Slackware ChangeLogs
Slackware Logo

News

Security Advisories

FAQ

Book

General Info

Get Slack

Install Help

Configuration

Packages

ChangeLogs

Propaganda

Ports

Other Sites

Support

Contact

Mailing Lists

About

 
Stable ChangeLog for S/390x
Sat Dec 19 20:11:20 EST 2009
patches/packages/bind-9.4.3_P4-s390x-1_slack11.0.tgz: Upgraded.
       BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a
       potential cache poisoning vulnerability, in which data in the additional
       section of a response could be cached without proper DNSSEC validation.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
       http://www.kb.cert.org/vuls/id/418861
       (* Security fix *)
patches/packages/ntp-4.2.2p3-s390x-3_slack11.0.tgz: Rebuilt.
       Prevent a denial-of-service attack involving spoofed mode 7 packets.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
       (* Security fix *)
patches/packages/openssl-0.9.8h-s390x-4_slack11.0.tgz: Rebuilt.
       Patched to disable SSL renegotiation.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
       (* Security fix *)
patches/packages/openssl-solibs-0.9.8h-s390x-4_slack11.0.tgz: Rebuilt.
       Patched to disable SSL renegotiation.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
       (* Security fix *)

+--------------------------+
Sun Nov 1 18:29:38 EST 2009
patches/packages/xpdf-3.02pl4-s390x-1_slack11.0.tgz: Upgraded.
       This update fixes several security issues that could lead to an
       application crash, or execution of arbitrary code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
       (* Security fix *)

