Bluewhite64-stable ChangeLog
Fri Nov 21 00:24:26 EET 2008
PATCHES/packages/libxml2-2.6.32-x86_64-1.tgz: Upgraded to libxml2-2.6.32 and patched.
This fixes vulnerabilities including denial of service, or possibly the
execution of arbitrary code as the user running a libxml2 linked application
if untrusted XML content is parsed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
[*** Security fix ***]
+--------------------------+
Sun Nov 16 22:21:38 EET 2008
PATCHES/packages/mozilla-firefox-2.0.0.18-x86_64-1.tgz: Upgraded to firefox-2.0.0.18.
This fixes some security issues:
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
[*** Security fix ***]
PATCHES/packages/net-snmp-5.4.2.1-x86_64-1.tgz: Upgraded to net-snmp-5.4.2.1.
This fixes a problem where a user with read access could cause snmpd to
crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
[*** Security fix ***]
PATCHES/packages/gnutls-2.2.5-x86_64-3.tgz: Pathced to fix a flaw in cases where the
certificate chain contained only one self-signed certificate.
This update fixes the issue.
PATCHES/packages/seamonkey-1.1.13-x86_64-1.tgz: Upgraded to seamonkey-1.1.13.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
[*** Security fix ***]
+--------------------------+
Tue Nov 11 16:51:06 EET 2008
PATCHES/packages/gnutls-2.2.5-x86_64-2.tgz:
Patched to fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle
attackers (i.e., active attackers) to assume any name and trick GNU TLS
clients into trusting that name.
For more information, see:
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
[*** Security fix ***]
+--------------------------+
Sun Nov 9 00:56:10 EET 2008
PATCHES/packages/cups-1.3.9-x86_64-1.tgz: Upgraded to cups-1.3.9.
This update fixes three vulnerabilities in the SGI image format filter, the
texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three
of these could result in a denial of service, and the plotter filter issue
could possibly be used to execute code as the print spooler user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
[*** Security fix ***]
+--------------------------+
Tue Oct 14 16:20:33 EEST 2008
PATCHES/packages/glibc-zoneinfo-2.7-noarch-11.tgz:
Upgraded to tzdata2008h for the latest world timezone changes.
+--------------------------+
Fri Sep 26 15:08:29 EEST 2008
PATCHES/packages/mozilla-firefox-2.0.0.17-x86_64-1.tgz: Upgraded to firefox-2.0.0.17.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
[*** Security fix ***]
PATCHES/packages/seamonkey-1.1.12-x86_64-1.tgz: Upgraded to seamonkey-1.1.12.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
[*** Security fix ***]
+--------------------------+
Wed Sep 17 02:28:20 CDT 2008
PATCHES/packages/bind-9.4.2_P2-x86_64-1.tgz: Upgraded to bind-9.4.2-P2.
This version has performance gains over bind-9.4.2-P1.
+--------------------------+
Thu Sep 4 01:12:00 EEST 2008
PATCHES/packages/samba-3.0.32-x86_64-1.tgz: Upgraded to samba-3.0.32.
This is a bugfix release. See the WHATSNEW.txt file in the
Samba docs for details on what has changed.
+--------------------------+
Sat Aug 30 10:38:19 EEST 2008
PATCHES/packages/amarok-1.4.10-x86_64-1.tgz: Upgraded to amarok-1.4.10.
This fixes a security issue in the Magnatune online music library
support which could be used by malicious local users to overwrite
system files. For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
[*** Security fix ***]
+--------------------------+
Wed Aug 6 00:54:48 EEST 2008
PATCHES/packages/pan-0.133-x86_64-1.tgz: Upgraded to pan-0.133.
This update fixes a buffer overflow in pan-0.128 through pan-0.132 when
processing .nzb files.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363
[*** Security fix ***]
PATCHES/packages/python-2.5.2-x86_64-2.tgz:
Patched various overflows and other security problems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144
[*** Security fix ***]
+--------------------------+
Wed Jul 30 22:51:28 EEST 2008
PATCHES/packages/proftpd-1.3.1-x86_64-2.tgz:
Recompiled against new OpenSSL, since this evidently checks the OpenSSL
version and will only run against the libraries it was compiled against.
A small patch was also added due to changes in the system includes.
PATCHES/packages/fetchmail-6.3.8-x86_64-3.tgz:
Patched to fix a possible denial of service when "-v -v" options are used.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
[*** Security fix ***]
PATCHES/packages/httpd-2.2.9-x86_64-1.tgz: Upgraded to httpd-2.2.9.
This release fixes flaws which could allow XSS attacks.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
[*** Security fix ***]
PATCHES/packages/libxslt-1.1.24-x86_64-1.tgz: Upgraded to libxslt-1.1.24.
A buffer overflow when processing XSL stylesheets could result in the
execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
[*** Security fix ***]
PATCHES/packages/links-2.1-x86_64-1.tgz: Upgraded to links-2.1.
Unspecified vulnerability in Links before 2.1, when "only proxies" is
enabled, has unknown impact and attack vectors related to providing
"URLs to external programs."
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
[*** Security fix ***]
PATCHES/packages/mozilla-thunderbird-2.0.0.16-x86_64-1.tgz:
Upgraded to thunderbird-2.0.0.16.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
[*** Security fix ***]
PATCHES/packages/mtr-0.73-x86_64-1.tgz: Upgraded to mtr-0.73.
This fixes a minor security bug where a very long hostname in the trace path
could lead to an overflow (and most likely just a crash).
[*** Security fix ***]
PATCHES/packages/net-snmp-5.4.1.2-x86_64-1.tgz: Upgraded to net-snmp-5.4.1.2.
A vulnerability was discovered where an attacked could spoof an authenticated
SNMPv3 packet due to incorrect HMAC checking. Also, a buffer overflow was
found that could be exploited if an application using the net-snmp perl
modules connects to a malicious server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
[*** Security fix ***]
PATCHES/packages/openssh-5.1p1-x86_64-1.tgz: Upgraded to openssh-5.1p1.
When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or
it is possible to be unable to log back into sshd!
PATCHES/packages/openssl-0.9.8h-x86_64-1.tgz: Upgraded to OpenSSL 0.9.8h.
The Codenomicon TLS test suite uncovered security bugs in OpenSSL.
If OpenSSL was compiled using non-default options (Bluewhite64's package
is not), then a malicious packet could cause a crash. Also, a malformed
TLS handshake could also lead to a crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or
it is possible to be unable to log back into sshd!
[*** Security fix ***]
PATCHES/packages/openssl-solibs-0.9.8h-x86_64-1.tgz:
Upgraded to OpenSSL 0.9.8h shared libraries (see above).
[*** Security fix ***]
PATCHES/packages/pcre-7.7-x86_64-1.tgz: Upgraded to pcre-7.7.
Tavis Ormandy of the Google Security Team found a buffer overflow triggered
when handling certain regular expressions. This could lead to a crash or
possible execution of code as the user of the PCRE-linked application.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
[*** Security fix ***]
PATCHES/packages/vim-7.1.330-x86_64-1.tgz: Upgraded to vim-7.1.330.
This fixes several security issues related to the automatic processing of
untrusted files. For more information, see:
http://www.rdancer.org/vulnerablevim.html
[*** Security fix ***]
PATCHES/packages/vim-gvim-7.1.330-x86_64-1.tgz: Upgraded to vim-gvim-7.1.330.
See "vim" above for details.
[*** Security fix ***]
+--------------------------+
Fri Jul 25 15:18:43 EEST 2008
PATCHES/packages/dnsmasq-2.45-x86_64-1.tgz: Upgraded to dnsmasq-2.45.
It was discovered that earlier versions of dnsmasq have DNS cache
weaknesses that are similar to the ones recently discovered in BIND.
This new release minimizes the risk of cache poisoning.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
[*** Security fix ***]
EXTRA software/ia32-libX11-1.1.4-x86_64-1.tgz: Moved to extra/ia32-emulation.
Many people reported that this is the correct libX11 version which is working
with the 32-bit GUI applications, so we make it default. Please note that you have
to install this package after the ia32-lib32-0.3.0 and will overwrite the existing
32-bit libX11. Is nothing wrong with that if your 32-bit GUI software works
+--------------------------+
Thu Jul 17 23:54:17 EEST 2008
PATCHES/packages/mozilla-firefox-2.0.0.16-x86_64-1.tgz:
Upgraded to firefox-2.0.0.16.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
[*** Security fix ***]
PATCHES/packages/seamonkey-1.1.11-x86_64-1.tgz:
Upgraded to seamonkey-1.1.11.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
[*** Security fix ***]
+--------------------------+
Fri Jul 11 01:40:42 EEST 2008
PATCHES/packages/bind-9.4.2_P1-x86_64-1.tgz: Upgraded to bind-9.4.2-P1.
This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
"A weakness in the DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack."
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to DNS cache poisoning attacks.
For more information, see:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
[*** Security fix ***]
PATCHES/packages/mozilla-firefox-2.0.0.15-x86_64-1.tgz: Upgraded to firefox-2.0.0.15.
This release closes several possible security vulnerabilities and bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
[*** Security fix ***]
PATCHES/packages/pidgin-2.4.3-x86_64-1.tgz: Upgraded to pidgin-2.4.3.
This updates pidgin to work with the changed ICQ protocol.
PATCHES/packages/seamonkey-1.1.10-x86_64-1.tgz:
Upgraded to seamonkey-1.1.10.
This release closes several possible security vulnerabilities and bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
[*** Security fix ***]
+--------------------------+
Wed Jul 2 23:39:10 EEST 2008
PATCHES/packages/xorg-server-1.4.2-x86_64-1.tgz:
Upgraded xorg-server to address denial of service and possible arbitrary
code execution flaws reported in xorg-server 1.4 prior to 1.4.2.
For more information about the issues patched, please refer to:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
[*** Security fix ***]
PATCHES/packages/xorg-server-xnest-1.4.2-x86_64-1.tgz:
Security fixes (see CVE entries above).
[*** Security fix ***]
PATCHES/packages/xorg-server-xvfb-1.4.2-x86_64-1.tgz:
Security fixes (see CVE entries above).
[*** Security fix ***]
+--------------------------+
Mon Jun 30 12:57:48 EEST 2008
PATCHES/packages/gnutls-2.2.5-x86_64-1.tgz:
Upgraded to GnuTLS version 2.2.5.
This updated package fixes bugs which can lead to a denial of service
(DoS) in programs linked with GnuTLS.
For more information about the issues patched, please refer to:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
[*** Security fix ***]
+--------------------------+
Sat Jun 28 12:09:07 EEST 2008
PATCHES/packages/ruby-1.8.6_p230-x86_64-1.tgz:
Upgraded to ruby-1.8.6-p230.
This fixes a number of security related bugs in Ruby which could lead to a
denial of service (DoS) condition or allow execution of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
[*** Security fix ***]
+--------------------------+
Thu May 29 18:37:31 EEST 2008
PATCHES/packages/samba-3.0.30-x86_64-1.tgz: Upgraded to samba-3.0.30.
This is a security release in order to address CVE-2008-1105 ("Boundary
failure when parsing SMB responses can result in a buffer overrun").
For more information on the security issue, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
[*** Security fix ***]
+--------------------------+
Wed May 28 23:20:51 EEST 2008
PATCHES/packages/mkinitrd-1.3.2-x86_64-3.tgz: Initialize RAID earlier so that
the combination of RAID+LUKS+LVM works. This one is just a bugfix for a
somewhat rare combination of options.
PATCHES/packages/rdesktop-1.6.0-x86_64-1.tgz: Upgraded to rdesktop-1.6.0.
According to the rdesktop ChangeLog, this contains a:
"* Fix for potential vulnerability against compromised/malicious servers
(reported by iDefense)"
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801
[*** Security fix ***]
+--------------------------+
Thu May 8 18:11:43 EEST 2008
PATCHES/packages/mozilla-thunderbird-2.0.0.14-x86_64-1.tgz:
Upgraded to thunderbird-2.0.0.14.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
[*** Security fix ***]
PATCHES/packages/php-5.2.6-x86_64-1.tgz:
Upgraded to php-5.2.6.
This version of PHP contains many fixes and enhancements. Some of the fixes
are security related, and the PHP release announcement provides this list:
* Fixed possible stack buffer overflow in the FastCGI SAPI identified by
Andrei Nigmatulin.
* Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
* Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
* Properly address incomplete multibyte chars inside escapeshellcmd()
identified by Stefan Esser.
* Upgraded bundled PCRE to version 7.6
When last checked, CVE-2008-0599 was not yet open. However, additional
information should become available at this URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
The list reproduced above, as well as additional information about other
fixes in PHP 5.2.6 may be found in the PHP release announcement here:
http://www.php.net/releases/5_2_6.php
[*** Security fix ***]
+--------------------------+
Sat May 3 09:51:15 EEST 2008
Bluewhite64 Linux 12.1 released as stable! THANKS to all for helping with this release!
Don't forget to read the CHANGES_AND_HINTS.TXT file for more information
about changes and hints. I hope you find Bluewhite64 12.1 to be useful!
EXTRA software/ia32-emulation/ia32-libX11-with-xcb/ia32-libX11-1.1.4-x86_64-1.tgz:
Added libX11 compiled with xcb. Use this package only if you are having
problems running 32-bit GUI applications.
