: Upgraded to tcsh-6.15.00. ap/lm_sensors-2.10.3-arm-1.tgz: First build. ap/nano-2.0.4-arm-1.tgz: Upgraded to nano-2.0.4. ap/screen-4.0.3-arm-1.tgz: Recompiled. d/gdb-6.6-arm-2.tgz: Recompiled against new libexpat. d/oprofile-0.9.2-arm-1.tgz: Recompiled with libbfd from new binutils. d/perl-5.8.8-arm-4.tgz: Recompiled. l/atk-1.18.0-arm-1.tgz: Upgraded to atk-1.18.0. l/glib2-2.12.11-arm-1.tgz: Upgraded to glib-2.12.11. l/libxml2-2.6.27-arm-2.tgz: Recompiled for Python 2.5. n/dnsmasq-2.38-arm-1.tgz: Upgraded to dnsmasq-2.38. n/gnupg-1.4.7-arm-1.tgz: Upgraded to gnupg-1.4.7. n/openldap-client-2.3.32-arm-1.tgz: Upgraded to openldap-2.3.32 client libs. n/openssh-4.6p1-arm-1.tgz: Changed rc.sshd slightly to avoid the potential to be disconnected from a remote box without sshd being restarted when using "sh /etc/rc.d/rc.sshd restart". n/proftpd-1.3.0a-arm-3.tgz: Recompiled. +--------------------------+ Mon Apr 9 21:03:11 BST 2007 a/cpio-2.5-arm-2.tgz: Fixed broken manpages. ap/bc-1.06.95-arm-1.tgz: Upgraded to bc-1.06.95, since the old bc won't compile with a recent flex. ap/mc-4.6.1_20070309-arm-1.tgz: Patched with mc-4.6.1-2007-03-09-18 to fix various bugs. a/sysklogd-1.4.1-arm-2.tgz: Patched to compile with gcc4. Made the syslogd/klogd race handling script (hopefully) faster. ap/nano-2.0.4-arm-1.tgz: Upgraded to nano-2.0.4. ap/zsh-4.3.2-arm-1.tgz: Upgraded to zsh 4.3.2. d/cmake-2.4.6-arm-2.tgz: Fixed doc directory. d/flex-2.5.33-arm-2.tgz: dded lex -> flex symlink. d/git-1.5.0.5-arm-1.tgz: Upgraded to git-1.5.0.5. l/readline-5.2-arm-1.tgz: Recompiled with readline52-002 patch. Added --enable-multibyte option. l/slang-2.0.7-arm-1.tgz: Upgraded to slang-2.0.7, moved --sysconfig to /etc. +--------------------------+ Sun Apr 8 10:55:16 BST 2007 a/aaa_base-11.1.1-noarch-1.tgz: Removed /var/X11R6/ and /usr/etc directories. Added /srv directory. After backing up any real /usr/X11R6, create a compatibility symlink tree to support all the software out there that'll be looking for /usr/X11R6 a/bash-3.2.015-arm-1.tgz: Upgraded to bash-3.2 patchlevel 015. a/etc-11.1-noarch-1.tgz: Added a .xsession in /etc/skel to run gpg-agent, but it will only end up running under incredibly rare circumstances with the way the various X startup scripts are designed. I'm looking for a better way to start gpg-agent automagically. Added messagebus uid/gid (81). Removed /usr/etc/printcap symlink. a/file-4.20-arm-1.tgz: Upgraded to file-4.20. This fixes a heap overflow that could allow code to be executed as the user running file (note that there are many scenarios where file might be used automatically, such as in virus scanners or spam filters). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 (* Security fix *) a/sysvinit-2.86-arm-2.tgz: In functions, change usleep calls to sleep calls. a/sysvinit-scripts-1.0-noarch-2.tgz: Added an '&&' in the /tmp cleanup section to avoid an (unlikely) catastrophe. Thanks to J. Moved ldconfig up to near the top of rc.M and '&'ed it, which should be safe enough. ap/mysql-5.0.37-arm-1.tgz: Upgraded to mysql-5.0.37. d/binutils-2.17.50.0.14-arm-1.tgz: Upgraded to binutils-2.17.50.0.14. d/m4-1.4.9-arm-1.tgz: Upgraded to m4-1.4.9. d/pmake-1.111-arm-2.tgz: Fixed perms on shared data. l/glut-3.7-arm-1.tgz: Removed since MesaGLUT is now bundled with Slackware's Mesa package. x/mesa-6.5.2-arm-2.tgz: Rebuilt package using altertrack so that the libraries are in the package! ;-) +--------------------------+ Wed Mar 28 09:43:49 BST 2007 a/ed-0.5-arm-1.tgz: Upgraded to ed-0.5. a/findutils-4.2.30-arm-1.tgz: Upgraded to findutils-4.2.30. l/gtk+-1.2.10-arm-1.tgz: Recompiled. l/libpng-1.2.16-arm-1.tgz: Upgraded to libpng-1.2.16. l/mcs-0.4.1-arm-1.tgz: Added mcs-0.4.1. Audacious needs this. x/*.tgz: Added first builds of the modular Xorg 7.2 pre-release. Even though X does not work properly, or at all, yet I'm pushing this out so others can see how far I've got. xap/xine-lib-1.1.4-armv4-1.tgz: Recompiled, +--------------------------+ Sat Mar 10 19:32:53 GMT 2007 a/cpio-2.5-arm-1.tgz: Recompiled. a/cups-1.2.8-arm-1.tgz: Upgraded to cups-1.2.8. a/module-init-tools-3.2.2-arm-3.tgz: Recompiled and removed old modutils. ap/alsa-utils-1.0.14rc2-arm-1.tgz: Added. ap/cdrtools-2.01.01a23-arm-1.tgz: Upgraded to cdrtools-2.01.01a23. ap/espgs-8.15.3-arm-1.tgz: Upgraded to espgs-8.15.3. ap/ghostscript-fonts-std-8.11-noarch-1.tgz: Added ghostscript-fonts-std-8.11, which replaces the gnu-gs-fonts package. ap/hplip-1.7.1-arm-1.tgz: Added hplip-1.7.1. ap/vim-7.0.195-arm-1.tgz: Upgraded to vim-7.0.195. d/libtool-1.5.22-arm-2.tgz: Recompiled. d/perl-5.8.8-arm-3.tgz: Recompiled with thread support. Upgraded to DBD-mysql-4.001 and DBI-1.53. d/python-2.5-arm-1.tgz: Upgraded to Python-2.5. e/emacs-21.4-arm-4.tgz: Recompiled. e/emacs-info-21.4a-noarch-4.tgz: Rebuilt. e/emacs-leim-21.4-noarch-4.tgz: Rebuilt. e/emacs-lisp-21.4a-noarch-4.tgz: Rebuilt. e/emacs-misc-21.4a-noarch-4.tgz: Rebuilt. e/emacs-nox-21.4a-arm-4.tgz: Recompiled. l/aalib-1.4rc5-arm-1.tgz: Recompiled. l/alsa-lib-1.0.14rc2-arm-1.tgz: Added alsa-lib. l/apr-1.2.8-arm-1.tgz: Upgraded to apr-1.2.8. l/apr-util-1.2.8-arm-1.tgz: Upgraded to apr-util-1.2.8. l/aspell-0.60.5-arm-1.tgz: Upgraded to aspell-0.60.5. l/audiofile-0.2.6-arm-1.tgz: Recompiled. l/desktop-file-utils-0.12-arm-1.tgz: Upgraded to desktop-file-utils-0.12. l/esound-0.2.36-arm-2.tgz: Recompiled. l/fribidi-0.10.7-arm-2.tgz: Recompiled. l/gdbm-1.8.3-arm-1.tgz: Recompiled. l/glib-1.2.10-arm-1.tgz: Recompiled. l/imlib-1.9.15-arm-2.tgz: Recompiled. l/lcms-1.16-arm-1.tgz: Upgraded to lcms-1.16. l/libao-0.8.6-arm-2.tgz: Recompiled. l/libcaca-0.99.beta11-arm-1.tgz: Upgraded to libcaca-0.99.beta11. l/libexif-0.6.13-arm-3.tgz: Recompiled. l/libglade-2.6.0-arm-1.tgz: Upgraded to libglade-2.6.0. l/libgsf-1.14.3-arm-1.tgz: Upgraded to libgsf-1.14.3. l/libgtkhtml-2.11.0-arm-1.tgz: Upgraded to libgtkhtml-2.11.0. l/libid3tag-0.15.1b-arm-1.tgz: Recompiled. l/libidl-0.8.7-arm-1.tgz: Upgraded to libidl-0.8.7. l/libidn-0.6.10-arm-1.tgz: Upgraded to libidn-0.6.10. l/libieee1284-0.2.10-arm-2.tgz: Recompiled. l/libmad-0.15.1b-arm-1.tgz: Recompiled. l/libmikmod-3.1.11a-arm-2.tgz: Recompiled. l/libmng-1.0.9-arm-1.tgz: Upgraded to libmng-1.0.9. l/libmusicbrainz-2.1.4-arm-2.tgz: Recompiled. l/libtheora-1.0alpha7-arm-2.tgz: Recompiled. l/libtunepimp-0.4.2-arm-3.tgz: Recompiled. l/libusb-0.1.12-arm-2.tgz: Recompiled. l/libvisual-0.4.0-arm-2.tgz: Recompiled. l/libvorbis-1.1.2-arm-2.tgz: Recompiled. l/libwmf-0.2.8.4-arm-2.tgz: Recompiled. l/libwmf-docs-0.2.8.4-noarch-2.tgz: Rebuilt. l/libwpd-0.8.8-arm-1.tgz: Upgraded to libwpd-0.8.8. l/mhash-0.9.7.1-arm-1.tgz: Upgraded to mhash-0.9.7.1. l/mpfr-2.2.1-arm-1.tgz: Upgraded to mpfr-2.2.1p01. l/netpbm-10.18.12-arm-1.tgz: Upgraded to netpbm-10.35.22. l/popt-1.7-arm-1.tgz: Recompiled. l/sdl-1.2.11-arm-2.tgz: Recompiled. l/shared-mime-info-0.20-arm-1.tgz: Upgraded to shared-mime-info-0.20. l/slang-2.0.6-arm-1.tgz: Recompiled. l/startup-notification-0.8-arm-2.tgz: Recompiled. l/svgalib-1.3.1-arm-2.tgz: Recompiled. This is still a dummy library to pacify some applications that need to build against it. No ARM hardware that I know has VGA - it's usually Framebuffer. l/t1lib-5.1.0-arm-2.tgz: Recompiled. l/taglib-1.4-arm-2.tgz: Recompiled. l/vte-0.15.0-arm-1.tgz: Added vte-0.15.0. l/wv2-0.2.3-arm-1.tgz: Upgraded to wv2-0.2.3. n/irssi-0.8.10a-arm-5.tgz: Recompiled. n/lynx-2.8.6rel.4-arm-1.tgz: Upgraded to lynx-2.8.6rel.4. n/openssh-4.5p1-arm-1.tgz: Recompiled. n/wpa_supplicant-0.5.7-arm-1.tgz: Added wpa_supplicant. extra/slacktrack/slacktrack-1.30-arm-1.tgz: Upgraded to slacktrack 1.30. t/transfig-3.2.5-arm-2.tgz: Recompiled. x/xaw3d-1.5-arm-2.tgz: Recompiled. Moved from L/ series. +--------------------------+ Sat Feb 17 16:29:45 GMT 2007 a/aaa_base-11.1.0-noarch-1.tgz: Delete a bunch of obsolete X11/X11R6 paths. a/aaa_terminfo-5.6-noarch-1.tgz: A subset of the terminfo database from ncurses-5.6, formerly bundled with the pkgtools package. a/acl-2.2.39_1-arm-2.tgz: Recompiled. a/attr-2.4.32_1-arm-2.tgz: Recompiled. a/bash-3.2.009-arm-1.tgz: Upgraded to bash-3.2, patch level 9. a/bzip2-1.0.4-arm-1.tgz: Upgraded to bzip2-1.0.4. a/coreutils-6.7-arm-1.tgz: Upgraded to coreutils-6.7. Colorise .ram files. Use absolute path to /bin/dircolors in eval