+--------------------------+
Sat Oct 3 18:19:00 CDT 2009
extra/php5/php-5.2.11-s390x-1_slack11.0.tgz:
       This release fixes some possible security issues, all of which have
       "unknown impact and attack vectors".
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
       (* Security fix *)
patches/packages/samba-3.0.37-s390x-1_slack11.0.tgz:
       This update fixes the following security issues.
       A misconfigured /etc/passwd with no defined home directory could allow
       security restrictions to be bypassed.
       mount.cifs could allow a local user to read the first line of an arbitrary
       file if installed setuid. (On Slackware, it was not installed setuid)
       Specially crafted SMB requests could cause a denial of service.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
       (* Security fix *)
+--------------------------+
Mon Sep 7 20:57:44 CDT 2009
patches/packages/seamonkey-1.1.18-s390x-1_slack11.0.tgz: Upgraded.
       Upgraded to seamonkey-1.1.18.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Thu Aug 20 22:12:00 CDT 2009
patches/packages/mozilla-thunderbird-2.0.0.23-s390x-1.tgz:
       This upgrade fixes a security bug.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
+--------------------------+
Fri Aug 14 13:42:26 CDT 2009
patches/packages/curl-7.15.5-s390x-3_slack11.0.tgz:
       This update fixes a security issue where a zero byte embedded in an SSL
       or TLS certificate could fool cURL into validating the security of a
       connection to a system that the certificate was not issued for. It has
       been reported that at least one Certificate Authority allowed such
       certificates to be issued.
       For more information, see:
       http://curl.haxx.se/docs/security.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417
       (* Security fix *)
+--------------------------+
Fri Aug 7 14:25:03 CDT 2009
patches/packages/samba-3.0.36-s390x-1_slack11.0.tgz: Upgraded.
       This is a bugfix release.
+--------------------------+
Thu Aug 6 19:07:34 CDT 2009
patches/packages/apr-1.3.8-s390x-1_slack11.0.tgz: Upgraded.
       Fix overflow in pools and rmm, where size alignment was taking place.
       [Matt Lewis <mattlewis@google.com>, Sander Striker]
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
       (* Security fix *)
patches/packages/apr-util-1.3.9-s390x-1_slack11.0.tgz: Upgraded.
       Fix overflow in rmm, where size alignment was taking place.
       [Matt Lewis <mattlewis@google.com>, Sander Striker]
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
       (* Security fix *)
+--------------------------+
Thu Aug 6 00:48:30 CDT 2009
patches/packages/fetchmail-6.3.11-s390x-1_slack11.0.tgz: Upgraded.
       This update fixes an SSL NUL prefix impersonation attack through NULs in a
       part of a X.509 certificate's CommonName and subjectAltName fields.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2666
       (* Security fix *)
+--------------------------+
Wed Jul 29 23:10:01 CDT 2009
patches/packages/bind-9.4.3_P3-s390x-1_slack11.0.tgz: Upgraded.
       This BIND update fixes a security problem where a specially crafted
       dynamic update message packet will cause named to exit resulting in
       a denial of service.
       An active remote exploit is in wide circulation at this time.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
       https://www.isc.org/node/479
       (* Security fix *)
+--------------------------+
Tue Jul 14 18:07:41 CDT 2009
patches/packages/dhcp-3.1.2p1-s390x-1_slack11.0.tgz: Upgraded.
       A stack overflow vulnerability was fixed in dhclient that could allow
       remote attackers to execute arbitrary commands as root on the system,
       or simply terminate the client, by providing an over-long subnet-mask
       option.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
       (* Security fix *)
+--------------------------+
Sat Jul 11 18:29:04 CDT 2009
extra/php5/php-5.2.10-s390x-2_slack11.0.tgz:
       Rebuilt. Installed the pear.php.net.reg and pecl.php.net.reg files from
       php-5.2.9, since the ones installed by php-5.2.10 are broken.
       Thanks to Mike Peachey for the bug report.
+--------------------------+
Wed Jul 1 14:37:43 CDT 2009
extra/php5/php-5.2.10-s390x-1_slack11.0.tgz: Upgraded.
+--------------------------+
Sat Jun 27 18:54:07 CDT 2009
patches/packages/mozilla-thunderbird-2.0.0.22-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.22.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
+--------------------------+
Fri Jun 26 22:05:35 CDT 2009
patches/packages/samba-3.0.35-s390x-1_slack11.0.tgz:
       This upgrade fixes the following security issue:
       o CVE-2009-1888:
       In Samba 3.0.31 to 3.3.5 (inclusive), an uninitialized read of a
       data value can potentially affect access control when "dos filemode"
       is set to "yes".
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
       (* Security fix *)
+--------------------------+
Wed Jun 24 19:46:28 CDT 2009
patches/packages/seamonkey-1.1.17-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.17.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Fri Jun 19 18:22:20 CDT 2009
patches/packages/libpng-1.2.37-s390x-1_slack11.0.tgz: Upgraded.
       This update fixes a possible security issue. Jeff Phillips discovered an
       uninitialized-memory-read bug affecting interlaced images that may have
       security implications.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042
       (* Security fix *)
+--------------------------+
Fri Jun 19 16:26:49 CDT 2009
patches/packages/ruby-1.8.6_p369-s390x-1_slack11.0.tgz: Upgraded.
       This fixes a denial of service issue caused by the BigDecimal method
       handling large input values improperly that may allow attackers to
       crash the interpreter. The issue affects most Rails applications.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1904
       (* Security fix *)
+--------------------------+
Mon Jun 15 22:14:45 CDT 2009
patches/packages/apr-1.3.5-s390x-1_slack11.0.tgz: Upgraded.
patches/packages/apr-util-1.3.7-s390x-1_slack11.0.tgz: Upgraded.
       Fix underflow in apr_strmatch_precompile.
       Fix a denial of service attack against the apr_xml_* interface
       using the "billion laughs" entity expansion technique.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
       (* Security fix *)
+--------------------------+
Wed Jun 3 18:09:52 CDT 2009
patches/packages/ntp-4.2.2p3-s390x-1_slack11.0.tgz:
       Patched a stack-based buffer overflow in the cookedprint function in
       ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code
       execution by a malicious remote NTP server.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
       (* Security fix *)
+--------------------------+
Thu May 14 18:09:26 CDT 2009
patches/packages/cyrus-sasl-2.1.23-s390x-1_slack11.0.tgz:
       Upgraded to cyrus-sasl-2.1.23.
       This fixes a buffer overflow in the sasl_encode64() function that could lead
       to crashes or the execution of arbitrary code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688
       (* Security fix *)
+--------------------------+
Sat May 9 18:03:41 CDT 2009
patches/packages/xpdf-3.02pl3-s390x-1_slack11.0.tgz:
       Upgraded to xpdf-3.02pl3.
       This update fixes several overflows that may result in crashes or the
       execution of arbitrary code as the xpdf user.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
(* Security fix *)
+--------------------------+
Thu Apr 30 20:56:17 CDT 2009
patches/packages/ruby-1.8.6_p368-s390x-1_slack11.0.tgz:
       Upgraded to ruby-1.8.6-p368.
       This update fixes a DoS in REXML.
       For details, see:
       http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
       (* Security fix *)
+--------------------------+
Mon Apr 20 23:27:45 CDT 2009
patches/packages/udev-097-s390x-11_slack11.0.tgz:
       This package has been patched to fix a local root hole.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185
       (* Security fix *)
+--------------------------+
Mon Apr 13 16:22:12 CDT 2009
patches/packages/seamonkey-1.1.16-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.16.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Tue Apr 7 16:59:49 CDT 2009
patches/packages/openssl-0.9.8h-s390x-3_slack11.0.tgz: Patched (see below).
patches/packages/openssl-solibs-0.9.8h-s390x-3_slack11.0.tgz:
       Patched to fix possible crashes as well as a (fairly unlikely) case
       where an invalid signature might verify as valid.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
       (* Security fix *)
patches/packages/xine-lib-1.1.16.3-s390x-1_slack11.0.tgz:
       Upgraded to xine-lib-1.1.16.3.
       - Fix another possible int overflow in the 4XM demuxer.
       (ref. TKADV2009-004, CVE-2009-0385)
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385
       (* Security fix *)
extra/php5/php-5.2.9-s390x-1_slack11.0.tgz: Upgraded to php-5.2.9.
       This update fixes a few security issues:
       - Fixed a crash on extract in zip when files or directories entry names
       contain a relative path.
       - Fixed security issue in imagerotate(), background colour isn't validated
       correctly with a non truecolour image. (CVE-2008-5498)
       Reported by Hamid Ebadi, APA Laboratory.
       - Fixed a segfault when malformed string is passed to json_decode().
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498
       (* Security fix *)
+--------------------------+
Tue Mar 24 01:56:10 CDT 2009
patches/packages/lcms-1.18-s390x-1_slack11.0.tgz: Upgraded to lcms-1.18.
       This update fixes security issues discovered in LittleCMS by Chris Evans.
       These flaws could cause program crashes (denial of service) or the execution
       of arbitrary code as the user of the lcms-linked program.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0581
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
       (* Security fix *)
patches/packages/mozilla-thunderbird-2.0.0.21-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.21.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
patches/packages/seamonkey-1.1.15-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.15.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Mon Mar 9 00:04:05 CDT 2009
patches/packages/curl-7.15.5-s390x-2_slack11.0.tgz:
       Patched curl-7.15.5.
       This fixes a security issue where automatic redirection could be made to
       follow file:// URLs, reading or writing a local instead of remote file.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
       (* Security fix *)
+--------------------------+
Fri Feb 20 17:20:49 CST 2009
patches/packages/libpng-1.2.35-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.35.
       This fixes multiple memory-corruption vulnerabilities due to a failure to
       properly initialize data structures.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
       ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt
       (* Security fix *)
+--------------------------+
Thu Jan 15 16:48:00 CST 2009
patches/packages/bind-9.3.6_P1-s390x-2_slack11.0.tgz:
       Recompiled. The -1_slack11.0 package was compiled on a Slackware 11.0
       system running a 2.6.x kernel, and this caused problems for machines running
       the default 2.4.33.3 kernel. This package should run correctly.
+--------------------------+
Wed Jan 14 20:37:39 CST 2009
patches/packages/bind-9.3.6_P1-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.6-P1.
       Fixed checking on return values from OpenSSL's EVP_VerifyFinal and
       DSA_do_verify functions to prevent spoofing answers returned from zones using
       the DNSKEY algorithms DSA and NSEC3DSA.
       For more information, see:
       https://www.isc.org/node/373
       http://www.ocert.org/advisories/ocert-2008-016.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
       (* Security fix *)
patches/packages/ntp-4.2.4p6-s390x-1_slack11.0.tgz:
       [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value.
       For more information, see:
       https://lists.ntp.org/pipermail/announce/2009-January/000055.html
       http://www.ocert.org/advisories/ocert-2008-016.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
       (* Security fix *)
patches/packages/openssl-0.9.8h-s390x-2_slack11.0.tgz:
       Patched to fix the return value EVP_VerifyFinal, preventing malformed
       signatures from being considered good. This flaw could possibly allow a
       'man in the middle' attack.
       For more information, see:
       http://www.openssl.org/news/secadv_20090107.txt
       http://www.ocert.org/advisories/ocert-2008-016.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
       (* Security fix *)
patches/packages/openssl-solibs-0.9.8h-s390x-2_slack11.0.tgz:
       Patched to fix the return value EVP_VerifyFinal, preventing malformed
       signatures from being considered good. This flaw could possibly allow a
       'man in the middle' attack.
       For more information, see:
       http://www.openssl.org/news/secadv_20090107.txt
       http://www.ocert.org/advisories/ocert-2008-016.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
       (* Security fix *)
+--------------------------+
Wed Dec 31 11:35:43 CST 2008
patches/packages/mozilla-thunderbird-2.0.0.19-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.19.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
+--------------------------+
Fri Dec 26 22:45:51 CST 2008
patches/packages/seamonkey-1.1.14-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.14.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Thu Dec 18 12:44:59 CST 2008
patches/packages/mozilla-firefox-2.0.0.20-s390x-1.tgz:
       Upgraded to firefox-2.0.0.20.
       This fixes some security issues:
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
       (* Security fix *)
+--------------------------+
Mon Dec 8 05:15:44 CST 2008
extra/php5/php-5.2.8-s390x-1_slack11.0.tgz:
Upgraded to php-5.2.8.
       This is a bugfix release that reverts a change that broke magic_quotes_gpc.
+--------------------------+
Fri Dec 5 20:54:22 CST 2008
extra/php5/php-5.2.7-s390x-1_slack11.0.tgz:
Upgraded to php-5.2.7.
       In addition to improvements and bug fixes, this new version of PHP also
       addresses several security issues, including:
       Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
       Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
       Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
       Crash with URI/file..php (filename contains 2 dots). (Fixes CVE-2008-3660).
       rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829).
       Fixed extraction of zip files or directories when the entry name is a
       relative path: http://www.sektioneins.de/advisories/SE-2008-06.txt
       These are the URLs to get more information:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2665
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2666
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660
       http://www.sektioneins.de/advisories/SE-2008-06.txt
       (* Security fix *)
+--------------------------+
Sat Nov 29 13:37:04 CST 2008
patches/packages/ruby-1.8.6_p287-s390x-1_slack11.0.tgz:
       Upgraded to ruby-1.8.6-p287.
       This fixes several bugs in the previous Ruby update, including a security
       issue where the DNS resolver did not randomize the source port and
       transaction id sufficiently.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
       (* Security fix *)
+--------------------------+
Fri Nov 28 16:27:52 CST 2008
patches/packages/samba-3.0.33-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.33.
       This package fixes an important barrier against rogue clients reading from
       uninitialized memory (though no proof-of-concept is known to exist).
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4314
       (* Security fix *)
+--------------------------+
Thu Nov 20 18:14:27 CST 2008
patches/packages/mozilla-thunderbird-2.0.0.18-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.18.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
+--------------------------+
Wed Nov 19 19:13:12 CST 2008
patches/packages/libxml2-2.6.32-s390x-1_slack11.0.tgz:
       Upgraded to libxml2-2.6.32 and patched.
       This fixes vulnerabilities including denial of service, or possibly the
       execution of arbitrary code as the user running a libxml2 linked application
       if untrusted XML content is parsed.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
       (* Security fix *)
+--------------------------+
Sat Nov 15 19:22:43 CST 2008
patches/packages/mozilla-firefox-2.0.0.18-s390x-1.tgz
       Upgraded to firefox-2.0.0.18.
       This fixes some security issues:
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
       (* Security fix *)
patches/packages/seamonkey-1.1.13-s390x-1_slack11.0.tgz
       Upgraded to seamonkey-1.1.13.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Mon Oct 13 13:58:21 CDT 2008
patches/packages/glibc-zoneinfo-2.3.6-noarch-11_slack11.0.tgz:
       Upgraded to tzdata2008h for the latest world timezone changes.
+--------------------------+
Fri Sep 26 22:38:32 CDT 2008
patches/packages/mozilla-thunderbird-2.0.0.17-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.17.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
+--------------------------+
Thu Sep 25 23:24:07 CDT 2008
patches/packages/mozilla-firefox-2.0.0.17-s390x-1.tgz:
       Upgraded to firefox-2.0.0.17.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
       (* Security fix *)
patches/packages/seamonkey-1.1.12-s390x-1_slack11.0.tgz:
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Wed Sep 17 02:28:20 CDT 2008
patches/packages/bind-9.3.5_P2-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.5-P2.
       This version has performance gains over bind-9.3.5-P1.
+--------------------------+
Wed Sep 3 19:51:43 CDT 2008
patches/packages/php-4.4.9-s390x-1_slack11.0.tgz:
       Upgraded to php-4.4.9. This upgrades the bundled PCRE library to fix
       security issues, as well as fixing a few other security related bugs.
       See the PHP4 ChangeLog for more details:
       http://www.php.net/ChangeLog-4.php#4.4.9
       Please note: PHP4 has been officially discontinued since last year, and
       reached the announced EOL on 2008-08-08. Sites should consider migrating
       to a supported release.
       (* Security fix *)
+--------------------------+
Mon Sep 1 21:56:29 CDT 2008
patches/packages/samba-3.0.32-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.32. This is a bugfix release. See the WHATSNEW.txt
       file in the Samba docs for details on what has changed.
+--------------------------+
Thu Aug 28 22:48:16 CDT 2008
patches/packages/amarok-1.4.10-s390x-1_slack11.0.tgz:
       Upgraded to amarok-1.4.10. This fixes a security issue in the Magnatune
       online music library support which could be used by malicious local users to
       overwrite system files. For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
       (* Security fix *)
patches/packages/libgpod-0.6.0-s390x-1_slack11.0.tgz:
       Upgraded to libgpod-0.6.0. This new version of libgpod is required for
       amarok-1.4.10.
+--------------------------+
Mon Aug 4 14:03:01 CDT 2008
patches/packages/python-2.4.5-s390x-1_slack11.0.tgz:
       Upgraded to 2.4.5 and patched overflows and other security problems.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144
       (* Security fix *)
+--------------------------+
Tue Jul 29 13:32:21 CDT 2008
patches/packages/proftpd-1.3.1-s390x-1_slack11.0.tgz:
       Recompiled against new OpenSSL, since this evidently checks the OpenSSL
       version and will only run against the libraries it was compiled against.
       A small patch was also added due to changes in the system includes.
       Thanks to Martin Schmitz for the info and a pointer to the patch.
+--------------------------+
Mon Jul 28 22:05:06 CDT 2008
patches/packages/fetchmail-6.3.8-s390x-1_slack11.0.tgz:
       Patched to fix a possible denial of service when "-v -v" options are used.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
       (* Security fix *)
patches/packages/links-2.1-s390x-1_slack11.0.tgz:
       Upgraded to links-2.1.
       Unspecified vulnerability in Links before 2.1, when "only proxies" is
       enabled, has unknown impact and attack vectors related to providing
       "URLs to external programs."
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
       (* Security fix *)
patches/packages/mozilla-thunderbird-2.0.0.16-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.16.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html
       (* Security fix *)
patches/packages/openssh-5.1p1-s390x-1_slack11.0.tgz:
       Upgraded to openssh-5.1p1.
       When upgrading OpenSSH, it is VERY IMPORTANT to also upgrade OpenSSL, or
       it is possible to be unable to log back into sshd!
patches/packages/openssl-0.9.8h-s390x-1_slack11.0.tgz:
       Upgraded to OpenSSL 0.9.8h.
       The Codenomicon TLS test suite uncovered security bugs in OpenSSL.
       If OpenSSL was compiled using non-default options (Slackware's package
       is not), then a malicious packet could cause a crash. Also, a malformed
       TLS handshake could also lead to a crash.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
       When upgrading OpenSSL, it is VERY IMPORTANT to also upgrade OpenSSH, or
       it is possible to be unable to log back into sshd!
       (* Security fix *)
patches/packages/openssl-solibs-0.9.8h-s390x-1_slack11.0.tgz:
       Upgraded to OpenSSL 0.9.8h shared libraries (see above).
       (* Security fix *)
patches/packages/vim-7.1.330-s390x-1_slack11.0.tgz:
       Upgraded to vim-7.1.330. This fixes several security issues related to
       the automatic processing of untrusted files.
       For more information, see:
       http://www.rdancer.org/vulnerablevim.html
       (* Security fix *)
patches/packages/vim-gvim-7.1.330-s390x-1_slack11.0.tgz:
       Upgraded to vim-gvim-7.1.330.
       See "vim" above for details.
       (* Security fix *)
+--------------------------+
Wed Jul 23 16:27:21 CDT 2008
patches/packages/dnsmasq-2.45-s390x-1_slack11.0.tgz:
       Upgraded to dnsmasq-2.45.
       It was discovered that earlier versions of dnsmasq have DNS cache
       weaknesses that are similar to the ones recently discovered in BIND.
       This new release minimizes the risk of cache poisoning.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
       (* Security fix *)
+--------------------------+
Wed Jul 16 19:28:25 CDT 2008
patches/packages/mozilla-firefox-2.0.0.16-s390x-1.tgz:
       Upgraded to firefox-2.0.0.16.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
       (* Security fix *)
patches/packages/seamonkey-1.1.11-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.11.
       This release fixes some more security vulnerabilities.
       For more information, see:
       http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
       (* Security fix *)
+--------------------------+
Wed Jul 9 20:03:57 CDT 2008
patches/packages/bind-9.3.5_P1-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.5-P1.
       This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
       Poisoning Issue. This is the summary of the problem from the BIND site:
       "A weakness in the DNS protocol may enable the poisoning of caching
       recurive resolvers with spoofed data. DNSSEC is the only full solution.
       New versions of BIND provide increased resilience to the attack."
       It is suggested that sites that run BIND upgrade to one of the new packages
       in order to reduce their exposure to DNS cache poisoning attacks.
       For more information, see:
       http://www.isc.org/sw/bind/bind-security.php
       http://www.kb.cert.org/vuls/id/800113
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
       (* Security fix *)
patches/packages/mozilla-firefox-2.0.0.15-s390x-1.tgz:
       Upgraded to firefox-2.0.0.15.
       This release closes several possible security vulnerabilities and bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/seamonkey-1.1.10-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.10.