+--------------------------+
Fri May 2 12:07:05 EEST 2008
A software series/kernel-test-huge-2.6.25.1-x86_64-1.tgz:
Upgraded to Linux 2.6.25.1 SMP test.s (full-featured test) kernel.
A software series/kernel-modules-2.6.25.1-x86_64-1.tgz:
Upgraded to Linux 2.6.25.1 test SMP kernel modules.
TESTING/packages/kernel-test/kernel-test-headers-2.6.25.1-x86_64-1.tgz:
Upgraded to Linux 2.6.25.1 test SMP kernel headers.
TESTING/packages/kernel-test/kernel-test-source-2.6.25.1-noarch-1.tgz:
Upgraded to Linux 2.6.25.1 test SMP kernel source package.
kernels/test.s/*: Upgraded to huge.s 2.6.25.1 test kernel.
isolinux/initrd.img: Replaced the test kernel modules with 2.6.25.1 version.
usb-and-pxe-installers/: Replaced the test kernel modules with 2.6.25.1 version.
+--------------------------+
Thu May 1 23:26:52 EEST 2008
Bluewhite64 12.1 RC4. The last RC? .
A software series/kernel-huge-2.6.24.5-x86_64-2.tgz: Patched to fix a security issue in
fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x
systems) could lead to a local DoS, or possibly a local root hole.
This flaw will also be addressed in the kernels for previous releases
as soon as possible. The patch itself may be found in
source/k/linux-2.6.24.5-CVE-2008-1375-patch/. For additional information
(when the CVE candidate is opened), see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
All the kernel packages below should also be considered security fixes.
[*** Security fix ***]
A software series/kernel-test-huge-2.6.25-x86_64-2.tgz: Patched and recompiled.
A software series/kernel-modules-2.6.24.5-x86_64-2.tgz: Patched and recompiled.
A software series/kernel-test-modules-2.6.25-x86_64-2.tgz: Patched and recompiled.
D software series/kernel-headers-2.6.24.5-x86_64-2.tgz: Rebuilt from a patched source tree.
K software series/kernel-source-2.6.24.5-noarch-2.tgz: Patched (leaving dnotify.c.orig
for comparison and/or reverting to patch up to a newer kernel later).
L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-2.tgz: Recompiled.
EXTRA software/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to
slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:)
TESTING/packages/kernel-test/kernel-test-headers-2.6.25-x86_64-2.tgz:
Rebuilt from a patched source tree.
TESTING/packages/kernel-test/kernel-test-source-2.6.25-noarch-2.tgz: Patched (leaving
dnotify.c.orig for comparison and/or reverting to patch up to a newer kernel later).
kernels/huge.s/*: Patched and recompiled.
kernels/test.s/*: Patched and recompiled.
isolinux/initrd.img: Rebuilt with newly compiled kernel modules.
usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled kernel modules.
+--------------------------+
Tue Apr 29 13:47:34 EEST 2008
This is Bluewhite64 12.1-RC3, no ISO for this time . Enjoy!
A software series/cups-1.3.7-x86_64-2.tgz: Applied patch str2790 to fix crash bugs in the PNG
image filter. The issues are not believed to be capable of either a DoS (at
worst, it simply crashes the filter processing the current job and does not
crash the scheduler daemon, which just moves on to the next job in the print
queue), nor arbitrary code execution (data from the image is never stored in
the affected tile array). Still, it seems to be worth fixing here just in
case. The CUPS bug report may be found here:
http://www.cups.org/str.php?L2790
AP software series/mysql-5.0.51b-x86_64-1.tgz: Upgraded to mysql-5.0.51b (which appears to be
nothing more than a version bump...)
L software series/imlib-1.9.15-x86_64-6.tgz: Patched to fix rendering issues on Intel and
possibly other graphics chipsets.
L software series/libmtp-0.2.6.1-x86_64-1.tgz: Upgraded to libmtp-0.2.6.1.
The udev rules are now sed processed during build.
L software series/libpng-1.2.27-x86_64-1.tgz: Upgraded to libpng-1.2.27.
This fixes various bugs, the most important of which have to do with the
handling of unknown chunks containing zero-length data. Processing a PNG
image that contains these could cause the application using libpng to crash
(possibly resulting in a denial of service), could potentially expose the
contents of uninitialized memory, or could cause the execution of arbitrary
code as the user running libpng (though it would probably be quite difficult
to cause the execution of attacker-chosen code). We recommend upgrading the
package as soon as possible.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt
[*** Security fix ***]
X software series/xf86-input-joystick-1.3.2-x86_64-1.tgz: Upgraded to xf86-input-joystick-1.3.2.
X software series/xf86-video-vmware-10.16.1-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.1.
XAP software series/mozilla-firefox-2.0.0.14-x86_64-2.tgz: Added the distribution
name and version to the User Agent (UA).
XAP software series/seamonkey-1.1.9-x86_64-1.tgz:Added the distribution
name and version to the User Agent (UA).
isolinux/initrd.img: Fixed minimum RAM amount in /etc/issue, and made some
edits to other documentation within the installer.
usb-and-pxe-installers/: In usbboot.img, fixed minimum RAM amount in
/etc/issue, and made some edits to other documentation within the installer.
+--------------------------+
Sun Apr 27 17:43:34 EEST 2008
X software series/pixman-0.10.0-x86_64-3.tgz: Restored MMX optimizations.
+--------------------------+
Sat Apr 26 11:24:26 EEST 2008
A software series/aaa_base-12.1.0-noarch-3.tgz: More initial emails update.
KDE software series/kdelibs-3.5.9-x86_64-4.tgz: Patched to fix a security problem.
From the KDE advisory: "If start_kdeinit is installed as setuid root, a
local user might be able to send unix signals to other processes, cause
a denial of service or even possibly execute arbitrary code."
This issue affects KDE 3.5.5 through KDE 3.5.9.
We recommend upgrading to the new kdelibs package as soon as possible.
For more information, see:
http://www.kde.org/info/security/advisory-20080426-2.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
[*** Security fix ***]
isolinux/initrd.img: Patched /sbin/probe to look for formatted swap on RAID.
usb-and-pxe-installers/: Patched /sbin/probe in usbboot.img to look for
formatted swap on RAID.
EXTRA software/ktorrent/ktorrent-2.2.6-x86_64-1.tgz: Upgraded to ktorrent-2.2.6.
EXTRA software/slackpkg/slackpkg-2.70.2-noarch-2.tgz: Added a new mirror.
Thanks to Peter Polonkai for the devall.hu mirrors!
+--------------------------+
Thu Apr 24 10:53:16 EEST 2008
A software series/aaa_base-12.1.0-noarch-2.tgz: Updated the initial emails.
N software series/wireless-tools-29-x86_64-3.tgz: Increased the sleep time after bringing
up an interface to 3 seconds, since some of the new drivers need the additional
time to fully initialize.
+--------------------------+
Tue Apr 22 14:58:42 EEST 2008
This is Bluewhite64 12.1-RC2! There is a DVD iso available for download from the primary mirror,
other mirrors should be updated soon. Also, you can download through BitTorrent too
(see the "Get Bluewhite64"). Please TEST, TEST and TEST as much as you can and post the
possible problems to the forum . Enjoy!
A software series/glibc-solibs-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers.
A software series/glibc-zoneinfo-2.7-noarch-10.tgz: Rebuilt.
A software series/kernel-huge-2.6.24.5-x86_64-1.tgz:
Upgraded to Linux 2.6.24.5 SMP huge.s (full-featured) kernel.
A software series/kernel-modules-2.6.24.5-x86_64-1.tgz
Upgraded to Linux 2.6.24.5 SMP kernel modules.
A software series/pkgtools-12.1.0-noarch-7.tgz: Removed obsolete modem setup script (any
/dev/modem symlink would be wiped out by udev anyway).
AP software series/lm_sensors-2.10.6-x86_64-1.tgz: Upgraded to lm_sensors-2.10.6.
D software series/kernel-headers-2.6.24.5-x86_64-1.tgz:
Upgraded to Linux 2.6.24.5 SMP kernel headers.
A software series/mkinitrd-1.3.2-x86_64-2.tgz: Updated the version numbers in
README.initrd and manpage.
K software series/kernel-source-2.6.24.5-noarch-1.tgz
Upgraded to Linux 2.6.24.5 SMP kernel source package.
L software series/glibc-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers.
L software series/glibc-i18n-2.7-noarch-10.tgz: Rebuilt.
L software series/glibc-profile-2.7-x86_64-10.tgz: Recompiled against Linux 2.6.24.5 headers.
L software series/jre-6u6-x86_64-2.tgz: Adjusted installation directory to avoid
removing files from kdebindings.
L software series/svgalib_helper-1.9.25_2.6.24.5-x86_64-1.tgz: Recompiled for Linux 2.6.24.5.
N software series/mcabber-0.9.7-x86_64-1.tgz: Upgraded to mcabber-0.9.7.
XAP software series/xine-lib-1.1.11.1-x86_64-3.tgz: Recompiled, with --without-speex (we didn't
ship the speex library in Bluewhite64 anyway, but for reference this issue
would be CVE-2008-1686), and with --disable-nosefart (the recently reported
as insecurely demuxed NSF format).
As before in -2, this package fixes the two regressions mentioned in the
release notes for xine-lib-1.1.12:
http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
Moving to xine-lib-1.1.12 right now doesn't seem prudent for RC2, as the
diff between 1.1.11.1 and 1.1.12 is many thousands of lines long.
[*** Security fix ***]
EXTRA software/brltty/brltty-3.9-x86_64-1.tgz: Upgraded to brltty-3.9.
EXTRA software/jdk-6/jdk-6u6-x86_64-2.tgz: Adjusted installation directory to avoid
removing files from kdebindings.
isolinux/initrd.img: Replaced kernel modules with 2.6.24.5 versions.
kernels/huge.s/*: Upgraded to huge.s 2.6.24.5 kernel.
usb-and-pxe-installers/: Replaced kernel modules with 2.6.24.5 versions.
Thanks to Amritpal Bath for writing a new README_RAID document explaining
how to install Bluewhite64 using various RAID levels.
+--------------------------+
Fri Apr 18 11:46:34 EEST 2008

AP software series/mysql-5.0.51a-x86_64-3.tgz: Edited rc.mysql to fix a missing '=' in the
example for mysql_install_db.
XAP software series/mozilla-firefox-2.0.0.14-x86_64-1.tgz:
Upgraded to firefox-2.0.0.14.
This upgrade fixes a potential security bug.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
[*** Security fix ***]
+--------------------------+
Fri Apr 18 00:17:29 EEST 2008
A software series/kernel-test-huge-2.6.25-x86_64-1.tgz:
Added Linux 2.6.25 SMP test.s (full-featured) testing kernel!
please NOTE: this kernel is only for testing! You have to install the
sources and the headers if you need them from testing/packages/kernel-test/*
A software series/kernel-test-modules-2.6.25-x86_64-1.tgz
Added Linux 2.6.25 SMP test.s kernel modules.
L software series/jre-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 6.
N software series/wireless-tools-29-x86_64-2.tgz:
Make sure that HWADDR in rc.wireless is all uppercase.
EXTRA software/jdk-6/jdk-6u6-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 6.
testing/packages/kernel-test/*: Added a testing kernel version 2.6.25.
kernels/test.s: Added a test.s (huge) SMP kernel 2.6.25 for testing!
isolinux/initrd.img: Updated binaries and shared libraries. Added test.s kernel modules.
Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu
for reporting and testing.
usb-and-pxe-installers/: Added test.s kernel and modules. Updated binaries and shared libraries.
Fixed to show the encrypted volume in the partitions list. Thanks to Virgil Moldoveanu
for reporting and testing.
+--------------------------+
Tue Apr 15 17:46:44 EEST 2008
E software series/emacs-22.2-x86_64-1.tgz: Upgraded to GNU emacs-22.2.
X software series/xf86-video-radeonhd-1.2.1-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.1.
EXTRA software/emacspeak/emacspeak-27.0-x86_64-1.tgz: Upgraded to emacspeak-27.0.
+--------------------------+
Mon Apr 14 18:39:31 EEST 2008
A software series/smartmontools-5.38-x86_64-1.tgz: Upgraded to smartmontools-5.38.
D software series/git-1.5.5-x86_64-1.tgz: Upgraded to git-1.5.5.
KDE software series/amarok-1.4.9.1-x86_64-1.tgz: Upgraded to amarok-1.4.9.1.
N software series/bind-9.4.2-x86_65-2.tgz: Patched rc.bind to add a short wait after starting
named, so that the startup script doesn't match "named " with a
failing startup and too quick a check. Upgraded to the latest named.root file.
T software series/xfig-3.2.4-x86_64-3.tgz: Patched to fix a wrong XFIGLIBDIR that was causing
some minor errors.
TCL software series/tclx-8.4-x86_64-2.tgz: Recompiled. Since some of the Tcl/Tk headers are now
considered "private", this needs -I flags to compile (for now).
XAP software series/xscreensaver-5.05-x86_64-1.tgz: Upgraded to xscreensaver-5.05.
+--------------------------+
Mon Apr 14 00:18:12 EEST 2008
AP software series/ghostscript-8.62-x86_64-5.tgz: Edited /usr/share/ghostscript/8.62/lib/cidfmap
to attempt support for Simplified Chinese (though Traditional Chinese and
Korean will still require cidfmap changes and additional fonts).