statements for /etc/profile.d/ scripts. Thanks to Jim Hawkins for debugging coreutils to find out why 'rm' et al were not unlinking when built against glibc-2.5 & <= linux-2.6.19. a/cups-1.2.7-arm-1.tgz: Upgraded to cups-1.2.7. a/dialog-1.0_20060221-arm-1.tgz: Upgraded to dialog-1.0-20060221. This was formerly bundled with the pkgtools package. a/e2fsprogs-1.39-arm-1.tgz: Upgraded to e2fsprogs-1.39. a/kernel-modules-2.6.20-arm-1.tgz: Upgraded to Linux v2.6.20 Kernel modules. This package includes all Kernel modules for supported ARM architectures: currently the RiscPC & ARM Versatile board. This makes for a larger package but it's easier to manage and you don't have to be as careful when upgradepkg'ing. a/kernel_riscpc-2.6.20-arm-1.tgz: Upgraded to Linux 2.6.20, RiscPC kernel. a/kernel_versatile-2.6.20-arm-1.tgz: Upgraded to Linux 2.6.20, ARM Versatile Kernel. a/openssl-solibs-0.9.8d-arm-2.tgz: Recompiled. a/pciutils-2.2.4-arm-1.tgz: Upgraded to pciutils-2.2.4. a/pkgtools-11.0.9-noarch-1.tgz: Removed dialog and terminfo subset. Moved X related files into x11-skel. a/sysfsutils-2.1.0-arm-1.tgz: Upgraded to sysfsutils-2.1.0. a/sysvinit-2.86-arm-1.tgz: Upgraded to sysvinit-2.86. Split the actual init scripts into a new package to avoid needlessly compiling sysvinit over and over again. a/sysvinit-scripts-1.0-noarch-1.tgz: Added a new package containing the system startup scripts. a/udev-104-arm-1.tgz: Upgraded to udev-104. Thanks again to Piter Punk for doing the work on this. :-) Also, please be sure if you plan to use the new sysvinit, sysvinit-scripts, and udev packages that you upgradepkg all of them, and that you search-and-handle any *.new files under /etc. I know that goes without saying for most of us old-timers, but it never hurts to add a reminder when the result otherwise would be crash and burn... a/usbutils-0.72-arm-2.tgz: Recompiled, added update-usbids. a/xfsprogs-2.8.16_1-arm-1.tgz: Upgraded to xfsprogs-2.8.16-1. ap/device-mapper-1.02.09-arm-1.tgz: Moved from /extra. ap/hpijs-2.1.4-arm-1.tgz: Removed (replaced by hplip). ap/lvm2-2.02.09-arm-1.tgz: Moved from /extra. ap/mdadm-2.6-arm-1.tgz: Upgraded to mdadm-2.6 ap/mtx-1.3.9-arm-1.tgz: Added mtx-1.3.9. ap/mysql-5.0.33-arm-1.tgz: Upgraded to mysql 5.0.33. ap/nano-2.0.3-arm-1.tgz: Added nano-2.0.3 (moved from armedslack-extra/) ap/raidtools-1.00.3-arm-1gz: Removed. Use mdadm instead. d/autoconf-2.61-noarch-1.tgz: Upgraded to autoconf-2.61. d/binutils-2.17.50.0.12-arm-1.tgz: Upgraded to binutils-2.17.50.0.12. d/bison-2.3-arm-1.tgz: Upgraded to bison-2.3. d/clisp-2.41a-arm-1.tgz: Upgraded to clisp-2.41a. d/cmake-2.4.6-arm-1.tgz: Added cmake-2.4.6. d/doxygen-1.5.1-arm-1.tgz: Upgraded to doxygen-1.5.1 d/flex-2.5.33-arm-1.tgz: Upgraded to flex-2.5.33. d/gdb-6.6-arm-1.tgz: Upgraded to gdb-6.6. d/gettext-tools-0.16.1-arm-1.tgz: Upgraded to gettext-0.16.1. d/git-1.4.4.4-arm-1.tgz: Upgraded to git-1.4.4.4. d/kernel-headers-2.6.20-arm-1.tgz: Upgraded to Linux 2.6.20 Kernel headers. d/m4-1.4.8-arm-1.tgz: Upgraded to m4-1.4.8. d/mercurial-0.9.3-arm-1.tgz: Upgraded to mercurial-0.9.3. d/oprofile-0.9.2-arm-1.tgz: Upgraded to oprofile-0.9.2. d/pkg-config-0.21-arm-1.tgz: Recompiled, and renamed the package from "pkgconfig", which is the correct upstream name. d/pmake-1.111-arm-1.tgz: Swiched to pmake-1.111. d/python-2.5-arm-1.tgz: Upgraded to Python-2.5. d/subversion-1.4.3-arm-1.tgz: Upgraded to subversion-1.4.3. k/kernel-source-2.6.20-noarch-1.tgz: Linux 2.6.20 Kernel source. kde/qt-3.3.7-arm-2.tgz: Recompiled, with a gcc-4 patch which also allows doxygen and probably a few other things to build on ARM. l/atk-1.12.4-arm-1.tgz: Upgraded to atk-1.12.4. l/cairo-1.2.6-arm-1.tgz: Upgraded to cairo-1.2.6. l/expat-2.0.0-arm-1.tgz: Upgraded to expat-2.0.0. l/gd-2.0.34-arm-1.tgz: Upgraded to gd-2.0.34. l/glib2-2.12.9-arm-1.tgz: Upgraded to glib2-2.12.9. l/gnet-2.0.7-arm-1.tgz: Removed. This used to be a requirement for Pan, but it hasn't been needed by anything in Slackware for some time. l/gtk+2-2.10.9-arm-1.tgz: Upgraded to gtk+2-2.10.9. l/gdk-pixbuf-0.22.0-arm-1.tgz: Removed. I don't think much uses version 1 of this library anymore (I couldn't find any Slackware packages that do). l/lesstif-0.95.0-arm-2.tgz: Recompiled, changing install prefix to /usr. l/libgpod-0.4.2-arm-1.tgz: Upgraded to libgpod-0.4.2. l/libjpeg-6b-arm-1.tgz: Recompiled. l/libpng-1.2.15-arm-1.tgz: Upgraded to libpng-1.2.15. l/libtiff-3.8.2-arm-3.tgz: Recompiled. l/libungif-4.1.4-arm-4.tgz: Recompiled. l/libxml2-2.6.27-arm-1.tgz: Upgraded to libxml2-2.6.27. l/libxslt-1.1.20-arm-1.tgz: Upgraded to libxslt 1.1.20 l/mm-1.4.2-arm-2.tgz: Recompiled. l/mpeg_lib-1.3.1-arm-1.tgz: Removed. l/neon-0.25.5-arm-2.tgz: Recompiled. l/pango-1.15.5-arm-1.tgz: Upgraded to pango-1.15.5. l/pcre-7.0-arm-1.tgz: Upgraded to pcre-7.0. l/readline-5.2-arm-1.tgz: Upgraded to readline-5.2. l/zlib-1.2.3-arm-2.tgz: Recompiled. n/bind-9.3.4-arm-1.tgz: Upgraded to bind-9.3.4. n/dhcp-3.0.5-arm-1.tgz: Upgraded to dhcp-3.0.5. n/fetchmail-6.3.6-arm-1.tgz: Upgraded to fetchmail-6.3.6. n/iptables-1.3.7-arm-1.tgz: Upgraded to iptables-1.3.7. n/iptraf-3.0.0-arm-1.tgz: Upgraded to iptraf-3.0.0. n/lftp-3.5.9-arm-1.tgz: Upgraded to lftp-3.5.9. n/links-2.1pre26-arm-1.tgz: Upgraded to links-2.1pre26. n/lynx-2.8.6rel.4-arm-1.tgz: Upgraded to lynx-2.8.6rel.4. n/openssl-0.9.8d-arm-2.tgz: Recompiled. n/rsync-2.6.9-arm-1.tgz: Upgraded to rsync-2.6.9. n/samba-3.0.24-arm-1.tgz: Upgraded to samba-3.0.24. x/fontconfig-2.4.2-arm-1.tgz: Patched /etc/fonts.conf to favor