Wed Feb 2 18:22:01 PST 2005 Released Slackware 10.1 stable. Thanks to everyone who helped out with this release, and especially to the folks at GUS-BR and SlackSec who helped (and continue to help) with handling security issues for the last few months, to Andreas Liebschner for keeping the website updated and running smoothly, to Theresa Elam for all her hard work running store.slackware.com, to the folks on alt.os.linux.slackware for pointing out bugs and offering suggestions, to the people on ##slackware that I met on IRC (and some again in later emails), to Justin, Kyle, and Dean from the Linux User Group of Rochester, MN who I got to hang out with while "vacationing" at the Mayo Clinic, to everyone who signed my online Christmas card (one of the nicest things I ever got), and to all the kind and patient members of the Slackware community. I hope all of you will enjoy this new Slackware release. Have fun! :-) Your Slackware Maintainer, Pat PS I'm looking forward to working with all of you towards the next one, too. PPS Sorry if that was too much like an Academy Award speech. I could almost hear that music shoving me off the stage. ;-) +--------------------------+ Wed Feb 2 17:46:02 PST 2005 l/esound-0.2.35-i486-1.tgz: Upgraded to esound-0.2.35. l/gtk+2-2.6.1-i486-2.tgz: Added a patch from CVS that can cause Pan and other GTK+ apps to hang under certain circumstances. Thanks to Charlie Law for pointing it out. l/imlib-1.9.15-i486-1.tgz: Upgraded to imlib-1.9.15. This fixes an image decoder overflow in the BMP handling routines which could possibly be exploited if a specially crafted BMP image is loaded. This seems like an unlikely situation, but better safe than sorry... (* Security fix *) extra/j2sdk-1.5.0_01/j2sdk-1_5_0_01-i586-1.tgz: There turned out to be just barely enough room in /extra on ISO 3 to squeeze the Java SDK in. It's not likely to fit the next time around, though, but now you're getting many months of advance notice instead of having the rug pulled out from under you at the last minute. In any event, I'll continue to include in /extra the script that easily allows packaging this as a tgz. testing/packages/lvm2/device-mapper-1.01.00-i486-1.tgz: Upgraded to device-mapper-1.01.00. testing/packages/lvm2/lvm2-2.01.03-i486-1.tgz: Upgraded to lvm2-2.01.03. +--------------------------+ Mon Jan 31 17:37:20 PST 2005 extra/ham/: Merged in ham packages from Arno Verhoeven. extra/k3b/k3b-0.11.19-i486-1.tgz: Upgraded to k3b-0.11.19. extra/parted/parted-1.6.21-i486-1.tgz: Upgraded to parted-1.6.21. extra/slackpkg/slackpkg-1.4-noarch-10.tgz: Upgraded to slackpkg-1.4-noarch-10. +--------------------------+ Mon Jan 31 08:04:32 PST 2005 xap/fvwm-2.4.19-i486-4.tgz: Removed --enable-xgetdefault, which was supposed to be added to rxvt, but I managed to confuse them... Thanks to Jakub Jankowski for pointing out this error. xap/rxvt-2.7.10-i486-2.tgz: Added --enable-xgetdefault to ./configure. Thanks to Corvin for the suggestion. :-) +--------------------------+ Sun Jan 30 17:41:11 PST 2005 a/pkgtools-10.1.0-i486-4.tgz: Removed obsolete (and usually non-functional) LILO and simple bootdisk options from the "makebootdisk" menu. l/jre-1_5_0_01-i586-1.tgz: Moved from d/. xap/fvwm-2.4.19-i486-3.tgz: Added --enable-xgetdefault to ./configure. Thanks to Corvin for the suggestion. xap/xfce-4.2.0-i486-3.tgz: In xinitrc.xfce, make the /tmp/xrdb file in a more secure fashion. +--------------------------+ Fri Jan 28 20:24:09 PST 2005 a/glibc-solibs-2.3.4-i486-1.tgz: Upgraded to glibc-2.3.4. a/glibc-zoneinfo-2.3.4-noarch-1.tgz: Upgraded to glibc-2.3.4. l/glibc-2.3.4-i486-1.tgz: Upgraded to glibc-2.3.4. l/glibc-i18n-2.3.4-noarch-1.tgz: Upgraded to glibc-2.3.4. l/glibc-profile-2.3.4-i486-1.tgz: Upgraded to glibc-2.3.4. n/irssi-0.8.9-i486-6.tgz: Removed obsolete "botti" program. Thanks to Jakub Jankowski for helping the Slackware diet plan. :-) isolinux/initrd.img, rootdisks/install.*: Fixed a bug where the installer ramdisk runs out of space. Thanks to Haakon Riiser for the bug report. +--------------------------+ Thu Jan 27 15:30:49 PST 2005 a/openssl-solibs-0.9.7e-i486-3.tgz: "ldconfig ." no longer works as the man page says that it should, and so the library links were not being created in the package by openssl.SlackBuild. This has been changed to "ldconfig -l *" which fixes the issue. (Thanks to Mark Post). a/pkgtools-10.1.0-i486-3.tgz: Reverted /sbin/pkgtool to the version used in Slackware 10.0. While this version is slower to build the list of packages when viewing or removing packages, it is far more forgiving of a slightly corrupted or out of spec package database. There are many tools (like checkinstall) that do not build packages the same way that Slackware's makepkg does, and when these packages are installed the optimized version of pkgtool runs into problems. These problems are caused by installing broken packages, and should not be blamed on pkgtool (there are many ways to build a tar+gz package that does not conform to the rules as defined by a makepkg built tgz package, and it would be impossible to "fix" pkgtool to handle all of them properly). Perhaps these optimizations will be looked at again for Slackware 11, but IMHO a faster way to get a list of packages is to go into /var/log/packages and use "ls" and "less", and a better way to remove them is with removepkg. In any case, this version of pkgtool works better so that's what will ship with Slackware 10.1. d/jre-1_5_0_01-i586-1.tgz: Replaced j2sdk 1.5.0 with jre-1.5.0_01. The full J2SDK is not needed by most people, and is making the first Slackware test ISO too large (size limit on a replicated ISO is 670MB), so an updated version of the JRE will replace it. If you need the full J2SDK, it is easily obtained from Sun (at java.sun.com). kde/kdeedu-3.3.2-i486-2.tgz: Rebuilt, fixed incorrect permissions. kde/kdelibs-3.3.2-i486-2.tgz: Rebuilt to work with Python 2.4. Added kioslave patch. kde/koffice-1.3.5-i486-2.tgz: Rebuilt to work with Python 2.4. Patched kpdf crash. l/sdl-1.2.8-i486-1.tgz: Upgraded to sdl-1.2.8. n/bind-9.3.0-i486-3.tgz: Patched a possible denial of service in BIND's validator code. The risk level on this bug is rather low, as the flaw only affects BIND if DNSSEC is used. This is not the default setting. (* Security fix *) n/openssl-0.9.7e-i486-3.tgz: Rebuilt. n/sendmail-8.13.3-i486-2.tgz: Applied a CLOSE_WAIT patch. n/sendmail-cf-8.13.3-noarch-2.tgz: Rebuilt. xap/mozilla-plugins-1.7.5-noarch-2.tgz: Point to the correct path for the JRE rather than the J2SDK. extra/slackpkg/slackpkg-1.4-noarch-9.tgz: Upgraded to slackpkg-1.4-noarch-9. +--------------------------+ Tue Jan 25 21:29:12 PST 2005 a/aaa_base-10.1.0-noarch-2.tgz: Fixed email date and a couple typos. a/hdparm-5.8-i486-1.tgz: Upgraded to hdparm-5.8. ap/mysql-4.0.23a-i486-1.tgz: Upgraded to mysql-4.0.23a. I know there are newer production branches than 4.0.x, but don't think such a change would be good at the last minute. It will be one of the first orders of pre-11-current business, though. ap/sudo-1.6.8p6-i486-1.tgz: Upgraded to sudo-1.6.8p6. gnome/gthumb-2.6.3-i486-1.tgz: Upgraded to gthumb-2.6.3. n/imapd-4.62-i486-1.tgz: Upgraded to imapd from pine-4.62. n/nail-11.20-i486-1.tgz: Upgraded to nail-11.20. n/pine-4.62-i486-1.tgz: Upgraded to pine-4.62. n/popa3d-0.6.4.1-i486-1.tgz: Upgraded to popa3d-0.6.4.1. extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.6.10-i486-1.tgz: Compiled for Linux 2.6.10. +--------------------------+ Mon Jan 24 20:41:03 PST 2005 a/aaa_base-10.1.0-noarch-1.tgz: Bumped version number to 10.1. Edited initial email. a/aaa_elflibs-10.1.0-i486-1.tgz: Updated initial library collection. Please remember that (as the package description notes) this package is only intended to be installed at an initial installation, and attempting to "upgrade" it later may copy over newer libraries and cause damage to your system. Some broken upgrade tools haven't learned this fact... a/pkgtools-10.1.0-i486-2.tgz: Fixed a couple bugs and sped up pkgtool more. Thanks to Jim Hawkins and Lasse Collin for the pkgtool patches. Add a patch for removepkg to rmdir directories containing spaces. Thanks to Thomas Pfaff for this patch. f/linux-howtos-20050124-noarch-1.tgz: Upgraded to Linux-HOWTOs-20050124. kde/kdegraphics-3.3.2-i486-3.tgz: Added a patch for another kpdf crash. l/libtiff-3.7.1-i486-2.tgz: Patched a