AP software series/man-1.6f-x86_64-1.tgz: Upgraded to man-1.6f.
D software series/cscope-15.6-x86_64-1.tgz: Upgraded to cscope-15.6.
F software series/linux-howtos-20080411-noarch-1.tgz: Updated to Linux-HOWTOs-20080411.
L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-2.tgz: Recompiled.
N software series/iproute2-2.6.16_060323-x86_64-2.tgz: Fixed hardcoded "/usr/local/lib/iptables"
path in two places within the source.
N software series/sendmail-8.14.2-x86_64-2.tgz: Recompiled. Fixed issues in the install script
with properly adding the smmsp user/group. When using SSL/TLS, disable SSLv2 by default.
Fixed the line ordering in sendmail-slackware-tls-sasl.mc. Fixed typos at the top of
example .mc files. Clamp down on security in the defaults some more by requiring
authentication when using the TLS/SASL .mc/.cf. Allow SSLv3 in both TLS configurations.
N software series/sendmail-cf-8.14.2-noarch-2.tgz: Rebuilt.
X software series/xf86-video-radeonhd-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.2.0,
which adds support for RV620, RV635, and R680 chipsets, and 2D acceleration
for R5xx (including RS6xx) chipsets, both XAA and EXA. This driver also
enables the use of the second digital output on the RS690 chipset.
+--------------------------+
Fri Apr 11 14:30:59 EEST 2008
A software series/cryptsetup-1.0.5-x86_64-4.tgz: Recompiled against static libgpg-error and
got rid of --disable-libcrypt in cryptsetup.static's ./configure to prevent
the error "Command failed: Key processing error: No hash backend found"
when creating a new cryptographic volume. Thanks to TaQ for the heads-up.
A software series/ed-0.9-x86_64-2.tgz: Fixed missing man page.
D software series/guile-1.8.4-x86_64-1.tgz: Upgraded to guile-1.8.4.
N software series/ipw2200-fw-3.0-fw-2.tgz: Add an extra copy of the LICENSE file to the
/usr/doc/ipw2200-fw-3.0/ directory in addition to the one with the firmware.
N software series/libgcrypt-1.4.0-x86_64-2.tgz: Recompiled to include the static library.
N software series/libgpg-error-1.6-X86_64-3.tgz: Recompiled to include the static library.
N software series/mailx-12.3-x86_64-1.tgz: Upgraded to mailx-12.3.
XAP software series/gnuplot-4.2.3-x86_64-1.tgz: Upgraded to gnuplot-4.2.3.
isolinux/initrd.img: Replaced /sbin/cryptsetup.static.
usb-and-pxe-installers/: Replaced /sbin/cryptsetup.static.
+--------------------------+
Thu Apr 10 15:15:18 EEST 2008
The kernels were recompiled to add the experimental CONFIG_PATA_MARVELL option,
since some newer Intel motherboards are already using this chipset. Like
everything else, use it at your own risk. It was decided that having some
driver that was tested and found to work was better than no support at all.
A software series/kernel-huge-2.6.24.4-x86_64-2.tgz:
Recompiled Linux 2.6.24.4 SMP huge.s (full-featured) kernel.
A software series/kernel-modules-2.6.24.4-x86_64-2.tgz
Recompiled Linux 2.6.24.4 SMP kernel modules.
D software series/kernel-headers-2.6.24.4-x86_64-2.tgz:
Rebuild Linux 2.6.24.4 SMP kernel headers.
D software series/pkg-config-0.23-x86_64-2.tgz: Prevent unwanted output during package install.
D software series/ruby-1.8.6_p114-x86_64-1.tgz: Upgraded to ruby-1.8.6-p114.
K software series/kernel-source-2.6.24.4-noarch-2.tgz
Rebuilt Linux 2.6.24.4 SMP kernel source package.
L software series/libaio-0.3.106-x86_64-1.tgz: Added libaio-0.3.106 (asynchronous I/O library).
L software series/glib2-2.14.6-x86_64-4.tgz: Renamed /etc/profile.d/glib2.{csh,sh} to
/etc/profile.d/libglib2.{csh,sh} so that the lang.{csh,sh} scripts will run
first, setting the $LANG variable which these scripts require.
N software series/dhcp-3.0.6-x86_64-1.tgz: Upgraded to dhcp-3.0.6.
N software series/lftp-3.7.0-x86_64-1.tgz: Upgraded to lftp-3.7.0.
N software series/links-2.1pre33-x86_64-1.tgz: Upgraded to links-2.1pre33.
N software series/ncftp-3.2.1-x86_64-1.tgz: Upgraded to ncftp-3.2.1.
N software series/rsync-3.0.2-x86_64-1.tgz: Upgraded to rsync-3.0.2.
From the NEWS file:
"BUG FIXES: - Fixed a potential buffer overflow in the xattr code."
This is the security advisory, as the issue was present in -current only.
[*** Security fix ***)
N software series/tcpdump-3.9.8-x86_64-1.tgz: Upgraded to libpcap-0.9.8 and tcpdump-3.9.8.
X software series/compiz-0.7.4-x86_64-1.tgz: Upgraded to compiz-0.7.4.
X software series/scim-1.4.7-x86_64-6.tgz: Fixed locale example typo in profile.d scripts.
X software series/xf86-input-mouse-1.3.0-x86_64-1.tgz: Upgraded to xf86-input-mouse-1.3.0 to
fix a copy/paste bug when switching between the virtual consoles and X.
EXTRA software/slackpkg/slackpkg-2.70.2-noarch-1.tgz: Upgraded to slackpkg-2.70.2-noarch-1.

isolinux/initrd.img: Replaced kernel modules with recompiled versions.
kernels/huge.s/*: Recompiled huge.s 2.6.24.4 kernel.
usb-and-pxe-installers/: Replaced kernel modules with recompiled versions.
+--------------------------+
Tue Apr 8 15:26:23 EEST 2008
D software series/cmake-2.4.8-x86_64-1.tgz: Upgraded to cmake-2.4.8.
L software series/fribidi-0.10.9-x86_64-2.tgz: Recompiled. "left-to-right" was far too
egregious a mistake to leave in the slack-desc. Sorry about that.
X software series/pixman-0.10.0-x86_64-2.tgz: Symlink the headers into /usr/include to
temporarily accommodate software that isn't yet using pixman.pc to get the
-I/usr/include/pixman-1/ include path. Thanks to garry for reporting this.
XAP software series/xine-lib-1.1.11.1-x86_64-2.tgz: Patched to fix playback failure affecting
several media formats accidentally broken in the xine-lib-1.1.11.1 release.
A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Added libfuse. Updated libbz2 (which still
has the shared library name "libbz2.so.1.0.4").
A software series/bzip2-1.0.5-x86_64-1.tgz: Upgraded to bzip2-1.0.5.
Previous versions of bzip2 contained a buffer overread error that could cause
applications linked to libbz2 to crash, resulting in a denial of service.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
[*** Security fix ***]
A software series/cryptsetup-1.0.5-x86_64-3.tgz: Make cryptsetup in /sbin and /usr/sbin both
symlinks to /sbin/cryptsetup.static. This prevents "cryptsetup" failure if
someone installs only the A package series.
AP software series/cdrtools-2.01.01a38-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a38.
AP software series/dvd+rw-tools-7.1-x86_64-1.tgz: Upgraded to dvd+rw-tools-7.1.
AP software series/ghostscript-8.62-x86_64-4.tgz: Fixed cidfmap for printing with the
wqy-zenhei.ttf font.
D software series/m4-1.4.11-x86_64-1.tgz: Upgraded to m4-1.4.11.
In addition to bugfixes and enhancements, this version of m4 also fixes two
issues with possible security implications. A minor security fix with the
use of "maketemp" and "mkstemp" -- these are now quoted to prevent the
(rather unlikely) possibility that an unquoted string could match an
existing macro causing operations to be done on the wrong file. Also,
a problem with the '-F' option (introduced with version 1.4) could cause a
core dump or possibly (with certain file names) the execution of arbitrary
code. For more information on these issues, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
[*** Security fix ***]
N software series/iptables-1.4.0-x86_64-1.tgz: Upgraded to iptables-1.4.0.
N software series/network-scripts-12.1-noarch-1.tgz: Fixed WLAN_IWPRIV[4] example
generated by netconfig.
N software series/whois-4.7.26-x86_64-1.tgz: Upgraded to whois-4.7.26.
XAP software series/xfce-4.4.2-x86_64-5.tgz: Fixed the build script to apply a couple
of bugfix patches correctly.
isolinux/initrd.img: Patched to fix expert mode FTP/HTTP installation, and
to allow installation from HTTP source with port number, such as:
http://somehost:8080
usb-and-pxe-installers/: Patched to fix expert mode FTP/HTTP installation,
and to allow installation from HTTP source with port number, such as:
http://somehost:8080
pasture/ia32-emulation/* Added the IA32 emulation found in Bluewhite64 12.0 testing.
If the new packages found in extra/ia32-emulation/* not working as you expected,
then you should use this one. Upgraded ia32-lib32asound-1.0.15.
NOTE: use "removepkg /var/log/packages/ia32-*" to remove the existing IA32 packages
and installpkg to install this ones.
+--------------------------+
Sun Apr 6 09:45:42 EEST 2008
XAP software series/xfce-4.4.2-x86_64-4.tgz: Show Orage Calendar only in XFce rather
than having it fall into KDE's "Lost & Found" .
EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-2.tgz: Recompiled libX11 without xcb.
Thanks to Roberto Gonzalez Azevedo for reporting and testing.
+--------------------------+
Sat Apr 5 09:45:47 EEST 2008
L software series/glibc-2.7-x86_64-9a.tgz: Added /bin/sln -> /sbin/sln symlink.
N software series/rsync-3.0.1-x86_64-1.tgz: Upgraded to rsync-3.0.1.
TESTING/packages/bash-3.2.029-x86_64-1.tgz: Brought up to patchlevel 029.
Last time we tried this as our main shell, it was still causing problems with
a lot of the scripts out there, but perhaps it will be tried again in the
next development cycle.
isolinux/initrd.img: Added test26.s kernel support.
usb-and-pxe-installers/usbboot.img: Added test26.s kernel support.
+--------------------------+
Sat Apr 5 01:51:22 EEST 2008
A software series/mkinitrd-1.3.2-x86_64-1.tgz: Patched to fix problems with previous settings
getting overwritten with a plain "mkinitrd", and added support for non-US
keyboards.
A software series/glibc-solibs-2.7-x86_64-9.tgz: Rebuilt.
A software series/glibc-zoneinfo-2.7-noarch-9.tgz: Updated timeconfig script.
D software series/mercurial-1.0-x86_64-1.tgz: Upgraded to mercurial-1.0.
L software series/glibc-2.7-x86_64-9.tgz: Removed /sbin/sln symlink.
L software series/glibc-i18n-2.7-noarch-9.tgz: Rebuilt.
L software series/glibc-profile-2.7-x86_64-9.tgz: Rebuilt
L software series/dbus-python-0.82.4-x86_64-1.tgz: Added dbus-python-0.82.4, which is needed
for the correct operation of hplip.
N software series/openssh-5.0p1-x86_64-1.tgz: Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded
X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
[*** Security fix ***]
EXTRA software/ia32-emulation/ia32-glibc-2.7-x86_64-1.tgz: Added ia32-glibc-2.7.
From now one this is the place for the IA32 emulation packages for Bluewhite64.
If you like to run 32-bit software then you have to install all this packages.
Since the latest packages from BW64 12.0, all libraries have been updated to
the versions found in the --current tree. The ia32-glibc-2.7 automatically add
the /lib32 and /usr/lib32 to /etc/ld.so.conf and run ldconfig for you, so
now is more easy to run 32-bit software .
NOTE: this packages are ONLY to run 32-bit software, NOT to compile.
Please test as much as you can and post success or failures to the
Bluewhite64 forum. Use removepkg /var/log/packages/ia32-* to remove the old ones
and use installpkg to install all this brand new ones . Enjoy!
EXTRA software/ia32-emulation/ia32-lib32-0.3.0-x86_64-1.tgz: Added ia32-lib32-0.3.0.
EXTRA software/ia32-emulation/ia32-pango-1.20.0-x86_64-1.tgz: Added ia32-pango-1.20.0.
EXTRA software/ia32-emulation/ia32-zlib-1.2.3-x86_64-1.tgz: Added ia32-zlib-1.2.3.
EXTRA software/ia32-emulation/ia32-gtk+2-2.12.9-x86_64-1.tgz: Added ia32-gtk+2-2.12.9.
EXTRA software/ia32-emulation/ia32-lib32asound-1.0.15-x86_64-1.tgz: Added ia32-lib32asound.
EXTRA software/ia32-emulation/ia32-stdc++-6.0.9-x86_64-1.tgz: Added a32-stdc++6.0.9.
EXTRA software/ia32-emulation/linux32-1.0-x86_64-1.tgz: Added linux32-1.0.
testing/ia32-emulation/*: Moved to EXTRA software.


+--------------------------+
Thu Apr 3 17:50:11 EEST 2008
This is Bluewhite64 12.1-rc1, though there is still some more minor work to do.
