Sat Jan 28 08:28:22 UTC 2012 a/kernel-firmware-3.2.2-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.2.2_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-tegra-3.2.2_tegra-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.2.2_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.2.2-arm-1.tgz: Upgraded. a/kernel_tegra-3.2.2-arm-1.tgz: Upgraded. a/kernel_versatile-3.2.2-arm-1.tgz: Upgraded. k/kernel-source-3.2.2-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. +--------------------------+ Thu Jan 19 20:28:46 UTC 2012 a/coreutils-8.15-arm-1.tgz: Upgraded. This will be provided as a patch to fix some important issues with ext4. Thanks to Georgy Salnikov for the notification. a/glibc-solibs-2.13-arm-7.tgz: Rebuilt. a/glibc-zoneinfo-2011i_2011n-noarch-7.tgz: Rebuilt. a/kernel-firmware-3.2.1-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.2.1_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-tegra-3.2.1_tegra-arm-1.tgz: Upgraded. I've now got this running on the TrimSlice. The installation documents are not yet written and there are still some oddities such as using ext4 *and* a swap partition results in USB resets and random failures, where as ext3 and a swap partiton does not. A basic nuts and bolts set of notes can be found here: ftp://ftp.armedslack.org/armedslack/armedslack-devtools/tegra/booting.txt a/kernel-modules-versatile-3.2.1_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.2.1-arm-1.tgz: Upgraded. a/kernel_tegra-3.2.1-arm-1.tgz: Upgraded. a/kernel_versatile-3.2.1-arm-1.tgz: Upgraded. a/openssl-solibs-0.9.8t-arm-1.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt (* Security fix *) ap/htop-1.0-arm-1.tgz: Upgraded. d/binutils-2.22-arm-1.tgz: Upgraded. Added patches from Debian. This fixes compilation on ARMv7 machines. d/gcc-4.6.2-arm-1.tgz: Upgraded. d/gcc-g++-4.6.2-arm-1.tgz: Upgraded. d/gcc-gfortran-4.6.2-arm-1.tgz: Upgraded. d/gcc-java-4.6.2-arm-1.tgz: Upgraded. d/gcc-objc-4.6.2-arm-1.tgz: Upgraded. d/kernel-headers-3.2.1-arm-1.tgz: Upgraded. d/oprofile-0.9.6-arm-5.tgz: Rebuilt. Added some ARM patches from Ubuntu and rebuilt against the new binutils. e/emacs-23.3b-arm-1.tgz: Upgraded. k/kernel-source-3.2.1-arm-1.tgz: Upgraded. l/freetype-2.4.8-arm-1.tgz: Upgraded. Some vulnerabilities in handling CID-keyed PostScript fonts have been fixed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 (* Security fix *) l/glibc-2.13-arm-7.tgz: Rebuilt. l/glibc-i18n-2.13-arm-7.tgz: Rebuilt. l/glibc-profile-2.13-arm-7.tgz: Rebuilt. l/gmp-5.0.2-arm-1.tgz: Upgraded. l/libmpc-0.9-arm-1.tgz: Upgraded. l/mpfr-3.1.0-arm-1.tgz: Upgraded. l/seamonkey-solibs-2.6.1-arm-2.tgz: Rebuilt. n/ca-certificates-20111211-noarch-1.tgz: Upgraded. n/openssl-0.9.8t-arm-1.tgz: Upgraded. This fixes a bug where DTLS applications were not properly supported. This bug could have allowed remote attackers to cause a denial of service via unspecified vectors. CVE-2012-0050 has been assigned to this issue. For more details see: http://openssl.org/news/secadv_20120118.txt (* Security fix *) n/sendmail-8.14.5-arm-1.tgz: Upgraded. n/sendmail-cf-8.14.5-noarch-1.tgz: Upgraded. xap/seamonkey-2.6.1-arm-2.tgz: Rebuilt. Added missing .pc file. This update contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/announce/ (* Security fix *) xap/x3270-3.3.12ga7-arm-1.tgz: Upgraded. xap/xfractint-20.04p11-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. +--------------------------+ Mon Jan 9 21:25:22 UTC 2012 a/glibc-solibs-2.13-arm-6.tgz: Rebuilt. a/glibc-zoneinfo-2.13-noarch-6.tgz: Rebuilt. This package contains the following