transparency bug in libtiff. (Thanks to Piter Punk) n/dnsmasq-2.20-i486-1.tgz: Upgraded to dnsmasq-2.20. n/sendmail-8.13.3-i486-1.tgz: Upgraded to sendmail-8.13.3. n/sendmail-cf-8.13.3-noarch-1.tgz: Upgraded to sendmail-8.13.3 config files. n/tcpip-0.17-i486-31.tgz: Applied a couple of netconfig patches. Thanks to Daniel de Kok. x/x11-6.8.1-i486-3.tgz: Applied CAN-2004-0914 patch to libXpm. Unlikely to ever be used in the real world other than (also unlikely) through a crash, but I'm trying to pay attention to detail. :-) (* Security fix *) x/x11-devel-6.8.1-i486-3.tgz: Applied CAN-2004-0914 patch to libXpm. xap/gaim-1.1.2-i486-1.tgz: Upgraded to gaim-1.1.2 and gaim-encryption-2.33. xap/xfce-4.2.0-i486-2.tgz: Fixed /etc/X11/xdg/xfce4/xinitrc perms. (Thanks to Roberto Di Girolamo) xap/xpdf-3.00-i486-3.tgz: Added three patches that prevent xpdf crashes. extra/bittorrent/bittorrent-3.9.1-noarch-1.tgz: Upgraded to bittorrent-3.9.1. This is a beta, but the stable version does not work with Python 2.4, so it seems prudent to switch (and it works fine here). zipslack/*: Updated for Slackware 10.1. +--------------------------+ Sat Jan 22 18:12:37 PST 2005 "Goes to show, you don't ever know" Hi folks! I'm going to call this Slackware 10.1 beta 1, because we're at a state where things are relatively stable. There have been a great deal of improvements over Slackware 10.0, and it would be best to get this out before trying to tackle the major changes for Slackware 11. As far as I know, there are no serious security issues remaining in the -current tree at this time. There may still be a few image decoder bugs, but these seem to be crash bugs at worst, if even that. I've yet to hear of any of them allowing remote access, or privilege escalation. I do not think they are worth delaying a Slackware release over. I'd like to get to them, but my condition is preventing this, and so I'm going to tell it like I think it is: The sky is not really falling, regardless of what you read on BugTraq. If I am missing anything major though, please mail to security at slackware.com and let me know about it. As always, I want this to be a high-quality release. And about my status... I didn't want to have to bring this up again, but since a lot of people are under the impression that I've recovered and I'm just fine (and are beginning to make the usual demands of my time ;-), I'd better clarify what's going on. Especially since I'm not exactly fine. Back on Thu Nov 25, I posted in the ChangeLog that I thought I had infective endocarditis (and was promptly flamed for self-diagnosing again). After so much beating around the bush without getting a referral to a cardiologist, I finally called one myself and waited the two weeks it takes to get in. He is a top-notch doctor and heart surgeon (I was very lucky to be able get in to see him), and with no planting of any suggestion from me whatsoever came to the conclusion that it seemed to be infective endocarditis. I'm still waiting for more test results, but it looks like I finally have someone working on my side. So, lets hope that they get some conclusive diagnostics (I get another echo on Wednesday), that I make it until they do, and that it's not too late for this to be treated without a need for valve (or heart) replacement. I've had a rough couple of weeks (well, months really, but especially the last two weeks), and I have to say that while it's good to have a near-death experience every couple of years to keep your head clear and your focus on the important things in life, having one every morning is too often. With that frequency, they start to become a distraction. ;-) So, this verson is going to be wrapped up pretty quickly. I hope people will support the release, because I'm sure I'll have a lot more bills before all of this is through, and I'm blowing through what little money I've managed to save. Again, I'm not asking for donations, but I hope that when Slackware 10.1 comes out that people wanting to help out will order it. Also, in case of emergency I've left instructions with some very trusted people, so nobody should have to worry that if something happens to me that their Slackware systems will be orphaned and unsupported. It may be a long road back for me, but there will be people taking care of security issues as they crop up (like the folks at GUS-BR and SlackSec), and if I should make an unplanned departure there is a basic plan of succession in place. Thanks again to all the kind folks I've known over the years, and I hope to know you for many more. :-) Your Humble Slackware Maintainer, Pat Now, on to... Today's Slackware changes: n/gnupg-1.2.7-i486-1.tgz: Reverted to gnupg-1.2.7 since it produces working signatures for Slackware packages. GnuPG 1.4.x will not be considered for slackware/n/ again until after the 10.1 release. This version works fine. xap/fluxbox-0.9.12-i486-1.tgz: Upgraded to fluxbox-0.9.12. xap/gimp-2.2.3-i486-1.tgz: Upgraded to gimp-2.2.3. xap/xchat-2.4.1-i486-1.tgz: Upgraded to xchat-2.4.1. xap/xfce-4.2.0-i486-1.tgz: Upgraded to xfce-4.2.0. :-) extra/slackpkg/slackpkg-1.3.1-noarch-3.tgz: Upgraded to slackpkg-1.3.1-noarch-3. extra/slacktrack/slacktrack-1.23-i486-1.tgz: Upgraded to slacktrack-1.23_1. testing/packages/gnupg-1.4.0-i486-1.tgz: Moved this back to /testing because it's creating broken signatures for Slackware packages. testing/packages/linux-2.6.10/alsa-driver-1.0.8_2.6.10-i486-1.tgz: Compiled for Linux 2.6.10. testing/packages/linux-2.6.10/kernel-generic-2.6.10-i486-1.tgz: Upgraded to Linux 2.6.10. testing/packages/linux-2.6.10/kernel-headers-2.6.10-i386-1.tgz: Upgraded to Linux 2.6.10. (see the warning on this -- glibc should really be recompiled to make use of these headers). testing/packages/linux-2.6.10/kernel-modules-2.6.10-i486-1.tgz: Upgraded to Linux 2.6.10. testing/packages/linux-2.6.10/kernel-source-2.6.10-noarch-1.tgz: Upgraded to Linux 2.6.10. +--------------------------+ Thu Jan 20 22:37:36 PST 2005 a/kernel-ide-2.4.29-i486-1.tgz: Upgraded to Linux 2.4.29 kernel. a/kernel-modules-2.4.29-i486-1.tgz: Upgraded to Linux 2.4.29 kernel modules. ap/alsa-utils-1.0.8-i486-1.tgz: Upgraded to alsa-utils-1.0.8. d/kernel-headers-2.4.29-i386-1.tgz: Upgraded to kernel-headers-2.4.29. gnome/gdm-2.6.0.6-i486-1.tgz: Upgraded to gdm-2.6.0.6. k/kernel-source-2.4.29-noarch-1.tgz: Upgraded to Linux 2.4.29 kernel source. l/alsa-driver-1.0.8_2.4.29-i486-1.tgz: Upgraded to alsa-driver-1.0.8. l/alsa-lib-1.0.8-i486-1.tgz: Upgraded to alsa-lib-1.0.8. l/alsa-oss-1.0.8-i486-1.tgz: Upgraded to alsa-oss-1.0.8. n/gnupg-1.4.0-i486-1.tgz: Moved gnupg-1.4.0 from /testing. xap/gimp-2.2.2-i486-1.tgz: Upgraded to gimp-2.2.2. xap/imagemagick-6.1.9_0-i486-1.tgz: Upgraded to ImageMagick-6.1.9-0. xap/xscreensaver-4.19-i486-1.tgz: Upgraded to xscreensaver-4.19. bootdisks/*: Upgraded to Linux 2.4.29 bootdisks. extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.29-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.1pre25 for Linux 2.4.29. kernels/*: Upgraded to Linux 2.4.29 kernels. isolinux/initrd.img, isolinux/network.dsk, isolinux/pcmcia.dsk, rootdisks/install.