       This release closes several possible security vulnerabilities and bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Fri Jun 27 23:17:20 CDT 2008
patches/packages/ruby-1.8.6_p230-s390x-1_slack11.0.tgz:
       Upgraded to ruby-1.8.6-p230.
       This fixes a number of security related bugs in Ruby which could lead to a
       denial of service (DoS) condition or allow execution of arbitrary code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726
       (* Security fix *)
+--------------------------+
Wed May 28 19:46:22 CDT 2008
patches/packages/samba-3.0.30-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.30.
       This is a security release in order to address CVE-2008-1105 ("Boundary
       failure when parsing SMB responses can result in a buffer overrun").
       For more information on the security issue, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
       (* Security fix *)
+--------------------------+
Tue May 27 21:53:32 CDT 2008
patches/packages/rdesktop-1.6.0-s390x-1_slack11.0.tgz:
       Upgraded to rdesktop-1.6.0.
       According to the rdesktop ChangeLog, this contains a:
       "* Fix for potential vulnerability against compromised/malicious servers
       (reported by iDefense)"
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801
       (* Security fix *)
+--------------------------+
Wed May 7 15:28:33 CDT 2008
patches/packages/mozilla-thunderbird-2.0.0.14-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.14.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
extra/php5/php-5.2.6-s390x-1_slack11.0.tgz:
       Upgraded to php-5.2.6. PHP4 was standard in Slackware 11.0, which is why
       this package is provided "in place" under /extra rather than under /patches
       (where upgrade tools might mistakenly grab and install it where it would not
       be desirable.)
       This version of PHP contains many fixes and enhancements. Some of the fixes
       are security related, and the PHP release announcement provides this list:
       * Fixed possible stack buffer overflow in the FastCGI SAPI identified by
       Andrei Nigmatulin.
       * Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
       * Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
       * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
       * Properly address incomplete multibyte chars inside escapeshellcmd()
       identified by Stefan Esser.
       * Upgraded bundled PCRE to version 7.6
       When last checked, CVE-2008-0599 was not yet open. However, additional
       information should become available at this URL:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
       The list reproduced above, as well as additional information about other
       fixes in PHP 5.2.6 may be found in the PHP release announcement here:
       http://www.php.net/releases/5_2_6.php
       (* Security fix *)
+--------------------------+
Mon Apr 28 23:46:17 CDT 2008
patches/packages/libpng-1.2.27-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.27.
       This fixes various bugs, the most important of which have to do with the
       handling of unknown chunks containing zero-length data. Processing a PNG
       image that contains these could cause the application using libpng to crash
       (possibly resulting in a denial of service), could potentially expose the
       contents of uninitialized memory, or could cause the execution of arbitrary
       code as the user running libpng (though it would probably be quite difficult
       to cause the execution of attacker-chosen code). We recommend upgrading the
       package as soon as possible.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
       ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt
       (* Security fix *)
+--------------------------+
Sat Apr 19 23:49:25 CDT 2008
patches/packages/xine-lib-1.1.11.1-s390x-3_slack11.0.tgz:
       Recompiled, with --without-speex (we didn't ship the speex library in
       Slackware anyway, but for reference this issue would be CVE-2008-1686),
       and with --disable-nosefart (the recently reported as insecurely
       demuxed NSF format). As before in -2, this package fixes the two
       regressions mentioned in the release notes for xine-lib-1.1.12:
       http://sourceforge.net/project/shownotes.php?release_id=592185&group_id=9655
       (* Security fix *)
+--------------------------+
Thu Apr 17 16:25:55 CDT 2008
patches/packages/mozilla-firefox-2.0.0.14-s390x-1.tgz:
       Upgraded to firefox-2.0.0.14.
       This upgrade fixes a potential security bug.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Tue Apr 8 00:17:36 CDT 2008
patches/packages/xine-lib-1.1.11.1-s390x-2_slack11.0.tgz:
       Patched to fix playback failure affecting several media formats
       accidentally broken in the xine-lib-1.1.11.1 release. Thanks to Diogo Sousa
       for pointing me to the new release notes on xinehq.de.
+--------------------------+
Mon Apr 7 02:04:58 CDT 2008
patches/packages/bzip2-1.0.5-s390x-1_slack11.0.tgz: Upgraded to bzip2-1.0.5.
       Previous versions of bzip2 contained a buffer overread error that could cause
       applications linked to libbz2 to crash, resulting in a denial of service.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
       (* Security fix *)
patches/packages/m4-1.4.11-s390x-1_slack11.0.tgz: Upgraded to m4-1.4.11.
       In addition to bugfixes and enhancements, this version of m4 also fixes two
       issues with possible security implications. A minor security fix with the
       use of "maketemp" and "mkstemp" -- these are now quoted to prevent the
       (rather unlikely) possibility that an unquoted string could match an
       existing macro causing operations to be done on the wrong file. Also,
       a problem with the '-F' option (introduced with version 1.4) could cause a
       core dump or possibly (with certain file names) the execution of arbitrary
       code. For more information on these issues, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
       (* Security fix *)
+--------------------------+
Fri Apr 4 12:36:37 CDT 2008
patches/packages/openssh-5.0p1-s390x-1_slack11.0.tgz:
Upgraded to openssh-5.0p1.
       This version fixes a security issue where local users could hijack forwarded
       X connections. Upgrading to the new package is highly recommended.
       For more information on this security issue, please see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
       (* Security fix *)
+--------------------------+
Mon Mar 31 23:33:58 CDT 2008
patches/packages/xine-lib-1.1.11.1-s390x-1_slack11.0.tgz:
       Upgraded to xine-lib-1.1.11.1.
       Earlier versions of xine-lib suffer from an integer overflow which may lead
       to a buffer overflow that could potentially be used to gain unauthorized
       access to the machine if a malicious media file is played back. File types
       affected this time include .flv, .mov, .rm, .mve, .mkv, and .cak.
       For more information on this security issue, please see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
       (* Security fix *)
+--------------------------+
Sat Mar 29 03:09:17 CDT 2008
patches/packages/mozilla-firefox-2.0.0.13-s390x-1.tgz:
       Upgraded to firefox-2.0.0.13.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/seamonkey-1.1.9-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.9.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
patches/packages/xine-lib-1.1.11-s390x-1_slack11.0.tgz:
       Earlier versions of xine-lib suffer from an array index bug that
       may have security implications if a malicious RTSP stream is
       played. Playback of other media formats is not affected.
       If you use RTSP, you should probably upgrade xine-lib.
       For more information on the security issue, please see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
       (* Security fix *)
+--------------------------+
Sun Mar 2 00:15:53 CST 2008
patches/packages/espgs-8.15.3svn185-s390x-3_slack11.0.tgz:
       This patched version of ESP Ghostscript fixes a buffer overflow.
       For more information on the security issue, please see:
       http://scary.beasts.org/security/CESA-2008-001.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411
       Thanks to Chris Evans and Will Drewry of Google Security for their work
       on discovering and demonstrating the overflow.
(* Security fix *)
+--------------------------+
Sat Mar 1 15:55:28 CST 2008
patches/packages/mozilla-thunderbird-2.0.0.12-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.12.
       This update fixes the following security related issues:
       MFSA 2008-12: Heap buffer overflow in external MIME bodies
       MFSA 2008-05: Directory traversal via chrome: URI
       MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution
       MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12)
       For more information, see:
       http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
       http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
       http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
       http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
       These are the related CVE entries:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
(* Security fix *)
+--------------------------+
Thu Feb 14 17:37:38 CST 2008
patches/packages/apache-1.3.41-s390x-1_slack11.0.tgz:
       Upgraded to apache-1.3.41, the last regular release of the
       Apache 1.3.x series, and a security bugfix-only release.
       For more information about the security issues fixed, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
       (* Security fix *)
patches/packages/mod_ssl-2.8.31_1.3.41-s390x-1_slack11.0.tgz:
       Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41.
patches/packages/php-4.4.8-s390x-1_slack11.0.tgz:
       Upgraded to php-4.4.8. This is a security and bugfix release.
       More information may be found here:
       http://bugs.php.net/43010
       This is the last regular release of PHP-4.4.x.
       The EOL is scheduled for 2008-08-08.
       (* Security fix *)
+--------------------------+
Tue Feb 12 23:07:34 CST 2008
patches/packages/mozilla-firefox-2.0.0.12-s390x-1.tgz:
       Upgraded to firefox-2.0.0.12.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/seamonkey-1.1.8-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.8.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Mon Dec 31 18:49:52 CST 2007
patches/packages/glibc-zoneinfo-2.3.6-noarch-10_slack11.0.tgz:
       Some deja vu. ;-)
       Upgraded to tzdata2007k. A new year should be started with the
       latest timezone data, so here it is.
       Happy holidays, and a happy new year to all! :-)
+--------------------------+
Mon Dec 24 15:54:26 CST 2007
patches/packages/glibc-zoneinfo-2.3.6-noarch-9_slack11.0.tgz:
       Upgraded to tzdata2007j. A new year should be started with the
       latest timezone data, so here it is.
       Happy holidays, and a happy new year to all! :-)
+--------------------------+
Fri Dec 14 18:03:59 CST 2007
patches/packages/mysql-5.0.51-s390x-1_slack11.0.tgz:
       Upgraded to mysql-5.0.51.
       This release fixes several bugs, including some security issues.
       However, it also includes a potentially incompatible change, so be sure
       to read the release notes before upgrading. It is possible that some
       databases will need to be fixed in order to work with this (and future)
       releases:
       http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
       For more information about the security issues fixed, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
       (* Security fix *)
+--------------------------+
Mon Dec 10 12:45:35 CST 2007
patches/packages/samba-3.0.28-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.28.
       Samba 3.0.28 is a security release in order to address a boundary failure
       in GETDC mailslot processing that can result in a buffer overrun leading
       to possible code execution.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015
       http://www.samba.org/samba/history/samba-3.0.28.html
       http://secunia.com/secunia_research/2007-99/advisory/
       (* Security fix *)
+--------------------------+
Mon Dec 3 19:58:51 CST 2007
patches/packages/cairo-1.4.12-s390x-1_slack11.0.tgz:
       Upgraded to cairo-1.4.12.
       This fixes a possible security risk when decoding PNG files that may have
       been maliciously tampered with:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503
       (* Security fix *)
patches/packages/samba-3.0.27a-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.27a.
       This update fixes a crash bug regression experienced by smbfs clients caused
       by the fix for CVE-2007-4572.
+--------------------------+
Sat Dec 1 16:57:18 CST 2007
patches/packages/rsync-2.6.9-s390x-1_slack11.0.tgz:
       Patched some security bugs.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
       http://lists.samba.org/archive/rsync-announce/2007/000050.html
       (* Security fix *)
patches/packages/mozilla-firefox-2.0.0.11-s390x-1.tgz: Upgraded to Firefox
       2.0.0.11, which fixed a bug introduced by the 2.0.0.10 update in the
       <canvas> feature that affected some web pages and extensions.
+--------------------------+
Thu Nov 29 20:19:30 CST 2007
patches/packages/seamonkey-1.1.7-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.7.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Tue Nov 27 16:23:07 CST 2007
patches/packages/mozilla-firefox-2.0.0.10-s390x-1.tgz:
       Upgraded to firefox-2.0.0.10.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Wed Nov 21 00:55:51 CST 2007
patches/packages/libpng-1.2.23-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.23.
       Previous libpng versions may crash when loading malformed PNG files.
       It is not currently known if this vulnerability can be exploited to
       execute malicious code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
       (* Security fix *)
+--------------------------+
Tue Nov 20 16:49:58 CST 2007
patches/packages/mozilla-thunderbird-2.0.0.9-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.9.
       This update fixes the following security related issues:
       URIs with invalid %-encoding mishandled by Windows (MFSA 2007-36).
       Crashes with evidence of memory corruption (MFSA 2007-29).
       OK, so the first one obviously does not affect us. :-) The second fix has
       to do with the same JavaScript handling problem fixed before in Firefox.
       JavaScript is not enabled by default in Thunderbird, and the developers
       (at least in MFSA 2007-36) do not recommend turning it on.
       For more information, see:
       http://www.mozilla.org/security/announce/2007/mfsa2007-36.html
       http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
       (* Security fix *)
+--------------------------+
Fri Nov 16 17:22:18 CST 2007
patches/packages/samba-3.0.27-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.27.
       Samba 3.0.27 is a security release in order to address a stack buffer
       overflow in nmbd's logon request processing, and remote code execution in
       Samba's WINS server daemon (nmbd) when processing name registration followed
       name query requests.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
       (* Security fix *)
+--------------------------+
Mon Nov 12 01:25:34 CST 2007
patches/packages/kdegraphics-3.5.4-s390x-2_slack11.0.tgz:
       Patched xpdf related bugs.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
       (* Security fix *)
patches/packages/koffice-1.5.2-s390x-5_slack11.0.tgz:
       Patched xpdf related bugs.
       For more information, see:
       http://www.kde.org/info/security/advisory-20071107-1.txt
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
       (* Security fix *)
patches/packages/xpdf-3.02pl2-s390x-1_slack11.0.tgz:
       Upgraded to xpdf-3.02pl2.
       The pl2 patch fixes a crash in xpdf.
       Some theorize that this could be used to execute arbitrary code if an
       untrusted PDF file is opened, but no real-world examples are known (yet).
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
       (* Security fix *)
+--------------------------+
Sat Nov 10 22:19:02 CST 2007
extra/php5/php-5.2.5-s390x-2_slack11.0.tgz:
       The security/bug fix update for Slackware 11.0 has been reissued
       to fix a zero-length /usr/bin/php-cgi. Thanks to TJ Munro for
       pointing this out. We appreciate the fast weekend Q/A. :-)
       This package should be installed rather than the previously
       released php-5.2.5-s390x-1_slack11.0 (unless you do not use
       /usr/php/php-cgi in which case either package will do.)
       (* Security fix *)
+--------------------------+
Sat Nov 10 15:36:59 CST 2007
patches/packages/mozilla-firefox-2.0.0.9-s390x-1.tgz:
       Upgraded to firefox-2.0.0.9.
       This upgrade improves the stability of Firefox.
       For more information, see:
       http://developer.mozilla.org/devnews/index.php/2007/11/01/firefox-2009-stability-update-now-available-for-download/
extra/php5/php-5.2.5-s390x-1_slack11.0.tgz:
       Upgraded to php-5.2.5.
       This fixes bugs and security issues.
       For more information, see:
       http://www.php.net/releases/5_2_5.php
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887
       (* Security fix *)
+--------------------------+
Fri Nov 9 16:34:12 CST 2007
patches/packages/seamonkey-1.1.6-s390x-1_slack11.tgz:
       Upgraded to SeaMonkey 1.1.6.
       This upgrade fixes SeaMonkey's ability to display certain types of web pages.
       That's about all we could find about it here:
       http://www.mozilla.org/projects/seamonkey/
+--------------------------+
Thu Nov 1 22:03:53 CDT 2007
patches/packages/cups-1.2.11-s390x-2_slack12.0.tgz:
       Patched cups-1.2.11.
       An off-by-one error in ipp.c may allow a remote attacker to crash CUPS
       resulting in a denial of service.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
       (* Security fix *)
+--------------------------+
Wed Oct 24 23:02:28 CDT 2007
patches/packages/mozilla-firefox-2.0.0.8-s390x-1.tgz:
       Upgraded to firefox-2.0.0.8.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/seamonkey-1.1.5-s390x-1_slack12.0.tgz:
       Upgraded to seamonkey-1.1.5.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
extra/mozilla-2.0.0.6/: Removed. Since the 1.5.0.x branch is no longer
       supported, there's little point in leaving it up (at least in /extra...)
+--------------------------+
Wed Oct 10 11:50:50 CDT 2007
patches/packages/glibc-zoneinfo-2.3.6-noarch-8_slack11.0.tgz:
       Upgraded to timezone data from tzcode2007h and tzdata2007h.
       This contains the latest timezone data from NIST, including some important
       changes to daylight savings time in Brasil and New Zealand.
+--------------------------+
Wed Sep 12 15:20:06 CDT 2007
patches/packages/openssh-4.7p1-s390x-1_slack11.0.tgz:
       Upgraded to openssh-4.7p1.
       From the OpenSSH release notes:
       "Security bugs resolved in this release: Prevent ssh(1) from using a
       trusted X11 cookie if creation of an untrusted cookie fails; found and
       fixed by Jan Pechanec."
       While it's fair to say that we here at Slackware don't see how this could
       be leveraged to compromise a system, a) the OpenSSH people (who presumably
       understand the code better) characterize this as a security bug, b) it has
       been assigned a CVE entry, and c) OpenSSH is one of the most commonly used
       network daemons. Better safe than sorry.
       More information should appear here eventually:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
       (* Security fix *)
patches/packages/samba-3.0.26a-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.26a.
       This fixes a security issue in all Samba 3.0.25 versions:
       "Incorrect primary group assignment for domain users using the rfc2307
       or sfu winbind nss info plugin."
       For more information, see:
       http://www.samba.org/samba/security/CVE-2007-4138.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
       (* Security fix *)
extra/php5/php-5.2.4-s390x-1_slack11.0.tgz:
       Upgraded to php-5.2.4. The PHP announcement says this version fixes over
       120 bugs as well as "several low priority security bugs."
       Read more about it here:
       http://www.php.net/releases/5_2_4.php
       (* Security fix *)
+--------------------------+
Sat Aug 18 15:00:32 CDT 2007
patches/packages/tcpdump-3.9.7-s390x-1_slack11.0.tgz:
       Upgraded to libpcap-0.9.7, tcpdump-3.9.7.
       This new version fixes an integer overflow in the BGP dissector which
       could possibly allow remote attackers to crash tcpdump or to execute
       arbitrary code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
       (* Security fix *)
+--------------------------+
Fri Aug 10 22:39:13 CDT 2007
patches/packages/gimp-2.2.17-s390x-1_slack11.0.tgz:
       Upgraded to gimp-2.2.17, which fixes buffer overflows when decoding
       certain image types.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949
       (* Security fix *)
patches/packages/qt-3.3.8-s390x-2_slack11.0.tgz:
       Patched to fix several format string bugs.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
       (* Security fix *)
patches/packages/seamonkey-1.1.4-s390x-1_slack11.tgz:
       Upgraded to seamonkey-1.1.4.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
patches/packages/xpdf-3.02pl1-s390x-1_slack11.0.tgz:
       Upgraded to xpdf-3.02pl1. This fixes an integer overflow that could possibly
       be leveraged to run arbitrary code if a malicious PDF file is processed.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
       (* Security fix *)
+--------------------------+
Fri Aug 3 15:43:35 CDT 2007
patches/packages/mozilla-thunderbird-2.0.0.6-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.6.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
+--------------------------+
Wed Aug 1 13:52:51 CDT 2007
extra/mozilla-firefox-2.0.0.6/mozilla-firefox-2.0.0.6-s390x-1.tgz:
       Upgraded to firefox-2.0.0.6.
       This upgrade fixes some more security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Thu Jul 26 15:51:42 CDT 2007
patches/packages/bind-9.3.4_P1-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.4_P1 to fix a security issue.
       The query IDs in BIND9 prior to BIND 9.3.4-P1 are cryptographically weak.
       For more information on this issue, see:
       http://www.isc.org/index.pl?/sw/bind/bind-security.php
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
       (* Security fix *)
+--------------------------+
Tue Jul 24 12:40:16 CDT 2007
patches/packages/mozilla-thunderbird-2.0.0.5-s390x-1.tgz:
       Upgraded to thunderbird-2.0.0.5. Since Thunderbird shares the browser engine
       with Firefox it is susceptible to similar vulnerabilities. This update fixes
       the same issues fixed in the recent Firefox patch.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
patches/packages/seamonkey-1.1.3-s390x-1_slack11.tgz:
       Upgraded to seamonkey-1.1.3. This is presumably a security update, but the
       details on the net have been sparse. So far nothing has appeared at the
       usual URL, but I would treat this as a security update unless it is announced
       as otherwise.
       For more information (if/when it appears), see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Thu Jul 19 12:55:48 CDT 2007
extra/mozilla-firefox-2.0.0.5/mozilla-firefox-2.0.0.5-s390x-1.tgz:
       Upgraded to firefox-2.0.0.5.
       This upgrade fixes a couple of minor security bugs. Nobody here is launching
       Firefox from Internet Explorer, right? :-)
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Wed Jun 27 01:11:32 CDT 2007
patches/packages/gd-2.0.35-s390x-1_slack11.0.tgz:
       Upgraded to gd-2.0.35.
       This fixes a few possible security issues:
       * Possible infinite loop in the PNG reader
       * Possible integer overflow in gdImageCreateTrueColor
       * Possible crash in gdImageCreateXbm
       * Numerous flaws in the GIF reader
       (* Security fix *)
+--------------------------+
Wed Jun 13 21:43:03 CDT 2007
patches/packages/libexif-0.6.16-s390x-1_slack11.0.tgz:
       Upgraded to libexif-0.6.16.
       An integer overflow in libexif can crash applications that use the library
       on malformed images. The upstream advisory indicates that this flaw could
       also be used to execute arbitrary code in the context of the user, but no
       exploit is known (by us) to exist among iDefense's researchers or in the
       wild. But, as a crash bug and heap overflow one must suppose that the
       possibility exists.
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168
       (* Security fix *)
+--------------------------+
Fri Jun 1 21:50:50 CDT 2007
patches/packages/mozilla-firefox-1.5.0.12-s390x-1.tgz:
       Upgraded to firefox-1.5.0.12.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/mozilla-thunderbird-1.5.0.12-s390x-1.tgz:
       Upgraded to thunderbird-1.5.0.12.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
patches/packages/seamonkey-1.1.2-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.2.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
extra/mozilla-firefox-2.0.0.4/mozilla-firefox-2.0.0.4-s390x-1.tgz:
       Upgraded to firefox-2.0.0.4.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Fri Jun 1 14:56:51 CDT 2007
extra/php5/php-5.2.3-s390x-1_slack11.0.tgz:
Upgraded to php-5.2.3.
       Here's some basic information about the release from php.net:
       "This release continues to improve the security and the stability of the
       5.X branch as well as addressing two regressions introduced by the
       previous 5.2 releases. These regressions relate to the timeout handling
       over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in
       certain conditions. All users are encouraged to upgrade to this release."
       For more complete information, see:
       http://www.php.net/releases/5_2_3.php
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
       (* Security fix *)
+--------------------------+
Fri May 25 11:27:02 CDT 2007
patches/packages/samba-3.0.25a-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.25a. This fixes some major (non-security) bugs in
       samba-3.0.25. See the WHATSNEW.txt for details.
+--------------------------+
Wed May 16 16:16:59 CDT 2007
patches/packages/libpng-1.2.18-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.18.
       A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some
       libpng applications. This vulnerability has been assigned the identifiers
       CVE-2007-2445 and CERT VU#684664.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445
       (* Security fix *)
+--------------------------+
Mon May 14 18:22:43 CDT 2007
patches/packages/samba-3.0.25-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.25.
       Security Fixes included in the Samba 3.0.25 release are:
       o CVE-2007-2444
       Versions: Samba 3.0.23d - 3.0.25pre2
       Local SID/Name translation bug can result in
       user privilege elevation
       o CVE-2007-2446
       Versions: Samba 3.0.0 - 3.0.24
       Multiple heap overflows allow remote code execution
       o CVE-2007-2447
       Versions: Samba 3.0.0 - 3.0.24
       Unescaped user input parameters are passed as
       arguments to /bin/sh allowing for remote command
       execution
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447
       (* Security fix *)
+--------------------------+
Mon May 14 16:39:31 CDT 2007
patches/packages/seamonkey-1.1.1-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.1.1. Removed various symlinks to NSS libraries.
       If you plan to rebuild the pidgin package in unsupported/pidgin/stable for
       any reason (you shouldn't need to), first upgrade to this package and then
       upgradepkg --reinstall the mozilla-nss package.
+--------------------------+
Thu May 10 16:14:34 CDT 2007
testing/packages/bash-3.2.017-s390x-1_slack11.0.tgz: Upgraded to bash-3.2.017.
       Moved here from /patches/packages. Honestly, I think /testing may be a
       better place for bash-3.2 for a while longer -- it's causing trouble with
       many old scripts. So, we'll give it a while longer to stabilize and for
       scripts to catch up to any syntax changes which may have occured.
+--------------------------+
Tue May 8 22:19:03 CDT 2007
patches/packages/slackpkg-2.60-noarch-1.tgz:
       Upgraded to slackpkg-2.60. Thanks to Piter Punk!
+--------------------------+
Mon May 7 21:55:15 CDT 2007
extra/php5/php-5.2.2-s390x-1_slack11.0.tgz:
       Upgraded to php-5.2.2.
       This fixes bugs and improves security.
       For more details, see:
       http://www.php.net/releases/5_2_2.php
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
       (* Security fix *)
patches/packages/php-4.4.7-s390x-1_slack11.0.tgz:
       Upgraded to php-4.4.7.
       This fixes bugs and improves security.
       For more details, see:
       http://www.php.net/releases/4_4_7.php
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
       (* Security fix *)
+--------------------------+
Thu May 3 23:02:49 CDT 2007
patches/packages/gnome-icon-theme-2.14.2-noarch-2_slack11.0.tgz:
       gnome-icon-theme puts its pkgconfig file in the wrong directory,
       which is (was) breaking compiles. Now it is in the right place.
       Thanks to Robby Workman for pointing it out.
+--------------------------+
Wed Apr 25 15:19:06 CDT 2007
patches/packages/fontconfig-2.4.2-s390x-2_slack11.0.tgz:
       Changed the font paths in /etc/fonts/fonts.conf to point to where the
       fonts actually are, rather than through a symlink. The symlink
       (/usr/X11R6/lib/fonts) *should* be made by the aaa_base package, but
       still it's probably best to point to the real location.
       Thanks to Zoran Davidovac for the suggestion.
       Moved man pages to the proper location and gzipped them.
       Created a /var/cache/fontconfig directory.
+--------------------------+
Mon Apr 23 13:32:50 CDT 2007
patches/packages/freetype-2.3.4-s390x-2_slack11.0.tgz: Fixed the diffs
       for the patented algorithms. Thanks to Eric Hameleers.
+--------------------------+
Fri Apr 20 13:47:39 CDT 2007
patches/packages/x11-6.9.0-s390x-14_slack11.0.tgz:
       Removed old versions of fc-cache and fc-list.
       Somehow a couple of old fontconfig binaries snuck into this package, and
       prevent fc-cache from working properly at boot (or any other time).
       If you've already installed these upgrades, reinstalling the fontconfig
       package will fix the issue. If you do that, there's no need to reinstall
       this new x11 package -- it's been fixed so that there's no longer a problem
       with the package install order (and because those fc-* binaries didn't
       belong there). Sorry for any inconvenience...
       Thanks to Petri Kaukasoina for pointing this out.
       (* Fix *)
+--------------------------+
Thu Apr 19 18:53:08 CDT 2007
patches/packages/fontconfig-2.4.2-s390x-1_slack11.0.tgz:
       Upgraded to the fontconfig-2.4.2 to work better with freetype-2.3.4.
patches/packages/freetype-2.3.4-s390x-1_slack11.0.tgz:
       Fixed an overflow parsing BDF fonts.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
       (* Security fix *)
patches/packages/x11-6.9.0-s390x-13_slack11.0.tgz:
       Recompiled.
patches/packages/x11-devel-6.9.0-s390x-13_slack11.0.tgz:
       Recompiled.
patches/packages/x11-xdmx-6.9.0-s390x-13_slack11.0.tgz:
       Recompiled.
patches/packages/x11-xnest-6.9.0-s390x-13_slack11.0.tgz:
       Recompiled.
patches/packages/x11-xvfb-6.9.0-s390x-13_slack11.0.tgz:
       Recompiled.
patches/packages/xine-lib-1.1.6-s390x-1_slack11.0.tgz:
       Upgraded to xine-lib-1.1.6.
       This fixes overflows in xine-lib in some little-used media formats in
       xine-lib < 1.1.5 and other bugs in xine-lib < 1.1.6. The overflows in
       xine-lib < 1.1.5 could definitely cause an application using xine-lib to
       crash, and it is theorized that a malicious media file could be made to run
       arbitrary code in the context of the user running the application.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
       (* Security fix *)
+--------------------------+
Wed Apr 4 13:25:17 CDT 2007
patches/packages/ktorrent-2.1.3-s390x-2_slack11.0.tgz:
       Changed --prefix from /usr to /opt/kde.
       (Slackware 11.0 still uses that, right? ;-)
       Thanks to arny for pointing this out.
patches/packages/qca-tls-1.0-s390x-4_slack11.0.tgz:
       Recompiled for qt-3.3.8. Sorry to have forgotten about the 3.3.6
       plugin location... thanks to Peter Valky for the reminder.
+--------------------------+
Tue Apr 3 15:01:57 CDT 2007
patches/packages/file-4.20-s390x-1_slack11.0.tgz:
       Upgraded to file-4.20.
       This fixes a heap overflow that could allow code to be executed as the
       user running file (note that there are many scenarios where file might be
       used automatically, such as in virus scanners or spam filters).
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
       (* Security fix *)
patches/packages/ktorrent-2.1.3-s390x-1_slack11.0.tgz:
       Upgraded to ktorrent-2.1.3.
       A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may
       allow remote attackers to overwrite the ktorrent user's files. A bug in
       chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash
       ktorrent and cause heap corruption by the use of an invalid idx value.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1385
       (* Security fix *)
patches/packages/qt-3.3.8-s390x-1_slack11.0.tgz:
       Patched an issue where the Qt UTF 8 decoder may in some instances fail to
       reject overlong sequences, possibly allowing "/../" path injection or XSS
       errors.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
       (* Security fix *)
+--------------------------+
Mon Mar 26 20:54:55 CDT 2007
patches/packages/libwpd-0.8.9-s390x-1_slack11.0.tgz:
       Upgraded to libwpd-0.8.9.
       Various overflows may lead to application crashes upon opening a specially
       crafted WordPerfect file. This vulnerability could also conceivably be
       used by an attacker to execute arbitrary code.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-002
       (* Security fix *)
patches/packages/mozilla-firefox-1.5.0.11-s390x-1.tgz:
       Upgraded to mozilla-firefox-1.5.0.11.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
extra/mozilla-firefox-2.0.0.3/mozilla-firefox-2.0.0.3-s390x-1.tgz:
       Upgraded to mozilla-firefox-2.0.0.3.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Sat Mar 24 19:08:07 CDT 2007
patches/packages/bash-3.2.015-s390x-1_slack11.0.tgz:
       Upgraded to bash-3.2 patchlevel 15. This is an optional upgrade
       issued due to some problem reports concerning the use of the old-
       style backquotes in scripts. For example `ls -l` might fail where
       $(ls -l) works (though the real-world examples are more complex
       than these, of course. I'd say if you're not having problems with
       bash you're better off leaving it alone, but if you're getting an
       error like "unexpected EOF looking for matching `", you may wish
       to give this package a try.
       Thanks much to John Pate for helping with late-night debugging.
+--------------------------+
Sat Mar 17 17:41:43 CDT 2007
Happy St. Patrick's Day!
patches/packages/gaim-1.5.0-s390x-3_slack11.0.tgz:
       Recompiled against mozilla-nss. Also recompiled the GAIM beta in
       the /pub/slackware/unsupported/ directory, if anyone is interested.
patches/packages/mozilla-nss-3.9.2-s390x-1_slack11.0.tgz:
       Added mozilla-nss to provide a more stable API/ABI for GAIM.
+--------------------------+
Wed Mar 14 19:38:47 CDT 2007
patches/packages/libpng-1.2.16-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.16. This fixes some problems with the new
       ImageMagick package, such as massive memory usage using "convert".
       Thanks to Michael Johnson for letting me know about this.
+--------------------------+
Tue Mar 13 18:22:59 CDT 2007
patches/packages/php-4.4.6-s390x-1_slack11.0.tgz:
       Upgraded to php-4.4.6.
       This version of PHP fixes a problem introduced with the last PHP release
       where certain applications using "register_globals" may crash.
+--------------------------+
Wed Mar 7 17:57:50 CST 2007
patches/packages/gnupg-1.4.7-s390x-1_slack11.0.tgz:
       Upgraded to gnupg-1.4.7.
       This fixes a security problem that can occur when GnuPG is used incorrectly.
       Newer versions attempt to prevent such misuse.
       For more information, see:
       http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
       (* Security fix *)
patches/packages/x11-6.9.0-s390x-12_slack11.0.tgz: Patched.
       This update fixes overflows in the dbe and render extensions. This could
       possibly be exploited to overwrite parts of memory, possibly allowing
       malicious code to execute, or (more likely) causing X to crash.
       For information about some of the security fixes, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103
       (* Security fix *)
patches/packages/mozilla-firefox-1.5.0.10-s390x-1.tgz:
       Upgraded to firefox-1.5.0.10.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/mozilla-thunderbird-1.5.0.10-s390x-1.tgz:
       Upgraded to thunderbird-1.5.0.10.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
patches/packages/seamonkey-1.0.8-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.0.8.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
patches/packages/imagemagick-6.3.3_0-s390x-1_slack11.0.tgz:
       Upgraded to imagemagick-6.3.3-0.
       The original fix for PALM image handling has been corrected.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
       (* Security fix *)
extra/mozilla-firefox-2.0.0.2-s390x-1.tgz:
       Upgraded to firefox-2.0.0.2.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Thu Feb 22 21:13:04 CST 2007
patches/packages/php-4.4.5-s390x-1_slack11.0.tgz:
       Upgraded to php-4.4.5 which improves stability and security.
       For complete details, see http://www.php.net.
       For imformation about some of the security fixes, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988
       (* Security fix *)
extra/php5/php-5.2.1-s390x-1_slack11.0.tgz:
       Upgraded to php-5.2.1 which improves stability and security.
       For imformation about some of the security fixes, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988
       (* Security fix *)
patches/packages/amarok-1.4.5-s390x-1_slack11.0.tgz: Upgraded to
       amarok-1.4.5, which fixes the last.fm stream breakage after the
       last upgrade to xine-lib.
patches/packages/libgpod-0.4.2-s390x-1_slack11.0.tgz: Upgraded to
       libgpod-0.4.2. This is needed for the amarok package.
patches/packages/libmtp-0.1.3-s390x-1_slack11.0.tgz: Upgraded to
       libmtp-0.1.3. This is needed for the amarok package.
+--------------------------+
Sun Feb 18 15:20:36 CST 2007
patches/packages/glibc-zoneinfo-2.3.6-noarch-7_slack11.0.tgz:
       Updated with tzdata2007b for impending Daylight Savings Time
       changes in the US.
+--------------------------+
Wed Feb 7 12:29:05 CST 2007
patches/packages/samba-3.0.24-s390x-1_slack11.0.tgz:
       Upgraded to samba-3.0.24. From the WHATSNEW.txt file:
       "Important issues addressed in 3.0.24 include:
       o Fixes for the following security advisories:
       - CVE-2007-0452 (Potential Denial of Service bug in smbd)
       - CVE-2007-0453 (Buffer overrun in NSS host lookup Winbind
       NSS library on Solaris)
       - CVE-2007-0454 (Format string bug in afsacl.so VFS plugin)"
       Samba is Slackware is vulnerable to the first issue, which can cause smbd
       to enter into an infinite loop, disrupting Samba services. Linux is not
       vulnerable to the second issue, and Slackware does not ship the afsacl.so
       VFS plugin (but it's something to be aware of if you build Samba with
       custom options).
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454
       (* Security fix *)
+--------------------------+
Fri Jan 26 22:46:30 CST 2007
patches/packages/bind-9.3.4-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.4. This update fixes two denial of service
       vulnerabilities where an attacker could crash the name server with
       specially crafted malformed data.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494
       (* Security fix *)
+--------------------------+
Wed Jan 24 14:15:07 CST 2007
patches/packages/fetchmail-6.3.6-s390x-1_slack11.0.tgz:
       Upgraded to fetchmail-6.3.6. This fixes two security issues. First, a bug
       introduced in fetchmail-6.3.5 could cause fetchmail to crash. However,
       no stable version of Slackware ever shipped fetchmail-6.3.5. Second, a long
       standing bug (reported by Isaac Wilcox) could cause fetchmail to send a
       password in clear text or omit using TLS even when configured otherwise.
       All fetchmail users are encouraged to consider using getmail, or to upgrade
       to the new fetchmail packages.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867
       (* Security fix *)
+--------------------------+
Sat Dec 23 16:38:26 CST 2006
extra/mozilla-firefox-2.0.0.1/mozilla-firefox-2.0.0.1-s390x-1.tgz:
       Upgraded to Mozilla Firefox 2.0.0.1.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/mozilla-firefox-1.5.0.9-s390x-1.tgz:
       Upgraded to firefox-1.5.0.9.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/mozilla-thunderbird-1.5.0.9-s390x-1.tgz:
       Upgraded to thunderbird-1.5.0.9.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
patches/packages/seamonkey-1.0.7-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.0.7.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
patches/packages/xine-lib-1.1.3-s390x-1_slack11.0.tgz:
       Upgraded to xine-lib-1.1.3 which fixes possible security problems
       such as a heap overflow in libmms and a buffer overflow in the
       Real Media input plugin.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200
       (* Security fix *)
+--------------------------+
Wed Dec 6 15:16:06 CST 2006
patches/packages/gnupg-1.4.6-s390x-1_slack11.0.tgz:
       Upgraded to gnupg-1.4.6. This release fixes a severe and exploitable
       bug in earlier versions of gnupg. All gnupg users should update to the
       new packages as soon as possible. For details, see the information
       concerning CVE-2006-6235 posted on lists.gnupg.org:
       http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
       This update also addresses a more minor security issue possibly
       exploitable when GnuPG is used in interactive mode. For more information
       about that issue, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
       (* Security fix *)
+--------------------------+
Fri Dec 1 15:03:20 CST 2006
patches/packages/libpng-1.2.14-s390x-1_slack11.0.tgz:
       Upgraded to libpng-1.2.14. This fixes a bug where a specially crafted PNG
       file could crash applications that use libpng.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
       (* Security fix *)
patches/packages/proftpd-1.3.0a-s390x-1_slack11.0.tgz:
       Upgraded to proftpd-1.3.0a plus an additional security patch. Several
       security issues were found in proftpd that could lead to the execution of
       arbitrary code by a remote attacker, including one in mod_tls that does
       not require the attacker to be authenticated first.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
       (* Security fix *)
patches/packages/tar-1.16-s390x-1_slack11.0.tgz:
       Upgraded to tar-1.16.
       This fixes an issue where files may be extracted outside of the current
       directory, possibly allowing a malicious tar archive, when extracted, to
       overwrite any of the user's files (in the case of root, any file on the
       system).
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
       (* Security fix *)
+--------------------------+
Thu Nov 9 18:04:51 CST 2006
extra/mozilla-firefox-2.0/mozilla-firefox-2.0-s390x-1.tgz: Moved from /patches,
       since it was pointed out that this sets LD_LIBRARY_PATH to use the libraries
       in /usr/lib/firefox-2.0/ which aren't compatible with the SeaMonkey libraries
       that are used to compile the gxine plugin, breaking it. I'm currently
       looking for a workaround for this issue, but meanwhile using firefox-1.5.0.8
       with the gxine plugin works just fine. Honestly, I hadn't expected to see
       another firefox-1.x release once 2.0 came out or I might not have added it to
       Slackware 11.0 after the release...
patches/packages/mozilla-firefox-1.5.0.8-s390x-1.tgz:
       Upgraded to firefox-1.5.0.8.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
patches/packages/mozilla-thunderbird-1.5.0.8-s390x-1.tgz:
       Upgraded to thunderbird-1.5.0.8.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
patches/packages/seamonkey-1.0.6-s390x-1_slack11.0.tgz:
       Upgraded to seamonkey-1.0.6.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Mon Nov 6 21:29:24 CST 2006
patches/packages/bind-9.3.2_P2-s390x-1_slack11.0.tgz:
       Upgraded to bind-9.3.2-P2. This fixes some security issues related to
       previous fixes in OpenSSL. The minimum OpenSSL version was raised to
       OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws
       in older versions (these patches were already issued for Slackware). If you
       have not upgraded yet, get those as well to prevent a potentially exploitable
       security problem in named. In addition, the default RSA exponent was changed
       from 3 to 65537. RSA keys using exponent 3 (which was previously BIND's
       default) will need to be regenerated to protect against the forging
       of RRSIGs.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
       (* Security fix *)
+--------------------------+
Fri Nov 3 23:17:57 CST 2006
extra/php5/php-5.2.0-s390x-1.tgz: Upgraded to php-5.2.0.
       This release "includes a large number of new features, bug fixes and security
       enhancements." In particular, when the UTF-8 charset is selected there are
       buffer overflows in the htmlspecialchars() and htmlentities() that may be
       exploited to execute arbitrary code.
       More details about the vulnerability may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
       Further details about the release can be found in the release announcement:
       http://www.php.net/releases/5_2_0.php
       Some syntax has changed since PHP 5.1.x. An upgrading guide may be found at
       this location:
       http://www.php.net/UPDATE_5_2.txt
       This package was placed in /extra rather than /patches to save people from
       possible surprises with automated upgrade tools, since users of PHP4 and
       PHP 5.1.x applications may need to make some code changes before things will
       work again.
       (* Security fix *)
patches/packages/php-4.4.4-s390x-4_slack11.0.tgz: Patched the UTF-8 overflow.
       More details about the vulnerability may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
       (* Security fix *)
patches/packages/screen-4.0.3-s390x-1_slack11.0.tgz: Upgraded to screen-4.0.3.
       This addresses an issue with the way screen handles UTF-8 character encoding
       that could allow screen to be crashed (or possibly code to be executed in the
       context of the screen user) if a specially crafted sequence of pseudo-UTF-8
       characters are displayed withing a screen session.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573
       (* Security fix *)
+--------------------------+
Sat Oct 28 23:52:38 CDT 2006
patches/packages/mozilla-firefox-2.0-s390x-1.tgz:
       Upgraded to Mozilla Firefox 2.0. This is a completely optional enhanced
       feature package update. Usually I'd reserve this space only for security
       patches (which this is not), but Firefox 2.0 is just so cool that I couldn't
       resist upgrading it, especially with Slackware 11.0 so recently released.
+--------------------------+
Wed Oct 25 15:45:46 CDT 2006
patches/packages/qca-tls-1.0-s390x-3_slack11.0.tgz: Rebuilt to place the plugin
       in /usr/lib/qt-3.3.7/plugins/crypto/.
patches/packages/qt-3.3.7-s390x-1_slack11.0.tgz: Upgraded to qt-x11-free-3.3.7.
       This fixes an issue with Qt's handling of pixmap images that causes Qt linked
       applications to crash if a specially crafted malicious image is loaded.
       Inspection of the code in question makes it seem unlikely that this could
       lead to more serious implications (such as arbitrary code execution), but it
       is recommended that users upgrade to the new Qt package.
       For more information, see:
       http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
       (* Security fix *)
+--------------------------+
Sun Oct 1 23:50:53 CDT 2006
Slackware 11.0 is released. Thanks to everyone who helped out and made this
release possible. If I forgot you in the ChangeLog, mea culpa, but you know
who you are, and thanks. :-)
Enjoy! -P.
+--------------------------+
Sun Oct 1 16:45:45 CDT 2006
l/jre-1_5_0_09-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
       Runtime Environment Version 5.0, Release 9.
extra/bittornado/bittornado-0.3.15-noarch-1.tgz:
       Upgraded to bittornado-0.3.15.
extra/jdk-1.5.0_09/jdk-1_5_0_09-i586-1.tgz: Upgraded to Java(TM) 2 Platform
       Standard Edition Development Kit Version 5.0, Release 9.
+--------------------------+
Sat Sep 30 22:05:20 CDT 2006
extra/linux-smp-2.6.17.13/kernel-modules-smp-2.6.17.13-i686-3.tgz:
       This had been named i486 when it's really an i686 arch package.
+--------------------------+
Sat Sep 30 19:35:24 CDT 2006
a/etc-11.0-noarch-2.tgz: Added missing comment marks (#) for distcc ports
       in /etc/services. Thanks to Michiel Broek.
n/popa3d-1.0.2-i486-2.tgz: Do better checking of passwd and group to avoid
       adding redundant entries to these files. Thanks to Menno Duursma.
n/sendmail-8.13.8-i486-4.tgz: Do better checking of passwd and group to avoid
       adding redundant entries to these files. Thanks to Menno Duursma.
n/sendmail-cf-8.13.8-noarch-4.tgz: Rebuilt.
extra/linux-smp-2.6.17.13/kernel-generic-smp-2.6.17.13-i686-3.tgz:
       Recompiled to add missing SMP/SMT support.
       Thanks to arny for noticing that I'd started with the wrong .config.
extra/linux-smp-2.6.17.13/kernel-headers-smp-2.6.17.13-i386-3.tgz: Rebuilt.
extra/linux-smp-2.6.17.13/kernel-modules-smp-2.6.17.13-i486-3.tgz: Recompiled.
+--------------------------+
Sat Sep 30 01:52:09 CDT 2006
testing/packages/fontconfig-2.4.1-i486-1.tgz: Upgraded to fontconfig-2.4.1.
       Thanks to Frédéric L. W. Meunier for pointing this out.
l/shared-mime-info-0.19-i486-1.tgz: Upgraded to shared-mime-info-0.19.
+--------------------------+
Fri Sep 29 23:41:35 CDT 2006
l/libgpod-0.4.0-i486-1.tgz: Upgraded to libgpod-0.4.0. Thanks to Shilo Bacca.
l/pango-1.12.4-i486-1.tgz: Fixed bogus empty GPOS table warning and other
       minor bugs.
extra/linux-smp-2.6.17.13/kernel-generic-smp-2.6.17.13-i686-2.tgz:
       Rebuilt SMP kernels setting -smp in CONFIG_LOCALVERSION, not EXTRAVERSION.
       Thanks to Tom B. for snapping me out of my old-skool ways.
extra/linux-smp-2.6.17.13/kernel-headers-smp-2.6.17.13-i386-2.tgz: Rebuilt.
extra/linux-smp-2.6.17.13/kernel-modules-smp-2.6.17.13-i486-2.tgz: Rebuilt.
testing/packages/iptables-1.3.6-i486-1.tgz: This one appeared too late to be
       considered for mainline (not enough test time), but it _should_ be stable.
testing/packages/wpa_supplicant-0.4.9-i486-1.tgz: Added wpa_supplicant-0.4.9.
       Thanks to Eric Hameleers for a good head-start on this one.
+--------------------------+
Fri Sep 29 02:10:15 CDT 2006
a/openssl-solibs-0.9.8d-i486-1.tgz: Upgraded to shared libraries from
       openssl-0.9.8d. See openssl package update below.
       (* Security fix *)
n/openssh-4.4p1-i486-1.tgz: Upgraded to openssh-4.4p1.
       This fixes a few security related issues. From the release notes found at
       http://www.openssh.com/txt/release-4.4:
       * Fix a pre-authentication denial of service found by Tavis Ormandy,
       that would cause sshd(8) to spin until the login grace time
       expired.
       * Fix an unsafe signal hander reported by Mark Dowd. The signal
       handler was vulnerable to a race condition that could be exploited
       to perform a pre-authentication denial of service. On portable
       OpenSSH, this vulnerability could theoretically lead to
       pre-authentication remote code execution if GSSAPI authentication
       is enabled, but the likelihood of successful exploitation appears
       remote.
       * On portable OpenSSH, fix a GSSAPI authentication abort that could
       be used to determine the validity of usernames on some platforms.
       Links to the CVE entries will be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
       After this upgrade, make sure the permissions on /etc/rc.d/rc.sshd are set
       the way you want them. Future upgrades will respect the existing permissions
       settings. Thanks to Manuel Reimer for pointing out that upgrading openssh
       would enable a previously disabled sshd daemon.
       Do better checking of passwd, shadow, and group to avoid adding
       redundant entries to these files. Thanks to Menno Duursma.
       (* Security fix *)
n/openssl-0.9.8d-i486-1.tgz: Upgraded to openssl-0.9.8d.
       This fixes a few security related issues:
       During the parsing of certain invalid ASN.1 structures an error
       condition is mishandled. This can result in an infinite loop which
       consumes system memory (CVE-2006-2937). (This issue did not affect
       OpenSSL versions prior to 0.9.7)
       Thanks to Dr S. N. Henson of Open Network Security and NISCC.
       Certain types of public key can take disproportionate amounts of
       time to process. This could be used by an attacker in a denial of
       service attack (CVE-2006-2940).
       Thanks to Dr S. N. Henson of Open Network Security and NISCC.
       A buffer overflow was discovered in the SSL_get_shared_ciphers()
       utility function. An attacker could send a list of ciphers to an
       application that uses this function and overrun a buffer.
       (CVE-2006-3738)
       Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
       A flaw in the SSLv2 client code was discovered. When a client
       application used OpenSSL to create an SSLv2 connection to a malicious
       server, that server could cause the client to crash (CVE-2006-4343).
       Thanks to Tavis Ormandy and Will Drewry of the Google Security Team.
       Links to the CVE entries will be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
       (* Security fix *)
zipslack/zipslack.zip: Rebuilt ZipSlack with new openssl-solibs and
       openssh packages.
+--------------------------+
Thu Sep 28 03:33:49 CDT 2006
ap/vorbis-tools-1.1.1-i486-3.tgz: Fixed UTF8 support.
       Thanks to Igor Pashev for providing a simple patch from Gene Pavlovsky.
kernels/huge26.s/*: Added support for USB and IEEE1394 storage devices.
kernels/test26.s/*: Added support for USB and IEEE1394 storage devices.
       Thanks to Tais M. Hansen for pointing out that these kernels lacked support
       for USB storage devices. Using these kernels with udev may cause a few
       warnings at boot time as udev attempts to load the already built-in support,
       but these seem to be harmless.
+--------------------------+
Tue Sep 26 05:57:52 CDT 2006
a/aaa_base-11.0.0-noarch-2.tgz: Updated the "Welcome to Slackware" email.
       Added /media directory, subdirectories, and symbolic links recommended by
       the FHS, along with README files to help me understand the difference
       between this directory and /mnt. ;-)
a/etc-11.0-noarch-1.tgz: Fixed a bug in /etc/csh.login that caused repeated
       use of "csh -l" to duplicate search directories in the $path. Clearly
       /etc/csh.login should set the path just as /etc/profile does.
       This bug dates back at at least 1997, maybe earlier, so congratulations to
       Dimitar Zhekov for winning this release's "smite the oldest bug" award.
       Added distcc port to /etc/services. Thanks to Erik Jan Tromp and
       Robby Workman for the continual reminders. ;-)
a/pkgtools-11.0.0-i486-4.tgz: Made upgradepkg a little bit more gentle -- if
       it is run on a corrupted .tgz it will no longer remove the original package.
       Thanks to Ric Anderson for the report.
       Added rc.scanluns to the services setup menu.
a/sysvinit-2.84-i486-69.tgz: Fixed path to /sbin/initscript shown in init.8
       (again). Thanks to Robby Workman.
       Changed rc.S to run rc.serial according to whether the script is executable.
a/util-linux-2.12r-i486-5.tgz: Treat /etc/rc.d/rc.serial (to preserve file
       permissions), /etc/serial.conf, and /etc/fdprm as '.new' config files.
ap/lm_sensors-2.10.0-i486-3.tgz: Fixed hardcoded /usr/local paths in
       sensors-detect. Thanks to Jakub Jankowski.
kde/kdebase-3.5.4-i486-7.tgz: Patched to fix media:/ URLs in Konqueror without
       requiring HAL. Thanks to everyone involved in reporting this issue and
       seeing that it was addressed:
       http://bugs.kde.org/show_bug.cgi?id=132281
       A big thanks to coolo (Stephan Kulow) for coming up with a patch. :-)
zipslack/zipslack.zip: Added ZipSlack.
+--------------------------+
Sat Sep 23 03:45:30 CDT 2006
a/sysvinit-2.84-i486-68.tgz: In rc.M, start rc.hplip if found. Fix the path
       to /sbin/initscript shown in init.8. Thanks to Robby Workman.
xap/sane-1.0.18-i486-3.tgz: Added HPLIP backend (hpaio) to dll.conf.
testing/packages/cups-1.2.4/cups-1.2.4-i486-1.tgz: Upgraded to cups-1.2.4.
       The web site says that more problems were fixed. I would still approach
       this one cautiously, though I'm sure it (or its descendent) will be used
       in Slackware 11.1. Unless you have a reason to need this now, I'd wait.
testing/packages/hplip-1.6.9-i486-1.tgz: Added hplip-1.6.9, a complete print,
       scan, and fax system for HP devices. This isn't being merged into the AP
       series as a replacement for hpijs solely because I'd like to see it get more
       testing first. It is working perfectly here. Thanks to Robby Workman for
       doing the vast majority of the work on this package. :-)
testing/packages/gutenprint-5.0.0-i486-2.tgz: Don't overwrite GIMP's "print"
       plugin -- instead install the plugin as "gutenprint".
       Thanks again to Stefano Vesa.
+--------------------------+
Fri Sep 22 01:57:52 CDT 2006
n/portmap-5.0-i486-3.tgz: In rc.rpc, fixed restart function.
       Thanks to Grant.
+--------------------------+
Thu Sep 21 04:05:03 CDT 2006
This is still Slackware 11.0 release candidate 5 (for now), and is still the
       last release candidate, scout's honor. We are nearly there. :-)
a/devs-2.3.1-noarch-25.tgz: Added /dev/i2c-* devices.
       Thanks to Jean Delvare.
       Just a reminder on devs, as I've had some email about it. As it stands, devs
       is required to boot even if the machine runs a 2.6+ kernel and uses udev.
a/hotplug-2004_09_23-noarch-11.tgz: Don't allow dhcpcd -k to make noise at
       shutdown time if dhcpcd is not running (as in cases where it was shut down
       manually, or the lease time was infinite).
a/logrotate-3.7.4-i486-1.tgz: Upgraded to logrotate-3.7.4. After reading the
       diff -u and doing some test rotations, this seems safe to include for 11.0.
       Suggested by Mateus César Gröess and Rafal Lorenc.
       Rotate /var/log/btmp. Thanks to James Michael Fultz.
a/pkgtools-11.0.0-i486-3.tgz: Stripped /bin/dialog. Thanks to mRgOBLIN for
       saving us 18K of hard drive space. :-)
       In setup.services, rename rc.portmap to rc.rpc. This is no longer started
       by default. Instead you must turn it on (only if you plan on mounting NFS
       partitions manually). Otherwise, it will be run regardless of exec perms if
       NFS shares or mounts are detected at boot time.
ap/diffstat-1.43-i486-1.tgz: Added Thomas Dickey's diffstat utility.
       Suggested by Michael Iatrou.
ap/lm_sensors-2.10.0-i486-2.tgz: Edited slack-desc since the package contains
       only the tools for lm_sensors, not the drivers. In the case of the 2.6+
       kernel, these are included with the kernel-modules package. For 2.4, the
       modules would have to be built by the end user. Also, there is still no
       startup script included for this package, but that's something that will be
       looked at for the next development cycle. Removed the mkdev.sh after
       including the i2c devices in the devs package.
       Thanks again to Jean Delvare for the advice, and for his work maintaining
       lm_sensors upstream. :-)
n/mailx-12.1-i486-1.tgz: Upgraded to mailx-12.1 from nail-11.25 (renamed).
       Thanks to Gerardo Exequiel Pozzi for pointing this out.
n/nfs-utils-1.0.10-i486-3.tgz: Moved rpc.lockd and rpc.statd to /sbin.
       Reworked rc.nfsd to make use of the rc.rpc script in "portmap".
n/portmap-5.0-i486-2.tgz: Replaced /etc/rc.d/rc.portmap with /etc/rc.d/rc.rpc.
       This script will start rpc.portmap, rpc.lockd, and rpc.statd. All of these
       are needed to make proper use of NFS from either the server or client side,
       so this approach should be more likely to work out of the box. Note that
       nfs-utils will also be required in order to use rc.rpc or NFS, even as a
       client. If rc.rpc is needed, another script will run it as long as it is
       readable. The only reason to make rc.rpc executable would be to run it at
       boot time when there are no shares in /etc/exports and no mounts in
       /etc/fstab, but you wish to be able to mount NFS partitions manually.
       Thanks to Arno G. Schielke and Cesar Suga for suggesting this idea.
n/tcpip-0.17-i486-39.tgz: Don't allow dhcpcd -k to make noise at shutdown
       time if dhcpcd is not running (as in cases where it was shut down manually,
       or the lease time was infinite).
       Added support in rc.inet1 and rc.inet1.conf for adjustable DHCP_TIMEOUT.
       Thanks to Eric Hameleers.
x/ttf-indic-fonts-0.4.7.1-noarch-1.tgz: Added TTF fonts for displaying Indic
       scripts. This package supports Bengali, Devanagari, Gujarati, Kannada,
       Malayalam, Oriya, Punjabi, Tamil, and Telugu.
       For information about fully enabling Indic support (including input), see:
       /usr/doc/Linux-HOWTOs/Indic-Fonts-HOWTO.
isolinux/initrd.img: Patched installer's network script to look for
       network26.dsk if 2.6.17.13 (huge26.s) is used to boot/install.
       Thanks to Piter Punk for work done (long ago) to fix probing for 2.6 modules.
       Thanks to Eric Hameleers for helping debug loopback mounts in the installer
       when using the 2.6.17.13 (huge26.s) kernel.
       NFS installs with the test26.s kernel are not supported by this system,
       but should work if you put the module(s) you need on a floppy or otherwise
       make them available and load them manually.
isolinux/network26.dsk: Added network26.dsk for NFS installs with huge26.s.
       Don't try to put this one on a floppy disk, folks. ;-)
kernels/huge26.s/*: Added built-in NLS (CONFIG_NLS_CODEPAGE_437,
       CONFIG_NLS_ISO8859_1, and CONFIG_NLS_UTF8) to allow FAT filesystems to
       loopback mount for NFS installs.
kernels/test26.s/*: Added 2.6.18 test26.s kernel.
rootdisks/install.1: Patched installer's network script.
rootdisks/install.2: Rebuilt.
rootdisks/install.zip: Patched installer's network script.
testing/packages/flex-2.5.33-i486-1.tgz: Added flex-2.5.33.
       Requested by Alberto Simões.
testing/packages/gutenprint-5.0.0-i486-1.tgz: Added gutenprint-5.0.0.
       This package was formerly known as "gimp-print", and will likely take the
       place of gimp-print in the AP series after going through testing.
       Suggested by Stefano Vesa.
testing/packages/linux-2.6.18/kernel-generic-2.6.18-i486-1.tgz:
       Added Linux 2.6.18 generic kernel.
testing/packages/linux-2.6.18/kernel-headers-2.6.18-i386-1.tgz:
       Added Linux 2.6.18 kernel headers.
testing/packages/linux-2.6.18/kernel-modules-2.6.18-i486-1.tgz
       Added Linux 2.6.18 kernel modules.
testing/packages/linux-2.6.18/kernel-source-2.6.18-noarch-1.tgz
       Added Linux 2.6.18 kernel source.
+--------------------------+
Tue Sep 19 18:13:09 CDT 2006
l/arts-1.5.4-i486-2.tgz: Patched an annoying bug where audio programs such
       as ogg123 would not work unless KDE had been run first. I took several
       stabs with me sword at ripping out kdebase's surprise HAL requirement as
       well, but the best I could achieve was "Internal Error". Aarrr!!
+--------------------------+
Tue Sep 19 14:07:49 CDT 2006
a/gzip-1.3.5-i486-1.tgz: Upgraded to gzip-1.3.5, and fixed a variety of bugs.
       Some of the bugs have possible security implications if gzip or its tools are
       fed a carefully constructed malicious archive. Most of these issues were
       recently discovered by Tavis Ormandy and the Google Security Team. Thanks
       to them, and also to the ALT and Owl developers for cleaning up the patch.
       For further details about the issues fixed, please see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
       (* Security fix *)
n/procmail-3.22-i486-2.tgz: Added support for large (2GB+) mailboxes.
       Thanks to Dominik L. Borkowski.
isolinux/initrd.img: Patched installer to allow splitting a package series
       over two or more pieces of optical media. If a package directory contains
       a file named README_SPLIT.TXT, then it will be continued on the next disc.
       An example of such a file can be found in /isolinux.
       Thanks very much to Eric Hameleers for the initial patch and testing!
rootdisks/install.1: Rebuilt.
rootdisks/install.2: Patched to allow a split package series.
rootdisks/install.zip: Patched to allow a split package series.
+--------------------------+
Mon Sep 18 15:18:07 CDT 2006
l/neon-0.25.5-i486-2.tgz: Enabled missing SSL support.
       Thanks much to Mircea Baciu!
+--------------------------+
Mon Sep 18 05:33:24 CDT 2006
Slackware 11.0 release candidate 5. This is the last one, scout's honor.
a/aaa_elflibs-11.0.0-i486-9.tgz: Stripped /lib/libbz2.so.1.0.3, added
       /lib/libdm.so.0.0.4.
a/bzip2-1.0.3-i486-3.tgz: Stripped /lib/libbz2.so.1.0.3.
ap/espgs-8.15.3svn185-i486-1.tgz: Upgraded to espgs-8.15.3svn185.
       OK, I don't like using repo versions at all, much less inserting them at the
       last second. But, it seems like par for the course for ghostscript and its
       offshoots where there wasn't much choice about shipping 8.15rc4 in Slackware
       10.2. In this case, building from svn fixes two critical problems: missing
       support for CJK, and not correctly printing Umlauts with certain fonts.
       Thanks to Shin-ichi Abe and Matthias Bachert.
       If this version of espgs creates new problems that are worse than these,
       please let me know as soon as possible. It's tested here and seems stable.
ap/vim-7.0.109-i486-1.tgz: Upgraded to vim-7.0.109.
d/subversion-1.4.0-i486-1.tgz: After a couple convincing assurances that this
       was a safe and ABI/API compatible upgrade, I decided to allow this upgrade.
       Thanks to Malcolm Rowe and Janusz Dziemidowicz.
l/desktop-file-utils-0.11-i486-1.tgz: Added desktop-file-utils-0.11.
       The next XFce will need this freedesktop.org package.
       Thanks to Robby Workman for the information.
l/libexif-0.6.13-i486-2.tgz: Fixed libexif.pc includedir.
       Thanks to Charles Shannon Hendrix for pointing this out.
l/libtheora-1.0alpha7-i486-1.tgz: Added libtheora-1.0alpha7. This links with
       (as far as I know) optional plugins only and is a safe last-second addition.
       Furthermore, the Theora team has promised that files encoded with this
       version of the codec will always be playable. The format is stable and ready
       for production use, so keeping it out of 11.0 due to the "alpha" would be
       plain silly. Suggested by Edo Hikmahtiar, and Diogo R.
l/libungif-4.1.4-i486-3.tgz: Added the utilities in /usr/bin, some of which
       are used to detect that annoying image spam that's on the rise...
       Thanks to Joran Kvalvaag.
l/neon-0.25.5-i486-1.tgz: Added neon package, split from subversion-deps-1.4.0.
x/dejavu-ttf-2.10-noarch-1.tgz: Upgraded to dejavu-ttf-2.10.
xap/vim-gvim-7.0.109-i486-1.tgz: Upgraded to vim-7.0.109.
       Once again, this is just an add-on for the VIM package in ap. :-)
xap/xine-lib-1.1.2-i686-2.tgz: Recompiled against libtheora to include the
       Theora codec plugin. Theora testsuite passed.
xap/xine-ui-0.99.4-i686-3.tgz: Patched an issue where xine-ui could block
       input to Konsole. Thanks to Nuts Mueller.
extra/linux-smp-2.6.17.13/kernel-headers-smp-2.6.17.13-i386-1.tgz:
       Fixed slack-desc typo. No actual rebuild, so no -$BUILD bump.
       Thanks to David Somero.
isolinux/initrd.img: Fixed swap setup in the "Cancel" or unselecting all swap
       partitions case. Thanks to Marcus Moeller.
rootdisks/install.1: Rebuilt.
rootdisks/install.2: Fixed swap setup.
rootdisks/install.zip: Fixed swap setup.
+--------------------------+
Sat Sep 16 23:08:49 CDT 2006
l/libgpod-0.3.2-i486-2.tgz: Added --enable-eject-command and
       --enable-unmount-command. Thanks to Kody K.
kde/amarok-1.4.3-i486-4.tgz: Recompiled with a patch to fix non-latin1
       playlist corruption by forcing UTF8.
       Thanks to guilherme and the kind folks on #amarok.
       Added explicit --emable-libgpod. Thanks to Kody K.
kde/kdeutils-3.5.4-i486-2.tgz: Fixed ark crash due to race condition on SMP
       machines. Thanks to JaguarWan.
n/rdesktop-1.5.0-i486-1.tgz: Upgraded to rdesktop-1.5.0.
       Thanks to Andrew Fuller for pointing it out.
x/x11-6.9.0-i486-11.tgz: Fixed an overflow in CID encoded Type1 font parsing.
       For further reference, see:
       http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3739
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3740
       (* Security fix *)
       Also, fixed French Canadian keymap variant. Thanks to Patrice Tremblay.
x/x11-devel-6.9.0-i486-11.tgz: Recompiled.
x/x11-xdmx-6.9.0-i486-11.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-11.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-11.tgz: Recompiled.
extra/linux-smp-2.6.17.13/kernel-generic-smp-2.6.17.13-i686-1.tgz:
       This is an optional kernel with support for SMP (up to 16), dual core
       optimizations, and SMT (Hyperthreading). Fully tuned and ready to go.
extra/linux-smp-2.6.17.13/kernel-headers-smp-2.6.17.13-i386-1.tgz
       Optional kernel headers. There will only be needed to compile a few things,
       such as apps and libraries that use ALSA (it contains the /usr/include/sound
       directory that for 2.4.x kernels is supplied in the alsa-driver package).
extra/linux-smp-2.6.17.13/kernel-modules-smp-2.6.17.13-i686-1.tgz:
       Kernel modules for Linux 2.6.17.13-smp, including ALSA modules.
       These install into /lib/modules/2.6.17.13-smp/.
+--------------------------+
Thu Sep 14 19:41:22 CDT 2006
d/git-1.4.2.1-i486-1.tgz: Upgraded to git-1.4.2.1.
xap/mozilla-firefox-1.5.0.7-i686-1.tgz: Upgraded to firefox-1.5.0.7.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
xap/mozilla-thunderbird-1.5.0.7-i686-1.tgz: Upgraded to thunderbird-1.5.0.7.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
xap/seamonkey-1.0.5-i486-1.tgz: Upgraded to seamonkey-1.0.5.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Thu Sep 14 03:57:37 CDT 2006
a/glibc-solibs-2.3.6-i486-6.tgz: Recompiled.
a/glibc-zoneinfo-2.3.6-noarch-6.tgz: Upgraded to tzcode2006k and tzdata2006k.
       Added "ldconfig -r ." to install script. Thanks to Stuart Winter.
a/openssl-solibs-0.9.8b-i486-2.tgz: Patched an issue where it is possible to
       forge certain kinds of RSA signatures. The patch is used instead of an
       upgrade to openssl-0.9.8c as it was issued later with a corrected fix.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
       (* Security fix *)
a/udev-097-i486-10.tgz: If there's no udevd daemon, don't allow rc.udev to
       try to start. Thanks to Eugene Crosser.
d/pkgconfig-0.21-i486-3.tgz: Added {curly brackets} around PKG_CONFIG_PATH
       in /etc/profile.d/pkgconfig.*. Thanks to Rémy Pagniez.
l/glibc-2.3.6-i486-6.tgz: Recompiled against 2.4.33.3 and 2.6.17.13 headers.
       (these kernel versions are now "golden" for release)
l/glibc-i18n-2.3.6-noarch-6.tgz: Recompiled.
l/glibc-profile-2.3.6-i486-6.tgz: Recompiled.
n/openssl-0.9.8b-i486-2.tgz: Patched an issue where it is possible to
       forge certain kinds of RSA signatures. The patch is used instead of an
       upgrade to openssl-0.9.8c as it was issued later with a corrected fix.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
       (* Security fix *)
kernels/huge26.s/*: Added NFSv3 support.
+--------------------------+
Tue Sep 12 06:29:32 CDT 2006
a/sysvinit-2.84-i486-67.tgz: Sleep 3 seconds before mounting non-root
       partitions. This was a sleep that I'd removed earlier in the devel cycle to
       see what it would break (if anything), and the answer is some external hard
       drives that take a couple seconds to hotplug. Thanks to Fabio Busatto.
       In rc.M, restart udevd when returning from single user mode.
       Thanks to James Michael Fultz.
       Patched initscript.5 man page to show proper /sbin/initscript path.
       Thanks to Robby Workman.
       Found another assumption that the kernel has hotplug support in the rc.udev
       stop function. Thanks again to Gary Hawco for the original bug report.
a/udev-097-i486-9.tgz: Uncommented dmsetup rule for LVM2 -- it doesn't seem
       to hurt anything. Thanks to Dex Filmore.
ap/diffutils-2.8.1-i486-3.tgz: Fixed sdiff.1 man page.
       Thanks to James Michael Fultz.
kde/amarok-1.4.3-i486-3.tgz: Recompiled against new libmtp.
l/libmtp-0.0.18-i486-1.tgz: Upgraded to libmtp-0.0.18.
l/libwpd-0.8.6-i486-1.tgz: Upgraded to libwpd-0.8.6.
       Thanks to Eugene C. for the CXXFLAGS advice.
n/imapd-4.64-i486-3.tgz: Added missing md5.txt mentioned in the imapd man
       page, plus a note about additional (large) documentation in the sources.
       The docs directory was also moved to /usr/doc/imapd4.64.
       Thanks to Mark Flacy for reminding me about this one.
n/rdesktop-1.4.1-i486-1.tgz: Added rdesktop-1.4.1. Yes, we're in release
       candidates, but if this doesn't work at least it is small. :-) I've had
       many, many requests, and it is needed by krdc, so that's my rationale.
       Oh -- and thanks to everyone for positive feedback on libgpod. I also fixed
       the typo in my request for feedback below. I hope that doesn't break too
       many ChangeLog parsing scripts...
n/stunnel-4.17-i486-1.tgz: Upgraded to stunnel-4.17.
       Thanks to Cal Peake for the notice.
+--------------------------+
Mon Sep 11 02:10:19 CDT 2006
a/module-init-tools-3.2.2-i486-2.tgz: In /etc/modprobe.d/, if there's no
       /etc/modprobe.d/modprobe.conf file, try to make a link to ../modprobe.conf.
       This will retain legacy support for existing /etc/modprobe.conf files.
       Thanks very much to Ivan Kalvatchev for persisting with this bug report
       until I finally saw the light of day. :-)
l/libmtp-0.0.16-i486-2.tgz: Fixed hotplug and udev support.
       Thanks to Carlos Corbacho for the help on this -- I knew it wasn't
       working yet and was hoping someone would step up. Wow, that was fast!
l/libnjb-2.2.5-i486-2.tgz: Fixed hotplug and udev support.
       Again, thanks to Carlos Corbacho. Now my NJB3 works. :-)
       Anyone have any yea/nay feedback on libgpod and amaroK?
+--------------------------+
Sat Sep 9 14:56:38 CDT 2006
kernels/huge26.s/*: Upgraded huge26.s kernel to 2.6.17.13.
extra/linux-2.6.17.13/kernel-generic-2.6.17.13-i486-1.tgz:
       Upgraded to Linux 2.6.17.13 generic kernel.
extra/linux-2.6.17.13/kernel-headers-2.6.17.13-i386-1.tgz:
       Upgraded to Linux 2.6.17.13 kernel headers.
extra/linux-2.6.17.13/kernel-modules-2.6.17.13-i486-1.tgz
       Upgraded to Linux 2.6.17.13 kernel modules.
extra/linux-2.6.17.13/kernel-source-2.6.17.13-noarch-1.tgz
       Upgraded to Linux 2.6.17.13 kernel source.
       [ Andrea was asleep when I noticed these, and I didn't want to find out
       what happens when one wakes one's sleeping wife and asks her to start
       building kernels, so... ]
+--------------------------+
Sat Sep 9 01:18:53 CDT 2006
d/ruby-1.8.4-i486-2.tgz: As it would so happen, ruby-1.8.5 fixes a security
       problem, but also breaks a considerable number of things, including Ruby on
       Rails (RoR being one of the biggest appeals of Ruby), and other applications
       that make interesting use of it. So, for now anyway -- back to 1.8.4.
kde/amarok-1.4.3-i486-2.tgz: This was the only thing that touched the tainted
       Ruby. ;-) Seriously, this will all get straightened out, but we have a
       release to do. Should we wait for everyone to adopt the new Ruby API/ABI?
       Or must it be: "works" / "secure" -- pick one? :-) It's always best to use
       the right tool for the job or you can get hurt. Remember shop class?
kde/kdesdk-3.5.4-i486-2.tgz: Recompiled with configure flags that allow the
       apr libraries to be found. Thanks to Giacomo Lozito.
y/bsd-games-2.13-i486-8.tgz: "pom" now supports a reasonable number of digits
       with a command line option, as noted in the man page. Default behavior has
       not been changed (it is still a rounded integer percentage). My own patch
       didn't live long enough to see birth in a stable release, but who cares. :-)
       Thanks to Eric Hameleers (who loves a good time-waster) for the better patch.
       I knew he wouldn't be able to resist this one. ;->
bootdisks/raid.s: Reverted to the old megaraid driver since regaraid2 is
       already in the scsi2.s bootdisk.
kernels/huge26.s/*: Fixed USB keyboard support in the installer (at least
       tested on CD/DVD media). Thanks to Bruce Hill, Jr. for pointing out that
       this was no longer working.
       Please note that if you install with this you still need kernel-modules
       from /extra, and that there's no alsa-driver for this kernel because it's
       all built into kernel-modules and kernel-headers (well, and the kernel :-).
       ALSA 1.0.11/12 specifically DO NOT support these newer kernels. Check out
       the SUPPORTED_KERNELS file in the alsa-driver source. Feel free to play
       with various combinations (many DO work, but without any noticable
       improvement to me). I try very hard to not break your sound system, but
       I'm already bending the rules with alsa-driver-1.0.11_2.4.33.3...
       Also, if you find bugs in stuff I don't ship, contact the appropriate
       maintainer too, please. I am not the hg repository for everything I ship.
       (I know, I do look remarkably similar ;-)
       "Is this the spacecraft assembly building?"
kernels/raid.s/*: Moved from the megaraid2 driver to the old megaraid
       driver, after it was pointed out that megaraid2 is already in scsi2.s.
+--------------------------+
Thu Sep 7 22:59:40 CDT 2006
d/ruby-1.8.5-i486-1.tgz: Upgraded to ruby-1.8.5.
Honestly, I'm not sure these next three will help at the moment, but we're
laying some groundwork for later when HAL will take over (and sing "Daisy").
l/libgpod-0.3.2-i486-1.tgz: Added libgpod-0.3.2.
l/libmtp-0.0.16-i486-1.tgz: Added libmtp-0.0.16.
l/libnjb-2.2.5-i486-1.tgz: Added libnjb-2.2.5.
kde/amarok-1.4.3-i486-1.tgz: Upgraded to amarok-1.4.3. Added plugins linked
       with libgpod, libmtp, and libnjb. Working status (even with a bit of DYI) is
       not known (yet). It might require HAL to make it do anything at all.
n/bind-9.3.2_P1-i486-1.tgz: Upgraded to bind-9.3.2-P1.
       This update addresses a denial of service vulnerability.
       BIND's CHANGES file says this:
       2066. [security] Handle SIG queries gracefully. [RT #16300]
       The best discussion I've found is in FreeBSD's advisory, so here's a link:
       http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc
       Also, fixed some missing man pages. (noticed by Xavier Thomassin -- thanks)
       (* Security fix *)
y/bsd-games-2.13-i486-7.tgz: Snipped part of a crufty old patch that wouldn't
       apply. Added an (unapplied) patch to make pom give you two more digits of
       accuracy. I didn't apply it since it wasn't quite done; it should have the
       traditional default (no decimal places) that everyone is used to, and an
       arbitrary accuracy selectable with a command line switch. Perhaps it should
       be rewritten to use gmp. Oh, and the man page will then need fixing.
       Eric? ;-)
+--------------------------+
Sun Sep 3 19:59:47 CDT 2006
a/udev-097-i486-8.tgz: Fixed a missing '[' in rc.udev. Thanks to
       guilherme for pointing out the error, and to J., who found the missing
       '['. (It had fallen off my desk and ended up under a table)
kernels/System.map: Forgot to gzip a bunch of these. Thanks, Steve'o.
+--------------------------+
Sun Sep 3 01:46:42 CDT 2006
       I wasn't planning a Slackware 11.0 release candidate 4, but here we go.
a/kernel-ide-2.4.33.3-i486-1.tgz:
       Upgraded to Linux 2.4.33.3 sata.i kernel.
a/kernel-modules-2.4.33.3-i486-1.tgz
       Upgraded to Linux 2.4.33.3 kernel modules.
a/udev-097-i486-7.tgz: Make sure /proc/sys/kernel/hotplug exists before
       writing to it. Thanks to Gary Hawco for the bug report.
       Change log level from "crit" or "err" since udev doesn't support "crit".
       Silly me, I saw some mention of syslog levels in the docs and assumed it
       supported all of them. At least in unrecognized cases the default is "err"
       anyway, so this bug didn't cause ill effects. Accuracy in documentation is,
       nevertheless, always a good thing to strive for. (I'm referring here to
       my own inaccurate additions to udev.conf...)
       Thanks to Chris Vowden for pointing this out.
       Don't fail to mount tmpfs on /dev because some other tmpfs mount exists.
       Thanks to Ken Milmore for the patch.
       Forget standards -- if k3b wants "/dev/writer" then that is good enough
       justification for me. Try to make a link to the most full-featured burner.
       Thanks to my good friend Dex Filmore.
       Relaxed the perms on input events from 600 to 640 so that members of group
       root can also read events. Mode 644 was suggested, but wouldn't that let
       anyone on the box set up e.g. a keyboard logger? It didn't seem secure to
       me, and 640 looks like a decent compromise.
       Thanks to Jon Anders Skorpen.
ap/mysql-5.0.24a-i486-1.tgz: Upgraded to mysql-5.0.24a.
       Evidently the ABI change in MySQL 5.0.24 was unintentional, so all the
       packages that were recompiled before need another recompile. Oh well, maybe
       this little exercise has fixed something else we didn't know about. :-)
d/kernel-headers-2.4.33.3-i386-1.tgz:
       Upgraded to Linux 2.4.33.3 kernel headers.
d/perl-5.8.8-i486-3.tgz: Recompiled against libmysqlclient.
k/kernel-source-2.4.33.3-noarch-1.tgz
       Upgraded to Linux 2.4.33.3 kernel source.
kde/koffice-1.5.2-i486-4.tgz: Recompiled against libmysqlclient.
kde/qt-3.3.6-i486-4.tgz: Recompiled against libmysqlclient.
l/alsa-driver-1.0.11_2.4.33.3-i486-1.tgz: Recompiled for Linux 2.4.33.3.
       By the way, I did try ALSA 1.0.12 and noticed that emu10k1 wasn't compiling
       for Linux 2.4.33.3. I think we are probably safer sticking with the well
       tested ALSA 1.0.11 for the release.
n/bitchx-1.1-i486-5.tgz: Recompiled against libmysqlclient.
n/dhcp-3.0.4-i486-2.tgz: Fixed incorrect man page permissions.
       Thanks to Jerome Pinot.
n/iptables-1.3.5-i486-2.tgz: Updated a rather ancient description file.
       Thanks to Sean Donner for noticing that. I hope the many folks still
       running Linux 2.2.x were adequately warned.
n/php-4.4.4-i486-3.tgz: Recompiled against libmysqlclient.
n/samba-3.0.23c-i486-1.tgz: Upgraded to samba-3.0.23c.
n/sendmail-8.13.8-i486-3.tgz: Recompiled with official patch.
       "(2006-08-30) If sendmail is used with -bs and a mail filter (milter) is
       configured, an assertion can be triggered. This patch fixes the bug."
       Thanks much to Jakub Jankowski for the heads up.
n/sendmail-cf-8.13.8-noarch-3.tgz
extra/ktorrent/ktorrent-2.0.2-i486-1.tgz: Added ktorrent-2.0.2.
       Thanks to Erik Jan Tromp for showing me this one. I've always used the
       command line BT clients (usually in "screen"), but this is nice, doesn't
       require mainline BitTorrent or any non-KDE dependencies, and will work
       great for downloading (and seeding) Slackware ISO images. :-)
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.33.3-i486-1.tgz:
       Recompiled for Linux 2.4.33.3.
extra/php5/php-5.1.6-i486-2.tgz: Recompiled against libmysqlclient.
bootdisks/*: Upgraded to Linux 2.4.33.3 kernels.
kernels/*: Upgraded to Linux 2.4.33.3 kernels, except the huge.s kernel.
       In raid.s, switch from the megaraid to megaraid2 driver. This should
       support everything the old driver did and then some. If there are
       problems, let me know ASAP. Thanks to Michael Johnson.
isolinux/initrd.img: Upgraded USB/IEEE1394 modules to Linux 2.4.33.3.
       Eric Hameleers and I did a bit more work on the NFS installer (in the
       install.* rootdisks below, too). Now installing via NFS will attempt
       to mount the root of the Slackware tree first, rather than only the
       /slackware directory within. This (if successful), allows choosing
       a kernel to install later on, just like installing from CD, DVD, or
       hard drive. If it doesn't work (perhaps only /slackware is exported)
       then the installer will fall back on the traditional behavior.
       Thanks to everyone who suggested this idea from time to time, and
       thanks to Eric for finally making it happen.
isolinux/network.dsk: Upgraded network modules to Linux 2.4.33.3.
isolinux/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.33.3.
rootdisks/install.1: Upgraded USB/IEEE1394 modules to Linux 2.4.33.3.
rootdisks/install.2: Upgraded USB/IEEE1394 modules to Linux 2.4.33.3.
rootdisks/install.zip: Upgraded USB/IEEE1394 modules to Linux 2.4.33.3.
rootdisks/network.dsk: Upgraded network modules to Linux 2.4.33.3.
rootdisks/pcmcia.dsk: Upgraded pcmcia network modules to Linux 2.4.33.3.
       I can be off topic here, right?
       BIG congratulations to my little sister Jennifer on the birth of her
       daughter Abigail Jane. Mazel Tov! :-)
+--------------------------+
Tue Aug 29 06:24:26 CDT 2006
a/util-linux-2.12r-i486-4.tgz: Fixed incorrect permissions on /var/lock.
       Thanks to Steven Robson.
f/linux-howtos-20060829-noarch-1.tgz: Updated the HOWTOs again. I guess back
       in February this must have been looking ready to release. ;-)
       Thanks to Szymczak Artur for noticing the HOWTOs were stale.
x/x11-6.9.0-i486-10.tgz: Reverted the ATI hang patch after problem reports.
       If you were helped by the patch it'll be held in /extra for the release so
       that hopefully everyone can enjoy a working ATI card. :-)
       Thanks again to Mark Canter, as this is a real problem but the patch does
       seem to introduce some new issues of its own. It's good to have an
       alternate driver just in case, though.
x/x11-devel-6.9.0-i486-10.tgz: Recompiled.
x/x11-xdmx-6.9.0-i486-10.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-10.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-10.tgz: Recompiled.
extra/slackpkg/slackpkg-2.09-noarch-1.tgz: Upgraded to slackpkg-2.09-noarch-1.
       Thanks to Piter Punk.
extra/x11-radeon-patched/x11-radeon-patched-6.9.0-i486-1.tgz:
       Here's the patched radeon module from the -9 X.Org Slackware packages.
       There's a README file included with it explaining what it is for with
       references to a discussion of the issue.
isolinux/initrd.img: Fixed an installer bug where setup would ask which
       swap partitions you'd like to use and then conveniently set them all up
       for you if you selected at least one. Thanks to DEF.
rootdisks/install.1: Fixed a bug where libraries that were moved to install.2
       to make space on install.1 were needed by /bin/mount. Thanks to David Bray.
rootdisks/install.2: Moved a couple of libraries to install.1.
       Fixed installer swap bug.
rootdisks/install.zip: Fixed installer swap bug.
+--------------------------+
Sun Aug 27 05:36:53 CDT 2006
ap/vim-7.0.066-i486-2.tgz: Use the default vanilla system vimrc as distributed
       with the vim sources. Thanks to J for mentioning that using vim with
       'crontab -e' was working fine without any additions to the vimrc.
d/m4-1.4.6-i486-1.tgz: Upgraded to m4-1.4.6.
l/libpng-1.2.12-i486-2.tgz: Recompiled so that libpng.so.* links to libz and
       libm. This has been a point of contention for a long time with the PNG folks
       maintaining that you shouldn't have to link libpng this way. Well, just
       about everyone else builds libpng to link with -lz and -lm automatically,
       but I've held my ground along with the PNG team (usually I will defer to
       upstream and will send people there with these kinds of requests). Today
       Janusz Dziemidowicz pointed out that if you build libpng with ./configure
       that now it *is* linking to these. Good enough reason to end this problem
       right now. Thanks Janusz, for pointing out that discrepancy and sending in
       a patch. :-)
n/irssi-0.8.10a-i486-4.tgz: Removed duplicates and unformatted files from
       docs/help directory. Thanks to James Michael Fultz.
x/dejavu-ttf/dejavu-ttf-2.9-noarch-1.tgz: Upgraded to dejavu-ttf-2.9.
       Moved from /extra into the X series.
       Thanks to the DejaVu team (http://dejavu.sf.net) for the superb work.
x/fontconfig-2.2.3-i486-2.tgz: Patched /etc/fonts.conf to favor the DejaVu
       fonts over the Vera ones if they are present on the machine. US English
       users should notice only minor (if any) differences with this patch,
       but other users could see their language displayed properly out-of-the box
       for the first time. :-)
x/x11-6.9.0-i486-9.tgz: Patched a PCF font parsing bug that could crash X.
       Fixed the Greek keyboard layout. Thanks to Thanos Kyritsis.
       Fixed ATI lockup bugs. Thanks to Mark Canter.
x/x11-devel-6.9.0-i486-9.tgz: Recompiled.
x/x11-xdmx-6.9.0-i486-9.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-9.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-9.tgz: Recompiled.
xap/seamonkey-1.0.4-i486-3.tgz: Fixed world-writable docs.
       Thanks to Piter Punk for pointing those out.
xap/vim-gvim-7.0.066-i486-2.tgz: Recompiled.
extra/lvm2/device-mapper-1.02.09-i486-1.tgz: Upgraded to
       device-mapper-1.02.09, moved out of /testing.
extra/lvm2/lvm2-2.02.09-i486-1.tgz: Upgraded to LVM-2.02.09,
       moved out of /testing.
extra/php5/php-5.1.6-i486-1.tgz: Upgraded to php-5.1.6,
       moved out of /testing.
+--------------------------+
Fri Aug 25 04:35:22 CDT 2006
Here is Slackware 11.0 release candidate 3. I think most of the irresistible
       upgrades are in here now, and the bug reports have been mostly handled.
       There may still be a few changes, and possibly another release candidate,
       but this is pretty close to final with the exception of updating
       documentation and building ZipSlack. Thanks very much to everyone who is
       helping to test these release candidates -- I think this is going to be a
       very up to date and stable release. :-)
a/glibc-solibs-2.3.6-i486-5.tgz: Patched an issue with kernel version parsing
       in ld-2.3.6.so that was leading glibc to treat 2.4 kernels with 4 version
       parts (such as 2.4.33.2) as if they supported NPTL, leading to a crash
       at boot.
a/glibc-zoneinfo-2.3.6-noarch-5.tgz: Updated timezone information from
       tzdata2006j.
a/kernel-ide-2.4.33.2-i486-1.tgz: Upgraded to 2.4.33.2 sata.i kernel.
       Enabled support for OOM killer and HIGHMEM4G.
a/kernel-modules-2.4.33.2-i486-1.tgz: Upgraded to Linux 2.4.33.2 modules.
a/udev-097-i486-6.tgz: Restore ttyUSB access to members of the tty group.
       Thanks to Eugene Crosser.
       In rc.udev, ignore lines that start with '#'.
       Thanks to Ian Bates.
       Removed hostap and hostap_cs dupes from blacklist.
       Thanks to giovanni quadriglio.
       Patched rc.optical-symlinks to avoid error messages with real SCSI devices
       and the SCSI generic driver.
       Thanks to Lorenzo Buzzi.
ap/lm_sensors-2.10.0-i486-1.tgz: Added lm_sensors-2.10.0, which contains the
       libsensors library that KDE can use for hardware status monitoring.
ap/vim-7.0.066-i486-1.tgz: Upgraded to vim 7.0.066.
       Added reasonable default vimrc if none exists. Thanks to Eric Hameleers.
xap/vim-gvim-7.0.066-i486-1.tgz: Upgraded to gvim 7.0.066 (requires vim).
d/kernel-headers-2.4.33.2-i386-1.tgz: Upgraded to Linux 2.4.33.2 headers.
d/perl-5.8.8-i486-2.tgz: Upgraded to DBD-mysql-3.0006 and DBI-1.52.
       Eugene Crosser reported that DBD compiled against an older version of
       libmysqlclient no longer worked without a recompile. Just to be on the
       safe side, everything linked with libmysqlclient is getting recompiled.
d/pkgconfig-0.21-i486-2.tgz: Export PKG_CONFIG_PATH.
k/kernel-source-2.4.33.2-noarch-1.tgz: Upgraded to Linux 2.4.33.2 source.
       Enabled support for OOM killer and HIGHMEM4G in default .config.
kde/amarok-1.4.2-i486-1.tgz: Upgraded to amarok-1.4.2.
kde/kdebase-3.5.4-i486-6.tgz: Recompiled to use libsensors with ksysguardd.
       Fixed location of kdeglobals, removed font defaults but kept the
       anti-aliasing fixes.
kde/koffice-1.5.2-i486-3.tgz: Recompiled against libmysqlclient and libruby.
kde/qt-3.3.6-i486-3.tgz: Recompiled against libmysqlclient, added symlink
       in /usr/lib/pkgconfig to qt-mt.pc.
l/alsa-driver-1.0.11_2.4.33.2-i486-1.tgz: Recompiled for Linux 2.4.33.2.
l/glibc-2.3.6-i486-5.tgz: Patched an issue with kernel version parsing in
       ld-2.3.6.so that was leading glibc to treat 2.4 kernels with 4 version parts
       (such as 2.4.33.2) as if they supported NPTL, leading to a crash at boot.
       Added sa_IN and ru_RU.CP1251 locale support.
       Updated timezone information from tzdata2006j.
       Updated timezone utilities from tzcode2006j.
l/glibc-i18n-2.3.6-noarch-5.tgz: Rebuilt.
       Added sa_IN and ru_RU.CP1251 locale support.
l/glibc-profile-2.3.6-i486-5.tgz: Recompiled.
l/libmusicbrainz-2.1.4-i486-1.tgz: Upgraded to libmusicbrainz-2.1.4.
l/libvisual-0.4.0-i486-1.tgz: Added libvisual-0.4.0. Just the library for
       now (no plugins), but this should make it much easier to compile and use
       audio visualization plugins without having to recompile amaroK.
n/bitchx-1.1-i486-4.tgz: Recompiled against libmysqlclient.
n/openldap-client-2.3.27-i486-1.tgz: Upgraded to openldap-client-2.3.27.
n/php-4.4.4-i486-2.tgz: Recompiled against libmysqlclient.
t/tetex-3.0-i486-4.tgz: Recompiled against new LessTif to stop warnings
       from xdvi.
t/tetex-doc-3.0-i486-4.tgz: Rebuilt. Moved info pages to /usr/info.
       Thanks to Kris Karas for pointing out the misplaced info pages.
xap/gimp-2.2.13-i486-1.tgz: Upgraded to gimp-2.2.13.
extra/3dfx-glide/*: Removed, as it most likely doesn't work.
extra/k3b/k3b-0.12.17-i486-1.tgz: Upgraded to k3b-0.12.17.
extra/k3b/k3b-i18n-0.12.17-noarch-1.tgz: Upgraded to k3b-i18n-0.12.17.
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.33.2-i486-1.tgz:
       Recompiled for Linux 2.4.33.2.
extra/slackpkg/slackpkg-2.08-noarch-3.tgz: Upgraded to slackpkg-2.08-noarch-3.
       Thanks to Piter Punk.
bootdisks/*: Upgraded to Linux 2.4.33.2 kernels.
isolinux/initrd.img: Upgraded USB/IEEE1394 modules to Linux 2.4.33.2.
isolinux/network.dsk: Upgraded network modules to Linux 2.4.33.2.
isolinux/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.33.2.
rootdisks/install.1: Upgraded USB/IEEE1394 modules to Linux 2.4.33.2.
rootdisks/install.2: Upgraded USB/IEEE1394 modules to Linux 2.4.33.2.
rootdisks/install.zip: Upgraded USB/IEEE1394 modules to Linux 2.4.33.2.
rootdisks/network.dsk: Upgraded network modules to Linux 2.4.33.2.
rootdisks/pcmcia.dsk: Upgraded pcmcia network modules to Linux 2.4.33.2.
kernels/*: Upgraded to Linux 2.4.33.2 kernels, except the huge.s kernel.

