LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 12-22-2022, 11:04 AM   #1
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
[LATEST CHANGELOG] Slackware-15.0


As suggested by marav
https://www.linuxquestions.org/quest...ml#post6399610

A slackware forum thread dedicaced to the latest slackware-15.0 changelog
This will at least give some visibility on the latest updates here on the forum

4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Thu Dec 22 03:40:55 UTC 2022
patches/packages/bind-9.16.36-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/curl-7.87.0-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/mozilla-thunderbird-102.6.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains a security fix and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.6.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/
    https://www.cve.org/CVERecord?id=CVE-2022-46874
  (* Security fix *)
testing/packages/bind-9.16.36-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt

Last edited by gegechris99; 12-23-2022 at 01:53 AM.
 
Old 12-22-2022, 11:14 AM   #2
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
I'll strive to timely post here any update of Slackware 15.0 changelog.
I'll use the output of marav script provided at http://marav8.free.fr/report/slack-15.0-x86_64.txt
Should you detect the update before me, don't hesitate to post it.
I won't have any hard feeling about it
 
7 members found this post helpful.
Old 12-22-2022, 01:02 PM   #3
marav
LQ Sage
 
Registered: Sep 2018
Location: Gironde
Distribution: Slackware
Posts: 5,469

Rep: Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227Reputation: 4227
Very good !

Let me know if you want to be notified by mail ;-)

Almost 100 views and no one noticed the error in the changelog
 
Old 12-22-2022, 01:59 PM   #4
dhalliwe
Member
 
Registered: Mar 2022
Location: Ontario, Canada
Distribution: Slackware
Posts: 170

Rep: Reputation: 160Reputation: 160
On the subject of the changelog, I don't follow the testing directory, but I did notice that bind under testing has reverted to 9.16.36 (matching what was added in patches).

Quote:
testing/packages/bind-9.16.36-x86_64-1_slack15.0.txz
Back in March, version 9.18 slipped into patches by mistake, and PV put it into testing when reverting back to 9.16. Did 9.16 get added to testing by mistake?

Quote:
Mon Mar 21 20:24:16 UTC 2022
patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing.
 
1 members found this post helpful.
Old 12-23-2022, 01:44 AM   #5
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
1 updates (x86_64) : 1 upgraded
Code:
Fri Dec 23 02:37:47 UTC 2022
testing/packages/bind-9.18.10-x86_64-1_slack15.0.txz:  Upgraded.
 
1 members found this post helpful.
Old 12-23-2022, 01:50 AM   #6
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
Quote:
Originally Posted by LuckyCyborg View Post
I believe that Slackware is a great distribution, more than worth to be spelled its name with capital "S" letter, that's why I ask you to be kind to edit the thread title s/slackware/Slackware
I could not find a way to edit the thread title (Edit doesn't allow that and there is no entry in Thread Tool).
Any pointer on how to change the thread title is welcome.

--EDIT-- forget about it. I found it (in Edit "Advanced")

Last edited by gegechris99; 12-23-2022 at 01:54 AM. Reason: found it!!!
 
Old 12-23-2022, 05:11 AM   #7
kjhambrick
Senior Member
 
Registered: Jul 2005
Location: Round Rock, TX
Distribution: Slackware64 15.0 + Multilib
Posts: 2,159

Rep: Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512Reputation: 1512
Thanks for taking on the [LATEST CHANGELOG] Slackware-15.0 Thread gegechris99

-- kjh

Last edited by kjhambrick; 12-23-2022 at 05:12 AM.
 