*, rootdisks/network.dsk, rootdisks/pcmcia.dsk: Updated kernel modules to 2.4.29. +--------------------------+ Sat Jan 15 12:59:47 PST 2005 Hi folks. Here's another little entry to the book of changes. Thanks for your patience, and keep the faith. -- Pat a/cups-1.1.23-i486-1.tgz: Upgraded to cups-1.1.23. a/udev-050-i486-1.tgz: Upgraded to udev-050. ap/mdadm-1.8.0-i486-1.tgz: Reverted to mdadm-1.8.0. It turns out that mdadm-1.8.1 is a new and unstable branch. Sorry about that -- from the version number it looked innocent enough to me. :-) l/glib2-2.6.1-i486-1.tgz: Upgraded to glib2-2.6.1. l/gtk+2-2.6.1-i486-1.tgz: Upgraded to gtk+2-2.6.1. l/libtiff-3.7.1-i486-1.tgz: Upgraded to libtiff-3.7.1. n/gnupg-1.2.7-i486-1.tgz: Upgraded to gnupg-1.2.7. (see also gnupg-1.4.0 in /testing below) n/stunnel-4.07-i486-1.tgz: Upgraded to stunnel-4.07. xap/gimp-2.2.1-i486-1.tgz: Upgraded to gimp-2.2.1. xap/sane-1.0.15-i486-1.tgz: Upgraded to sane-backends-1.0.15. xap/xine-lib-1.0-i686-1.tgz: Upgraded to xine-lib-1.0. testing/packages/gnupg-1.4.0-i486-1.tgz: Added gnupg-1.4.0. This is a new stable version of GnuPG. Please test it out. If no problems are reported it will replace gnupg-1.2.7 in slackware/n/ soon. +--------------------------+ Mon Jan 3 22:29:13 PST 2005 kde/kdebindings-3.3.2-i486-3.tgz: Patched to work with Python 2.4. Thanks to Giacomo Lozito for the patch. l/taglib-1.3.1-i486-1.tgz: Upgraded to taglib-1.3.1. Thanks to Fedele Liberatoscioli for mentioning this fixes some crashes in the 1.3 version of taglib. extra/bittornado/bittornado-0.3.9b-noarch-1.tgz: Upgraded to bittornado-0.3.9b built for Python 2.4. extra/bittorrent/bittorrent-3.4.2-noarch-2.tgz: Rebuilt for Python 2.4. +--------------------------+ Sat Jan 1 22:56:49 PST 2005 Happy new year, everyone. :-) a/module-init-tools-3.1-i486-1.tgz: Upgraded to module-init-tools-3.1 and modutils-2.4.27. a/util-linux-2.12p-i486-1.tgz: Upgraded to util-linux-2.12p. ap/mdadm-1.8.1-i486-1.tgz: Upgraded to mdadm-1.8.1. d/binutils-2.15.92.0.2-i486-2.tgz: Upgraded to ksymoops-2.4.10. Tried the newer binutils, but it couldn't compile ksymoops due to missing symbols in libbfd.so we'll stick with 2.15.92.0.2 for now... d/cvs-1.11.18-i486-1.tgz: Upgraded to cvs-1.11.18. d/doxygen-1.4.0-i486-1.tgz: Upgraded to doxygen-1.4.0. d/perl-5.8.6-i486-1.tgz: Upgraded to perl-5.8.6. d/python-2.4-i486-1.tgz: Upgraded to python-2.4. d/python-demo-2.4-noarch-1.tgz: Upgraded to python-2.4 demos. d/python-tools-2.4-noarch-1.tgz: Upgraded to python-2.4 tools. kde/kdebindings-3.3.2-i486-2.tgz: Recompiled, which seems to have broken the python binding as they are now missing. Maybe there's a patch needed for this to work with python 2.4? kde/kdegraphics-3.3.2-i486-2.tgz: Patched post-3.3.2 kpdf problems. (* Security fix *) l/libxml2-2.6.16-i486-1.tgz: Upgraded to libxml2-2.6.16. l/libxslt-1.1.12-i486-1.tgz: Upgraded to libxslt-1.1.12. n/getmail-4.2.5-noarch-1.tgz: Upgraded to getmail-4.2.5. n/irssi-0.8.9-i486-5.tgz: Recompiled for perl-5.8.6. xap/gaim-1.1.1-i486-1.tgz: Upgraded to gaim-1.1.1. extra/inn/inn-2.4.2-i486-1.tgz: Upgraded to inn-2.4.2. +--------------------------+ Wed Dec 22 19:50:57 PST 2004 a/openssl-solibs-0.9.7e-i486-2.tgz: Rebuilt. d/automake-1.9.4-noarch-1.tgz: Upgraded to automake-1.9.4. n/nfs-utils-1.0.7-i486-1.tgz: Upgraded to nfs-utils-1.0.7. n/openssl-0.9.7e-i486-2.tgz: Small in patch in Makefile.org to prevent some symlinks that point to a library that doesn't exist. Thanks to /i. for pointing that out! +--------------------------+ Tue Dec 21 19:07:25 PST 2004 More to come, including fixes in -stable. Still catching up... a/openssl-solibs-0.9.7e-i486-1.tgz: Upgraded to openssl-0.9.7e. a/tar-1.15.1-i486-1.tgz: Upgraded to tar-1.15.1. d/distcc-2.18.3-i486-1.tgz: Upgraded to distcc-2.18.3. d/kernel-headers-2.4.28-i386-1.tgz: Upgraded to kernel-headers-2.4.28. (Sorry, forgot this before... pointed out by Marin Mitov) l/atk-1.9.0-i486-1.tgz: Upgraded to atk-1.9.0. l/glib2-2.6.0-i486-1.tgz: Upgraded to glib-2.6.0. l/gtk+2-2.6.0-i486-1.tgz: Upgraded to gtk+-2.6.0. l/libpng-1.2.8-i486-1.tgz: Upgraded to libpng-1.2.8. l/pango-1.8.0-i486-1.tgz: Upgraded to pango-1.8.0. n/lftp-3.0.13-i486-1.tgz: Upgraded to lftp-3.0.13. n/openssl-0.9.7e-i486-1.tgz: Upgraded to openssl-0.9.7e. n/php-4.3.10-i486-1.tgz: Upgraded to php-4.3.10. This fixes a lot of bugs... for a full list, see the PHP ChangeLog. (* Security fix *) n/samba-3.0.10-i486-1.tgz: Upgraded to samba-3.0.10. xap/gimp-2.2.0-i486-1.tgz: Upgraded to gimp-2.2.0. xap/gxine-0.4.1-i486-1.tgz: Upgraded to gxine-0.4.1. xap/mozilla-1.7.5-i486-1.tgz: Upgraded to mozilla-1.7.5. xap/mozilla-plugins-1.7.5-noarch-1.tgz: Upgraded to mozilla-plugins-1.7.5. xap/xine-lib-1rc8-i686-1.tgz: Upgraded to xine-lib-1-rc8. xap/xine-ui-0.99.3-i686-1.tgz: Upgraded to xine-ui-0.99.3. testing/packages/gcc-3.4.3/gcc-*.tgz: Upgraded to gcc-3.4.3. testing/packages/php-5.0.3/php-5.0.3-i486-1.tgz: Upgraded to php-5.0.3. This fixes a lot of bugs... for a full list, see the PHP ChangeLog. (* Security fix *) +--------------------------+ Sat Dec 18 23:22:21 PST 2004 " " Hi folks. Well, I'm back in California and I'm happy to let you all know that I'm feeling much better. :-) Here are a few updates so you can see that I'm trying to get back into the swing of things. Hopefully 10.1 won't be too far off (I'm still trying to figure out just how far behind we are, and what other fixes need to get merged in), and then we can look at what exactly needs to be done to try to switch over to the new kernel series for 11, or sometime later on. I still don't think it's time for that yet (it will be best to wait until 2.4 can be abandoned). Besides, I should probably be trying to take it easy as much as I can. There's no need to try for an encore... I offer my thanks and gratitude to the many people who sent me kind words and good advice, or indeed anything at all. I figure it was all for a reason, and that there were always lessons to be learned. Hopefully I'll learn them now! ;-) Most of these fine people will remain anonymous, however, one of my doctors was Leonardo Faoro, a medical resident at the Mayo Clinic. He's running a support site for cancer patients at: http://www.cancerforums.net and if you feel his site might be useful for yourself or anyone you know, please spread the word about it. Leo is a good guy and one heck of a great doctor, and giving his site a little plug here is the least I can do. He didn't ask for it, but don't think he'll mind. Very best wishes to all, good luck in 2005, and THANKS AGAIN!, It's good to be back. :-) I think I've been helped now, so this text file won't hang around forever, but I'll leave it at http://slackware.com/~volkerdi/PAT-NEEDS-YOUR-HELP.txt for a little while in case anyone is still interested. It's the closest thing to a blog I've ever done. (ooooo! ;-) Take care, Pat a/kernel-ide-2.4.28-i486-1.tgz: Upgraded to Linux 2.4.28 kernel. a/kernel-modules-2.4.28-i486-1.tgz: Upgraded to Linux 2.4.28 kernel modules. a/syslinux-2.13-i486-1.tgz: Upgraded to syslinux-2.13. ap/alsa-utils-1.0.7-i486-1.tgz: Upgraded to alsa-utils-1.0.7. ap/sudo-1.6.8p5-i486-1.tgz: Upgraded to sudo-1.6.8p5. d/gdb-6.3-i486-1.tgz: Upgraded to gdb-6.3. k/kernel-source-2.4.28-noarch-1.tgz: Upgraded to Linux 2.4.28 kernel source. l/alsa-driver-1.0.7_2.4.28-i486-1.tgz: Upgraded to alsa-driver-1.0.7 compiled for Linux 2.4.28. l/alsa-lib-1.0.7-i486-1.tgz: Upgraded to alsa-lib-1.0.7. l/alsa-oss-1.0.7-i486-1.tgz: Upgraded to alsa-oss-1.0.7. l/arts-1.3.2-i486-1.tgz: Upgraded to arts-1.3.2. kde/kdeaccessibility-3.3.2-i486-1.tgz: Upgraded to kdeaccessibility-3.3.2. kde/kdeaddons-3.3.2-i486-1.tgz: Upgraded to kdeaddons-3.3.2. kde/kdeadmin-3.3.2-i486-1.tgz: Upgraded to kdeadmin-3.3.2. kde/kdeartwork-3.3.2-i486-1.tgz: Upgraded to kdeartwork-3.3.2. kde/kdebase-3.3.2-i486-1.tgz: Upgraded to kdebase-3.3.2. kde/kdebindings-3.3.2-i486-1.tgz: Upgraded to kdebindings-3.3.2. kde/kdeedu-3.3.2-i486-1.tgz: Upgraded to kdeedu-3.3.2. kde/kdegames-3.3.2-i486-1.tgz: Upgraded to kdegames-3.3.2. kde/kdegraphics-3.3.2-i486-1.tgz: Upgraded to kdegraphics-3.3.2. kde/kdelibs-3.3.2-i486-1.tgz: Upgraded to kdelibs-3.3.2. kde/kdemultimedia-3.3.2-i486-1.tgz: Upgraded to kdemultimedia-3.3.2. kde/kdenetwork-3.3.2-i486-1.tgz: Upgraded to kdenetwork-3.3.2. kde/kdepim-3.3.2-i486-1.tgz: Upgraded to kdepim-3.3.2. kde/kdesdk-3.3.2-i486-1.tgz: Upgraded to kdesdk-3.3.2. kde/kdetoys-3.3.2-i486-1.tgz: Upgraded to kdetoys-3.3.2. kde/kdeutils-3.3.2-i486-1.tgz: Upgraded to kdeutils-3.3.2. kde/kdevelop-3.1.2-i486-1.tgz: Upgraded to kdevelop-3.1.2. kde/kdewebdev-3.3.2-i486-1.tgz: Upgraded to kdewebdev-3.3.2. kdei/*.tgz: Upgraded to kde-i18n-3.3.2. n/samba-3.0.9-i486-2.tgz: Upgraded to samba-3.0.9. A possible buffer overrun in smbd could lead to code execution by a remote user. For more details, see: http://samba.cdpa.nsysu.edu.tw/samba/news/#can-2004-0882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 (* Security fix *) Used -2 since this is essentially the same build as Bruno and Piter's package. extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre23_2.4.28-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.1pre23 compiled for Linux 2.4.28. extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre23_2.6.9-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.1pre23 compiled for Linux 2.6.9. kernels/*: Upgraded to Linux 2.4.28 kernels. isolinux/initrd.img, isolinux/network.dsk, isolinux/pcmcia.dsk, rootdisks/install.