No ISO for this RC, perhaps the RC2 will have one, I'm waiting for the 2.6.25 Linux kernel
to integrate it as a test26.s kernel. Please help test! And if we're missing anything major,
please let me know at arny at bluewhite64 dot com or post to the forum. Thank You!
A software series/aaa_elflibs-12.1.0-x86_64-1.tgz: Updated the initial "starter" library
package to the latest versions in -current.
A software series/cups-1.3.7-x86_64-1.tgz: Upgraded to cups-1.3.7.
This version of CUPS fixes some buffer overflows in the GIF image filter
and in cgiCompileSearch. Those running CUPS servers should upgrade.
For more information on these security issues, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
[*** Security fix ***]
A software series/cxxlibs-6.0.9-x86_64-1.tgz: Upgraded to libstdc++.so.6.0.9 from gcc-4.2.3.
A software series/mdadm-2.6.4-x86_64-1.tgz: Upgraded to mdadm-2.6.4.
A software series/pciutils-2.2.10-x86_64-1.tgz: Upgraded to pciutils-2.2.10.
A software series/sysvinit-2.86-x86_64-7.tgz: Fixed the /sbin/initscript path to match the man
pages. Thanks to Michiel Broek for the patch.
AP software series/hplip-2.8.4-x86_64-1.tgz: Upgraded to hplip-2.8.4.
AP software series/zsh-4.3.6-x86_64-1.tgz: Upgraded to zsh-4.3.6.
D software series/gdb-6.8-x86_64-1.tgz: Upgraded to gdb-6.8.
L software series/hal-0.5.10-x86_64-2.tgz: Recompiled with --enable-umount-helper, which allows
non-root users to umount hotplugged devices from the command line.
L software/hal-info-20080317-noarch-1.tgz: Upgraded to hal-info-20080317.
N software/bind-9.4.2-x86_64-1.tgz: Upgraded to bind-9.4.2.
N software/wpa_supplicant-0.5.10-x86_64-1.tgz: Upgrade/d to wpa_supplicant-0.5.10.
X software series/wqy-zenhei-font-ttf-0.5.23-noarch-1.tgz: Upgraded to wqy-zenhei-0.5.23.
X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Reverted to xf86-video-intel-2.2.1. We
suspected that might be needed, given the version number and development
status of the newer driver we tried, but gave it a try anyway. Probably
there will be no more driver updates at this point unless bugs are reported
that newer drivers fix.
XAP software series/pidgin-2.4.1-x86_64-1.tgz: Upgraded to pidgin-2.4.1.
+--------------------------+
Tue Apr 1 22:45:27 EEST 2008
A software series/acl-2.2.47_1-x86_64-1.tgz: Upgraded to acl-2.2.47_1.
A software series/attr-2.4.41_1-x86_64-1.tgz: Upgraded to attr-2.4.41_1.
A software series/etc-12.1-noarch-4.tgz: Give the mysql user a /bin/false "shell".
A software series/lilo-22.8-x86_64-10.tgz: Fixed a bug where liloconfig might not properly
determine the root directory where /boot is found.
A software series/sysvinit-scripts-1.2-noarch-20.tgz: Fixed a bug in rescan-scsi-bus that was
exposed by the CONFIG_SCSI_MULTI_LUN kernel option (which _should_ also make
rescan-scsi-bus unneccessary). Keep /usr/share/mime's mime.cache file updated.
A software series/util-linux-2.12r-x86_64-4.tgz: Removed. See below.
A software series/util-linux-ng-2.13.1-x86_64-1.tgz: Added util-linux-ng-2.13.1, which replaces
the old util-linux package. To install, either use upgradepkg with the "%"
option, or do this: installpkg util-linux-ng-2.13.1-x86_64-1.tgz ;
removepkg util-linux ; installpkg util-linux-ng-2.13.1-x86_64-1.tgz
A software series/xfsprogs-2.9.7_1-x86_64-1.tgz: Upgraded to xfsprogs-2.9.7_1.
AP software series/alsa-utils-1.0.15-x86_64-3.tgz: Don't load the mixer settings until after
the OSS modules have been loaded. Eliminate 'awk' usage in rc.alsa, using
sed and tr instead.
AP software series/dmapi-2.2.8_1-x86_64-1.tgz: Upgraded to dmapi-2.2.8_1.
AP software series/man-pages-2.79-noarch-1.tgz: Upgraded to man-pages-2.79, and retained the
POSIX pthread_* man pages this time.
AP software series/mysql-5.0.51a-x86_64-2.tgz: Modified /etc/rc.d/rc.mysqld's database
installation instructions to take into consideration that the mysql user no
longer has a login shell. In addition, the admin is told to consider locking
the database server down even further (if possible) by using the
mysql_secure_installation utility.
AP software series/xfsdump-2.2.48_1-x86_64-1.tgz: Upgraded to xfsdump-2.2.48_1.
L software series/libgsf-1.14.8-x86_64-1.tgz: Upgraded to libgsf-1.14.8.
N software series/net-tools-1.60-x86_64-2.tgz: Recompiled with latest Debian patch.
N software series/nfs-utils-1.1.2-x86_64-1.tgz: Upgraded to nfs-utils-1.1.2.
N software series/nmap-4.60-x86_64-3.tgz: Fixed the build script (third time's the charm?) to
use DESTDIR and remove the one item (useless, IMHO, within a package system)
that still can't get DESTDIR right: uninstall_zenmap.
N software series/openssh-4.9p1-x86_64-1.tgz: Upgraded to openssh-4.9p1.
N software series/wget-1.11.1-x86_64-1.tgz: Upgraded to wget-1.11.1.
X software series/scim-1.4.7-x86_64-5.tgz: Fixed scim.desktop to have more information,
and to place the SCIM startup utility in the "Utilities" menu rather than having it
fall into "Lost & Found".
X software series/xf86-video-intel-2.2.99.902-x86_64-1.tgz:
Upgraded to xf86-video-intel-2.2.99.902.
XAP software series/xine-lib-1.1.11.1-x86_64-1.tgz: Earlier versions of xine-lib suffer
from an integer overflow which may lead to a buffer overflow that could potentially
be used to gain unauthorized access to the machine if a malicious media
file is played back. File types affected this time include .flv, .mov, .rm,
.mve, .mkv, and .cak.
For more information on this security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
[*** Security fix ***]
isolinux/initrd.img: Patched to have /etc/fstab mount /dev/shm.
Updated XFS utilities.
usb-and-pxe-installers/: Patched to have /etc/fstab mount /dev/shm.
Updated XFS utilities.
+--------------------------+
Sun Mar 30 18:53:02 EEST 2008
A software series/glibc-solibs-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers.
A software series/glibc-zoneinfo-2.7-noarch-8.tgz: Upgraded to tzdata2008b.
L software series/glibc-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers.
Upgraded to tzdata2008b.
L software series/glibc-i18n-2.7-noarch-8.tgz: Rebuilt.
L software series/glibc-profile-2.7-x86_64-8.tgz: Recompiled against 2.6.24.4 headers.
A software series/lilo-22.8-x86_64-9.tgz: Fixed reversed vt.default_utf8 kernel parameter
(0 <-> 1) in /etc/lilo.conf. Fxed liloconfig to at least create an empty
message file in /boot if none exists.
A software series/aaa_base-12.1.0-noarch-1.tgz: Added an empty /usr/share/wallpapers as this
seems to be a de-facto standard directory and (for example) XFce will give
an error if it is missing and one tries to change the desktop image.
Bumped version number of package, and of /etc/bluewhite64-version.
A software series/etc-12.1-noarch-4.tgz: Installed root into the audio, cdrom, video, plugdev,
and floppy groups _correctly_ .
A software series/sysvinit-scripts-1.2-noarch-19.tgz: Keep any icon-theme.cache files updated.
A software series/kernel-huge-2.6.24.4-x86_64-1.tgz:
Upgraded to Linux 2.6.24.4 SMP huge.s (full-featured) kernel.
A software series/kernel-modules-2.6.24.4-x86_64-1.tgz
Upgraded to Linux 2.6.24.4 uniprocessor kernel modules.
AP software series/vim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285.
D software series/kernel-headers-2.6.24.4-x86_64-1.tgz:
Upgraded to Linux 2.6.24.4 SMP kernel headers.
K software series/kernel-source-2.6.24.4-noarch-1.tgz
Upgraded to Linux 2.6.24.4 SMP kernel source.
L software series/svgalib_helper-1.9.25_2.6.24.4-x86_64-1.tgz: Recompiled for Linux 2.6.24.4.
N software series/gnupg-1.4.9-x86_64-1.tgz: Upgraded to gnupg-1.4.9.
N software series/gnupg2-2.0.9-x86_64-1.tgz: Upgraded to gnupg-2.0.9.
N software series/nmap-4.60-x86_64-2.tgz: Recompiled. Some files were missing due to an
incompletely removed previous compile. It may also be necessary to reinstall
python after upgrading from -1.
TCL software series/tcl-8.4.18-x86_64-1.tgz: Upgraded to tcl8.4.18.
TCL software series/tk-8.4.18-x86_64-1.tgz: Upgraded to tk8.4.18.
X software series/liberation-fonts-ttf-1.0-noarch-1.tgz: Upgraded to Liberation Fonts 1.0.
X software series/pixman-0.10.0-x86_64-1.tgz: Upgraded to pixman-0.10.0.
XAP software series/mozilla-firefox-2.0.0.13-x86_64-1.tgz:
Upgraded to firefox-2.0.0.13.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
[*** Security fix ***]
XAP software series/seamonkey-1.1.9-x86_64-1.tgz:
Upgraded to seamonkey-1.1.9.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
[*** Security fix ***]
XAP software series/xine-lib-1.1.11-x86_64-1.tgz: Earlier versions of xine-lib suffer from an
array index bug that may have security implications if a malicious RTSP
stream is played. Playback of other media formats is not affected.
If you use RTSP, you should probably upgrade xine-lib.
For more information on the security issue, please see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
[*** Security fix ***]
XAP software series/vim-gvim-7.1.285-x86_64-1.tgz: Upgraded to vim-7.1.285. This is the GTK+
version of vim (gvim). The normal vim package is also required.
XAP software series/windowmaker-0.92.0-x86_64-5.tgz: Repackaged to fix WPrefs missing icons.
Thanks to Garry for reporting this.
isolinux/initrd.img: Fixed huge.s kernel installation bug.
kernels/huge.s/*: Upgraded huge.s SMP kernel to 2.6.24.4.
pasture/gcc-3.4.6/: Removed, since this has gone unchanged since
Bluewhite64 12.0. I'm not sure if the one in 12.0's pasture still works,
but if it does, and you need it for something, that's where to find it.
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.4 modules.
+--------------------------+
Wed Mar 26 23:19:18 EET 2008
A software series/etc-12.1-noarch-3.tgz: Add root to the groups audio, cdrom, video, plugdev,
and floppy. Root already has access to most of these devices, but it doesn't
hurt to provide an example for people who edit /etc/groups manually.
A software series/shadow-4.0.6-x86_64-3.tgz: Took plugdev out of CONSOLE_GROUPS in
/etc/login.defs, since DBUS doesn't know about group memberships added that
way. Users not actually listed in /etc/groups as part of groups such as
plugdev wouldn't be able to use those devices even at the console when
logging in through a graphical login manager such as XDM, KDM, or GDM.
Stuart Winter enhanced the command-line adduser tool. Quote from the adduser
program history: "* To facilitate use of the automatic mounting features of
HAL, allow the admin to easily add users to the default groups:
audio,cdrom,video,plugdev,floppy.
The default is not to add new users to these groups. And by the way, this
script is "adduser from Slackware" not "superadduser from Gentoo" "
If you trust your users, this is the correct way to give them access to these
devices. adduser will automatically edit /etc/groups for you. If you do not
trust your users and you give them access to these groups, they may create
mischief from afar with this access, so be aware of the security implications.
A software series/udev-118-x86_64-3.tgz: Fixed two broken symbolic links in /sbin.
AP software series/ntfsprogs-2.0.0-x86_64-2.tgz: Added back ntfsprogs-2.0.0, using (for now)
--disable-ntfsmount. It is still needed to manage NTFS partitions even if we
use the kernel driver or NTFS-3G to mount them.
N software series/epic4-2.8-x86_64-1.tgz: Upgraded to epic4-2.8.
N software series/irssi-0.8.12-x86_64-1.tgz: Upgraded to irssi-0.8.12.
N software series/nmap-4.60-x86_64-1.tgz: Upgraded to nmap-4.60.
Zenmap still isn't working because we don't include sqlite, but a zenmap
.desktop file was added anyway, and some paths in a script were fixed.
XAP software series/gimp-2.4.5-x86_64-1.tgz: Upgraded to gimp-2.4.5, added support for pyGTK.
isolinux/initrd.img: Fixed Speakup kernel detection. Added LVM swap partition detection.
usb-and-pxe-installers/: Fixed Speakup kernel detection. Added LVM swap partition detection.
+--------------------------+
Sun Mar 23 11:59:21 EET 2008
A software series/pkgtools-12.1.0-noarch-6.tgz: Fixed bogus bad gzipped file warnings.
AP software series/ghostscript-8.62-x86_64-3.tgz: Fixed default cidfmap installation.
N software series/mcabber-0.9.6-x86_64-1.tgz: Upgraded to mcabber-0.9.6.
XAP software series/audacious-1.5.0-x86_64-2.tgz: Don't use opcodes that break older computers.
XAP software series/audacious-plugins-1.5.0-x86_64-2.tgz: Recompiled.
+--------------------------+
Fri Mar 21 15:06:38 EET 2008
Is this Bluewhite64 12.1 RC 1 yet? It has to be close.
A software series/e2fsprogs-1.40.8-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.8.
A software series/gpm-1.20.1-x86_64-7.tgz: Default item to imps2, which works well with KVM
boxes. If you use a Synaptics pad with the third party driver, you may have
to change this setting.
A software series/inotify-tools-3.13-x86_64-1.tgz: Upgraded to inotify-tools-3.13.
A software series/kernel-huge-2.6.24.3-x86_64-2.tgz: Recompiled with CONFIG_SCSI_MULTI_LUN.
A software series/kernel-modules-2.6.24.3-x86_64-2.tgz: Recompiled.
A software series/ntfs-3g-1.2310-x86_64-1.tgz: Added ntfs-3g-1.2310.
A software series/pkgtools-12.1.0-noarch-5.tgz: Default making a USB boot stick to off.
A software series/sysvinit-scripts-1.2-noarch-18.tgz: Removed /etc/rc.d/rc.scanluns.
A software series/udev-118-x86_64-2.tgz: Blacklist old bcm43xx driver (b43 and b43legacy are
the recommended drivers now).
AP software series/alsa-utils-1.0.15-x86_64-2.tgz: Set reasonable volume defaults
if there are none in /etc/asound.state.
AP software series/gutenprint-5.0.2-x86_64-1.tgz: Upgraded to gutenprint-5.0.2.
AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Removed (for now).
D software series/m4-1.4.10-x86_64-1.tgz: Upgraded to m4-1.4.10.
D software series/pkg-config-0.23-x86_64-1.tgz: Upgraded to pkg-config-0.23.
K software series/kernel-source-2.6.24.3-noarch-2.tgz: CONFIG_SCSI_MULTI_LUN is now the
default in the supplied Bluewhite64 huge .config.
L software series/atk-1.22.0-x86_64-1.tgz: Upgraded to atk-1.22.0.
L software series/dbus-1.1.20-x86_64-1.tgz: Upgraded to dbus-1.1.20.
L software series/dbus-glib-0.74-x86_64-2.tgz: Rebuilt.
L software series/dbus-qt3-0.70-x86_64-2.tgz: Rebuilt.
L software series/gnome-icon-theme-2.22.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.22.0.
L software series/glib2-2.14.6-x86_64-3.tgz: Set G_BROKEN_FILENAMES=1, and if the locale is
UTF-8, then set G_FILENAME_ENCODING="@locale" (which will override the
G_BROKEN_FILENAMES setting). This should get us a little closer with UTF.
L software series/gtk+2-2.12.9-x86_64-1.tgz: Upgraded to gtk+-2.12.9.
L software series/hal-info-20080313-noarch-1.tgz: Upgraded to hal-info-20080313.
L software series/hicolor-icon-theme-0.10-noarch-3.tgz: Don't make an icon-theme.cache file
in /usr/share/icons.
L software series/lcms-1.17-x86_64-1.tgz: Upgraded to lcms-1.17.
L software series/libart_lgpl-2.3.20-x86_64-1.tgz: Upgraded to libart_lgpl-2.3.20.
L software series/pango-1.20.0-x86_64-1.tgz: Upgraded to pango-1.20.0.
L software series/pygtk-2.12.1-x86_64-2.tgz: Robby said it would help to recompile this.
L software series/wavpack-4.41.0-x86_64-1.tgz: Added wavpack-4.41.0.
This is needed for audacious WAV format support.
N software series/gnupg2-2.0.8-x86_64-1.tgz: Upgraded to gnupg2-2.0.8.
N software series/gnutls-2.2.2-x86_64-1.tgz: Upgraded to gnutls-2.2.2.
N software series/gpgme-1.1.6-x86_64-1.tgz: Upgraded to gpgme-1.1.6.
N software series/libassuan-1.0.4-x86_64-1.tgz: Upgraded to libassuan-1.0.4.
N software series/libksba-1.0.3-x86_64-1.tgz: Upgraded to libksba-1.0.3.
N software series/libgcrypt-1.4.0-x86_64-1.tgz: Upgraded to libgcrypt-1.4.0.
N software series/libgpg-error-1.6-x86_64-2.tgz: Recompiled.
N software series/pinentry-0.7.5-x86_64-1.tgz: Upgraded to pinentry-0.7.5.
N software series/samba-3.0.28a-x86_64-1.tgz: Upgraded to samba-3.0.28a.
N software series/wireless-tools-29-x86_64-1.tgz: Upgraded to wireless-tools-29.
X software series/libXScrnSaver-1.1.3-x86_64-1.tgz: Upgraded to libXScrnSaver-1.1.3.
X software series/libXv-1.0.4-x86_64-1.tgz: Upgraded to libXv-1.0.4.
X software series/libxkbfile-1.0.5-x86_64-1.tgz: Upgraded to libxkbfile-1.0.5.
X software series/xf86-video-amd-2.7.7.7-x86_64-1.tgz: Upgraded to xf86-video-amd-2.7.7.7.
X software series/xf86-video-apm-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-apm-1.2.0.
X software series/xf86-video-ark-0.7.0-x86_64-1.tgz: Upgraded to xf86-video-ark-0.7.0.
X software series/xf86-video-ast-0.85.0-x86_64-1.tgz: Upgraded to xf86-video-ast-0.85.0.
X software series/xf86-video-chips-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-chips-1.2.0.
X software series/xf86-video-cirrus-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-cirrus-1.2.0.
X software series/xf86-video-dummy-0.3.0-x86_64-1.tgz: Upgraded to xf86-video-dummy-0.3.0.
X software series/xf86-video-fbdev-0.4.0-x86_64-1.tgz: Upgraded to xf86-video-fbdev-0.4.0.
X software series/xf86-video-glint-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-glint-1.2.0.
X software series/xf86-video-i128-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-i128-1.3.0.
X software series/xf86-video-i740-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-i740-1.2.0.
X software series/xf86-video-neomagic-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-neomagic-1.2.0.
X software series/xf86-video-rendition-4.2.0-x86_64-1.tgz: Upgraded to xf86-video-rendition-4.2.0.
X software series/xf86-video-s3-0.6.0-x86_64-1.tgz: Upgraded to xf86-video-s3-0.6.0.
X software series/xf86-video-s3virge-1.10.0-x86_64-1.tgz: Upgraded to xf86-video-s3virge-1.10.0.
X software series/xf86-video-savage-2.2.0-x86_64-1.tgz: Upgraded to xf86-video-savage-2.2.0.
X software series/xf86-video-siliconmotion-1.6.0-x86_64-1.tgz: Upgraded to xf86-video-siliconmotion-1.6.0.
X software series/xf86-video-sis-0.10.0-x86_64-1.tgz: Upgraded to xf86-video-sis-0.10.0.
X software series/xf86-video-sisusb-0.9.0-x86_64-1.tgz: Upgraded to xf86-video-sisusb-0.9.0.
X software series/xf86-video-tdfx-1.4.0-x86_64-1.tgz: Upgraded to xf86-video-tdfx-1.4.0.
X software series/xf86-video-trident-1.3.0-x86_64-1.tgz: Upgraded to xf86-video-trident-1.3.0.
X software series/xf86-video-tseng-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-tseng-1.2.0.
X software series/xf86-video-v4l-0.2.0-x86_64-1.tgz: Upgraded to xf86-video-v4l-0.2.0.
X software series/xf86-video-vmware-10.16.0-x86_64-1.tgz: Upgraded to xf86-video-vmware-10.16.0.
X software series/xf86-video-voodoo-1.2.0-x86_64-1.tgz: Upgraded to xf86-video-voodoo-1.2.0.
XAP software series/audacious-1.5.0-x86_64-1.tgz: Upgraded to audacious-1.5.0.
XAP software series/audacious-plugins-1.5.0-x86_64-1.tgz: Upgraded to audacious-plugins-1.5.0.
XAP software series/gkrellm-2.3.1-x86_64-2.tgz: Recompiled against gnutls-2.2.2.
XAP software series/pidgin-2.4.0-x86_64-2.tgz: Recompiled against gnutls-2.2.2.
XAP software series/xfce-4.4.2-x86_64-3.tgz: Patched two Thunar bugs.
XAP oftware series/xpdf-3.02pl2-x86_64-3.tgz: Rebuilt adding an icon and .desktop file.
EXTAR/parted/parted-1.8.8-x86_64-1.tgz: Upgraded to parted-1.8.8.
EXTRA/slackpkg/slackpkg-2.70.1-noarch-1.tgz: Upgraded to slackpkg-2.70.1-noarch-1.
isolinux/initrd.img: Offer ntfs-3g read-write mounts for NTFS partitions.
Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8.
kernels/huge.s/*: Recompiled with CONFIG_SCSI_MULTI_LUN.
usb-and-pxe-installers/: Offer ntfs-3g read-write mounts for NTFS partitions.
Upgraded to parted-1.8.8. Upgraded to e2fsprogs-1.40.8.
+--------------------------+
Fri Mar 14 13:44:51 EET 2008
A software series/gettext-0.17-x86_64-2.tgz: Compressed the man pages.
D software series/gettext-tools-0.17-x86_64-2.tgz: Compressed the man pages.
L software series/sdl-1.2.13-x86_64-2.tgz: SDL_mixer looks for timidity files in
/usr/lib/timidity rather than /usr/local/lib/timidity.
N software series/zd1211-firmware-1.4-fw-1.tgz: Added ZD1211 USB WLAN firmware.
X software series/dejavu-fonts-ttf-2.24-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.24.
isolinux/initrd.img: Updated dropbear version. More dropbear adjustments from Eric Hameleers.
usb-and-pxe-installers/: Updated dropbear version. More dropbear adjustments from Eric Hameleers.
+--------------------------+
Wed Mar 12 19:20:47 EET 2008
A software series/glibc-solibs-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers.
A software series/glibc-zoneinfo-2.7-noarch-7.tgz: Upgraded to tzdata2008a.
A software series/gettext-0.17-x86_64-1.tgz: Upgraded to gettext-0.17.
A software series/sysvinit-scripts-1.2-noarch-17.tgz: Update gtk.immodules from rc.M at boot.
AP software series/flac-1.2.1-x86_64-1.tgz: Upgraded to flac-1.2.1.
AP software series/vorbis-tools-1.2.0-x86_64-1.tgz: Upgraded to vorbis-tools-1.2.0.
D software series/gettext-tools-0.17-x86_64-1.tgz: Upgraded to tools for gettext-0.17.
KDE software series/k3b-1.0.4-x86_64-3.tgz: Recompiled against flac-1.2.1.
KDE software series/kdemultimedia-3.5.9-x86_64-3.tgz: Recompiled against flac-1.2.1.
L software series/glibc-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers.
L software series/glibc-i18n-2.7-noarch-7.tgz: Rebuilt.
L software series/glibc-profile-2.7-x86_64-7.tgz: Recompiled against Linux 2.6.24.3 headers.
L software series/jre-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 5.
L software series/libcddb-1.3.0-x86_64-1.tgz: Added libcddb-1.3.0. (needed by audacious-plugins)
L software series/libcdio-0.79-x86_64-1.tgz: Added libcdio-0.79. (needed by audacious-plugins)
N software series/ipw2100-fw-1.3-fw-1.tgz: Added ipw2100-fw-1.3.
N software series/ipw2200-fw-3.0-fw-1.tgz: Added ipw2200-fw-3.0.
N software series/rt61-firmware-1.2-fw-1.tgz: Added rt61-firmware-1.2.
N software series/rt71w-firmware-1.8-fw-1.tgz: Added rt71w-firmware-1.8.
X software series/compiz-0.7.2-x86_64-1.tgz: Upgraded to compiz-0.7.2.
X software series/font-xfree86-type1-1.0.1-noarch-1.tgz: Upgraded to font-xfree86-type1-1.0.1.
X software series/inputproto-1.4.3-noarch-1.tgz: Upgraded to inputproto-1.4.3.
X software series/libX11-1.1.4-x86_64-1.tgz: Upgraded to libX11-1.1.4.
X software series/libXfont-1.3.2-x86_64-1.tgz: Upgraded to libXfont-1.3.2.
X software series/libXinerama-1.0.3-x86_64-1.tgz: Upgraded to libXinerama-1.0.3.
X software series/libpciaccess-0.10-x86_64-1.tgz: Added libpciaccess-0.10.
X software series/mkfontdir-1.0.4-noarch-1.tgz: Upgraded to mkfontdir-1.0.4.
X software series/mkfontscale-1.0.4-x86_64-1.tgz: Upgraded to mkfontscale-1.0.4.
X software series/printproto-1.0.4-noarch-1.tgz: Upgraded to printproto-1.0.4.
X software series/rendercheck-1.3-x86_64-1.tgz: Upgraded to rendercheck-1.3.
X software series/twm-1.0.4-x86_64-1.tgz: Upgraded to twm-1.0.4.
X software series/util-macros-1.1.6-noarch-1.tgz: Upgraded to util-macros-1.1.6.
X software series/x11perf-1.5-x86_64-1.tgz: Upgraded to x11perf-1.5.
X software series/xauth-1.0.3-x86_64-1.tgz: Upgraded to xauth-1.0.3.
X software series/xcompmgr-1.1.4-x86_64-1.tgz: Added xcompmgr-1.1.4.
X software series/xdm-1.1.7-x86_64-1.tgz: Upgraded to xdm-1.1.7.
X software series/xev-1.0.3-x86_64-1.tgz: Upgraded to xev-1.0.3.
X software series/xf86-input-aiptek-1.1.1-x86_64-1.tgz: Upgraded to xf86-input-aiptek-1.1.1.
X software series/xf86-video-nv-2.1.8-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.8.
X software series/xfs-1.0.6-x86_64-1.tgz: Upgraded to xfs-1.0.6.
X software series/xinit-1.0.8-x86_64-1.tgz: Upgraded to xinit-1.0.8.
X software series/xkbcomp-1.0.4-x86_64-1.tgz: Upgraded to xkbcomp-1.0.4.
X software series/xprop-1.0.4-x86_64-1.tgz: Upgraded to xprop-1.0.4.
X software series/xproto-7.0.12-noarch-1.tgz: Upgraded to xproto-7.0.12.
X software series/xrandr-1.2.3-x86_64-1.tgz: Upgraded to xrandr-1.2.3.
X software series/xrdb-1.0.5-x86_64-1.tgz: Upgraded to xrdb-1.0.5.
X software series/xset-1.0.4-x86_64-1.tgz: Upgraded to xset-1.0.4.
X software series/xtrans-1.1-noarch-1.tgz: Upgraded to xtrans-1.1.
XAP software series/audacious-plugins-1.4.5-x86_64-2.tgz: Recompiled against flac-1.2.1.
XAP software series/pidgin-2.4.0-x86_64-1.tgz: Upgraded to pidgin-2.4.0 and
pidgin-encryption-3.0
EXTRA software/jdk-6/jdk-6u5-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 5.
isolinux/initrd.img: Made some dropbear changes. Thanks, Eric.
usb-and-pxe-installers/: Made some dropbear changes. Thanks, Eric.
+--------------------------+
Sat Mar 8 21:10:09 EET 2008
A software series/kernel-huge-2.6.24.3-x86_64-1.tgz:
Upgraded to Linux 2.6.24.3 SMP huge.s (full-featured) kernel.
A software series/kernel-modules-2.6.24.3-x86_64-1.tgz
Upgraded to Linux 2.6.24.3 SMP kernel modules.
A software series/lilo-22.8-x86_64-8.tgz: If the kernel is >= 2.6.24, then ask the user if they
want to override the kernel's new default to UTF-8 on the text consoles.
Most users will not want UTF-8 yet until all applications have been fixed to
work with it. This option will not affect the use of UTF-8 locales in X.
A software series/pcmciautils-014-x86_64-4.tgz: Improved the default configuration to work with
more hardware. Thanks to Piter Punk.
A software series/pkgtools-12.1.0-noarch-4.tgz: Added fuse to the installer's boot-start
(setup.services) menu. Patched makepkg to test gzipped files properly.
A software series/sysvinit-scripts-1.2-noarch-16.tgz: Modified rc.S to start FUSE.
A software series/udev-118-x86_64-1.tgz: Upgraded to udev-118.
AP software series/ntfsprogs-2.0.0-x86_64-1.tgz: Moved from /extra. ntfsprogs now includes
full read-write support when the NFTS filesystem is mounted with ntfsmount
or -t ntfs.fuse. This feature requires the new fuse package.
D software series/kernel-headers-2.6.24.3-x86_64-1.tgz:
Upgraded to Linux 2.6.24.3 SMP kernel headers.
K software series/kernel-source-2.6.24.3-noarch-1.tgz
Upgraded to Linux 2.6.24.3 SMP kernel source.
KDE software series/kdelibs-3.5.9-x86_64-3.tgz: Patched a problem with Kate mislocating the
cursor after a block paste.
L software series/fuse-2.7.3-x86_64-1.tgz: Added FUSE, a userspace filesystem interface.
Thanks to Antonio Hernández Blas for submitting the build script.
L software series/gtk+2-2.12.8-x86_64-3.tgz: Don't run gtk-query-immodules-2.0 from the
installer, because some of the libraries it needs would not yet be
on the machine. The SCIM scripts should pick this up later on.
L software series/hal-info-20080215-noarch-1.tgz: Upgraded to hal-info-20080215.
L software series/svgalib_helper-1.9.25_2.6.24.3-x86_64-1.tgz: Recompiled for Linux 2.6.24.3.
N software series/iwlwifi-3945-ucode-2.14.1.5-fw-1.tgz: Added Intel 3945 wireless firmware.
N software series/iwlwifi-4965-ucode-4.44.1.20-fw-1.tgz: Added Intel 4965 wireless firmware.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.24.3.
isolinux/initrd.img: Merged new dropbear and patches from Eric Hameleers.
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.24.3 modules.
+--------------------------+
Thu Mar 6 18:21:31 EET 2008
A software series/usbutils-0.73-x86_64-2.tgz: Don't compress usb.ids (this breaks HAL).
L software series/glib2-2.14.6-x86_64-2.tgz: Added /etc/profile.d/ scripts so that GTK+ will
use the $LANG variable instead of forcing UTF-8.
N software series/rsync-3.0.0-x86_64-1.tgz: Upgraded to rsync-3.0.0.
X software series/libXext-1.0.4-x86_64-1.tgz: Upgraded to libXext-1.0.4.
X software series/xf86-video-mga-1.4.8-x86_64-1.tgz: Upgraded to xf86-video-mga-1.4.8.
+--------------------------+
Tue Mar 4 23:06:56 EET 2008
AP software series/ghostscript-8.62-x86_64-2.tgz: Fixed the gs_res.ps file for CJK.
+--------------------------+
Mon Mar 3 02:45:53 EET 2008
AP software series/ghostscript-8.62-x86_64-1.tgz: Upgraded to ghostscript-8.62.
This new release of GPL Ghostscript fixes a buffer overflow.
For more information on the security issue, please see:
http://scary.beasts.org/security/CESA-2008-001.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411
[*** Security fix ***]
L software series/gtk+2-2.12.8-x86_64-2.tgz: Patched to fix Flash in Konqueror.
L software series/hicolor-icon-theme-0.10-noarch-2.tgz: Since XFce adds a few
hicolor icons of its own, make sure the hicolor icon-cache is updated at
the end of the installation.
XAP software series/xpdf-3.02pl2-x86_64-2.tgz: Added support for Arabic, simplified and
traditional Chinese, Hebrew, Japanese, Korean, Thai, and Turkish (in addition
to the Cyrillic, Greek, and Latin2 support that had already been included).
D software series/python-2.5.2-x86_64-1.tgz: Upgraded to Python-2.5.2.
XAP software series/mozilla-thunderbird-2.0.0.12-x86_64-1.tgz:
Upgraded to thunderbird-2.0.0.12.
This update fixes the following security related issues:
MFSA 2008-12: Heap buffer overflow in external MIME bodies
MFSA 2008-05: Directory traversal via chrome: URI
MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution
MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12)
For more information, see:
http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
These are the related CVE entries:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
[*** Security fix ***]
A software series/ed-0.9-x86_64-1.tgz: Upgraded to ed-0.9. World's greatest line editor.
A software series/hdparm-8.6-x86_64-1.tgz: Upgraded to hdparm-8.6.
A software series/lilo-22.8-x86_64-7.tgz: Patched liloconfig to make using the boot splash
screen an expert option as well. Fixed a bug using append= in the expert menu.

A software series/pkgtools-12.1.0-noarch-3.tgz: Have makepkg warn of two more common
mistakes -- dropping man pages in /usr/share/man, or (now) using site_perl
in a non-local package.
A software series/usbutils-0.73-x86_64-1.tgz: Upgraded to usbutils-0.73 with fresh usb.ids.
AP software series/cdrtools-2.01.01a37-x86_64-1.tgz: Upgraded to cdrtools-2.01.01a37.
AP software series/linuxdoc-tools-0.9.21-x86_64-5.tgz: Upgraded to asciidoc-8.2.5,
docbook-utils-0.6.14-13.fc9, docbook-xsl-1.73.2, docbook-xsl-doc-1.73.2,
gtk-doc-1.9, libsgmls-perl_1.03ii-32.diff, linuxdoc-tools_0.9.21-0.11,
sgml-common-0.6.3-23.fc9, and xmlto-0.0.20.
AP software series/lm_sensors-2.10.5-x86_64-1.tgz: Upgraded to lm_sensors-2.10.5.
D software series/binutils-2.17.50.0.17-x86_64-1.tgz: Reverted to binutils-2.17.50.0.17.
D software series/doxygen-1.5.5-x86_64-1.tgz: Upgraded to doxygen-1.5.5.
D software series/git-1.5.4.3-x86_64-1.tgz: Upgraded to git-1.5.4.3. Switched to vendor_perl
for the Git perl module.
D software series/oprofile-0.9.2-x86_64-4.tgz: Reverted to oprofile-0.9.2 compiled against
binutils-2.17.50.0.17.
D software series/perl-5.8.8-x86_64-9.tgz: Use vendor_perl for Bluewhite64-added Perl modules, not
site_perl. Really, I think perl's handling of this (and other issues like
the registry-like handling of perllocal.pod) is flawed, but this is better
than nothing. IMHO, something like /usr/local/lib/perl5/site_perl/ would
fit much better with the FHS's recommendations.
Try not to clobber an existing perllocal.pod (hard to do after the fact, so
make backups if you care...)
F software series/linux-howtos-20080227-noarch-1.tgz: Upgraded to Linux-HOWTOs-20080227.
Recompiled all Qt things, since /usr/lib/qt-3.3.8/lib (no longer a valid path)
was turning up in .la files.
KDE software series/amarok-1.4.8-x86_64-2.tgz: Recompiled.
KDE software series/k3b-1.0.4-x86_64-2.tgz: Recompiled.
KDE software series/kdeaccessibility-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdeaddons-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdeadmin-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdeartwork-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdebase-3.5.9-x86_64-2.tgz: Patched a bug with lm_sensors.
KDE software series/kdebindings-3.5.9-x86_64-2.tgz: Recompiled. Use vendor_perl dir.
KDE software series/kdeedu-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdegames-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdegraphics-3.5.9-x86_64-2.tgz: Recompiled.
Patched with a fix for kdvi.
KDE software series/kdelibs-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdemultimedia-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdenetwork-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdepim-3.5.9-x86_64-2.tgz: Recompiled (against new pilot-link).
KDE software series/kdesdk-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdetoys-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdeutils-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/kdevelop-3.5.1-x86_64-2.tgz: Recompiled with official bugfix patch.
KDE software series/kdewebdev-3.5.9-x86_64-2.tgz: Recompiled.
KDE software series/knemo-0.4.8-x86_64-2.tgz: Recompiled.
KDE software series/koffice-1.6.3-x86_64-3.tgz: Recompiled.
L software series/arts-1.5.9-x86_64-2.tgz: Recompiled.
L software series/fribidi-0.10.9-x86_64-1.tgz: Upgraded to fribidi-0.10.9
L software series/gmime-2.2.17-x86_64-1.tgz: Upgraded to gmime-2.2.17.
L software series/gmp-4.2.2-x86_64-1.tgz: Upgraded to gmp-4.2.2.
L software series/jre-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 4.
L software series/libglade-2.6.2-x86_64-1.tgz: Upgraded to libglade-2.6.2.
L software series/libgtkhtml-2.11.1-x86_64-1.tgz: Upgraded to libgtkhtml-2.11.1
L software series/libidl-0.8.10-x86_64-1.tgz: Upgraded to libIDL-0.8.10.
L software series/libidn-1.5-x86_64-1.tgz: Upgraded to libidn-1.5.
L software series/libieee1284-0.2.11-x86_64-1.tgz: Upgraded to libieee1284-0.2.11.
L software series/libmng-1.0.10-x86_64-1.tgz: Upgraded to libmng-1.0.10.
L software series/libmcs-0.7.0-x86_64-1.tgz: Added libmcs-0.7.0 (replaces mcs package).
L software series/libpng-1.2.25-x86_64-1.tgz: Upgraded to libpng-1.2.25.
L software series/librsvg-2.22.1-x86_64-1.tgz: Upgraded to librsvg-2.22.1.
L software series/libtheora-1.0beta2-x86_64-1.tgz: Upgraded to libtheora-1.0beta2.
L software series/libwpd-0.8.14-x86_64-1.tgz: Upgraded to libwpd-0.8.14.
L software series/libxml2-2.6.31-x86_64-2.tgz: Moved the man pages to the right location.
L software series/mcs-0.4.1-x86_64-2.tgz: Removed.
L software series/mpfr-2.3.1-x86_64-1.tgz: Upgraded to mpfr-2.3.1.
L software series/pango-1.19.4-x86_64-1.tgz: Upgraded to pango-1.19.4.
L software series/pcre-7.6-x86_64-1.tgz: Upgraded to pcre-7.6
L software series/pilot-link-0.12.3-x86_64-1.tgz: Upgraded to pilot-link-0.12.3
L software series/qca-1.0-x86_64-5.tgz: Recompiled.
L software series/qca-tls-1.0-x86_64-7.tgz: Recompiled.
L software series/qt-3.3.8b-x86_64-2.tgz: Recompiled against gcc-4.2.3.
L software series/readline-5.2-x86_64-3.tgz: Applied all official patches
L software series/sdl-1.2.13-x86_64-1.tgz: Upgraded to SDL-1.2.13, SDL_image-1.2.6,
SDL_mixer-1.2.8, SDL_net-1.2.7, and SDL_ttf-2.0.9.
L software series/slang-2.1.3-x86_64-1.tgz: Upgraded to slang-2.1.3.
L software series/startup-notification-0.9-x86_64-1.tgz: Upgraded to startup-notification-0.9.
L software series/tango-icon-theme-0.8.1-noarch-1.tgz: Added Tango icon theme.
L software series/tango-icon-theme-extras-0.1.0-noarch-1.tgz: Added Tango theme extra icons.
L software series/vte-0.16.12-x86_64-1.tgz: Upgraded to vte-0.16.12.
N software series/dnsmasq-2.41-x86_64-1.tgz: Upgraded to dnsmasq-2.41.
N software series/iptraf-3.0.0-x86_64-2.tgz: Absorbed the latest Debian patch. (thanks!
Add support for the legacy Ralink 2500 driver.
N software series/net-snmp-5.4-x86_64-6.tgz: Recompiled to use vendor_perl.
N software series/obexftp-0.21-x86_64-2.tgz: Recompiled to use vendor_perl.
N software series/wget-1.11-x86_64-1.tgz: Upgraded to wget-1.11.
N software series/wpa_supplicant-0.5.9-x86_64-1.tgz: Upgraded to wpa_supplicant-0.5.9.
X software series/compiz-0.7.0-x86_64-1.tgz: Upgraded to compiz-0.7.0.
X software series/luit-1.0.3-x86_64-1.tgz: Upgraded to luit-1.0.3.
X software series/scim-1.4.7-x86_64-4.tgz: Default profile.d scripts to executable.
X software series/xf86-video-trident-1.2.4-x86_64-1.tgz: Upgraded to xf86-video-trident-1.2.4.
X software series/xf86-video-intel-2.2.1-x86_64-1.tgz: Upgraded to xf86-video-intel-2.2.1.
X software series/xf86-video-ati-6.8.0-x86_64-1.tgz: Upgraded to xf86-video-ati-6.8.0.
XAP software series/imagemagick-6.3.7_10-x86_64-1.tgz: Upgraded to ImageMagick-6.3.7-10.
Changed build script to install Perl modules under vendor_perl.
XAP software series/sane-1.0.19-x86_64-2.tgz: Fixed /var/lock permissions.
XAP software series/xfce-4.4.2-x86_64-2.tgz: Patched a memory leak. The recompile also seemed
to pick up new exo and pygtk features.
EXTRA software/intel-wlan-iwlwifi/*: This replaces the older ipw3945 driver and daemon
(no daemon required now). Support was also added for more chipsets, such as
the ipw4965 series.
EXTRA software/jdk-6/jdk-6u4-x86_64-1.tgz: Upgraded to Java(TM) 2 Platform
Standard Edition Development Kit Version 6.0 update 4.
EXTRA software/ktorrent/ktorrent-2.2.5-x86_64-1.tgz: Upgraded to ktorrent-2.2.5.
+--------------------------+
Mon Feb 25 19:44:53 EET 2008
A software series/mkinitrd-1.3.1-x86_64-3.tgz: Fixed a patch glitch glitch.
+--------------------------+
Sun Feb 24 16:56:50 EET 2008
A software series/mkinitrd-1.3.1-x86_64-2.tgz: Make sure to copy both devices and
symlinks to /dev in the initrd. Fixed a patch glitch.
AP software series/hplip-2.8.2-x86_64-2.tgz: Fixed udev rules.
X software series/m17n-lib-1.5.0-x86_64-2.tgz: Fixed --mandir. Thanks to Kris Karas.

X software series/scim-1.4.7-x86_64-3.tgz: Make the library links first in the install script.
isolinux/initrd.img: Made a minor cosmetic fix to the network script. Fixed an installer patch
that caused preformatted filesystems to be misdetected in some cases.
usb-and-pxe-installers/: Rebuilt.
+--------------------------+
Sat Feb 23 20:39:08 EET 2008
A software series/kernel-huge-2.6.23.16-x86_64-2.tgz: Recompiled.
A software series/kernel-modules-2.6.23.16-x86_64-2.tgz: Recompiled.
D software series/binutils-2.18.50.0.4-x86_64-1.tgz: Upgraded to binutils-2.18.50.0.4.
D software series/gcc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCC).
D software series/gcc-g++-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (C++).
D software series/gcc-gfortran-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (FORTRAN).
D software series/gcc-gnat-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Ada).
D software series/gcc-java-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (GCJ).
D software series/gcc-objc-4.2.3-x86_64-1.tgz: Upgraded to gcc-4.2.3 (Objective-C).
D software series/kernel-headers-2.6.23.16-x86_64-2.tgz: Rebuilt.
D software series/oprofile-0.9.2-x86_64-6.tgz: Recompiled.
K software series/kernel-source-2.6.23.16-noarch-2.tgz: Recompiled.
L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-2.tgz: Rebuilt.
L software series/qca-tls-1.0-x86_64-6.tgz: Rebuilt for Qt 3.3.8b.
N software series/bluez-hcidump-1.41-x86_64-1.tgz: Upgraded to bluez-hcidump-1.41.
N software series/bluez-libs-3.26-x86_64-1.tgz: Upgraded to bluez-libs-3.26.
N software series/bluez-utils-3.26-x86_64-1.tgz: Upgraded to bluez-utils-3.26.
isolinux/initrd.img: Rebuilt.
kernels/huge.s/*: Rebuilt.
usb-and-pxe-installers/: Updated.
+--------------------------+
Fri Feb 22 14:57:08 EET 2008
A software series/cups-1.3.6-x86_64-1.tgz: Upgraded to cups-1.3.6.
A software series/lilo-22.8-x86_64-6.tgz: Fixed some trivial bugs.
AP software series/foomatic-filters-3.0_20080211-x86_64-1.tgz:
Upgraded to foomatic-filters-3.0_20080211.
AP software series/hplip-2.8.2-x86_64-1.tgz: Upgraded to hplip-2.8.2.
D software series/git-1.5.4.2-x86_64-1.tgz: Upgraded to git-1.5.4.2.
D software series/perl-5.8.8-x86_64-8.tgz:
Added XML::Simple perl module for icon-naming-utils.
L software series/cairo-1.4.14-x86_64-1.tgz: Upgraded to cairo-1.4.14.
L software series/desktop-file-utils-0.14-x86_64-1.tgz: Upgraded to desktop-file-utils-0.14.
L software series/gnome-icon-theme-2.20.0-noarch-1.tgz: Upgraded to gnome-icon-theme-2.20.0.
L software series/gtk+2-2.12.8-x86_64-1.tgz: Upgraded to gtk+-2.12.8.
L software series/hicolor-icon-theme-0.10-noarch-1.tgz: Upgraded to hicolor-icon-theme-0.10.
L software series/icon-naming-utils-0.8.6-x86_64-1.tgz: Added utilities for naming icons.
L software series/librsvg-2.20.0-x86_64-1.tgz: Upgraded to librsvg-2.20.0.
L software series/ncurses-5.6-x86_64-3.tgz: Applied all official patches.
L software series/taglib-1.5-x86_64-1.tgz: Upgraded to taglib-1.5.
L software series/poppler-0.6.4-x86_64-1.tgz: Upgraded to poppler-0.6.4.
Activated --enable-xpdf-headers option.
L software series/poppler-data-0.2.0-noarch-1.tgz: Upgraded to poppler-data-0.2.0.
L software series/qt-3.3.8b-x86_64-1.tgz: Upgraded to qt-x11-free-3.3.8b.
L software series/shared-mime-info-0.23-x86_64-1.tgz: Upgraded to shared-mime-info-0.23.
X software series/xterm-232-x86_64-1.tgz: Upgraded to xterm-232.
XAP software series/sane-1.0.19-x86_64-1.tgz: Upgraded sane-backends to version 1.0.19.
Merged HAL/DBUS/udev fixes from Robby Workman.
+--------------------------+
Thu Feb 21 22:39:42 EET 2008
A software series/lilo-22.8-x86_64-5.tgz: Added a simple splash screen .
A software series/mkinitrd-1.3.1-x86_64-1.tgz: Merged patches for LVM/LUKS,
hibernate, and RAID. Fixed a bug using -o with a relative path.

A software series/sysvinit-scripts-1.2-noarch-15.tgz: Patched /etc/rc.d/rc.S
for some of Eric's changes to LUKS handling in the initrd.
A software series/etc-12.1-noarch-2.tgz: Fixed shared libs PATH in ld.so.conf.
Thanks to Artur for reporting this.
KDE software series/k3b-1.0.4-x86_64-1.tgz: Upgraded to k3b-1.0.4.
KDE software series/kdeaccessibility-3.5.9-x86_64-1.tgz: Upgraded to kdeaccessibility-3.5.9.
KDE software series/kdeaddons-3.5.9-x86_64-1.tgz: Upgraded to kdeaddons-3.5.9.
KDE software series/kdeadmin-3.5.9-x86_64-1.tgz: Upgraded to kdeadmin-3.5.9.
KDE software series/kdeartwork-3.5.9-x86_64-1.tgz: Upgraded to kdeartwork-3.5.9.
KDE software series/kdebase-3.5.9-x86_64-1.tgz: Upgraded to kdebase-3.5.9.
KDE software series/kdebindings-3.5.9-x86_64-1.tgz: Upgraded to kdebindings-3.5.9.
KDE software series/kdeedu-3.5.9-x86_64-1.tgz: Upgraded to kdeedu-3.5.9.
KDE software series/kdegames-3.5.9-x86_64-1.tgz: Upgraded to kdegames-3.5.9.
KDE software series/kdegraphics-3.5.9-x86_64-1.tgz: Upgraded to kdegraphics-3.5.9.
KDE software series/kdelibs-3.5.9-x86_64-1.tgz: Upgraded to kdelibs-3.5.9.
KDE software series/kdemultimedia-3.5.9-x86_64-1.tgz: Upgraded to kdemultimedia-3.5.9.
KDE software series/kdenetwork-3.5.9-x86_64-1.tgz: Upgraded to kdenetwork-3.5.9.
KDE software series/kdepim-3.5.9-x86_64-1.tgz: Upgraded to kdepim-3.5.9.
KDE software series/kdesdk-3.5.9-x86_64-1.tgz: Upgraded to kdesdk-3.5.9.
KDE software series/kdetoys-3.5.9-x86_64-1.tgz: Upgraded to kdetoys-3.5.9.
KDE software series/kdeutils-3.5.9-x86_64-1.tgz: Upgraded to kdeutils-3.5.9.
KDE software series/kdevelop-3.5.1-x86_64-1.tgz: Upgraded to kdevelop-3.5.1.
KDE software series/kdewebdev-3.5.9-x86_64-1.tgz: Upgraded to kdewebdev-3.5.9.
KDEi software series/k3b-i18n-1.0.4-noarch-1.tgz: Upgraded to k3b-i18n-1.0.4.
KDEi software series/kde-i18n-*-3.5.9-noarch-1.tgz: Upgraded to kde-i18n-*-3.5.9.
L software series/arts-1.5.9-x86_64-1.tgz: Upgraded to arts-1.5.9.
L software series/libmad-0.15.1b-x86_64-3.tgz: Added mad.pc.
L software series/libmusicbrainz-2.1.4-x86_64-2.tgz: Removed.
L software series/libtunepimp-0.4.2-x86_64-3.tgz: Removed.
X software series/scim-1.4.7-x86_64-2.tgz: Don't try to use SCIM as the input
method if the package has been removed, or use scim-bridge if that
package is not installed. Remove the LANG variables and give a pointer
to the lang.* scripts. Install script bugfix.
X software series/scim-bridge-0.4.14-x86_64-2.tgz: Install script bugfix.
X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz: Removed.
x/wqy-zenhei-font-ttf-0.4.23-noarch-1.tgz: Switched from Arphic to wqy-zenhei.
isolinux/initrd.img: Added network install patches from Eric Hameleers.
usb-and-pxe-installers/: Rebuilt with new patches.
+--------------------------+
Sun Feb 17 19:46:08 EET 2008
AP software series/mysql-5.0.51a-x86_64-1.tgz: Upgraded to mysql-5.0.51a.
X software series/anthy-9100e-x86_64-1.tgz: Added anthy-9100e.
X software series/dejavu-fonts-ttf-2.23-noarch-1.tgz: Upgraded to dejavu-fonts-ttf-2.23.
X software series/libhangul-0.0.7-x86_64-1.tgz: Added libhangul-0.0.7.
X software series/m17n-lib-1.5.0-x86_64-1.tgz: Added m17n-lib-1.5.0.
X software series/sazanami-fonts-ttf-20040629-noarch-1.tgz: Added sazanami-fonts-ttf-20040629.
X software series/scim-1.4.7-x86_64-1.tgz: Added scim-1.4.7.
X software series/scim-anthy-1.2.4-x86_64-1.tgz: Added scim-anthy-1.2.4.
X software series/scim-bridge-0.4.14-x86_64-1.tgz: Added scim-bridge-0.4.14.
X software series/scim-hangul-0.3.2-x86_64-1.tgz: Added scim-hangul-0.3.2.
X software seriesx/scim-m17n-0.2.2-x86_64-1.tgz: Added scim-m17n-0.2.2.
X software series/scim-pinyin-0.5.91-x86_64-1.tgz: Added scim-pinyin-0.5.91.
X software series/scim-tables-0.5.7-x86_64-1.tgz: Added scim-tables-0.5.7.
X software series/sinhala_lklug-font-ttf-20060929-noarch-1.tgz:
Added sinhala_lklug-font-ttf-20060929.
X software series/tibmachuni-font-ttf-1.901-noarch-1.tgz: Added tibmachuni-font-ttf-1.901.
X software series/ttf-arphic-uming-0.1.20060928-noarch-1.tgz:
Added ttf-arphic-uming-0.1.20060928.
+--------------------------+
Fri Feb 15 11:32:37 EET 2008
N software series/httpd-2.2.8-x86_64-1.tgz: Upgraded to httpd-2.2.8.
This fixes security and other bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
[*** Security fix ***]
+--------------------------+
Wed Feb 13 09:42:39 EET 2008
XAP software series/mozilla-firefox-2.0.0.12-x86_64-1.tgz:
Upgraded to firefox-2.0.0.12.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
[** Security fix ***]
XAP software series/seamonkey-1.1.8-x86_64-1.tgz:
Upgraded to seamonkey-1.1.8.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
[*** Security fix ***]
+--------------------------+
Tue Feb 12 17:59:48 EET 2008
A software series/kernel-huge-2.6.23.16-x86_64-1.tgz:
Upgraded to Linux 2.6.23.16 SMP huge.s (full-featured) kernel.
This kernel upgrade fix yesterday's local root exploit.
The kernel headers did not change, so a glibc rebuild is not required.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
(* Security fix *)
If you use lilo, don't forget to run it again after the upgrade.
A software series/kernel-modules-2.6.23.16-x86_64-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel modules.
D software series/kernel-headers-2.6.23.16-x64_64-1.tgz:
Upgraded to Linux 2.6.23.16 SMP kernel headers.
K software series/kernel-source-2.6.23.16-noarch-1.tgz
Upgraded to Linux 2.6.23.16 SMP kernel source.
(* Security fix *)
L software series/svgalib_helper-1.9.25_2.6.23.16-x86_64-1.tgz:
Rebuilt for 2.6.23.16 kernels.
isolinux/initrd.img: Upgraded modules to 2.6.23.16.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.16 (SMP).
(* Security fix *)
usb-and-pxe-installers/: Updated USB and PXE installers to 2.6.23.16 modules.
+--------------------------+
Mon Feb 11 18:30:16 EET 2008
A software series/cups-1.3.5-x86_64-1.tgz: Upgraded to cups-1.3.5.
A software series/e2fsprogs-1.40.6-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.6.
L software series/glib2-2.14.6-x86_64-1.tgz: Upgraded to glib-2.14.6.
XAP oftware series/gimp-2.4.4-x86_64-1.tgz: Upgraded to gimp-2.4.4.
isolinux/initrd.img: Upgraded libraries and utilities to e2fsprogs-1.40.6.
usb-and-pxe-installers/: Updated libraries and utilities to e2fsprogs-1.40.6.
+--------------------------+
Sun Feb 10 13:42:01 EET 2007
K software series/kernel-source-2.6.23.15-noarch-2.tgz: Fixed /usr/src/linux symlink.
usb-and-pxe-installers/*: Upgraded to Linux 2.6.23.15 SMP kernel modules.
isolinux/initrd.img: Fixed some text in /etc/issue.
+--------------------------+
Sun Feb 10 02:16:11 EET 2008
A software series/device-mapper-1.02.24-x86_64-1.tgz: Upgraded to device-mapper.1.02.24.
A software series/glibc-solibs-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15.
Bumped everything to -6 since glibc-zoneinfo has been at -5 already.
A software series/glibc-zoneinfo-2.7-noarch-6.tgz: Rebuilt.
A software series/kernel-huge-2.6.23.15-x86_64-1.tgz:
Upgraded to Linux 2.6.23.15 SMP huge.s (full-featured) kernel.
A software series/kernel-modules-2.6.23.15-x86_64-1.tgz:
Upgraded to Linux 2.6.23.15 SMP kernel modules.
D software series/kernel-headers-2.6.23.15-x86_64-1.tgz:
Upgraded to Linux 2.6.23.15 SMP kernel headers.
K software series/kernel-source-2.6.23.15-noarch-1.tgz:
Upgraded to Linux 2.6.23.15 SMP kernel source.
A software series/lvm2-2.02.33-x86_64-1.tgz: Upgraded to LVM2.2.02.33.
L software series/glibc-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15.
L software series/glibc-i18n-2.7-noarch-6.tgz: Rebuilt.
L software series/glibc-profile-2.7-x86_64-6.tgz: Recompiled against 2.6.23.15.
L software series/svgalib_helper-1.9.25_2.6.23.15-x86_64-1.tgz:
Rebuilt for 2.6.23.15 kernels.
XAP software series/xine-lib-1.1.10.1-x86_64-1.tgz: Upgraded to xine-lib-1.1.10.1.
isolinux/initrd.img: Massive overhaul, primarily the work and initiative of
Eric Hameleers. Work above and beyond the call of duty. If we gave out
medals of honor, this would deserve one.
The installer now supports network installs from not just NFS, but also
HTTP and FTP. Please be nice to our mirrors -- this feature is _intended_
for use within private networks from your own "site".
Work is also underway to fully support unattended/remote installs. The
installer has both a small ssh and sshd (dropbear). Thanks again Eric!
This is something that's been on the drawing board for many years.
isolinux/network.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules.
isolinux/pcmcia.dsk: Upgraded to Linux 2.6.23.15 SMP kernel modules.
kernels/huge.s/*: Upgraded huge.s kernel to 2.6.23.15.
usb-and-pxe-installers/: usbboot.img: Converted to FAT (16 bit) FS.
Thanks to Gerardo Exequiel Pozzi for reporting that usbboot.img uses ext2fs.
+--------------------------+
Wed Feb 6 12:19:42 EET 2008
E software series/emacs-info-21.4a-x86_64-1.tgz: Renamed to emacs-info-21.4a.
E software series/emacs-leim-21.4a-x86_64-1.tgz: Renamed to emacs-leim-21.4a.
E software series/emacs-lisp-21.4a-x86_64-1.tgz: Renamed to emacs-lisp-21.4a.
E software series/emacs-nox-21.4a-x86_64-2.tgz: Renamed to emacs-nox-21.4a.
E software series/emacs-misc-21.4a-x86_64-1.tgz: Renamed to emacs-misc-21.4a.
Thanks to Gerardo Exequiel for pointing out that this emacs packages has
a wrong version name. Only the packages, the software itself is 21.4a .
L software series/arts-1.5.8-x86_64-1.tgz: Upgraded to arts-1.5.8.
Thanks to Gerardo Exequiel Pozzi for reporting this.
KDEi/software series/k3b-i18n-1.0.3-noarch-1.tgz: Upgraded to /k3b-i18n-1.0.3.
Thanks to Gerardo Exequiel Pozzi for reporting this.
This two upgrades was unintentionally missed .
+--------------------------+
Sat Feb 2 11:07:31 EET 2008
A software series/e2fsprogs-1.40.5-x86_64-1.tgz: Upgraded to e2fsprogs-1.40.5.
D software series/subversion-1.4.6-x86_64-1.tgz: Upgraded to subversion-1.4.6.
KDE software series/kdesdk-3.5.8-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs.
A couple of bugzilla-related files have now appeared in the package.
KDE software series/kdevelop-3.5.0-x86_64-2.tgz: Recompiled to pick up new apr/neon/svn libs.
L software series/apr-1.2.12-x86_64-1.tgz: Upgraded to apr-1.2.12.
L software series/apr-util-1.2.12-x86_64-1.tgz: Upgraded to apr-util-1.2.12.
L software series/neon-0.26.4-x86_64-1.tgz: Upgraded to neon-0.26.4. There are newer versions,
but this is newer than what we had and allows everything to work for now.
XAP software series/audacious-1.4.6-x86_64-1.tgz: Upgraded to audacious-1.4.6.
XAP software series/audacious-plugins-1.4.5-x86_64-1.tgz: Upgraded to audacious-plugins-1.4.5.
Now with an upgraded neon library, this uses neon for http/https transport.
+--------------------------+
Fri Feb 1 18:27:07 EET 2008
AP software series/alsa-utils-1.0.15-x86_64-1.tgz: Upgraded to alsa-utils-1.0.15.
L software series/alsa-lib-1.0.15-x86_64-1.tgz: Upgraded to alsa-lib-1.0.15.
L software series/alsa-oss-1.0.15-x86_64-1.tgz: Upgraded to alsa-oss-1.0.15.
X software series/font-misc-misc-1.0.0-noarch-3.tgz: Removed bogus fonts.alias.
The install scripts will make it.
X software series/libXmu-1.0.4-x86_64-1.tgz: Upgraded to libXmu-1.0.4.
X software series/xf86-video-nv-2.1.7-x86_64-1.tgz: Upgraded to xf86-video-nv-2.1.7.
X software series/xinput-1.3.0-x86_64-1.tgz: Added xinput-1.3.0.
+--------------------------+
Thu Jan 31 18:29:59 EET 2008
D software series/ruby-1.8.6_p111-x86_64-2.tgz: Moved some comments out
of the ./configure part of the build script to fix a couple of missed options.
KDE software series/amarok-1.4.8-x86_64-1.tgz: Upgraded to amarok-1.4.8.
L software series/atk-1.21.5-x86_64-1.tgz: Upgraded to atk-1.21.5.
L software series/gtk+2-2.12.7-x86_64-1.tgz: Upgraded to gtk+-2.12.7.
L software series/libmowgli-0.6.0-x86_64-1.tgz:
Added libmowgli-0.6.0, which is needed by Audacious.
L software series/libmtp-0.2.5-x86_64-1.tgz: Upgraded to libmtp-0.2.5.
L software series/libgpod-0.6.0-x86_64-1.tgz:
Upgraded to libgpod-0.6.0 (major version bump).
L software series/pango-1.19.3-x86_64-1.tgz: Upgraded to pango-1.19.3.
XAP software series/audacious-1.4.5-x86_64-1.tgz: Upgraded to audacious-1.4.5.
XAP software series/audacious-plugins-1.4.4-x86_64-1.tgz:
Upgraded to audacious-plugins-1.4.4-x86_64-1.tgz.
XAP software series/xine-lib-1.1.10-x86_64-1.tgz: Upgraded to xine-lib-1.1.10.
EXTRA software/slackpkg/slackpkg-2.70-noarch-1.tgz: Upgraded to slackpkg-2.70.
+--------------------------+
Wed Jan 9 21:24:05 EET 2008
AP software series/nano-2.0.7-x86_64-1.tgz: Upgraded to nano-2.0.7.
D software series/mercurial-0.9.5-x86_64-1.tgz: Upgraded to mercurial-0.9.5.
D software series/ruby-1.8.6_p111-x86_64-1.tgz: Upgraded ruby-1.8.6 to patchlevel 111.
L software series/atk-1.20.0-x86_64-1.tgz: Upgraded to atk-1.20.0.
L software series/glib2-2.14.5-x86_64-1.tgz: Upgraded to glib-2.14.5.
L software series/gtk+2-2.12.4-x86_64-1.tgz: Upgraded to gtk+-2.12.4.
L software series/libxml2-2.6.30-x86_64-1.tgz: Upgraded to libxml2-2.6.30.
L software series/libxslt-1.1.22-x86_64-1.tgz: Upgraded to libxslt-1.1.22.
L software series/pango-1.19.2-x86_64-1.tgz: Upgraded to pango-1.19.2.
L software series/pycairo-1.4.12-x86_64-1.tgz: Added pycairo-1.4.12.
L software series/pygobject-2.14.1-x86_64-1.tgz: Added pygobject-2.14.1.
L software series/pygtk-2.12.1-x86_64-1.tgz: Added pygtk-2.12.1.
L software series/pyrex-0.9.6.4-x86_64-1.tgz: Added Pyrex-0.9.6.4.
X software series/dejavu-fonts-ttf-2.22-noarch-1.tgz: **NOTE PACKAGE NAME CHANGE**
Upgraded to version 2.22.
X software series/liberation-fonts-ttf-0.2-noarch-3.tgz: Added liberation-fonts-ttf-0.2-3.
X software series/xf86-video-ati-6.7.197-x86_64-1.tgz: Upgraded to xf86-video-ati-6.7.197.
X software series/xf86-video-radeonhd-1.1.0-x86_64-1.tgz: Upgraded to xf86-video-radeonhd-1.1.0.
XAP software series/seamonkey-1.1.7-x86_64-2.tgz: Use the system cairo to avoid a compile error.
Patched a Makefile.in to avoid another compile e