Old 01-04-2023, 12:37 AM   #8
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
3 updates (x86_64). Including a (* Security fix *)! : 2 upgraded, 1 rebuilt
Code:
Wed Jan  4 02:18:08 UTC 2023
patches/packages/libtiff-4.4.0-x86_64-1_slack15.0.txz:  Upgraded.
  Patched various security bugs.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-2056
    https://www.cve.org/CVERecord?id=CVE-2022-2057
    https://www.cve.org/CVERecord?id=CVE-2022-2058
    https://www.cve.org/CVERecord?id=CVE-2022-3970
    https://www.cve.org/CVERecord?id=CVE-2022-34526
  (* Security fix *)
patches/packages/rxvt-unicode-9.26-x86_64-3_slack15.0.txz:  Rebuilt.
  When the "background" extension was loaded, an attacker able to control the
  data written to the terminal would be able to execute arbitrary code as the
  terminal's user. Thanks to David Leadbeater and Ben Collver.
  For more information, see:
    https://www.openwall.com/lists/oss-security/2022/12/05/1
    https://www.cve.org/CVERecord?id=CVE-2022-4170
  (* Security fix *)
patches/packages/whois-5.5.15-x86_64-1_slack15.0.txz:  Upgraded.
  Updated the .bd, .nz and .tv TLD servers.
  Added the .llyw.cymru, .gov.scot and .gov.wales SLD servers.
  Updated the .ac.uk and .gov.uk SLD servers.
  Recursion has been enabled for whois.nic.tv.
  Updated the list of new gTLDs with four generic TLDs assigned in October 2013
  which were missing due to a bug.
  Removed 4 new gTLDs which are no longer active.
  Added the Georgian translation, contributed by Temuri Doghonadze.
  Updated the Finnish translation, contributed by Lauri Nurmi.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
1 members found this post helpful.
Old 01-04-2023, 11:43 PM   #9
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Thu Jan  5 03:09:24 UTC 2023
patches/packages/vim-9.0.1146-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed security issues:
  Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
  Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-0049
    https://www.cve.org/CVERecord?id=CVE-2023-0051
  (* Security fix *)
patches/packages/vim-gvim-9.0.1146-x86_64-1_slack15.0.txz:  Upgraded.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
2 members found this post helpful.
Old 01-06-2023, 08:26 PM   #10
drumz
Member
 
Registered: Apr 2005
Location: Oklahoma, USA
Distribution: Slackware
Posts: 907

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
4 updates (x86_64). Including a (* Security fix *)! : 3 upgraded, 1 rebuilt
Code:
Sat Jan  7 01:50:00 UTC 2023
extra/php80/php80-8.0.27-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
extra/php81/php81-8.1.14-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
patches/packages/mozilla-nss-3.87-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
    https://www.cve.org/CVERecord?id=CVE-2021-43527
  (* Security fix *)
patches/packages/php-7.4.33-x86_64-2_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  PDO::quote() may return unquoted string.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31631
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
1 members found this post helpful.
Old 01-10-2023, 03:54 PM   #11
drumz
Member
 
Registered: Apr 2005
Location: Oklahoma, USA
Distribution: Slackware
Posts: 907

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
1 updates (x86_64) : 1 rebuilt
Code:
Tue Jan 10 21:32:00 UTC 2023
patches/packages/ca-certificates-20221205-noarch-2_slack15.0.txz:  Rebuilt.
  Make sure that if we're installing this package on another partition (such as
  when using installpkg with a --root parameter) that the updates are done on
  that partition. Thanks to fulalas.
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
2 members found this post helpful.
Old 01-13-2023, 03:07 PM   #12
drumz
Member
 
Registered: Apr 2005
Location: Oklahoma, USA
Distribution: Slackware
Posts: 907

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Fri Jan 13 20:29:55 UTC 2023
patches/packages/netatalk-3.1.14-x86_64-1_slack15.0.txz:  Upgraded.
  Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow
  resulting in code execution via a crafted .appl file.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-45188
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
2 members found this post helpful.
Old 01-18-2023, 07:51 AM   #13
drumz
Member
 