*, rootdisks/network.dsk, rootdisks/pcmcia.dsk: Updated kernel modules to 2.4.28. +--------------------------+ Thu Nov 25 17:14:42 PST 2004 "Netcraft does not yet confirm it" Hi again, everyone. I wish I could report that I'm doing great and will be back to full health soon, but I can't. Possibly due to the antibiotics I've already taken, the doctors I've seen have been unable to find signs of infection, and my blood ESR is normal. Nevertheless, the signs of complications from an infection are quite clear. I've had a number of pulmonary "pops" that are either burst lung abscesses or blebs, and things have spread in a bad way. A thickening of my pleura has been noted, as well as pericarditis. Most disturbing of all, I have developed mitral valve prolapse and regurgitation. I've had a fever and soaking night sweats. I can't stand for too long without getting faint. Lately I've been spending a lot of my time on the floor. I have no history of heart problems and when I got the first chest pains (crushing ones) I went to the ER immediately. This was on 11/10. They found nothing wrong and sent me away. The next day I saw an internal medicine MD who gave me a complete exam including carefully listening for heart problems, and found nothing wrong. The pain continued, and by the time I got to the Mayo I had heart trouble so obvious that nobody has failed to recognize it since. However, it's been a problem getting anyone to consider that this is a new problem. Most of the people I've seen think that they are the first to notice it and that everyone before them must have missed it, and that I've certainly had it my whole life. But having recently had a major infection and fever and developing a new murmur and chest pains I'd think it would be only prudent to treat this as complicated infective endocarditis. I've been to another different ER with more crushing chest pains since then and have begged for a needle biopsy to check the plural fluid for empyema, but nobody will do this diagnostic either. I've verified online that it's not only possible to have a normal ESR and infective endocarditis but that patients that present that way have a statistically worse outcome (maybe because nobody will treat it). Anyway, I'm still hoping to get the treatment that I'm sure I need, but if there's an insistance on clinical proof first and treatment second, the proof might be found at autopsy time. Oh, I've also finally flunked an ECG after several normal ones and at least pericarditis is now proven. Now, to clear up a few things. In my initial report I mistakenly reported that I'd taken 60 days of Cipro for a pulmonary infection. (hey, I was up late freaking out a bit) This might not have been for as long a period of time, and it was actually to treat a relapse of prostatitis (and yes, that does require a long course). As for those who say I should stop trying to diagnose myself: I am trying to get doctors to diagnose this ongoing problem. Meanwhile, it is only wise to try to figure out what's going on myself, and to get input from as many sources as I possibly can. After all, sometimes the cavalry just isn't coming. Or as the old (I think Russian) proverb says: "Pray to God, but keep rowing to shore." I built a few updates to get my mind on happier things. Maybe I'll have time to look at the kernel sometime soon, too, but getting my health back remains the A-number-1 priority here. kde/koffice-1.3.5-i486-1.tgz: Upgraded to koffice-1.3.5. kdei/koffice*.tgz: Upgraded to koffice-i18n-1.3.5. Also, Bruno H Collovini and Piter Punk in Brazil have been helping to build security updates for Slackware while I'm (mostly) out of commission. They've helped with Slackware for many years and I trust and authorize their patches. These can be found here: http://www.slackware.org.br/~patrick/WORKGUS/ Thanks to everyone who has offered to help, and sent get well soon and other kind emails. I really appreciate it. I'm also grateful for many of the suggestions on how to boost my immune system with natural products (hey, that oregano oil can't hurt and tastes pretty good! :-). I'm going to have to request that the phone calls stop unless it's for a really good reason, as I've had more calls than I can possibly return at this point. All the best (and to those in the US, happy Thanksgiving), Pat PS My primary development box just mostly locked up on me, so I'll probably be unable to do additional updates (or at least sign them properly) until I can get back to CA. What I can and will do is to run a top-level CHECKSUMS.md5, and then sign that with my GPG key. PPS Please do not post emails from me without my permission. Thanks. +--------------------------+ Tue Nov 16 08:50:51 PST 2004 Hi folks, sorry about the lack of updates for a while. I've been pretty sick. If you want the full details (especially if you are in a position to help me), please see the file PAT-NEEDS-YOUR-HELP.txt. ftp://ftp.slackware.com/pub/slackware/slackware-current/PAT-NEEDS-YOUR-HELP.txt Thanks. :-) a/acpid-1.0.4-i486-2.tgz: Fixed perms of /usr/doc/acpid-1.0.4/samples/ directory. (thanks to Piotr Simon) +--------------------------+ Wed Nov 3 22:48:47 PST 2004 a/bash-3.0-i486-2.tgz: Applied official bash-3.0 patches 1-15. a/hotplug-2004_09_23-noarch-1.tgz: Upgraded to hotplug-2004_09_23. a/pkgtools-10.1.0-i486-1.tgz: Patched pkgtools to dramatically improve the speed of the "View" option. The patch was written by Jim Hawkins and forwarded to me by Stuart Winter. Thanks much! Fixed a typo in pkgtool.8. (thanks to "ldconfig") a/util-linux-2.12h-i486-1.tgz: Upgraded to util-linux-2.12h. ap/mdadm-1.8.0-i486-1.tgz: Upgraded to mdadm-1.8.0. l/libexif-0.6.11-i486-1.tgz: Upgraded to libexif-0.6.11 (but retained libexif.so.9.1.2 from libexif-0.5.12 to give third party packages a chance to be recompiled). n/lftp-3.0.11-i486-1.tgz: Upgraded to lftp-3.0.11. n/samba-3.0.7-i486-2.tgz: Applied a patch from Samba CVS needed to fix smbtree on systems using a recent glibc (such as the one here in Slackware -current). Thanks to Arthur Huillet for referring me to the patch and online discussion. n/tcpip-0.17-i486-30.tgz: Upgraded to ethtool-2 and tftp-hpa-0.40. Fixed a DoS bug in ntalkd. Thanks to Mauro Persano who discovered the bug and sent in a patch, and Dmitry V. Levin who refined it. xap/gimp-2.0.6-i486-1.tgz: Upgraded to gimp-2.0.6. extra/slackpkg/slackpkg-1.3-noarch-4.tgz: Upgraded to slackpkg-1.3-noarch-4. +--------------------------+ Sun Oct 31 22:03:05 PST 2004 a/cups-1.1.22-i486-1.tgz: Upgraded to cups-1.1.22. a/pcmcia-cs-3.2.8-i486-1.tgz: Upgraded to pcmcia-cs-3.2.8. a/udev-042-i486-1.tgz: Upgraded to udev-042. ap/mysql-4.0.22-i486-1.tgz: Upgraded to mysql-4.0.22. d/binutils-2.15.92.0.2-i486-1.tgz: Upgraded to binutils-2.15.92.0.2. d/oprofile-0.8.1-i486-2.tgz: Recompiled against libbfd from binutils-2.15.92.0.2. kde/kdegraphics-3.3.1-i486-2.tgz: Patched a crash bug in kpdf. kde/koffice-1.3.4-i486-2.tgz: Updated to koffice-1.3.4 and patched a bug in xpdf-based code that could cause a crash. l/libtiff-3.7.0-i486-1.tgz: Upgraded to libtiff-3.7.0. This fixes several bugs that could lead to crashes, or could possibly allow arbitrary code to be executed. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886 (* Security fix *) l/libxml2-2.6.15-i486-1.tgz: Upgraded to libxml2-2.6.15. n/apache-1.3.33-i486-1.tgz: Upgraded to apache-1.3.33. This fixes one new security issue (the first issue, CAN-2004-0492, was fixed in apache-1.3.32). The second bug fixed in 1.3.3 (CAN-2004-0940) allows a local user who can create SSI documents to become "nobody". The amount of mischief they could cause as nobody seems low at first glance, but it might allow them to use kill or killall as nobody to try to create a DoS. Mention PHP's mhash dependency in httpd.conf (thanks to Jakub Jankowski). (* Security fix *) n/mod_ssl-2.8.22_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.22_1.3.33. n/nail-11.13-i486-1.tgz: Upgraded to nail-11.13. n/netatalk-2.0.1-i486-1.tgz: Upgraded to netatalk-2.0.1. xap/gnuchess-5.07-i486-1.tgz: Upgraded to gnuchess-5.07. This package also contains Sjeng-Free-11.2, eboard-0.9.5, and xboard-4.2.7. xap/imagemagick-6.1.2_4-i486-1.tgz: Upgraded to ImageMagick-6.1.2-4. xap/windowmaker-0.91.0-i486-1.tgz: Upgraded to WindowMaker-0.91.0. pasture/pasture/ifhp-3.5.18-i486-1.tgz: Upgraded to ifhp-3.5.18. pasture/lprng-3.8.28-i486-1.tgz: Upgraded to LPRng-3.8.28. testing/packages/linux-2.6.9/alsa-driver-1.0.6a_2.6.9-i486-1.tgz: Upgraded to ALSA kernel modules for Linux 2.6.9. testing/packages/linux-2.6.9/kernel-generic-2.6.9-i486-1.tgz: Upgraded to Linux 2.6.9 kernel. testing/packages/linux-2.6.9/kernel-headers-2.6.9-i386-1.tgz: Upgraded to Linux 2.6.9 kernel headers. testing/packages/linux-2.6.9/kernel-modules-2.6.9-i486-1.tgz: Upgraded to Linux 2.6.9 kernel modules. testing/packages/linux-2.6.9/kernel-source-2.6.9-noarch-1.tgz: Upgraded to Linux 2.6.9 kernel source. +--------------------------+ Mon Oct 25 16:35:04 PDT 2004 n/apache-1.3.32-i486-1.tgz: Upgraded to apache-1.3.32. This addresses a heap-based buffer overflow in mod_proxy by rejecting responses from a remote server with a negative Content-Length. The flaw could crash the Apache child process, or possibly allow code to be executed as the Apache user (but only if mod_proxy is actually in use on the server). For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 (* Security fix *) n/mod_ssl-2.8.21_1.3.32-i486-1.tgz: Upgraded to mod_ssl-2.8.21-1.3.32. Don't allow clients to bypass cipher requirements, possibly negotiating a connection that the server does not consider secure enough. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 (* Security fix *) +--------------------------+ Fri Oct 22 15:28:06 PDT 2004 xap/gaim-1.0.2-i486-1.tgz: Upgraded to gaim-1.0.2 and gaim-encryption-2.32. A buffer overflow in the MSN protocol handler for GAIM 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and may allow the execution of arbitrary code. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891 (* Security fix *) +--------------------------+ Mon Oct 18 23:48:13 PDT 2004 a/acpid-1.0.4-i486-1.tgz: Upgraded to acpid-1.0.4. a/sysvinit-2.84-i486-51.tgz: In rc.S, make sure /tmp/.ICE-unix and /tmp/.X11-unix exist and have proper permissions. X.Org no longer creates these if they are missing which is a problem for users who are using a tmpfs on /tmp. Reported by Alexandre Pinaffii Andrucioli, Stefano Mangione, and Luigi Genoni. In rc.S and rc.6, check /proc/ioports to make sure that the RTC lists ports, and if so use a workaround to prevent hwclock from hanging. Thanks to Piter PUNK for the bug report and patch. In rc.M, don't start acpid if apmd is already running regardless of the perms on rc.acpid (thanks again to Piter PUNK). n/curl-7.12.2-i486-1.tgz: Upgraded to curl-7.12.2. n/nmap-3.75-i486-1.tgz: Upgraded to nmap-3.75. Fixed nmapfe.desktop to follow freedesktop.org specs and moved it to /usr/share/applications. x/x11-6.8.1-i486-2.tgz: Rebuilt. X.Org made a few minor slient fixes to the X11R6.8.1 (like the version number), so it seemed like a good idea to rebuild. Thanks to Sergei Mutovkin for reporting this situation. x/x11-devel-6.8.1-i486-2.tgz: Rebuilt. x/x11-docs-6.8.1-noarch-2.tgz: Rebuilt. x/x11-docs-html-6.8.1-noarch-2.tgz: Rebuilt. x/x11-fonts-100dpi-6.8.1-noarch-2.tgz: Rebuilt. x/x11-fonts-cyrillic-6.8.1-noarch-2.tgz: Rebuilt. x/x11-fonts-misc-6.8.1-noarch-2.tgz: Rebuilt. x/x11-fonts-scale-6.8.1-noarch-2.tgz: Rebuilt. x/x11-xdmx-6.8.1-i486-2.tgz: Rebuilt. x/x11-xnest-6.8.1-i486-2.tgz: Patched to prevent an xnest crash. Thanks to Mariusz 'mj' Jedrzejewski for reporting this problem and providing a patch from the X.Org CVS. x/x11-xvfb-6.8.1-i486-2.tgz: Rebuilt. xap/abiword-2.0.12-i486-1.tgz: Upgraded to abiword-2.0.12. Moved from /gnome and compiled without GNOME dependencies. xap/gftp-2.0.17-i486-2.tgz: Build with .SlackBuild, not .build. Fixed gftp.desktop. xap/gucharmap-1.4.1-i486-2.tgz: Moved from /gnome. Build with .SlackBuild, not .build. Fixed gucharmap.desktop. xap/sane-1.0.14-i486-3.tgz: Upgraded to sane-frontends-1.0.13. Build with .SlackBuild, not .build. xap/xine-ui-0.99.2-i686-2.tgz: Fixed xine.desktop. +--------------------------+ Thu Oct 14 22:56:20 PDT 2004 ap/hpijs-1.7-i486-1.tgz: Upgraded to hpijs-1.7. ap/lsof-4.72-i486-1.tgz: Upgraded to lsof-4.72. ap/sox-12.17.6-i486-1.tgz: Upgraded to sox-12.17.6. kde/kdeaccessibility-3.3.1-i486-1.tgz: Upgraded to kdeaccessibility-3.3.1. kde/kdeaddons-3.3.1-i486-1.tgz: Upgraded to kdeaddons-3.3.1. kde/kdeadmin-3.3.1-i486-1.tgz: Upgraded to kdeadmin-3.3.1. kde/kdeartwork-3.3.1-i486-1.tgz: Upgraded to kdeartwork-3.3.1. kde/kdebase-3.3.1-i486-1.tgz: Upgraded to kdebase-3.3.1. kde/kdebindings-3.3.1-i486-1.tgz: Upgraded to kdebindings-3.3.1. kde/kdeedu-3.3.1-i486-1.tgz: Upgraded to kdeedu-3.3.1. kde/kdegames-3.3.1-i486-1.tgz: Upgraded to kdegames-3.3.1. kde/kdegraphics-3.3.1-i486-1.tgz: Upgraded to kdegraphics-3.3.1. kde/kdelibs-3.3.1-i486-1.tgz: Upgraded to kdelibs-3.3.1. kde/kdemultimedia-3.3.1-i486-1.tgz: Upgraded to kdemultimedia-3.3.1. kde/kdenetwork-3.3.1-i486-1.tgz: Upgraded to kdenetwork-3.3.1. kde/kdepim-3.3.1-i486-1.tgz: Upgraded to kdepim-3.3.1. kde/kdesdk-3.3.1-i486-1.tgz: Upgraded to kdesdk-3.3.1. kde/kdetoys-3.3.1-i486-1.tgz: Upgraded to kdetoys-3.3.1. kde/kdeutils-3.3.1-i486-1.tgz: Upgraded to kdeutils-3.3.1. kde/kdevelop-3.1.1-i486-1.tgz: Upgraded to kdevelop-3.1.1. kde/kdewebdev-3.3.1-i486-1.tgz: Upgraded to kdewebdev-3.3.1. kde/koffice-1.3.4-i486-1.tgz: Upgraded to koffice-1.3.4. kde/qt-3.3.3-i486-3.tgz: Recompiled. Note that this includes the change previously in /testing where the libqt.so -> libqt-mt.so symlinks have been removed. (this shouldn't affect any recent binaries, but might break some old ones) kdei/*.tgz: Upgraded to kde-i18n-3.3.1 and koffice-i18n-1.3.4. l/arts-1.3.1-i486-1.tgz: Upgraded to arts-1.3.1. l/glib2-2.4.7-i486-1.tgz: Upgraded to glib-2.4.7. l/gtk+2-2.4.13-i486-1.tgz: Upgraded to gtk+-2.4.13. l/libao-0.8.5-i486-1.tgz: Upgraded to libao-0.8.5. l/libidn-0.5.8-i486-1.tgz: Added libidn-0.5.8. l/libxml2-2.6.14-i486-1.tgz: Upgraded to libxml2-2.6.14. l/libxslt-1.1.11-i486-1.tgz: Upgraded to libxslt-1.1.11. l/pcre-5.0-i486-1.tgz: Upgraded to pcre-5.0. n/dnsmasq-2.15-i486-1.tgz: Upgraded to dnsmasq-2.15. xap/fvwm-2.4.19-i486-2.tgz: Fixed fvwm-root manpage symlink. (thanks to Mark Post) testing/{packages,source}/kde-3.3/: Removed. +--------------------------+ Mon Oct 11 23:41:16 PDT 2004 a/glibc-solibs-2.3.3-i486-2.tgz: Updated from CVS. Added the files in /usr/lib/gconv to glibc-solibs. (thanks to Tomas Matejicek) a/glibc-zoneinfo-2.3.3-noarch-2.tgz: Updated from CVS. a/udev-035-i486-1.tgz: Upgraded to udev-035. Thanks to ismail donmez and Jakub Jankowski for pointing out some problems with pty handling in the previous udev.rules config file. a/util-linux-2.12g-i486-2.tgz: Put the adjtimex docs in the proper directory (thanks to Stuart Winter). d/doxygen-1.3.9.1-i486-1.tgz: Upgraded to doxygen-1.3.9.1. l/glibc-2.3.3-i486-2.tgz: Updated from CVS. l/glibc-i18n-2.3.3-noarch-2.tgz: Updated from CVS. l/glibc-profile-2.3.3-i486-2.tgz: Updated from CVS. n/getmail-4.2.2-noarch-1.tgz: Upgraded to getmail-4.2.2. n/netatalk-2.0.0-i486-1.tgz: Upgraded to netatalk-2.0.0. n/rsync-2.6.3-i486-1.tgz: Upgraded to rsync-2.6.3. From the rsync NEWS file: A bug in the sanitize_path routine (which affects a non-chrooted rsync daemon) could allow a user to craft a pathname that would get transformed into an absolute path for certain options (but not for file-transfer names). If you're running an rsync daemon with chroot disabled, *please upgrade*, ESPECIALLY if the user privs you run rsync under is anything above "nobody". Note that rsync, in daemon mode, sets the "use chroot" to true by default, and (in this default mode) is not vulnerable to this issue. I would strongly recommend against setting "use chroot" to false even if you've upgraded to this new package. (* Security fix *) n/sendmail-8.13.1-i486-2.tgz: Recompiled with -DSOCKETMAP. Recommended by Catalin(ux aka Dino) BOIE. n/sendmail-cf-8.13.1-noarch-2.tgz: Rebuilt. xap/fvwm-2.4.19-i486-1.tgz: Upgraded to fvwm-2.4.19. xap/gaim-1.0.1-i486-1.tgz: Upgraded to gaim-1.0.1. xap/gftp-2.0.17-i486-1.tgz: Moved from /gnome. Apparently gftp doesn't require any of the GNOME libraries. I've heard that AbiWord can also be built so that it does not require GNOME libraries but haven't had much luck getting it to work that way. Does anyone know how to do that? How about a GNOMEless gnumeric (I suspect that's not possible, but...)