After much thought and consultation with developers, it has been decided to
move 2.6.17.x out of /testing and into /extra. It runs stable by all reports,
has better wireless support, and is not going to be stale as soon. In
addition, HIGHMEM4G has been enabled. This caused no problems with my old
486 with 24MB (the one I use for compiling KDE ;-), and Tomas Matejicek has
enabled this in SLAX for a long time with no reports of problems, so I
believe it is a safe option (and is needed by many modern machines).
Thanks again to Andrea for building these kernels and packages. :-)

kernels/huge26.s/*: Upgraded huge26.s kernel to 2.6.17.11.
extra/linux-2.6.17.11/kernel-generic-2.6.17.11-i486-1.tgz:
       Upgraded to Linux 2.6.17.11 generic kernel.
extra/linux-2.6.17.11/kernel-headers-2.6.17.11-i386-1.tgz:
       Upgraded to Linux 2.6.17.11 kernel headers.
extra/linux-2.6.17.11/kernel-modules-2.6.17.11-i486-1.tgz
       Upgraded to Linux 2.6.17.11 kernel modules.
       Load PC speaker support in rc.modules. Thanks to NetrixTardis.
extra/linux-2.6.17.11/kernel-source-2.6.17.11-noarch-1.tgz
       Upgraded to Linux 2.6.17.11 kernel source.