the DejaVu fonts over the Vera ones if they are present on the machine. +--------------------------+ Thu Jan 25 21:32:57 GMT 2007 a/bin-11.1-arm-1.tgz: Split out most of the utilities from this package. This package only contains a few loose odds and ends now, but various system scripts still need them. a/dcron-2.3.3-arm-2.tgz: Bundle the run-parts script needed by crond. a/dosfstools-2.11-arm-1.tgz: Upgraded to dosfstools-2.11, Split out of the 'a/bin' package. a/ed-0.4-arm-1.tgz: Split out of the 'a/bin' package. a/eject-2.1.5-arm-1.tgz: Split out of the 'a/bin' package. a/file-4.19-arm-1.tgz: Split out of the 'a/bin' package. a/glibc-solibs-2.5-arm-1.tgz: Upgraded to glibc-2.5. a/glibc-zoneinfo-2.5-noarch-1.tgz: Upgraded to glibc-2.5 zoneinfo. a/lha-114i-arm-1.tgz: Split out of the 'a/bin' package. a/ncompress-4.2.4-arm-1.tgz: Split out of the 'a/bin' package. a/patch-2.5.4-arm-1.tgz: Split out of the 'a/bin' package. a/rpm2tgz-1.0-arm-1.tgz: Split out of the 'a/bin' package. a/splitvt-1.6.5-arm-1.tgz: Split out of the 'a/bin' package. a/tar-1.16.1-arm-1.tgz: Upgraded to this version. a/time-1.7-arm-1.tgz: Split out of the 'a/bin' package. a/tree-1.5.0-arm-1.tgz: Split out of the 'a/bin' package. a/unarj-265-arm-1.tgz: Split out of the 'a/bin' package. a/which-2.16-arm-1.tgz: Split out of the 'a/bin' package. a/zoo-2.10-arm-1.tgz: Split out of the 'a/bin' package. d/binutils-2.17.50.0.9-arm-1.tgz: Upgraded to this version. d/byacc-1.9-armv3-1.tgz: Removed - Pretty much everything expects bison now. d/gcc*-4.1.2-arm-1.tgz: Upgraded to gcc-4.1.2 The Java compiler is missing because it doesn't build for ARM (it did for gcc 3.4). I notice that Debian don't build it for ARM either. If it's reported to work at a later date, I'll build again with Java support and see what happens. l/glibc-2.5-arm-1.tgz: Upgraded to glibc 2.5 with NPTL support. You need to be running a Linux 2.6 Kernel for this glibc. This glibc is built against Linux 2.6.20 Kernel headers. l/glibc-i18n-2.5-noarch-1.tgz: Upgraded to glibc 2.5 internationalisations. l/glibc-profile-2.5-arm-1.tgz: Upgraded to glibc 2.5 (profiling package). l/gmp-4.2.1-arm-2.tgz: Recompiled. l/libtermcap-1.2.3-arm-1.tgz: Recompiled. l/ncurses-5.6-arm-1.tgz: Upgraded to ncurses-5.6. armedslack-extra/packages/nano-2.0.2-arm-1.tgz: Removed. nano is now in the 'ap' series in the main Slackware tree. pasture/lvm-1.0.8-armv3-1.tgz: Moved here from ap/. +--------------------------+ Thu Jan 18 19:55:10 GMT 2007 This is ARMedslack 11.0! It's not released as such but I am currently working on bringing armedslack-current up to Slackware-current, with gcc-4.1.1 and glibc-2.5, so that branch is going to become pretty broken for a while. This is a very stable OS - so it's now frozen.