? extra/bison-1.875d/bison-1.875d-i486-1.tgz: Upgraded to bison-1.875d. pasture/fvwm95-2.0.43ba-i386-2.tgz: Moved to /pasture. +--------------------------+ Thu Oct 7 19:03:18 PDT 2004 a/util-linux-2.12g-i486-1.tgz: Upgraded to util-linux-2.12g, adjtimex-1.20, and ziptool-1.4.0. d/doxygen-1.3.9-i486-1.tgz: Upgraded to doxygen-1.3.9. d/guile-1.6.5-i486-1.tgz: Upgraded to guile-1.6.5. gnome/gst-plugins-0.8.5-i486-1.tgz: Upgraded to gst-plugins-0.8.5. gnome/gstreamer-0.8.7-i486-1.tgz: Upgraded to gstreamer-0.8.7. n/slrn-0.9.8.1-i486-1.tgz: Upgraded to slrn-0.9.8.1. xap/imagemagick-6.1.0_5-i486-1.tgz: Upgraded to ImageMagick-6.1.0-5. +--------------------------+ Mon Oct 4 11:57:38 PDT 2004 ap/flac-1.1.1-i486-1.tgz: Upgraded to flac-1.1.1. ap/vorbis-tools-1.0.1-i486-3.tgz: Recompiled against new libFLAC. d/j2sdk-1_5_0-i586-1.tgz: Upgraded to Java(TM) 2 Software Development Kit Standard Edition, Version 1.5.0. gnome/gst-plugins-0.8.1-i486-2.tgz: Recompiled against new libFLAC. l/zlib-1.2.2-i486-1.tgz: Upgraded to zlib-1.2.2. This fixes a possible DoS in earlier versions of zlib-1.2.x. (* Security fix *) n/dhcp-3.0.1-i486-1.tgz: Upgraded to dhcp-3.0.1. n/getmail-4.2.0-noarch-1.tgz: Upgraded to getmail-4.2.0. Earlier versions contained a local security flaw when used in an insecure fashion (surprise, running something as root that writes to user- controlled files or directories could allow the old symlink attack to clobber system files! :-) From the getmail CHANGELOG: This vulnerability is not exploitable if the administrator does not deliver mail to the maildirs/mbox files of untrusted local users, or if getmail is configured to use an external unprivileged MDA. This vulnerability is not remotely exploitable. Most users would not use getmail in such as way as to be vulnerable to this flaw, but if your site does this package closes the hole. I'd also recommend not using getmail like this. Either run it as the user that owns the target mailbox, or deliver through an external MDA. (* Security fix *) n/sendmail-8.13.1-i486-1.tgz: Upgraded to sendmail-8.13.1. n/sendmail-cf-8.13.1-noarch-1.tgz: Upgraded to sendmail-8.13.1 configs. xap/mozilla-plugins-1.7.3-noarch-2.tgz: Point the libjavaplugin_oji.so symlink at the new Java plugin. xap/xine-lib-1rc6a-i686-2.tgz: Recompiled against new libFLAC. xap/xmms-1.2.10-i486-2.tgz: Added arts_output-0.7.1 aRts output plugin. +--------------------------+ Tue Sep 28 13:58:36 PDT 2004 a/gawk-3.1.4-i486-1.tgz: Upgraded to GNU gawk-3.1.4. ap/mdadm-1.7.0-i486-1.tgz: Upgraded to mdadm-1.7.0. xap/gkrellm-2.2.4-i486-1.tgz: Upgraded to gkrellm-2.2.4. +--------------------------+ Sun Sep 26 21:28:28 PDT 2004 l/lesstif-0.93.96-i486-1.tgz: Upgraded to lesstif-0.93.96. xap/gaim-1.0.0-i486-2.tgz: Fixed the gaim-encryption plugin by upgrading to gaim-encryption-2.31. xap/gimp-2.0.5-i486-1.tgz: Upgraded to gimp-2.0.5. +--------------------------+ Fri Sep 24 11:39:24 PDT 2004 n/php-4.3.9-i486-1.tgz: Upgraded to php-4.3.9. testing/packages/php-5.0.2/php-5.0.2-i486-1.tgz: Upgraded to php-5.0.2. +--------------------------+ Fri Sep 24 00:43:51 PDT 2004 n/bind-9.3.0-i486-2.tgz: Fixed missing libbind9.so.0.0.4. Thanks to Alan Brantley and Catalin(ux aka Dino) BOIE for the quick heads-up! +--------------------------+ Thu Sep 23 18:11:17 PDT 2004 d/automake-1.9.2-noarch-1.tgz: Upgraded to GNU automake-1.9.2. d/libtool-1.5.10-i486-1.tgz: Upgraded to GNU libtool-1.5.10. d/oprofile-0.8.1-i486-1.tgz: Upgraded to oprofile-0.8.1. (Suggested by Michael Iatrou) l/gmp-4.1.4-i486-1.tgz: Upgraded to GNU gmp-4.1.4. n/bind-9.3.0-i486-1.tgz: Upgraded to bind-9.3.0. xap/xsane-0.96-i486-1.tgz: Upgraded to xsane-0.96. bootdisks/sata.i: Rebuilt (see below). bootdisks/speakup.s: Rebuilt (fixed missing speakup support). extra/k3b/k3b-0.11.17-i486-1.tgz: Upgraded to k3b-0.11.17. extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre22_2.4.27-i486-1.tgz: Upgraded to linux-wlan-ng-0.2.1pre22 (compiled for Linux 2.4.27). extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre22_2.6.8.1-i486-1.tgz Upgraded to linux-wlan-ng-0.2.1pre22 (compiled for Linux 2.6.8.1). Thanks to Leopold Midha for suggesting these upgrades. extra/parted/parted-1.6.15-i486-1.tgz: Upgraded to GNU parted-1.6.15. kernels/sata.i/: Removed Silicon Image ATA support since it interferes with the libata SATA driver. This also removes support for the PATA CMD640 chipset, since that's part of the old Silicon Image ATA driver. Thanks to Miha Verlic for pointing out this incompatibility. kernels/speakup.s/: Fixed missing speakup support. isolinux/initrd.img, isolinux/network.dsk, isolinux/pcmcia.dsk, rootdisks/install.*, rootdisks/network.dsk, rootdisks/pcmcia.dsk: Updated kernel modules to 2.4.27. Allow the location of network.dsk to be provided on the network script command line (suggested by Daniel de Kok). +--------------------------+ Sun Sep 19 16:33:44 PDT 2004 a/cups-1.1.21-i486-1.tgz: Upgraded to cups-1.1.21. This fixes a flaw where a remote attacker can crash the CUPS server causing a denial of service. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 (* Security fix *) a/glibc-solibs-2.3.3-i486-1.tgz: Upgraded to glibc-2.3.3. This is from a CVS snapshot taken in early August. The official glibc-2.3.3 tarball was released in such an obsolete condition (a snapshot from 8 months ago) that I'd be surprised if any Linux distributions actually package it. a/glibc-zoneinfo-2.3.3-noarch-1.tgz: Upgraded to glibc-2.3.3. a/minicom-2.1-i486-2.tgz: Fixed install script to install the config files in /etc properly. (thanks to Piter PUNK) a/pkgtools-10.0.0-i486-2.tgz: Changed the keyboard driver in the sample /etc/X11/xorg.conf files from "Keyboard" to "kbd". a/kernel-ide-2.4.27-i486-1.tgz: Upgraded to Linux 2.4.27 kernel. a/kernel-modules-2.4.27-i486-1.tgz: Upgraded to Linux 2.4.27 kernel modules. ap/sudo-1.6.8p1-i486-1.tgz: Upgraded to sudo-1.6.8p1. d/kernel-headers-2.4.27-i386-1.tgz: Upgraded to Linux 2.4.27 kernel headers. gnome/epiphany-1.2.7-i486-1.tgz: Removed. (see Mozilla below) gnome/epiphany-extensions-0.9.1-i486-1.tgz: Removed. (see Mozilla below) gnome/galeon-1.3.17-i486-1.tgz: Removed. (see Mozilla below) k/kernel-source-2.4.27-noarch-1.tgz: Upgraded to Linux 2.4.27 kernel source. kde/koffice-1.3.3-i486-1.tgz: Upgraded to koffice-1.3.3. kdei/koffice-i18n-*.tgz: Upgraded to koffice-i18n-1.3.3. l/alsa-driver-1.0.6a_2.4.27-i486-1.tgz: Recompiled alsa-driver-1.0.6a for Linux 2.4.27. l/glibc-2.3.3-i486-1.tgz: Upgraded to glibc-2.3.3. l/glibc-i18n-2.3.3-noarch-1.tgz: Upgraded to glibc-2.3.3 i18n files. l/glibc-profile-2.3.3-i486-1.tgz: Upgraded to glibc-2.3.3 profile libs. l/gtk+2-2.4.10-i486-1.tgz: Upgraded to gtk+-2.4.10. This fixes security issues in the image loader routines that can crash applications. (* Security fix *) l/pango-1.6.0-i486-1.tgz: Upgraded to pango-1.6.0. n/iproute2-2.6.9_ss040831-i486-1.tgz: Upgraded to iproute2-2.6.9-ss040831. n/nail-11.7-i486-1.tgz: Upgraded to nail-11.7. n/nmap-3.70-i486-2.tgz: Fixed missing docs translations. (thanks to Alex) n/php-4.3.8-i486-2.tgz: Recompiled using --enable-exif in addition to --with-exif. Thanks to Niels Heinis for the tip. n/proftpd-1.2.10-i486-2.tgz: Fixed slack-desc (thanks to Stuart Winter). x/x11*6.8.1-i486-1.tgz: Upgraded to X.Org's X11R6.8.1 release. Note that the name of the keyboard driver in the xorg.conf file has changed from "Keyboard" to "kbd". You'll need to make this change in order to start X. xap/gaim-1.0.0-i486-1.tgz: Upgraded to gaim-1.0.0. xap/imagemagick-6.0.8_1-i486-1.tgz: Upgraded to ImageMagick-6.0.8-1. Removed spurious libtool library (thanks to Mark Post). xap/mozilla-1.7.3-i486-1.tgz: Upgraded to mozilla-1.7.3. The Mozilla page says this fixes some "minor security holes". It also breaks Galeon and Epiphany, and new versions of these have still not appeared. In light of this, I think it's time to remove these Gecko-based browsers. The future is going to be Firefox and Thunderbird anyway, and I don't believe Galeon and Epiphany can be compiled against Firefox's libraries. (* Security fix *) xap/mozilla-plugins-1.7.3-noarch-1.tgz: Changed plugin symlinks for Mozilla 1.7.3. xap/xine-lib-1rc6a-i686-1.tgz: Upgraded to xine-lib-1-rc6a. This release fixes a few overflows that could have security implications. (* Security fix *) xap/xlockmore-5.13-i486-1.tgz: Upgraded to xlockmore-5.13. xap/xscreensaver-4.18-i486-1.tgz: Upgraded to xscreensaver-4.18. bootdisks/*: Upgraded to Linux 2.4.27 bootdisks (and added sata.i). extra/bittornado/bittornado-0.3.7-noarch-1.tgz: Added BitTornado 0.3.7, an alternate BitTorrent client based on Bram's mainline BitTorrent code. extra/k3b/k3b-0.11.15-i486-1.tgz: Upgraded to k3b-0.11.15. extra/slacktrack/slacktrack-1.21-i486-2.tgz: Upgraded to slacktrack-1.21_2. kernels/*: Upgraded to Linux 2.4.27 kernels (and added sata.i). pasture/apsfilter-7.2.5-i386-2.tgz: The apsfilter print configuration tool has been moved to /pasture. pasture/ifhp-3.5.11-i486-1.tgz: Moved ifhp to /pasture. This is a print filter for LPRng (see below). pasture/libxml-1.8.17-i486-3.tgz: Added a static libxml1, needed to compile some ham software. pasture/lprng-3.8.27-i486-1.tgz: Moved LPRng to /pasture. These days most people want to run CUPS which has more or less taken over the printing scene as the defacto standard print system. LPRng will continue to be maintained here, but getting it out of the main installation will end the annoying problem of it overwriting the symlinks for CUPS and breaking it. testing/packages/linux-2.6.8.1/alsa-driver-1.0.6a_2.6.8.1-i486-1.tgz: Compiled alsa-driver package for Linux 2.6.8.1. testing/packages/linux-2.6.8.1/kernel-generic-2.6.8.1-i486-1.tgz: Upgraded to Linux 2.6.8.1 kernel. testing/packages/linux-2.6.8.1/kernel-headers-2.6.8.1-i386-1.tgz Upgraded to Linux 2.6.8.1 kernel headers. testing/packages/linux-2.6.8.1/kernel-modules-2.6.8.1-i486-1.tgz Upgraded to Linux 2.6.8.1 kernel modules. testing/packages/linux-2.6.8.1/kernel-source-2.6.8.1-noarch-1.tgz Upgraded to Linux 2.6.8.1 kernel source. testing/packages/php-5.0.1/php-5.0.1-i486-1.tgz: Upgraded to php-5.0.1. +--------------------------+ Mon Sep 13 22:22:59 PDT 2004 a/reiserfsprogs-3.6.18-i486-1.tgz: Upgraded to reiserfsprogs-3.6.18. d/ccache-2.4-i486-1.tgz: Upgraded to ccache-2.4. d/gdb-6.2.1-i486-1.tgz: Upgraded to gdb-6.2.1. gnome/gnumeric-1.2.13-i486-1.tgz: Upgraded to gnumeric-1.2.13. l/libpng-1.2.7-i486-1.tgz: Upgraded to libpng-1.2.7. l/taglib-1.3-i486-1.tgz: Upgraded to taglib-1.3. n/dnsmasq-2.14-i486-1.tgz: Upgraded to dnsmasq-2.14. n/getmail-4.1.5-noarch-1.tgz: Upgraded to getmail-4.1.5. n/proftpd-1.2.10-i486-1.tgz: Maybe I was a little too harsh on this project (especially as they've now addressed all the known problems with the latest release). I don't think it deserved to be /pasture-ized after all, and have moved it back to the N series. Vsftpd will also remain in N, so you can take your pick... n/samba-3.0.7-i486-1.tgz: Upgraded to samba-3.0.7. This fixes two Denial of Service vulnerabilities. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 (* Security fix *) xap/imagemagick-6.0.7_3-i486-1.tgz: Upgraded to ImageMagick-6.0.7-3. testing/packages/kde-3.3/kde/*.tgz: Rebuilt all KDE packages, and fixed a couple build problems with kdemultimedia and kdebindings. testing/packages/kde-3.3/kde/qt-3.3.3-i486-2.tgz: Removed the libqt.so -> libqt-mt.so symlinks. These were a kludge added to help run third party binaries that link with libqt rather than libqt-mt, but now it's breaking things like the kdebindings build. The symlinks were meant to allow some time to transition to the threaded Qt without breaking existing apps. Hopefully not many broken apps are still left. testing/packages/gcc-3.4.2/gcc*-3.4.2-i486-1.tgz: Upgraded to gcc-3.4.2. +--------------------------+ Fri Sep 10 15:32:58 PDT 2004 ap/mysql-4.0.21-i486-1.tgz: Upgraded to mysql-4.0.21. pasture/proftpd-1.2.10-i486-1.tgz: Upgraded to proftpd-1.2.10. +--------------------------+ Thu Sep 9 20:04:47 PDT 2004 ap/cdrtools-2.01-i486-1.tgz: Upgraded to cdrtools-2.01 and zisofs-tools-1.0.6. ap/dvd+rw-tools-5.21.4.10.8-i486-1.tgz: Upgraded to dvd+rw-tools-5.21.4.10.8. +--------------------------+ Tue Sep 7 18:38:29 PDT 2004 xap/fluxbox-0.9.10-i486-1.tgz: Upgraded to fluxbox-0.9.10. This is the development version, but they say it's stable, so I'll defer to upstream judgement. pasture/fluxbox-0.1.14-i386-1.tgz: Moved to /pasture. This is still officially the current stable version, but the developers say it's old and unmaintained, so off to /pasture it goes. +--------------------------+ Mon Sep 6 20:39:43 PDT 2004 l/aspell-0.60-i486-2.tgz: Fixed missing pre* tools. l/aspell-en-6.0_0-noarch-2.tgz: Upgraded to aspell6-en-6.0-0. (Since all the word list packages needed to be rebuilt, but not all had upgraded versions, they were all given a build of '2') extra/aspell-word-lists/: Rebuilt all word lists, and added many new ones. extra/bash-completion/bash-completion-20040711-noarch-1.tgz: Upgraded to bash-completion-20040711, and fixed the profile.d script to work with bash-3.0. +--------------------------+ Sat Sep 4 20:03:26 PDT 2004 a/bash-3.0-i486-1.tgz: Upgraded to GNU bash-3.0. a/minicom-2.1-i486-1.tgz: Upgraded to minicom-2.1. l/aspell-0.60-i486-1.tgz: Upgraded to GNU aspell-0.60 (forgot this in yesterday's ChangeLog... sorry). n/openssh-3.9p1-i486-1.tgz: Upgraded to openssh-3.9p1. +--------------------------+ Fri Sep 3 18:40:57 PDT 2004 a/glibc-solibs-2.3.2-i486-7.tgz: Recompiled using 'strip -g' rather than 'strip --strip-unneeded' to avoid stripping symbols that are needed for debugging threads. Thanks to those who reported this bug, especially Ricardo Nabinger Sanchez who sent in a sample thread program that made it easy to test for the problem (and confirm the fix worked). a/glibc-zoneinfo-2.3.2-noarch-7.tgz: Rebuilt. a/hdparm-5.7-i486-1.tgz: Upgraded to hdparm-5.7. ap/zsh-4.2.1-i486-1.tgz: Upgraded to zsh-4.2.1. d/m4-1.4.2-i486-1.tgz: Upgraded to GNU m4-1.4.2. kde/kdebase-3.2.3-i486-2.tgz: Patched frame injection vulnerability in Konqueror. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 (* Security fix *) kde/kdelibs-3.2.3-i486-2.tgz: Patched unsafe temporary directory usage, cross-domain cookie injection vulnerability for certain country specific domains, and frame injection vulnerability in Konqueror. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746 (* Security fix *) l/glib2-2.4.6-i486-1.tgz: Upgraded to glib-2.4.6. l/glibc-2.3.2-i486-7.tgz: Recompiled using 'strip -g'. l/glibc-i18n-2.3.2-noarch-7.tgz: Recompiled. l/gtk+2-2.4.9-i486-1.tgz: Upgraded to gtk+-2.4.9. n/gnupg-1.2.6-i486-1.tgz: Upgraded to gnupg-1.2.6. n/inetd-1.79s-i486-7.tgz: Added a vsftpd example to /etc/inetd.conf. n/lftp-3.0.7-i486-1.tgz: Upgraded to lftp-3.0.7. n/nmap-3.70-i486-1.tgz: Upgraded to nmap-3.70. n/vsftpd-2.0.1-i486-1.tgz: Added vsftpd as Slackware's new default ftpd. This may not have the rich feature set of ProFTPD, but simple is probably more secure. Thanks to Laurens Vets for getting me to take another look at this. xap/imagemagick-6.0.6_2-i486-1.tgz: Upgraded to ImageMagick-6.0.6-2. extra/glibc-extra-packages/glibc-debug-2.3.2-i486-7.tgz: Recompiled. extra/glibc-extra-packages/glibc-profile-2.3.2-i486-7.tgz: Recompiled. extra/grub/grub-0.95-i486-2.tgz: Upgraded to version 1.24 of Kent Robotti's grubconfig setup tool. extra/k3b/k3b-i18n-0.11-noarch-2.tgz: Fixed path for locale files. pasture/proftpd-1.2.9-i486-3.tgz: Sent to /pasture. This has been allowed to slide way too much for a network service. A security issue was discovered in April (and was patched in Slackware and elsewhere shortly thereafter). It took a couple of weeks for any warning to appear on the ProFTPD site (with no official fix, just a suggestion to avoid the vulnerable feature). Since then it's been fixed in CVS but there is still no official stable release that fixes the issue. I liked ProFTPD, but won't put up with security negligence that goes on for months. Clearly ProFTPD's time is up, and it belongs here in /pasture. If there's any problem with vsftpd (and I don't expect there will be), you can bet that Chris Evans won't take 4 months to do something about it. testing/packages/kde-3.3/: Added KDE 3.3. This is in testing/ because of a few problems I've had with it (like crashes on logout, and no anti- aliased fonts no matter what kpersonalizer settings are chosen). I think it's a good idea to test it for a while and wait for patches (or for kde-3.3.1). Oh, I'm also getting requests to add libidn, which kde-3.3 apparently can use for jabber support, but libidn contains the following warning in README-alpha: "LIBIDN IS MOST LIKELY INSECURE. DO NOT USE IN A PRODUCTION ENVIRONMENT!" As a result, I haven't added libidn yet. I haven't ruled it out entirely either, but it's hard to get past a warning like that... +--------------------------+ Fri Aug 27 13:17:35 PDT 2004 n/getmail-4.1.1-noarch-1.tgz: Upgraded to getmail-4.1.1. xap/gaim-0.82.1-i486-1.tgz: Upgraded to gaim-0.82.1 to fix a couple of bugs in the gaim-0.82 release. Also, gaim-encryption-2.29 