Sunday, March 30, 2008

Security Updates: xine-lib, firefox, seamonkey

Along with the next batch updates that was released today, Slackware Security Team also released advisories about xine-lib, firefox, and seamonkey. Today's updates includes a new kernel (2.6.24.4) and also some packages recompilation due to new kernel version. Here's the latest -Current changelog, which probably a slightly different from the advisories, since it only list the packages for -Current tree:
Sat Mar 29 18:07:00 CDT 2008
a/glibc-solibs-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.

a/glibc-zoneinfo-2.7-noarch-8.tgz: Upgraded to tzdata2008b.

l/glibc-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.
Upgraded to tzdata2008b.

l/glibc-i18n-2.7-noarch-8.tgz: Rebuilt.

l/glibc-profile-2.7-i486-8.tgz: Recompiled against 2.6.24.4 headers.

a/lilo-22.8-i486-11.tgz: Fixed reversed vt.default_utf8 kernel parameter (0 <-> 1) in /etc/lilo.conf. Thanks to Eric Hameleers for noticing the bug.

Fri Mar 28 23:35:22 CDT 2008
a/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this seems to be a de-facto standard directory and (for example) XFce will give an error if it is missing and one tries to change the desktop image.
Thanks to Chess Griffin for reporting this.
Bumped version number of package, and of /etc/slackware-version.

a/etc-12.1-noarch-3.tgz: Installed root into the audio, cdrom, video, plugdev, and floppy groups _correctly_. This was noticed by a lot of people -- sorry for the bogus entries in there before. I don't know how I managed that. (easily ;-)

a/lilo-22.8-i486-10.tgz: Fixed liloconfig to at least create an empty message file in /boot if none exists.

a/sysvinit-scripts-1.2-noarch-19.tgz: Keep any icon-theme.cache files updated.

a/kernel-generic-2.6.24.4-i486-1.tgz: Upgraded to Linux 2.6.24.4 uniprocessor generic.s (requires initrd) kernel.

a/kernel-generic-smp-2.6.24.4_smp-i686-1.tgz: Upgraded to Linux 2.6.24.4 SMP gensmp.s (requires initrd) kernel.

a/kernel-huge-2.6.24.4-i486-1.tgz: Upgraded to Linux 2.6.24.4 uniprocessor huge.s (full-featured) kernel.

a/kernel-huge-smp-2.6.24.4_smp-i686-1.tgz: Upgraded to Linux 2.6.24.4 SMP hugesmp.s (full-featured) kernel.

a/kernel-modules-2.6.24.4-i486-1.tgz: Upgraded to Linux 2.6.24.4 uniprocessor kernel modules.

a/kernel-modules-smp-2.6.24.4_smp-i686-1.tgz: Upgraded to Linux 2.6.24.4 SMP kernel modules.

ap/vim-7.1.285-i486-1.tgz: Upgraded to vim-7.1.285.

d/kernel-headers-2.6.24.4_smp-x86-1.tgz: Upgraded to Linux 2.6.24.4 SMP kernel headers.

k/kernel-source-2.6.24.4_smp-noarch-1.tgz: Upgraded to Linux 2.6.24.4 SMP kernel source.

l/svgalib_helper-1.9.25_2.6.24.4-i486-1.tgz: Recompiled for Linux 2.6.24.4.

n/gnupg-1.4.9-i486-1.tgz: Upgraded to gnupg-1.4.9.

n/gnupg2-2.0.9-i486-1.tgz: Upgraded to gnupg-2.0.9.

n/nmap-4.60-i486-2.tgz: Recompiled. Some files were missing due to an incompletely removed previous compile. Thanks again to Mauro Ghisoni.
It may also be necessary to reinstall python after upgrading from -1.

tcl/tcl-8.4.18-i486-1.tgz: Upgraded to tcl8.4.18.

tcl/tk-8.4.18-i486-1.tgz: Upgraded to tk8.4.18.

x/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0.
Thanks to Eric Hameleers for making a fontconfig file and updating the build script.

x/pixman-0.10.0-i486-1.tgz: Upgraded to pixman-0.10.0.

xap/mozilla-firefox-2.0.0.13-i686-1.tgz: Upgraded to firefox-2.0.0.13.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)

xap/seamonkey-1.1.9-i486-1.tgz: Upgraded to seamonkey-1.1.9.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)

xap/xine-lib-1.1.11-i686-1.tgz: Earlier versions of xine-lib suffer from an array index bug that may have security implications if a malicious RTSP stream is played. Playback of other media formats is not affected.
If you use RTSP, you should probably upgrade xine-lib.
For more information on the security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
(* Security fix *)

xap/vim-gvim-7.1.285-i486-1.tgz: Upgraded to vim-7.1.285. This is the GTK+ version of vim (gvim). The normal vim package is also required.

extra/grub/grub-0.97-i486-6.tgz: Restored the inode patch for ext2/3.
It looks like it was needed after all.

extra/linux-2.6.24.3-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.

isolinux/initrd.img: Fixed huge.s kernel installation bug.

kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.4.

kernels/hugesmp.s/*: Upgraded hugesmp.s kernel to 2.6.24.4 (SMP).

kernels/speakup.s/*: Upgraded speakup.s kernel to 2.6.24.4.

pasture/gcc-3.4.6/: Removed, since this has gone unchanged since Slackware 12.0. I'm not sure if the one in 12.0's pasture still works, but if it does, and you need it for something, that's where to find it.

usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.4 modules.