diff options
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 117 |
1 files changed, 114 insertions, 3 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 9c3aaa16..8f858025 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,114 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Tue, 11 Feb 2020 04:45:36 GMT</pubDate> - <lastBuildDate>Tue, 11 Feb 2020 07:59:42 GMT</lastBuildDate> + <pubDate>Wed, 12 Feb 2020 05:05:50 GMT</pubDate> + <lastBuildDate>Wed, 12 Feb 2020 16:59:42 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.11</generator> <item> + <title>Wed, 12 Feb 2020 05:05:50 GMT</title> + <pubDate>Wed, 12 Feb 2020 05:05:50 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20200212050550</link> + <guid isPermaLink="false">20200212050550</guid> + <description> + <![CDATA[<pre> +Hey folks! PAM has finally landed in /testing. Some here wanted it to go +right into the main tree immediately, and in a more normal development cycle +I'd have been inclined to agree (it is -current, after all). But it's +probably better for it to appear in /testing first, to make sure we didn't +miss any bugs and also to serve as a warning shot that we'll be shaking up +the tree pretty good over the next few weeks. I'd like to see this merged +into the main tree in a day or two, so any testing is greatly appreciated. +Switching to the PAM packages (or reverting from them) is as easy as +installing all of them with upgradepkg --install-new, and if reverting then +remove the three leftover _pam packages. After reverting, a bit of residue +will remain in /etc/pam.d/ and /etc/security/ which can either be manually +deleted or simply ignored. While there are many more features available in +PAM compared with plain shadow, out of the box about the only noticable +change is the use of cracklib and libpwquality to check the quality of a +user-supplied password. Hopefully having PAM and krb5 will get us on track +to having proper Active Directory integration as well as using code paths +that are likely better audited these days. The attack surface *might* be +bigger, but it's also a lot better scrutinized. +Thanks to Robby Workman and Vincent Batts who did most of the initial heavy +lifting on the core PAM packages as a side project for many years. Thanks +also to Phantom X whose PAM related SlackBuilds were a valuable reference. +And thanks as well to ivandi - I learned a lot from the SlackMATE build +scripts and was even occasionally thankful for the amusing ways you would +kick my ass on LQ. ;-) You're more than welcome to let us know where we've +messed up this time. +The binutils and glibc packages in /testing were removed and are off the +table for now. I'm not seeing much upside to heading down that rabbit hole +at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS +and some other things that have been held back since KDE4 couldn't use them. +Cheers! :-) +a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded. +a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded. +a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded. +a/lvm2-2.03.08-x86_64-1.txz: Upgraded. +a/shadow-4.8.1-x86_64-2.txz: Rebuilt. + Automatically backup /etc/login.defs and install the new version if + incompatible PAM options are detected. +d/kernel-headers-5.4.19-x86-1.txz: Upgraded. +k/kernel-source-5.4.19-noarch-1.txz: Upgraded. + VALIDATE_FS_PARSER y -> n +xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/ + https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800 + (* Security fix *) +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added. +testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added. +testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added. +testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added. +testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added. +testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added. +testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added. +testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added. +testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added. +testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added. +testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added. +testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added. +testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added. +testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added. +testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added. +testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added. +testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added. +testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added. +testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added. +testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added. +testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added. +testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added. +testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added. +testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added. +testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added. +testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added. +testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added. +testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added. +testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added. +testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added. +testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added. +testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added. +testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added. +testing/packages/binutils-2.34-x86_64-1.txz: Removed. +testing/packages/glibc-2.31-x86_64-1.txz: Removed. +testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed. +testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed. +testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed. +usb-and-pxe-installers/usbboot.img: Rebuilt. + </pre>]]> + </description> + </item> + <item> <title>Tue, 11 Feb 2020 04:45:36 GMT</title> <pubDate>Tue, 11 Feb 2020 04:45:36 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20200211044536</link> @@ -27,9 +131,16 @@ ap/man-pages-5.05-noarch-2.txz: Rebuilt. d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded. n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded. - This is a bugfix release. + This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/ + https://www.mozilla.org/security/advisories/mfsa2020-06/ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6799 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800 + (* Security fix *) </pre>]]> </description> </item> |