did not work with gaim-0.82 (or 0.82.1), so that has been upgraded to gaim-encryption-2.30. +--------------------------+ Thu Aug 26 18:28:53 PDT 2004 a/syslinux-2.11-i486-1.tgz: Upgraded to syslinux-2.11. ap/alsa-utils-1.0.6-i486-1.tgz: Upgraded to alsa-utils-1.0.6. d/distcc-2.17.1-i486-1.tgz: Upgraded to distcc-2.17.1. l/alsa-driver-1.0.6a_2.4.26-i486-1.tgz: Upgraded to alsa-driver-1.0.6a. l/alsa-lib-1.0.6-i486-1.tgz: Upgraded to alsa-lib-1.0.6. l/alsa-oss-1.0.6-i486-1.tgz: Upgraded to alsa-oss-1.0.6. l/libpng-1.2.6-i486-1.tgz: Upgraded to libpng-1.2.6. n/iptables-1.2.11-i486-1.tgz: Upgraded to iptables-1.2.11. n/samba-3.0.6-i486-1.tgz: Upgraded to samba-3.0.6. xap/gaim-0.82-i486-1.tgz: Upgraded to gaim-0.82 and gaim-encryption-2.29. Fixes several security issues: Content-length DOS (malloc error) (no CAN ID on this one) MSN strncpy buffer overflow (CAN-2004-0500) Groupware message receive integer overflow (CAN-2004-0754) Smiley theme installation lack of escaping (CAN-2004-0784) RTF message buffer overflow, Local hostname resolution buffer overflow, URL decode buffer overflow (these 3 are CAN-2004-0785) For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785 (* Security fix *) +--------------------------+ Mon Aug 23 14:06:50 PDT 2004 a/hdparm-5.6-i486-1.tgz: Upgraded to hdparm-5.6. a/procps-3.2.3-i486-1.tgz: Upgraded to procps-3.2.3. d/automake-1.9.1-noarch-1.tgz: Upgraded to automake-1.9.1. kde/qt-3.3.3-i486-1.tgz: Upgraded to qt-3.3.3. This fixes bugs in the image loading routines which could be used by an attacker to run unauthorized code or create a denial-of-service. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0693 (* Security fix *) l/glib2-2.4.5-i486-1.tgz: Upgraded to glib-2.4.5. n/curl-7.12.1-i486-1.tgz: Upgraded to curl-7.12.1. n/getmail-4.0.13-noarch-1.tgz: Upgraded to getmail-4.0.13. n/nail-11.3-i486-1.tgz: Upgraded to nail-11.3. xap/netscape-7.2-i686-1.tgz: Upgraded to netscape-7.2. (Is it time yet to move this to /pasture?) extra/grub/grub-0.95-i486-1.tgz: Added GNU grub-0.95. Thanks to Kent Robotti for the grubconfig setup tool. :-) I did some cleanup on grubconfig, but it's going to need more work. For example, it's unable to properly determine the mappings for my two hard drives /dev/hde and /dev/hdg... it's a start, though. extra/k3b/k3b-0.11.14-i486-1.tgz: Upgraded to k3b-0.11.14. extra/k3b/k3b-i18n-0.11-noarch-1.tgz: Added k3b-i18n-0.11. extra/parted/parted-1.6.12-i486-1.tgz: Upgraded to parted-1.6.12. +--------------------------+ Mon Aug 9 01:57:10 PDT 2004 d/binutils-2.15.90.0.3-i486-1.tgz: Reverted to binutils-2.15.90.0.3 since Mozilla isn't compiling with binutils-2.15.91.0.2. d/oprofile-0.8-i486-1.tgz: Reverted to previous oprofile build linked with libbfd from binutils-2.15.90.0.3. gnome/epiphany-1.2.7-i486-1.tgz: Upgraded to epiphany-1.2.7. (compiled against Mozilla 1.7.2) gnome/galeon-1.3.17-i486-1.tgz: Upgraded to galeon-1.3.17. (compiled against Mozilla 1.7.2) xap/gaim-0.81-i486-1.tgz: Upgraded to gaim-0.81. (compiled against Mozilla 1.7.2) xap/mozilla-1.7.2-i486-1.tgz: Upgraded to Mozilla 1.7.2. This fixes three security vulnerabilities. For details, see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2 (* Security fix *) xap/mozilla-plugins-1.7.2-noarch-1.tgz: Changed plugin symlinks for Mozilla 1.7.2. +--------------------------+ Sat Aug 7 17:17:40 AKDT 2004 ap/sox-12.17.4-i486-3.tgz: Patched buffer overflows that could allow a malicious WAV file to execute arbitrary code. (* Security fix *) d/libtool-1.5.8-i486-1.tgz: Upgraded to libtool-1.5.8. d/perl-5.8.5-i486-2.tgz: Updated -Dinc_version_list to include 5.8.4. Thanks to Luca Cavalli for pointing out the omission. l/libpng-1.2.5-i486-3.tgz: Patched possible security issues including buffer and integer overflows and null pointer references. These issues could cause program crashes, or possibly allow arbitrary code embedded in a malicious PNG image to execute. The PNG library is widely used within the system, so all sites should upgrade to the new libpng package. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 (* Security fix *) l/pango-1.4.1-i486-1.tgz: Upgraded to pango-1.4.1. xap/gimp-2.0.4-i486-1.tgz: Upgraded to gimp-2.0.4. xap/imagemagick-6.0.4_3-i486-1.tgz: Upgraded to ImageMagick-6.0.4-3. Fixes PNG security issues. (* Security fix *) +--------------------------+ Sun Aug 1 20:27:33 PDT 2004 d/automake-1.9-noarch-1.tgz: Upgraded to automake-1.9. d/binutils-2.15.91.0.2-i486-1.tgz: Upgraded to binutils-2.15.91.0.2. d/gdb-6.2-i486-1.tgz: Upgraded to gdb-6.2. d/oprofile-0.8-i486-2.tgz: Recompiled against libbfd from binutils-2.15.91.0.2. +--------------------------+ Tue Jul 27 22:27:56 PDT 2004 d/perl-5.8.5-i486-1.tgz: Upgraded to perl-5.8.5, DBD-mysql-2.9004, and DBI-1.43. gnome/galeon-1.3.16-i486-1.tgz: Upgraded to galeon-1.3.16. kde/kdebindings-3.2.3-i486-2.tgz: Recompiled for perl-5.8.5. n/dnsmasq-2.10-i486-1.tgz: Upgraded to dnsmasq-2.10. n/getmail-4.0.1-noarch-1.tgz: Upgraded to getmail-4.0.1. n/irssi-0.8.9-i486-4.tgz: Recompiled for perl-5.8.5. n/ncftp-3.1.8-i486-1.tgz: Upgraded to ncftp-3.1.8. xap/gaim-0.80-i486-2.tgz: Recompiled for perl-5.8.5. xap/imagemagick-6.0.3_5-i486-1.tgz: Upgraded to ImageMagick-6.0.3-5. xap/xchat-2.0.10-i486-1.tgz: Upgraded to xchat-2.0.10. +--------------------------+ Mon Jul 26 22:46:37 PDT 2004 gnome/totem-0.99.15.1-i686-1.tgz: Upgraded to totem-0.99.15.1. xap/xfce-4.0.6-i486-1.tgz: Upgraded to xfce-4.0.6. xap/xine-lib-1rc5-i686-1.tgz: Upgraded to xine-lib-1-rc5. xap/xine-ui-0.99.2-i686-1.tgz: Upgraded to xine-ui-0.99.2. +--------------------------+ Mon Jul 26 14:09:31 PDT 2004 n/samba-3.0.5-i486-2.tgz: Rebuilt using --with-acl-support=no to avoid a dependency on libattr (found in the xfsprogs package). Thanks to Fredrik, Naresh Donti, and Dimitar Katerinski for pointing this out. It wasn't intentional (only the version number changed in the build script). +--------------------------+ Sun Jul 25 15:55:05 PDT 2004 ap/gimp-print-4.2.7-i486-1.tgz: Upgraded to gimp-print-4.2.7. d/distcc-2.16-i486-1.tgz: Upgraded to distcc-2.16. d/doxygen-1.3.8-i486-1.tgz: Upgraded to doxygen-1.3.8. l/glib2-2.4.4-i486-1.tgz: Upgraded to glib-2.4.4. l/gtk+2-2.4.4-i486-1.tgz: Upgraded to gtk+-2.4.4. n/getmail-4.0.0-noarch-1.tgz: Upgraded to getmail-4.0.0. n/mod_ssl-2.8.19_1.3.31-i486-1.tgz: Upgraded to mod_ssl-2.8.19-1.3.31. This fixes a security hole (ssl_log() related format string vulnerability in mod_proxy hook functions), so sites using mod_ssl should upgrade to the new version. Be sure to back up your existing key files first. (* Security fix *) n/samba-3.0.5-i486-1.tgz: Upgraded to samba-3.0.5. This fixes a buffer overflow in SWAT and another in the code supporting the 'mangling method = hash' smb.conf option (which is not the default). For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686 (* Security fix *) xap/gimp-2.0.3-i486-1.tgz: Upgraded to gimp-2.0.3. xap/xsane-0.94-i486-1.tgz: Upgraded to xsane-0.94. testing/packages/gcc-3.4.1/gcc*-3.4.1-i486-1.tgz: Upgraded to gcc-3.4.1. testing/packages/php-5.0.0/php-5.0.0-i486-2.tgz: Changed references in mod_php.conf from php4 to php5 (thanks to Foti Trendafilov and Marek Januszewski for the bug reports). +--------------------------+ Wed Jul 21 13:50:18 PDT 2004 kde/koffice-1.3.2-i486-1.tgz: Upgraded to koffice-1.3.2. kdei/koffice-i18n-*.tgz: Upgraded to koffice-i18n-1.3.2. +--------------------------+ Tue Jul 20 22:05:23 PDT 2004 n/imapd-4.61-i486-1.tgz: Upgraded to IMAP4rev1 2004.352 from pine4.61. n/php-4.3.8-i486-1.tgz: Upgraded to php-4.3.8. This release fixes two security problems in PHP (memory_limit handling and a problem in the strip_tags function). Sites using PHP should upgrade. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 (* Security fix *) n/pine-4.61-i486-1.tgz: Upgraded to pine4.61. xap/gaim-0.80-i486-1.tgz: Upgraded to gaim-0.80 and gaim-encryption-2.28. testing/packages/php-5.0.0/php-5.0.0-i486-1.tgz: Added php-5.0.0. +--------------------------+ Sat Jun 26 16:02:45 PDT 2004 ap/vim-6.3.007-i486-1.tgz: Upgraded to patchlevel 007, fixed missing vim.mo files (sorry about that!!). xap/gaim-0.79-i486-1.tgz: Upgraded to gaim-0.79 and gaim-encryption-2.27. xap/gnuchess-4.0.pl80-i486-4.tgz: Fixed missing files. (thanks to grk) xap/xvim-6.3.007-i486-1.tgz: Upgraded to patchlevel 007, fixed missing vim.mo files. +--------------------------+