time zone data: tzcode 2011i tzdata 2011n a/kernel-firmware-3.2.0-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.2.0_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-tegra-3.2.0_tegra-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.2.0_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.2.0-arm-1.tgz: Upgraded. a/kernel_tegra-3.2.0-arm-1.tgz: Upgraded. a/kernel_versatile-3.2.0-arm-1.tgz: Upgraded. d/kernel-headers-3.2.0-arm-1.tgz: Upgraded. k/kernel-source-3.2.0-arm-1.tgz: Upgraded. l/glibc-2.13-arm-6.tgz: Rebuilt. Rebuilt against Linux 3.2 Kernel headers. Patched to fix an integer overflow in the __tzfile_read function (time zone handling) that can cause a heap overrun/corruption. CVE-2009-5029 has been assigned to this issue. For more details see: http://sourceware.org/bugzilla/show_bug.cgi?id=13506 (* Security fix *) l/glibc-i18n-2.13-arm-6.tgz: Rebuilt. l/glibc-profile-2.13-arm-6.tgz: Rebuilt. l/seamonkey-solibs-2.6.1-arm-1.tgz: Upgraded. xap/mozilla-firefox-9.0.1-arm-1.tgz: Upgraded. xap/seamonkey-2.6.1-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. +--------------------------+ Mon Jan 2 18:45:08 UTC 2012 a/bash-4.2.010-arm-1.tgz: Upgraded. a/kernel-firmware-3.2.0rc7-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.2.0rc7_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-tegra-3.2.0rc7_tegra-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.2.0rc7_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.2.0rc7-arm-1.tgz: Upgraded. a/kernel_tegra-3.2.0rc7-arm-1.tgz: Upgraded. a/kernel_versatile-3.2.0rc7-arm-1.tgz: Upgraded. k/kernel-source-3.2.0rc7-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. +--------------------------+ Sun Dec 18 11:17:36 UTC 2011 From this update onwards, all Slackware ARM packages will be compiled for armv5te. This means that old ARM devices with an ARMv4T CPU can no longer use this tree - they will need to use Slackware ARM 13.37. I've taken this step because the vast majority of the Slackware ARM user base uses hardware that has an ARMv5te CPU. Slackware ARM only officially supports Kernels for systems that have ARMv5te CPUs, therefore it makes sense to change the userland to match the supported systems. I've rebuilt most of the primary packages as armv5te, and the rest will follow as the packages get upgraded. a/bash-4.1.010-arm-2.tgz: Rebuilt. a/bzip2-1.0.6-arm-2.tgz: Rebuilt. a/coreutils-8.12-arm-2.tgz: Rebuilt. a/dialog-1.1_20100428-arm-3.tgz: Rebuilt. a/e2fsprogs-1.41.14-arm-2.tgz: Rebuilt. a/etc-13.013-arm-2.tgz: Rebuilt. Allow root logins on ttyS0 in /etc/securetty. Previously this was restricted to devices manufactured by "Marvell"- such as SheevaPlug, OpenRD client. However, this configuration is useful on all ARM devices so this setting will now be configured on all ARM devices regardless of the device name/type. a/gawk-3.1.8-arm-2.tgz: Rebuilt. a/gettext-0.18.1.1-arm-2.tgz: Rebuilt. a/glibc-solibs-2.13-arm-5.tgz: Rebuilt. a/grep-2.7-arm-2.tgz: Rebuilt. a/gzip-1.4-arm-2.tgz: Rebuilt. a/kernel-firmware-3.1.5-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.1.5_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-tegra-3.1.5_tegra-arm-1.tgz: Added. a/kernel-modules-versatile-3.1.5_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.1.5-arm-1.tgz: Upgraded. a/kernel_tegra-3.1.5-arm-1.tgz: Added. Added support for a new ARM system called the 'Trimslice'. "[The] Trim-Slice is based on NVIDIA Tegra 2 - a dual-core ARM Cortex A9 @ 1 GHz with ultra-low-power GeForce GPU with 1 GB DDR2 RAM soldered on-board." See http://www.trimslice.com for more details. This Kernel does not contain video support because the kernel.org mainline tree does not yet contain the support, but this will be added once it's available. I've created a document that contains a few useful nuggets of information about booting the Slackware installer on the Trimslice: ftp://ftp.armedslack.org/armedslack/armedslack-devtools/tegra/booting.txt I think that my Trimslice has a problem with it either with the SSD or the USB bus, so I may need to RMA it. However, the kernel boots and I can install upon an external USB drive for the time being. Once I have a stable system, I'll prepare some installation notes in the same format as the 'INSTALL_KIRKWOOD' document. I'm interested to hear whether anybody else who wants to use Slackware on the Trimslice finds that this Kernel works for them! I expect there to be a handful of releases of the Kernel for this system. a/kernel_versatile-3.1.5-arm-1.tgz: Upgraded. a/openssl-solibs-0.9.8r-arm-3.tgz: Rebuilt. a/sed-4.2.1-arm-2.tgz: Rebuilt. a/sysvinit-scripts-1.2-noarch-14.tgz: Rebuilt. In /etc/inittab spawn a console on ttyS0 for all ARM devices - see the note above for the 'etc' package. a/tar-1.26-arm-2.tgz: Rebuilt. a/util-linux-2.19-arm-2.tgz: Rebuilt. a/xz-5.0.2-arm-2.tgz: Rebuilt. d/binutils-2.21.53.0.2-arm-2.tgz: Rebuilt. d/distcc-3.1-arm-2.tgz: Rebuilt. d/gcc-4.5.3-arm-3.tgz: Rebuilt. d/gcc-g++-4.5.3-arm-3.tgz: Rebuilt. d/gcc-gfortran-4.5.3-arm-3.tgz: Rebuilt. d/gcc-java-4.5.3-arm-3.tgz: Rebuilt. d/gcc-objc-4.5.3-arm-3.tgz: Rebuilt. d/gettext-tools-0.18.1.1-arm-2.tgz: Rebuilt. d/kernel-headers-3.1.5-arm-1.tgz: Upgraded. d/perl-5.14.0-arm-2.tgz: Rebuilt. d/python-2.6.6-arm-2.tgz: Rebuilt. d/ruby-1.9.1_p431-arm-2.tgz: Rebuilt. d/subversion-1.7.2-arm-1.tgz: Upgraded. This update fixes an issue with "git svn clone" being broken. Thanks to Francesco Allertsen for the heads-up. k/kernel-source-3.1.5-arm-1.tgz: Upgraded. l/db42-4.2.52-arm-2.tgz: Rebuilt. l/db44-4.4.20-arm-2.tgz: Rebuilt. l/glibc-2.13-arm-5.tgz: Rebuilt. Rebuilt against Linux 3.1.5 Kernel headers. I'm aware that Slackware x86 is using glibc-2.14 but this hasn't been proven on ARM yet so we're sticking with v2.13. l/glibc-i18n-2.13-arm-5.tgz: Rebuilt. l/glibc-profile-2.13-arm-5.tgz: Rebuilt. l/libjpeg-v8a-arm-2.tgz: Rebuilt. l/libpng-1.4.8-arm-2.tgz: Rebuilt. l/ncurses-5.9-arm-2.tgz: Rebuilt. l/neon-0.29.5-arm-2.tgz: Rebuilt. l/popt-1.7-arm-3.tgz: Rebuilt. l/readline-5.2-arm-2.tgz: Rebuilt. l/zlib-1.2.5-arm-5.tgz: Rebuilt. n/openssh-5.9p1-arm-3.tgz: Rebuilt. n/openssl-0.9.8r-arm-3.tgz: Rebuilt. xap/blackbox-0.70.1-arm-4.tgz: Rebuilt. This one hadn't been rebuilt in over a year because it wouldn't compile without patches. isolinux/*: Rebuilt. kernels/*: Upgraded. isolinux/uinitrd-tegra.img: Added Slackware installer for the Trimslice system. kernels/tegra/*: Added Kernels for the Trimslice system. +--------------------------+ Sun Dec 4 09:16:30 UTC 2011 a/kernel-firmware-3.1.4-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.1.4_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.1.4_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.1.4-arm-1.tgz: Upgraded. a/kernel_versatile-3.1.4-arm-1.tgz: Upgraded. k/kernel-source-3.1.4-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. This upgrade is more about preliminary work for supporting the "Trimslice" desktop computer. I've made a first pass at upgrading the Kernel build script, and have prepared two Kernel config files (source/k/configs). However, it doesn't look like the Trimslice support in the kernel.org linux-3.1.4 tree is ready for the prime time just yet (I had a compile failure when building the USB support). I'll be putting more focus on supporting this device when I have my hands on it in a couple of weeks' time. +--------------------------+ Tue Nov 29 23:47:08 UTC 2011 d/yasm-1.2.0-arm-1.tgz: Upgraded. xap/mozilla-firefox-8.0.1-arm-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox.html (* Security fix *) xap/mozilla-thunderbird-8.0-arm-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html (* Security fix *) +--------------------------+ Fri Nov 25 09:33:13 UTC 2011 a/kernel-firmware-3.1.2-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.1.2_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.1.2_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.1.2-arm-1.tgz: Upgraded. a/kernel_versatile-3.1.2-arm-1.tgz: Upgraded. d/make-3.82-arm-3.tgz: Rebuilt. Patched a free() crash when building Android. Thanks to Troy Unrau. k/kernel-source-3.1.2-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. kernels/*: Upgraded. +--------------------------+ Fri Nov 18 15:36:15 UTC 2011 a/glibc-zoneinfo-2011i_2011n-noarch-1.tgz: Upgraded. New upstream homepage: http://www.iana.org/time-zones d/slacktrack-2.10-arm-1.tgz: Upgraded. n/bind-9.7.4_P1-arm-1.tgz: Upgraded. --- 9.7.4-P1 released --- 3218. [security] Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [RT #26590] (* Security fix *) +--------------------------+ Tue Nov 8 11:47:50 UTC 2011 xap/mozilla-firefox-8.0-arm-1.tgz: Upgraded. +--------------------------+ Sun Nov 6 17:47:43 UTC 2011 xap/mozilla-firefox-8.0b6-arm-1.tgz: Upgraded. +--------------------------+ Tue Oct 25 18:44:28 UTC 2011 a/kernel-firmware-3.1.0-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.1.0_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.1.0_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.1.0-arm-1.tgz: Upgraded. a/kernel_versatile-3.1.0-arm-1.tgz: Upgraded. k/kernel-source-3.1.0-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. New kernel modules and upgraded the included component tools to the latest versions in -current. kernels/*: Upgraded. +--------------------------+ Sun Oct 23 09:47:55 UTC 2011 a/minicom-2.5-arm-2.tgz: Rebuilt. Added a carriage return to '/etc/minirc.dfl' to prevent minicom from hanging. +--------------------------+ Sat Oct 22 10:32:47 UTC 2011 a/mtd-utils-221011-arm-1.tgz: Upgraded. a/u-boot-tools-2011.09-arm-1.tgz: Upgraded. n/openssh-5.9p1-arm-2.tgz: Rebuilt. +--------------------------+ Sat Oct 15 09:20:44 UTC 2011 a/file-5.09-arm-1.tgz: Upgraded. +--------------------------+ Thu Oct 6 20:03:30 UTC 2011 ap/linuxdoc-tools-0.9.66-arm-10.tgz: Rebuilt. Removed the files that were overlapping with the 'Python' and 'git' packages. Upgraded to AsciiDoc-8.6.6 Upgraded to DocBook XSL Stylesheets 1.76.1 Upgraded to gnome-doc-utils 0.20.6 Upgraded to gtk-doc-1.18 Upgraded to xmlto-0.0.24 d/slacktrack-2.09-arm-1.tgz: Upgraded. n/httpd-2.2.21-arm-1.tgz: Upgraded. Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. [Jean-Frederic Clere] SECURITY: CVE-2011-3348 Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. [] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 (* Security fix *) xap/mozilla-firefox-7.0.1-arm-1.tgz: Upgraded. +--------------------------+ Thu Sep 8 21:42:36 UTC 2011 n/httpd-2.2.20-arm-1.tgz: Upgraded. SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 (* Security fix *) xap/mozilla-firefox-7.0b4-arm-1.tgz: Upgraded. +--------------------------+ Tue Sep 6 20:03:06 UTC 2011 n/openssh-5.9p1-arm-1.tgz: Upgraded. xap/mozilla-firefox-7.0b3-arm-1.tgz: Upgraded. xap/mozilla-thunderbird-5.0-arm-1.tgz: Upgraded. +--------------------------+ Tue Aug 30 21:09:43 UTC 2011 a/kernel-firmware-3.0.4-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-3.0.4_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-3.0.4_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-3.0.4-arm-1.tgz: Upgraded. a/kernel_versatile-3.0.4-arm-1.tgz: Upgraded. a/module-init-tools-3.16-arm-1_test.tgz: Upgraded. This upgrade is required for Linux 3.0. Slackware x86 is currently on an older version and will be upgraded soon: this package will receive a build re-qualification (from '_test') at that point. Thanks to Robby Workman. k/kernel-source-3.0.4-arm-1.tgz: Upgraded. isolinux/*: Rebuilt. Upgraded Linux kernel. kernels/*: Upgraded. +--------------------------+ Mon Aug 29 14:22:25 UTC 2011 ap/linuxdoc-tools-0.9.66-arm-9.tgz: Rebuilt. This needed rebuilding after the perl-5.14.0 upgrade. +--------------------------+ Fri Aug 26 21:44:43 UTC 2011 ap/soma-2.7.1-noarch-1.tgz: Added. Soma is a command line/dialog Internet radio player. Thanks to David Woodfall. n/php-5.3.8-arm-1.tgz: Upgraded. Updated crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash in error_log(). Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt(). Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483 (* Security fix *) +--------------------------+ Thu Aug 18 21:43:00 UTC 2011 xap/mozilla-firefox-6.0-armv5t-1.tgz: Upgraded. +--------------------------+ Sun Aug 14 21:13:56 UTC 2011 ap/htop-0.9-arm-1.tgz: Added. htop is an ncurses-based interactive process viewer. Thanks to Michal Dorocinski for the suggestion. ap/sqlite-3.7.7.1-arm-1.tgz: Upgraded. Added options: -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_PARENTHESIS=1 d/binutils-2.21.53.0.2-arm-1.tgz: Upgraded. e/emacs-23.3a-arm-1.tgz: Upgraded. n/bind-9.7.4-arm-1.tgz: Upgraded. This BIND update addresses a couple of security issues: * named, set up to be a caching resolver, is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache the response. Due to an off-by-one error, caching the response could cause named to crash. [RT #24650] [CVE-2011-1910] * Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. [RT #24777] [CVE-2011-2464] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 (* Security fix *) n/wget-1.13-arm-1.tgz: Upgraded. +--------------------------+ Fri Aug 5 19:34:14 UTC 2011 a/kernel-firmware-2.6.39.4-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-2.6.39.4_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-2.6.39.4_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-2.6.39.4-arm-1.tgz: Upgraded. a/kernel_versatile-2.6.39.4-arm-1.tgz: Upgraded. k/kernel-source-2.6.39.4-arm-1.tgz: Upgraded. isolinux/*: Upgraded. kernels/*: Upgraded. +--------------------------+ Sun Jul 31 11:44:57 UTC 2011 n/dhcpcd-5.2.12-arm-1.tgz: Upgraded. Sanitize the host name provided by the DHCP server to insure that it does not contain any shell metacharacters. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0996 (* Security fix *) n/samba-3.5.10-arm-1.tgz: Upgraded. Fixed cross-site request forgery and cross-site scripting vulnerability in SWAT (the Samba Web Administration Tool). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694 (* Security fix *) +--------------------------+ Mon Jul 25 21:40:36 UTC 2011 ap/screen-4.0.3-arm-2.tgz: Rebuilt. Use a larger buffer for the termtype variable to fix crashes with long names (e.g. rxvt-unicode-256color). Thanks to cteg. l/libpng-1.4.8-arm-1.tgz: Upgraded. Upgraded to libpng-1.2.46 and libpng-1.4.8. Fixed uninitialized memory read in png_format_buffer() (Bug report by Frank Busse, related to CVE-2004-0421). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 (* Security fix *) +--------------------------+ Sun Jul 17 18:32:35 UTC 2011 a/kernel-firmware-2.6.39.3-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-2.6.39.3_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-2.6.39.3_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-2.6.39.3-arm-1.tgz: Upgraded. a/kernel_versatile-2.6.39.3-arm-1.tgz: Upgraded. k/kernel-source-2.6.39.3-arm-1.tgz: Upgraded. xap/mozilla-firefox-5.0.1-armv5t-1.tgz: Upgraded. Finally, after a week I got the magic combination of configure options, patches and work-arounds :-) I'll look at Thunderbird v5 soon. isolinux/*: Upgraded. kernels/*: Upgraded. +--------------------------+ Mon Jul 11 06:02:03 UTC 2011 d/gcc-4.5.3-arm-2.tgz: Rebuilt. d/gcc-g++-4.5.3-arm-2.tgz: Rebuilt. d/gcc-gfortran-4.5.3-arm-2.tgz: Rebuilt. d/gcc-java-4.5.3-arm-2.tgz: Rebuilt. d/gcc-objc-4.5.3-arm-2.tgz: Rebuilt. n/bind-9.7.3_P3-arm-1.tgz: Upgraded. A specially constructed packet will cause BIND 9 ("named") to exit, affecting DNS service. The issue exists in BIND 9.6.3 and newer. "Change #2912 (see CHANGES) exposed a latent bug in the DNS message processing code that could allow certain UPDATE requests to crash named. This was fixed by disambiguating internal database representation vs DNS wire format data. [RT #24777] [CVE-2011-2464]" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 (* Security fix *) xap/mozilla-thunderbird-3.1.11-armv5t-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html (* Security fix *) +--------------------------+ Fri Jul 1 09:56:20 UTC 2011 ap/ghostscript-9.02-arm-2.tgz: Rebuilt. Provide pstoraster -> gstoraster symlink. Include latest History file, but not all the old ones. n/gnutls-2.12.7-arm-1.tgz: Upgraded. xap/pidgin-2.9.0-arm-1.tgz: Upgraded. Fixed a remote denial of service. A remote attacker could set a specially crafted GIF file as their buddy icon causing vulerable versions of pidgin to crash due to excessive memory use. For more information, see: http://pidgin.im/news/security/?id=52 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 (* Security fix *) +--------------------------+ Sun Jun 26 09:35:29 UTC 2011 ap/ghostscript-9.02-arm-1.tgz: Upgraded. n/fetchmail-6.3.20-arm-1.tgz: Upgraded. This release fixes a denial of service in STARTTLS protocol phases. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947 http://www.fetchmail.info/fetchmail-SA-2011-01.txt (* Security fix *) n/getmail-4.20.3-arm-1.tgz: Upgraded. xap/mozilla-firefox-3.6.18-armv5t-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html (* Security fix *) +--------------------------+ Mon Jun 13 17:50:15 UTC 2011 a/cxxlibs-6.0.14-arm-2.tgz: Rebuilt. a/file-5.07-arm-1.tgz: Upgraded. a/kernel-firmware-2.6.39.1-noarch-1.tgz: Upgraded. a/kernel-modules-kirkwood-2.6.39.1_kirkwood-arm-1.tgz: Upgraded. a/kernel-modules-versatile-2.6.39.1_versatile-arm-1.tgz: Upgraded. a/kernel_kirkwood-2.6.39.1-arm-1.tgz: Upgraded. a/kernel_versatile-2.6.39.1-arm-1.tgz: Upgraded. ap/nano-2.3.1-arm-1.tgz: Upgraded. d/gcc-4.5.3-arm-1.tgz: Upgraded. d/gcc-g++-4.5.3-arm-1.tgz: Upgraded. d/gcc-gfortran-4.5.3-arm-1.tgz: Upgraded. d/gcc-java-4.5.3-arm-1.tgz: Upgraded. d/gcc-objc-4.5.3-arm-1.tgz: Upgraded. Added --enable-objc-gc option to enable Objective-C garbage collection. Thanks to Luca De Pandis. d/git-1.7.5.1-arm-1.tgz: Upgraded. d/kernel-headers-2.6.39.1-arm-1.tgz: Upgraded. d/perl-5.14.0-arm-1.tgz: Upgraded. d/subversion-1.6.16-arm-2.tgz: Rebuilt. k/kernel-source-2.6.39.1-arm-1.tgz: Upgraded. kde/kdebindings-4.5.5-arm-4.tgz: Rebuilt. l/apr-1.4.5-arm-1.tgz: Upgraded. This fixes a possible denial of service due to a problem with a loop in the new apr_fnmatch() implementation consuming CPU. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 (* Security fix *) l/apr-util-1.3.12-arm-1.tgz: Upgraded. Fix crash because of NULL cleanup registered by apr_ldap_rebind_init(). l/libidn-1.22-arm-1.tgz: Upgraded. l/virtuoso-ose-6.1.2-arm-3.tgz: Rebuilt. n/bind-9.7.3_P1-arm-1.tgz: Upgraded. This release fixes security issues: * A large RRSET from a remote authoritative server that results in the recursive resolver trying to negatively cache the response can hit an off by one code error in named, resulting in named crashing. [RT #24650] [CVE-2011-1910] * Zones that have a DS record in the parent zone but are also listed in a DLV and won't validate without DLV could fail to validate. [RT #24631] For more information, see: http://www.isc.org/software/bind/advisories/cve-2011-1910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910 (* Security fix *) n/gnutls-2.12.5-arm-1.tgz: Upgraded. n/httpd-2.2.19-arm-1.tgz: Upgraded. Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). Apache httpd-2.2.18 is considered abandoned. All users must upgrade. n/irssi-0.8.15-arm-4.tgz: Rebuilt. n/net-snmp-5.6.1-arm-2.tgz: Rebuilt. n/ntp-4.2.6p3-arm-2.tgz: Rebuilt. n/obexftp-0.23-arm-6.tgz: Rebuilt. n/php-5.3.6-arm-3.tgz: Rebuilt. Install missing /usr/bin/php-cgi. Thanks to Michael Langfinger for the report. x/libdrm-2.4.25-arm-1.tgz: Upgraded. x/mesa-7.10.2-arm-1.tgz: Upgraded. x/xf86-video-nouveau-git_20110515_8378443-arm-1.tgz: Upgraded. xap/gv-3.7.2-arm-1.tgz: Upgraded. xap/imagemagick-6.6.9_8-arm-1.tgz: Upgraded. xap/pidgin-2.7.11-arm-2.tgz: Rebuilt. xap/xchat-2.8.8-arm-4.tgz: Rebuilt. isolinux/*: Upgraded. kernels/*: Upgraded. +--------------------------+ Sat May 14 09:00:52 UTC 2011 a/coreutils-8.12-arm-1.tgz: Upgraded. l/apr-1.4.4-arm-1.tgz: Upgraded. This fixes a possible denial of service due to an unconstrained, recursive invocation of apr_fnmatch(). This function has been reimplemented using a non-recursive algorithm. Thanks to William Rowe. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 (* Security fix *) l/apr-util-1.3.11-arm-1.tgz: Upgraded. n/httpd-2.2.18-arm-1.tgz: Upgraded. This is a bug fix release, but since the upgrades to apr/apr-util require at least an httpd recompile we opted to upgrade to the newest httpd. +--------------------------+ Wed May 4 18:37:40 UTC 2011 xap/mozilla-firefox-3.6.17-armv5t-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/firefox36.html (* Security fix *) xap/mozilla-thunderbird-3.1.10-armv5t-1.tgz: Upgraded. This release contains security fixes and improvements. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html (* Security fix *) +--------------------------+ Sun May 1 06:43:09 UTC 2011 Slackware 13.37 ARM stable is released! Thanks to everybody who has helped (folks on the mailing list and IRC channel), and of course to everybody involved in the production and release of Slackware for x86. If you are running Slackware 13.1 ARM, you can upgrade to this release by following the instructions included "UPGRADE.TXT" document. Note that the KDE shipped with this release is known-broken. We've tried to fix it for some time now but without success. However, given the low usage of KDE on the ARM platform, I don't think it should hold up a release. If we can fix it in the future, the updates will appear in "patches". Enjoy! Stuart.