Registered: Apr 2005
Location: Oklahoma, USA
Distribution: Slackware
Posts: 907

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
4 updates (x86_64). Including a (* Security fix *)! : 4 upgraded
Code:
Wed Jan 18 06:11:54 UTC 2023
patches/packages/git-2.35.6-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes two security issues:
  * CVE-2022-41903:
  git log has the ability to display commits using an arbitrary
  format with its --format specifiers. This functionality is also
  exposed to git archive via the export-subst gitattribute.
  When processing the padding operators (e.g., %<(, %<|(, %>(,
  %>>(, or %><( ), an integer overflow can occur in
  pretty.c::format_and_pad_commit() where a size_t is improperly
  stored as an int, and then added as an offset to a subsequent
  memcpy() call.
  This overflow can be triggered directly by a user running a
  command which invokes the commit formatting machinery (e.g., git
  log --format=...). It may also be triggered indirectly through
  git archive via the export-subst mechanism, which expands format
  specifiers inside of files within the repository during a git
  archive.
  This integer overflow can result in arbitrary heap writes, which
  may result in remote code execution.
  * CVE-2022-23521:
  gitattributes are a mechanism to allow defining attributes for
  paths. These attributes can be defined by adding a `.gitattributes`
  file to the repository, which contains a set of file patterns and
  the attributes that should be set for paths matching this pattern.
  When parsing gitattributes, multiple integer overflows can occur
  when there is a huge number of path patterns, a huge number of
  attributes for a single pattern, or when the declared attribute
  names are huge.
  These overflows can be triggered via a crafted `.gitattributes` file
  that may be part of the commit history. Git silently splits lines
  longer than 2KB when parsing gitattributes from a file, but not when
  parsing them from the index. Consequentially, the failure mode
  depends on whether the file exists in the working tree, the index or
  both.
  This integer overflow can result in arbitrary heap reads and writes,
  which may result in remote code execution.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-41903
    https://www.cve.org/CVERecord?id=CVE-2022-23521
  (* Security fix *)
patches/packages/httpd-2.4.55-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  mod_proxy allows a backend to trigger HTTP response splitting.
  mod_proxy_ajp possible request smuggling.
  mod_dav out of bounds read, or write of zero byte.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.55
    https://www.cve.org/CVERecord?id=CVE-2022-37436
    https://www.cve.org/CVERecord?id=CVE-2022-36760
    https://www.cve.org/CVERecord?id=CVE-2006-20001
  (* Security fix *)
patches/packages/libXpm-3.5.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Infinite loop on unclosed comments.
  Runaway loop with width of 0 and enormous height.
  Compression commands depend on $PATH.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-46285
    https://www.cve.org/CVERecord?id=CVE-2022-44617
    https://www.cve.org/CVERecord?id=CVE-2022-4883
  (* Security fix *)
patches/packages/mozilla-firefox-102.7.0esr-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.7.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/
    https://www.cve.org/CVERecord?id=CVE-2022-46871
    https://www.cve.org/CVERecord?id=CVE-2023-23598
    https://www.cve.org/CVERecord?id=CVE-2023-23599
    https://www.cve.org/CVERecord?id=CVE-2023-23601
    https://www.cve.org/CVERecord?id=CVE-2023-23602
    https://www.cve.org/CVERecord?id=CVE-2022-46877
    https://www.cve.org/CVERecord?id=CVE-2023-23603
    https://www.cve.org/CVERecord?id=CVE-2023-23605
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
2 members found this post helpful.
Old 01-18-2023, 09:18 PM   #14
drumz
Member
 
Registered: Apr 2005
Location: Oklahoma, USA
Distribution: Slackware
Posts: 907

Rep: Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697Reputation: 697
1 updates (x86_64). Including a (* Security fix *)! : 1 upgraded
Code:
Thu Jan 19 00:40:12 UTC 2023
patches/packages/sudo-1.9.12p2-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a flaw in sudo's -e option (aka sudoedit) that could allow
  a malicious user with sudoedit privileges to edit arbitrary files.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-22809
  (* Security fix *)
Provided by http://marav8.free.fr/report/slack-15.0-x86_64.txt
 
Old 01-21-2023, 03:57 AM   #15
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,162

Original Poster
Blog Entries: 5

Rep: Reputation: 394Reputation: 394Reputation: 394Reputation: 394
2 updates (x86_64). Including a (* Security fix *)! : 2 upgraded
Code:
Fri Jan 20 23:58:24 UTC 2023
patches/packages/mozilla-thunderbird-102.7.0-x86_64-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.7.0/releasenotes/
    https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird102.7
  (* Security fix *)
patches/packages/seamonkey-2.53.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.15
  (* Security fix *)

Last edited by gegechris99; 01-21-2023 at 04:02 AM.
 
4 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Latest changelog for slackware-current marav Slackware 1632 Yesterday 05:56 PM
[SOLVED] Latest Firefox (88.0.1) has trouble with -current changelog... andrew.46 Slackware 5 05-10-2021 04:59 AM
Latest Xorg changelog effect brodo Slackware 12 09-22-2008 01:17 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 06:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration