GoblinX Project

During this week we are uploading dozen packages most from Slackware current. Included are security fix releases of Mozilla Firefox, Gnutls and Cups. We also upgraded Xfce, Thunar plugins, Xarchiver, Xfburn and a lot more. Upgrade the security fixes is important. During the next week we will uploaded these security fixes and others to GoblinX 2.7 repository using the same patch directory used by Slackware.

This Week Upgrades:

Thu Nov 13 09:35:00 BRT 2008
Some upgrades and secutiry fix releases.
xap/audacious-plugins-1.5.1-i486-3.tgz: Recompiled against neon-0.28.3.
xap/mozilla-firefox-3.0.3-i686-G1.tgz:
Upgraded to mozilla-firefox-3.0.4-i686-G1.
This upgrade fixes some more security bugs.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.4
(* Security fix *)
xap/mozilla-firefox-3.0.3-i686-G1.tgz: Upgraded to mozilla-firefox-pt-BR-3.0.4-i686-G1.
xap/thunar-archive-plugin-0.2.4-i486-G1.tgz: Upgraded to thunar-archive-plugin-0.2.4-i486-G2
xap/thunar-media-tags-plugin-0.1.2-i486-G1.tgz: Upgraded to thunar-media-tags-plugin-0.1.2-i486-G2
xap/thunar-shares-0.10-i486-G1.tgz: Upgraded to thunar-shares-0.16-i486-G1
xap/thunar-thumbnailers-0.3.0-i486-G1.tgz: Upgraded to thunar-thumbnailers-0.4.1-i486-G1
xap/thunar-volman-0.2.0-i486-G1.tgz: Upgraded to thunar-volman-0.2.0-i486-G2
xap/xarchiver-0.4.6-i486-G3.tgz: Upgraded to xarchiver-0.5.2-i486-G1
xap/xfburn-0.3.0-i486-G1.tgz: Upgraded to xfburn-0.3.91-i486-G1
xap/xfce-4.4.3-i486-G1.tgz: Upgraded to xfce-4.4.3-i486-G2
+————————–+

Wed Nov 12 14:00:00 BRT 2008
Several upgrades in Slackware current and some in ours.
k/ntfs-3g-1.2918-i486-G1.tgz: Upgraded to ntfs-3g-1.5012-i486-G1.
kde/kdebase-3.5.10-i486-3.tgz: Recompiled against the new libsensors.
(the recompile also seems to have stabilized Flash)
kde/kdepim-3.5.10-i486-3.tgz: Recompiled against the upgraded bluez and
pilot-link packages.
kde/kdesdk-3.5.10-i486-3.tgz: Recompiled against apr-1.3.3 and neon-0.28.3.
kde/kdevelop-3.5.3-i486-3.tgz: Recompiled against neon-0.28.3.
l/libburn-0.4.8-i486-G1.tgz: Upgraded to libburn-0.5.4-i486-G1.
l/libisofs-0.6.8-i486-G1.tgz Upgraded to libisofs-0.6.10-i486-G1.
tcl/expect-5.44.1.11-i486-1.tgz: Upgraded to expect-5.44.1.11.
xap/gkrellm-2.3.2-i486-1.tgz: Upgraded to gkrellm-2.3.2 compiled against
lm_sensors-3.0.3.
xap/gpicview-0.1.9-i486-G1.tgz: Upgraded to gpicview-0.1.10-i486-G1.
xap/rutilt-0.16-i486-G1.tgz: Upgraded to rutilt-0.18-i486-G1.
xap/sane-1.0.19-i486-3.tgz: Moved udev rules to /lib/udev/rules.d/.
xap/wicd-1.4.2-i486-G1.tgz: Upgraded to wicd-1.5.4-i486-G1.
xap/xsane-0.996-i486-1.tgz: Upgraded to xsane-0.996.
xap/xscreensaver-5.07-i486-2.tgz: Fixed a problem that can occur when RANDR reports incorrect data. Patch from upstream — thanks to Piter Punk for finding it.
+————————–+

Tue Nov 11 11:00:00 BRT 2008
Several upgrades in Slackware current.
d/binutils-2.18.50.0.9-i486-1.tgz: Upgraded to binutils-2.18.50.0.9.
d/cmake-2.6.2-i486-1.tgz: Upgraded to cmake-2.6.2.
d/git-1.6.0.3-i486-1.tgz: Upgraded to git-1.6.0.3.
d/intltool-0.40.5-i486-1.tgz: Upgraded to intltool-0.40.5.
d/kernel-headers-2.6.27.5_smp-x86-1.tgz: Upgraded to Linux 2.6.27.5 headers.
d/m4-1.4.12-i486-1.tgz: Upgraded to m4-1.4.12.
d/subversion-1.5.4-i486-1.tgz: Upgraded to subversion-1.5.4.
l/jre-6u10-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
Runtime Environment Version 6.0 update 10.
n/bluez-hcidump-1.42-i486-1.tgz: Upgraded to bluez-hcidump-1.42.
n/gnutls-2.6.1-i486-1.tgz: Upgraded to gnutls-2.6.1.
From the gnutls-2.6.1 NEWS file:
** libgnutls: Fix X.509 certificate chain validation error.
[GNUTLS-SA-2008-3] The flaw makes it possible for man in the middle
attackers (i.e., active attackers) to assume any name and trick GNU TLS
clients into trusting that name. Thanks for report and analysis from
Martin von Gagern <Martin.vGagern@gmx.net>. [CVE-2008-4989]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
(* Security fix *)
n/httpd-2.2.10-i486-1.tgz: Upgraded to httpd-2.2.10.
n/iproute2-2.6.26-i486-1.tgz: Upgraded to iproute2-2.6.26.
n/iptables-1.4.2-i486-1.tgz: Upgraded to iptables-1.4.2.
n/iwlwifi-3945-ucode-15.28.2.8-fw-1.tgz:
Upgraded to iwlwifi-3945-ucode-15.28.2.8.
n/iwlwifi-4965-ucode-228.57.2.21-fw-1.tgz:
Upgraded to iwlwifi-4965-ucode-228.57.2.21.
n/iwlwifi-5000-ucode-5.4.A.11-fw-1.tgz:
Added iwlwifi-5000-ucode-5.4.A.11.
n/nfs-utils-1.1.4-i486-1.tgz: Upgraded to nfs-utils-1.1.4.
n/obexftp-0.22-i486-2.tgz: Recompiled.
n/openobex-1.3-i486-2.tgz: Recompiled against bluez-4.17.
n/openssl-0.9.8i-i486-1.tgz: Upgraded to openssl-0.9.8i.
n/samba-3.2.4-i486-1.tgz: Upgraded to samba-3.2.4.
n/slrn-0.9.9p1-i486-1.tgz: Upgraded to slrn-0.9.9p1.
n/tcpdump-4.0.0-i486-1.tgz: Upgraded to libpcap-1.0.0 and tcpdump-4.0.0.
xap/pidgin-2.5.2-i486-G1.tgz: Upgraded to pidgin-2.5.2-i486-G2.
Recompiled against gnutls-2.6.1.
+————————–+

Mon Nov 10 16:00:00 BRT 2008
Several upgrades in Slackware current.
a/cups-1.3.9-i486-1.tgz: Upgraded to cups-1.3.9.
This update fixes three vulnerabilities in the SGI image format filter, the
texttops filter, and the HP-GL and HP-GL/2 plotter format filter. All three
of these could result in a denial of service, and the plotter filter issue
could possibly be used to execute code as the print spooler user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
(* Security fix *)
a/e2fsprogs-1.41.3-i486-1.tgz: Upgraded to e2fsprogs-1.41.3.
a/glibc-solibs-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.
a/glibc-zoneinfo-2.7-noarch-15.tgz: Rebuilt with tzdata2008i.
a/module-init-tools-3.5-i486-1.tgz: Upgraded to module-init-tools-3.5.
a/openssl-solibs-0.9.8i-i486-1.tgz: Upgraded to openssl-0.9.8i.
ap/cdparanoia-III_10.2-i486-1.tgz: Upgraded to cdparanoia-III-10.2.
ap/gphoto2-2.4.3-i486-1.tgz: Upgraded to gphoto2-2.4.3.
ap/hplip-2.8.9-i486-1.tgz: Upgraded to hplip-2.8.9.
ap/lm_sensors-3.0.3-i486-1.tgz: Upgraded to lm_sensors-3.0.3.
ap/powertop-1.8-i486-G1.tgz: Upgraded to powertop-1.10-i486-G1.
ap/rpm-4.4.2.3-i486-2.tgz: Recompiled against neon-0.28.3.
l/apr-1.3.3-i486-1.tgz: Upgraded to apr-1.3.3.
l/apr-util-1.3.4-i486-1.tgz: Upgraded to apr-util-1.3.4.
l/dbus-1.2.4-i486-1.tgz: Upgraded to dbus-1.2.4.
l/fuse-2.7.4-i486-2.tgz: Moved udev rules to /lib/udev/rules.d/.
l/glibc-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.
l/glibc-i18n-2.7-noarch-15.tgz: Rebuilt.
l/glibc-profile-2.7-i486-15.tgz: Recompiled against Linux 2.6.27.5.
l/hal-info-20081022-noarch-1.tgz: Upgraded to hal-info-20081022.
l/hicolor-icon-theme-0.10-noarch-4.tgz: Rebuilt.
l/libcap-2.14-i486-1.tgz: Upgraded to libcap-2.14.
l/libgphoto2-2.4.3-i486-1.tgz: Upgraded to libgphoto2-2.4.3.
l/libmtp-0.3.3-i486-1.tgz: Upgraded to libmtp-0.3.3.
l/libnjb-2.2.6-i486-3.tgz: Moved udev rules to /lib/udev/rules.d/.
l/neon-0.28.3-i486-1.tgz: Upgraded to neon-0.28.3.
l/pilot-link-0.12.3-i486-5.tgz: Moved udev rules to /lib/udev/rules.d/.
Recompiled against bluez-4.17.
n/bluez-4.17-i486-1.tgz: Added bluez-4.17, which replaces the blues-libs
and blues-utils packages.
+————————–+