testing/packages/cairo-1.2.4-i486-1.tgz: Added cairo-1.2.4.
testing/packages/fontconfig-2.3.95-i486-1.tgz: Added fontconfig-2.3.95.
testing/packages/php-5.1.5/php-5.1.5-i486-2.tgz: Recompiled against
       libmysqlclient.
+--------------------------+
Tue Aug 22 15:10:35 CDT 2006
a/shadow-4.0.3-i486-13.tgz: Fixed deprecated root:bin ownerships.
       Thanks to Stuart Winter.
a/util-linux-2.12r-i486-3.tgz: Fixed file permissions and ownerships in
       /usr/doc. Thanks to Stuart Winter.
+--------------------------+
Mon Aug 21 14:54:08 CDT 2006
a/udev-097-i486-5.tgz: Fixed check in rc.udev for 2.6.15+ kernel.
       Thanks to Richard Fuller for the fix.
+--------------------------+
Sun Aug 20 23:45:58 CDT 2006
a/gpm-1.20.1-i486-2.tgz: Patched to send all non-critical error messages to
       the system logs rather than to the console.
a/pkgtools-11.0.0-i486-2.tgz: Merged in some more xorgsetup patches from
       Irfan Acar, Daniil Bratashov, and Piter Punk.
a/shadow-4.0.3-i486-12.tgz: Patched for gcc-3.4.x.
       Thanks to Dominik L. Borkowski for the patch.
       Removed spurious id.1.gz manpage. Thanks to Cal Peake.
       Removed obsolete options from the passwd program.
a/sysvinit-2.84-i486-66.tgz: In rc.M, fixed the nohotplug cmdline option.
       Thanks to Eric Hameleers.
       Sleep for a couple seconds after shutting down dhcpcd in rc.6 to allow time
       for various files in /etc to restore themselves. Thanks to Cal Peake.
       Don't try to mount usbfs if it's in /proc/mounts already.
a/tar-1.15.1-i486-2.tgz: Patched to be less strict about the option order.
       Thanks to Jonathan A. Irwin for sending me a patch from Sergey Poznyakoff.
a/udev-097-i486-4.tgz: Changed default udev log level from err to crit.
       Refuse to run udev unless the kernel is 2.6.15+. Thanks to Sean Donner.
a/util-linux-2.12r-i486-2.tgz: Added schedutils-1.5.0 which is apparently due
       to be merged into util-linux upstream sometime soon anyway.
       Thanks to Jonathan Woithe for the suggestion.
ap/diffutils-2.8.1-i486-2.tgz: Patched a bug in sdiff.
       Thanks to James Michael Fultz for the patch and improved build script.
ap/vim-7.0.063-i486-1.tgz: Upgraded to vim 7.0.063.
       Removed unpopular libruby dependency. :-)
e/emacs-21.4a-i486-3.tgz: Avoid a package file overlap between Emacs ctags and
       Exuberant Ctags. Thanks to Michal Kowalski for pointing it out.
kde/kdebase-3.5.4-i486-5.tgz: Added /opt/kde/share/kdeglobals to set the Vera
       fonts with anti-aliasing enabled as the defaults.
xap/seamonkey-1.0.4-i486-2.tgz: Added /usr/lib/seamonkey ->
       /usr/lib/seamonkey-1.0.4 symlink. Thanks to Tsomi.
xap/vim-gvim-7.0.063-i486-1.tgz: Upgraded to vim 7.0.063.
       Removed unpopular libruby dependency. :-)
extra/checkinstall/checkinstall-1.6.0-i486-2.tgz: Fixed 640 perms on FAQ.
       Thanks to Michael Iatrou.
rootdisks/pcmcia.dsk,isolinux/pcmcia.dsk: Added ide-cs module.
       Requested by Zack Smith.
+--------------------------+
Sat Aug 19 23:58:27 CDT 2006
This is mostly frozen now unless bugs (or irresistible upgrades) come up, so
I'll call this update Slackware 11.0 release candidate 2. :-)
a/kernel-ide-2.4.33-i486-2.tgz:
       Switched to the sata.i kernel which supports both parallel and serial ATA.
a/kernel-modules-2.4.33-i486-2.tgz: Recompiled.
       Upgraded to Linux 2.4.33 kernel modules.
d/pkgconfig-0.21-i486-1.tgz: Upgraded to pkg-config-0.21.
       Set the PKG_CONFIG_PATH to search in /usr/local/lib/pkgconfig and
       /opt/kde/lib/pkgconfig, too. Thanks, Seb!
d/kernel-headers-2.4.33-i386-2.tgz: Rebuilt.
k/kernel-source-2.4.33-noarch-2.tgz:
       Updated the default .config to include SATA support.
       Oh, and yes I did see 2.4.33.1. Thanks for letting me know ;-), but that
       kernel does not seem to be booting here so I'll stick with 2.4.33 for now.
l/alsa-driver-1.0.11_2.4.33-i486-2.tgz: Recompiled.
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.4.33.
bootdisks/sata.i: Rebuilt.
bootdisks/speakup.s: Added SATA support.
kernels/huge26.s/*: Recompiled.
kernels/sata.i/*: Recompiled.
kernels/speakup.s/*: Added SATA support.
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.17.9.
To be consistent, bumped the build number on all of the 2.6.16.27 packages to -5.
extra/linux-2.6.16.27/alsa-driver-1.0.11_2.6.16.27-i486-5.tgz:
       Recompiled.
extra/linux-2.6.16.27/kernel-generic-2.6.16.27-i486-5.tgz:
       Recompiled.
extra/linux-2.6.16.27/kernel-headers-2.6.16.27-i386-5.tgz:
       Rebuilt.
extra/linux-2.6.16.27/kernel-modules-2.6.16.27-i486-5.tgz:
       Enabled CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK option so that
       Piotr Wierzchowski's Thinkpad will run cooler and use less power. :-)
extra/linux-2.6.16.27/kernel-source-2.6.16.27-noarch-5.tgz:
       Rebuilt with CONFIG_X86_SPEEDSTEP_RELAXED_CAP_CHECK=y in .config.
extra/slackpkg/slackpkg-2.08-noarch-2.tgz: Upgraded to slackpkg-2.08-noarch-2.
       Thanks to Piter Punk.
testing/packages/linux-2.6.17.9/kernel-generic-2.6.17.9-i486-1.tgz:
       Upgraded to Linux 2.6.17.9 generic kernel.
testing/packages/linux-2.6.17.9/kernel-headers-2.6.17.9-i386-1.tgz:
       Upgraded to Linux 2.6.17.9 kernel headers.
testing/packages/linux-2.6.17.9/kernel-modules-2.6.17.9-i486-1.tgz
       Upgraded to Linux 2.6.17.9 kernel modules.
testing/packages/linux-2.6.17.9/kernel-source-2.6.17.9-noarch-1.tgz
       Upgraded to Linux 2.6.17.9 kernel source.
       Thanks to Andrea for building the 2.6.17.9 kernels.
rootdisks/install.1: Updated. Thanks to Cal Peake for the idea about how to
       improve the setup of swap partitions.
       Updated most of the binaries on the installer, but not busybox. It seems
       to be working fine, and the idea of messing with it now scares me. ;-)
rootdisks/install.2: Updated.
rootdisks/install.zip: Updated.
rootdisks/network.dsk: Fixed to probe for tg3 cards.
       Thanks to Eric Hameleers and Bruce Hill, Jr.
       Fixed module probing to work with 2.6 modules. Thanks to Piter Punk.
+--------------------------+
Fri Aug 18 00:20:46 CDT 2006
a/aaa_elflibs-11.0.0-i486-8.tgz: Upgraded to the mm-1.4.2 library, patched
       libtiff, upgraded to pcre-6.7 libraries, and included the recompiled
       cups-1.1.23 and slang libraries.
a/cups-1.1.23-i486-4.tgz: Fixed broken es and fr man page symlinks.
d/git-1.4.2-i486-1.tgz: Upgraded to git-1.4.2.
kde/kdenetwork-3.5.4-i486-2.tgz: Patched a bug in kopete that could freeze
       KDE under certain circumstances. Thanks to JaguarWan and Olivier Goffart.
l/libtiff-3.8.2-i486-2.tgz: Patched vulnerabilities in libtiff which were
       found by Tavis Ormandy of the Google Security Team. These issues could
       be used to crash programs linked to libtiff or possibly to execute code
       as the program's user. A low risk command-line overflow in tiffsplit was
       also patched.
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465
       (* Security fix *)
l/mm-1.4.2-i486-1.tgz: Upgraded to mm-1.4.2.
l/pcre-6.7-i486-1.tgz: Upgraded to pcre-6.7.
l/slang-2.0.6-i486-2.tgz: Fixed uncompressed manpage.
n/php-4.4.4-i486-1.tgz: Upgraded to php-4.4.4.
       Some of the security issues fixed in this release include:
       * Added missing safe_mode/open_basedir checks inside the error_log(),
       file_exists(), imap_open() and imap_reopen() functions.
       * Fixed possible open_basedir/safe_mode bypass in cURL extension.
       * Fixed a buffer overflow inside sscanf() function.
       (* Security fix *)
testing/packages/cups-1.2.2/cups-1.2.2-i486-2.tgz:
       Removed /usr/man/man8/disable.8.gz symlink.
testing/packages/php-5.1.5/php-5.1.5-i486-1.tgz:
       Upgraded to php-5.1.5.
       Some of the security issues fixed in this release include:
       * Added missing safe_mode/open_basedir checks inside the error_log(),
       file_exists(), imap_open() and imap_reopen() functions.
       * Fixed possible open_basedir/safe_mode bypass in cURL extension and on
       PHP 5 with realpath cache.
       * Fixed a buffer overflow inside sscanf() function.
       (* Security fix *)
kernels/sata.i/: Recompiled with Silicon Image PATA support. (there was
       a conflict before with this and the Sil SATA driver but it was fixed)
+--------------------------+
Wed Aug 16 19:11:39 CDT 2006
a/aaa_base-11.0.0-noarch-1.tgz: Added /usr/share/info -> ../info symlink.
       Bumped /etc/slackware-version number to 11.0.0.
       Changed version number (but little else yet) in initial email.
a/hotplug-2004_09_23-noarch-10.tgz: Corrected typo in rc.hotplug.
       Thanks to Willy Sudiarto Raharjo.
a/pcmcia-cs-3.2.8-i486-3.tgz: Commented out line in config.opts for old
       Webgear wireless card.
       chmod 644 /etc/pcmcia/*.opts.
a/pcmciautils-014-i486-2.tgz: Commented out line in config.opts for old
       Webgear wireless card.
       Moved man pages to /usr/man/man8, compressed with gzip.
a/sysvinit-2.84-i486-65.tgz: Don't run /lib/udev/rc.optical-symlinks in a
       login shell, since the bug that required that kludge is now fixed.
a/udev-097-i486-3.tgz: Patched rc.optical-symlinks to be locale friendly.
       Thanks to everyone who reported the bug, and to Michiel Broek and
       Eric Hameleers for sending in patches.
       Updated comments and removed obsolete options in udev.conf.
       Thanks to Jakub Jankowski.
       Removed /dev/loop0 and /dev/rtc from udev-script-devices.tar.gz.
l/gd-2.0.33-i486-1.tgz: Added gd-2.0.33.
       Suggested by Cal Peake.
l/libidn-0.6.5-i486-1.tgz: Upgraded to libidn-0.6.5.
       Suggested by Piotr Simon.
n/nfs-utils-1.0.10-i486-2.tgz: On 2.6.x kernels, mount nfsd in rc.nfsd.
       Thanks to Piter Punk, Leonardo Roman, and George Iosif for the suggestion.
n/wireless-tools-28-i486-3.tgz: Fixed rc.wireless which contained a few ^M
       that broke it. I think I did this saving the patch with my mailer -- sorry
       about that.
xap/gnuplot-4.0.0-i486-2.tgz: Recompiled against new gd-2.0.33 package.
       Thanks to Michael Iatrou for the suggestion.
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.33-i486-1.tgz: Recompiled
       kernel modules for Linux 2.4.33.
+--------------------------+
Tue Aug 15 21:45:53 CDT 2006
a/genpower-1.0.5-i486-1.tgz: Upgraded to genpower-1.0.5.
       Thanks to Bernd Noessler for letting me know about this -- freshmeat.net
       still points to a much older version of genpower.
a/less-394-i486-1.tgz: Upgraded to less-394. Thanks to Haakon Riiser for
       suggesting this and confirming that less-394 is an official stable release.
       Added RAR support to lesspipe.sh. Thanks to Manolis Tzanidakis.
a/sysvinit-2.84-i486-64.tgz: In rc.M, check better for udev before running
       rc.optical-symlinks, and run the script in a login shell which might fix the
       error "-bash: let: expression expected" that some people have reported.
       Thanks to Michiel Broek for the hint about using a login shell.
ap/mt-st-0.9b-i486-1.tgz: Upgraded to mt-st-0.9b.
       Thanks to Stuart Winter.
d/git-1.4.1.1-i486-2.tgz: Replaced hard links with symbolic links, since
       Stuart Winter hates hard links. (I hope he doesn't find the other ones! ;-)
       Thanks to Stuart Winter for the patch.
kde/kdebase-3.5.4-i486-4.tgz: Patched a bug in ksystraycmd.
       Thanks to Dirk Mueller for the patch.
n/wireless-tools-28-i486-2.tgz: Patched rc.wireless for ESSIDs with spaces.
       Thanks to Bruneel Michaël and Eric Hameleers.
xap/imagemagick-6.2.8_8-i486-2.tgz: Reverted to ImageMagick-6.2.8-8 since
       the "display" program in ImageMagick-6.2.9-0 crashes.
       Thanks to Tomasz Luczak for the bug report.
+--------------------------+
Tue Aug 15 01:20:55 CDT 2006
a/devs-2.3.1-noarch-24.tgz: Added udev-style /dev/md/* devices to save people
       who boot between 2.4.x and 2.6.x kernels some trouble.
       Thanks to Mircea Baciu for pointing out this possibility.
       Note: Upgrading the devs package while running udev will NOT work.
a/sysvinit-2.84-i486-63.tgz: Patched rc.4 to check both /usr/bin and /usr/sbin
       for gdm. Thanks to Scott J. Harmon.
       Added a warning in rc.S that if you make an rc.modules.local that the other
       rc.modules script(s) will not be run.
       Don't try to start udev if sysfs and tmpfs are not in the kernel.
       Use grep '-q' option instead of '> /dev/null' in many places.
a/udev-097-i486-2.tgz: Don't run rc.udev if tmpfs is not in the kernel.
       Thanks to Gunnar Florus Johansen.
ap/sysstat-7.0.0-i486-1.tgz: Added sysstat-7.0.0.
       Suggested by grk wng and Jesper Juhl.
n/iproute2-2.6.16_060323-i486-1.tgz: Upgraded to iproute2-2.6.16-060323.
n/nfs-utils-1.0.10-i486-1.tgz: Upgraded to nfs-utils-1.0.10.
t/xfig-3.2.4-i486-1.tgz: Upgraded to xfig-3.2.4.
       Thanks to Daniil Bratashov for the initial SlackBuild script.
xap/gimp-2.2.12-i486-3.tgz: Fixed icon path in gimp-2.2.desktop.
       Thanks to Nikos Skalkotos for the bug report.
xap/imagemagick-6.2.9_0-i486-1.tgz: Upgraded to imagemagick-6.2.9-0.
extra/slackpkg/slackpkg-2.07-noarch-5.tgz: Upgraded to slackpkg-2.07-noarch-5.
       Thanks to Piter Punk.
+--------------------------+
Mon Aug 14 02:23:30 CDT 2006
There are still a few changes yet to happen, but let's call this
       Slackware 11.0 release candidate 1. :-)
a/glibc-solibs-2.3.6-i486-4.tgz: Recompiled.
a/glibc-zoneinfo-2.3.6-noarch-4.tgz: Updated to tzcode2006i and tzdata2006g.
a/kernel-ide-2.4.33-i486-1.tgz: Upgraded to Linux 2.4.33 bare.i kernel.
a/kernel-modules-2.4.33-i486-1.tgz: Upgraded to Linux 2.4.33 kernel modules.
a/udev-097-i486-1.tgz: Upgraded to udev-097.
       Updated the rc.optical-symlinks script.
       Added locking to cdrom-symlinks.sh and nethelper.sh scripts to avoid race
       conditions at boot time. Thanks to Piter Punk.
       Fixed bugs in rc.udev where the script attempts to mount devpts and usbfs
       even if they are already mounted. Thanks to Gunnar Florus Johansen.
d/kernel-headers-2.4.33-i386-1.tgz: Upgraded to Linux 2.4.33 kernel headers.
k/kernel-source-2.4.33-noarch-1.tgz: Upgraded to Linux 2.4.33 kernel source.
l/alsa-driver-1.0.11_2.4.33-i486-1.tgz: Upgraded to alsa-driver compiled
       for Linux 2.4.33.
l/glibc-2.3.6-i486-4.tgz: Recompiled against Linux 2.4.33 and 2.6.16.27
       kernel headers.
l/glibc-i18n-2.3.6-noarch-4.tgz: Rebuilt.
l/glibc-profile-2.3.6-i486-4.tgz: Recompiled.
l/jre-1_5_0_08-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
       Runtime Environment Version 5.0, Release 8.
n/tcpip-0.17-i486-38.tgz: Upgraded to ethtool-4.
       Upgraded to tftp-0.42.
       Relinked /bin/ftp with correct libreadline. Thanks to Udo A. Steinberg.
extra/jdk-1.5.0_08/jdk-1_5_0_08-i586-1.tgz: Upgraded to Java(TM) 2
       Platform Standard Edition Development Kit Version 5.0, Release 8.
bootdisks/*: Upgraded to Linux 2.4.33 kernels.
isolinux/initrd.img: Upgraded USB/IEEE1394 modules to Linux 2.4.33.
isolinux/network.dsk: Upgraded network modules to Linux 2.4.33.
isolinux/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.33.
kernels/*: Upgraded 2.4.x kernels to Linux 2.4.33 kernels.
rootdisks/install.1: Upgraded USB/IEEE1394 modules to Linux 2.4.33.
rootdisks/install.2: Upgraded USB/IEEE1394 modules to Linux 2.4.33.
rootdisks/install.zip: Upgraded USB/IEEE1394 modules to Linux 2.4.33.
rootdisks/network.dsk: Upgraded network modules to Linux 2.4.33.
rootdisks/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.33.
+--------------------------+
Sat Aug 12 01:14:17 CDT 2006
a/hotplug-2004_09_23-noarch-9.tgz: Skip rc.hotplug if a new enough udev
       is running on a 2.6 kernel. No wonder the boot time didn't seem faster! :-)
a/sysvinit-2.84-i486-62.tgz: If udev hasn't made /dev/cdrom and other symlinks,
       call a script from rc.M to make them.
       Added support to rc.K and rc.6 for an /etc/rc.d/rc.local_shutdown script.
       Thanks to Robert Boucher for the idea.
       Rob McGee and others have made similar requests before... thanks to all!
a/udev-096-i486-4.tgz: Generate network card naming rules in
       /etc/udev/rules.d/network-devices.rules, but comment them out. I think
       these additions are not quite reliable enough in all cases to be the default
       for the Slackware 11 release (of course, you have udev occasionally detecting
       multiple network cards in a different order, and so on some router machines
       these rules will be needed). Or, you could run a 2.4.x kernel. ;-)
       If your system is naming network devices strangely you should delete your
       existing /etc/udev/rules.d/network-devices.rules and reboot. If that doesn't
       do the trick you'll probably need to edit the file.
       Instead of having udev make the CD/DVD symlinks, have a new script called
       /lib/udev/rc.optical-symlinks do it. If you'd rather use Piter Punk's method
       (which works better for hotplugging USB optical drives, for example), then
       just comment/uncomment the appropriate rules in /etc/udev/rules.d/udev.rules.
n/whois-4.7.15-i486-1.tgz: Upgraded to whois-4.7.15.
       Thanks to Gianluca Varisco for pointing out the new release.
xap/gimp-2.2.12-i486-2.tgz: Fixed broken gimptool man page symlink.
+--------------------------+
Fri Aug 11 03:18:18 CDT 2006
a/aaa_elflibs-11.0.0-i486-7.tgz: Fixed libmm perms and location.
       Thanks to Fred Emmott.
       Upgraded libmm to 1.4.1.
       Reverted to CUPS libraries from 1.1.23.
a/cups-1.1.23-i486-3.tgz: Reverted to cups-1.1.23 due to some applications
       needing time to adjust to no longer having access to the private CUPS
       functions. ;-) See below for more info.
a/etc-5.1-noarch-13.tgz: Upgraded /etc/services to include IPP (for CUPS) and
       other new services. Thanks to Christophe Legras for reminding me to upgrade
       this file, and to Two Beans for mailing me a more recent copy.
l/hicolor-icon-theme-0.9-noarch-2.tgz: Fixed slack-desc typo.
       Reported by Willy Sudiarto Raharjo.
l/mm-1.4.1-i486-1.tgz: Upgraded to mm-1.4.1.
       Looks like libmm was split out of the Apache package just in time. ;-)
n/samba-3.0.23b-i486-2.tgz: Recompiled against CUPS 1.1.23.
n/sendmail-8.13.8-i486-2.tgz: Recompiled with DBROKEN_PTHREAD_SLEEP defined
       in site.config.m4, which fixes a problem with libmilter.a that can cause
       sendmail milters to be unstable. Thanks to Jan Rafaj for reporting this
       bug, the fix, and for testing the problem so throughly.
n/sendmail-cf-8.13.8-noarch-2.tgz: Rebuilt.
n/tcpip-0.17-i486-37.tgz: Removed redundant copy of /etc/services.
testing/packages/cups-1.2.2/cups-1.2.2-i486-1.tgz: It seems as if KDE might
       still not be 100% ready for CUPS 1.2.x, so we're going to move this into
       /testing again for the release, but by all means use it if it works for you.
       It did mostly work here, but the problems with using it with KDE are also
       reproducable. Thanks to Thomas Hanslík for the information. Anyway, I had
       my suspicions that *something* was going to have linked with private CUPS
       functions or that this might break something in some way, but I also knew
       this package would get better testing in slackware/a than in /testing. :-)
       So, now we know that it's probably safer to wait on cups-1.2.x.
       Thomas also mentioned a workaround -- editing cupsd.conf to comment
       out this line:
       # Listen /var/run/cups/cups.sock
+--------------------------+
Thu Aug 10 02:07:10 CDT 2006
a/aaa_elflibs-11.0.0-i486-6.tgz: Added libmm.
a/pkgtools-11.0.0-i486-1.tgz: Fixed xwmconfig to only recommend installed
       window managers. Thanks to Leandro Toledo.
Merged in patches for xorgsetup to support choosing a keyboard model, layout,
       variant, and even automatically configuring a mouse scroll wheel! :-)
       Thanks to Ismael Cortes for the patches.
l/gnome-icon-theme-2.14.2-noarch-1.tgz: Added gnome-icon-theme-2.14.2. It
       seems that GTK+ applications such as Thunderbird use these, not just GNOME.
l/gtk+2-2.8.20-i486-1.tgz: Upgraded to gtk+-2.8.20.
l/hicolor-icon-theme-0.9-noarch-1.tgz: Added hicolor-icon-theme-0.9.
l/mm-1.4.0-i486-1.tgz: Moved mm library out of the Apache package so that apps
       such as the standalone PHP interpreter can use it without installing Apache.
       Thanks to Robert Easter for the suggestion.
l/shared-mime-info-0.18-i486-1.tgz: Upgraded to shared-mime-info-0.18.
n/apache-1.3.37-i486-2.tgz: Removed mm-1.4.0 from the build directory and
       recompiled against the system mm package. This now depends on having the
       mm package from the L series installed.
n/lftp-3.5.4-i486-1.tgz: Upgraded to lftp-3.5.4.
n/sendmail-8.13.8-i486-1.tgz: Upgraded to sendmail-8.13.8.
       That's what I get for trying to patch 8.13.7 myself last night. ;-)
n/sendmail-cf-8.13.8-noarch-1.tgz: Upgraded to sendmail-8.13.8 configs.
x/x11-6.9.0-i486-8.tgz: More updates to the i945gm chipset support.
       Thanks to Sergio A. Reyes-Peniche.
x/x11-devel-6.9.0-i486-8.tgz: Recompiled and removed fontconfig manpages.
x/x11-xdmx-6.9.0-i486-8.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-8.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-8.tgz: Recompiled.
xap/sane-1.0.18-i486-2.tgz: Added /etc/udev/rules.d/libsane.rules.
       Thanks to David Somero for pointing out this file.
isolinux/initrd.img: Merged in many installer patches from Stuart Winter.
pasture/: Some cleanup...
rootdisks/install.1: Rebuilt with installer patches.
rootdisks/install.2: Rebuilt with installer patches.
rootdisks/install.zip: Rebuilt with installer patches.
rootdisks/network.dsk: Rebuilt with gcc-3.4.6 compiled modules.
rootdisks/pcmcia.dsk: Rebuilt with gcc-3.4.6 compiled modules.
testing/packages/php-5.1.4/php-5.1.4-i486-3.tgz: Recompiled with freetype.
       Fixed FastCGI by removing --enable-discard-path from CGI version.
       Added pdo_sqlite.so and sqlite.so modules.
+--------------------------+
Wed Aug 9 00:25:53 CDT 2006
a/aaa_elflibs-11.0.0-i486-5.tgz: Added new CUPS libraries.
a/cups-1.2.2-i486-1.tgz: Upgraded to cups-1.2.2.
a/hdparm-6.6-i486-1.tgz: Upgraded to hdparm-6.6.
       Suggested by Janusz Dziemidowicz.
a/udev-096-i486-3.tgz: In /etc/modprobe.d/blacklist, change module name from
       i810_tco to i8xx_tco. Thanks to Janusz Dziemidowicz.
       Piter Punk also wants me to remind everyone that this udev package requires
       a 2.6.15+ kernel or it will not work. ;-)
ap/mc-4.6.1-i486-2.tgz: Fixed PHP syntax highlighting.
       Thanks to Georgi Chorbadzhiyski for the patch.
n/samba-3.0.23b-i486-1.tgz: Upgraded to samba-3.0.23b.
n/sendmail-8.13.7-i486-2.tgz: Applied two errata patches from sendmail.org.
       Thanks to Gerardo Exequiel Pozzi for pointing out these patches.
n/sendmail-cf-8.13.7-noarch-2.tgz: Rebuilt.
x/x11-6.9.0-i486-7.tgz: More updates to the i945gm chipset support.
       Thanks to Raphaël Prevost for the updated patch.
x/x11-devel-6.9.0-i486-7.tgz: Recompiled.
x/x11-xdmx-6.9.0-i486-7.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-7.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-7.tgz: Recompiled.
+--------------------------+
Tue Aug 8 00:55:52 CDT 2006
a/aaa_elflibs-11.0.0-i486-4.tgz: Added new version of libcurl.
a/etc-5.1-noarch-12.tgz: Patched /etc/profile and /etc/csh.login to fix a bug
       where changing to another user with "su - someuser" would produce an error
       message such as "/dev/pts/2: Operation not permitted".
       Thanks to Menno Duursma for the fix.
a/findutils-4.2.28-i486-1.tgz: Upgraded to findutils-4.2.28.
a/gawk-3.1.5-i486-3.tgz: Patched a fieldwidths bug.
       Thanks to Fabiano Caixeta Duarte for a pointer to the patch.
a/lilo-22.7.1-i486-2.tgz: Fixed a typo in liloconfig where installing to the
       MBR was mentioned twice. Thanks to Keith McGavin for pointing this out.
a/udev-096-i486-2.tgz: Added the psmouse module to /etc/modprobe.d/blacklist
       so that /etc/rc.d/rc.modules can load it using the option "proto=imps".
       This change restores the mouse options used in Slackware 10.2. At least on
       my machine, the default module options render the mouse completely unusable,
       but feel free to remove the module from the blacklist or configure rc.modules
       to your liking if this is not the ideal default for your machine.
ap/mdadm-2.5.3-i486-1.tgz: Upgraded to mdadm-2.5.3.
       Thanks to James W. Laferriere and Gianluca Varisco for pointing this out.
kde/kdebase-3.5.4-i486-3.tgz: Patched a bug involving external taskbars that
       expand as required to fit contents. Thanks to Dirk Mueller for the patch.
n/curl-7.15.5-i486-1.tgz: Upgraded to curl-7.15.5.
       Thanks to Gianluca Varisco for suggesting this upgrade.
n/dnsmasq-2.33-i486-1.tgz: Upgraded to dnsmasq-2.33.
       Thanks to Gianluca Varisco for suggesting this upgrade.
n/ncftp-3.2.0-i486-2.tgz: Fixed permissions in /usr/bin.
       Thanks to many who noticed this mistake. ;-)
n/ntp-4.2.2p3-i486-1.tgz: Upgraded to ntp-4.2.2p3.
       Thanks to James W. Laferriere for suggesting this upgrade.
x/x11-6.9.0-i486-6.tgz: Added support for newer revisions of the
       i945gm chipset. Thanks to Raphaël Prevost for the patch.
x/x11-devel-6.9.0-i486-6.tgz: Recompiled.
x/x11-xdmx-6.9.0-i486-6.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-6.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-6.tgz: Recompiled.
There are a few reports that the newest udev is not friendly to some systems.
Well, that's progress for you -- it isn't always a smooth journey. In most
cases the problems I've heard about could be fixed with a little bit of fine
tuning, such as blacklisting unwanted modules in /etc/modprobe.d/blacklist
and loading the desired replacements in /etc/rc.d/rc.modules. However, in
case either of these older versions of udev worked better for you, they'll
be kept in /extra for a while as alternates. Be aware that new kernels will
soon require the latest udev, though...
extra/udev-alternate-versions/udev-064-i486-2.tgz: Added alternate udev-064.
extra/udev-alternate-versions/udev-071-i486-2.tgz: Added alternate udev-071.
testing/packages/linux-2.6.17.8/kernel-generic-2.6.17.8-i486-1.tgz:
       Upgraded to Linux 2.6.17.8 generic kernel.
testing/packages/linux-2.6.17.8/kernel-headers-2.6.17.8-i386-1.tgz:
       Upgraded to Linux 2.6.17.8 kernel headers.
testing/packages/linux-2.6.17.8/kernel-modules-2.6.17.8-i486-1.tgz
       Upgraded to Linux 2.6.17.8 kernel modules.
testing/packages/linux-2.6.17.8/kernel-source-2.6.17.8-noarch-1.tgz
       Upgraded to Linux 2.6.17.8 kernel source.
       Thanks again to Andrea Volkerding for building the 2.6.17.8 kernels.
+--------------------------+
Mon Aug 7 01:43:38 CDT 2006
a/pcmciautils-014-i486-1.tgz: Added pcmciautils-014, needed to configure PC
       cards on systems running 2.6.x kernels.
a/sysfsutils-2.0.0-i486-2.tgz: Added missing libsysfs.so symlink.
a/sysvinit-2.84-i486-61.tgz: Merged Piter Punk's changes for the new udev.
       Please make sure to move all the .new files in /etc/rc.d/ into place for
       this to work correctly!
a/udev-096-i486-1.tgz: Upgraded to udev-096.
       Thanks to Piter Punk for his great work to get this just exactly perfect.
a/grep-2.5-i486-3.tgz: Improved build script and rebuilt. I considered using
       grep-2.5.1a, but found some problem reports concerning it and decided such
       an upgrade would be best left for the next -current. There have been no
       bug reports here concerning grep-2.5, so I see no reason to fix that which
       does not appear to be broken. It's more important to have a known to be
       stable grep than it is to have the latest version, IMHO.
a/pciutils-2.2.3-i486-2.tgz: Fixed missing pci/types.h header file.
       Thanks to Konrad Rzepecki.
ap/man-pages-2.39-noarch-1.tgz: Upgraded to man-pages-2.39.
n/lftp-3.5.3-i486-1.tgz: Upgraded to lftp-3.5.3.
n/ncftp-3.2.0-i486-1.tgz: Upgraded to ncftp-3.2.0.
n/popa3d-1.0.2-i486-1.tgz: Upgraded to popa3d-1.0.2.
n/vsftpd-2.0.5-i486-1.tgz: Upgraded to vsftpd-2.0.5.
xap/imagemagick-6.2.8_8-i486-1.tgz: Upgraded to ImageMagick-6.2.8-8.
xap/sane-1.0.18-i486-1.tgz: Upgraded to sane-backends-1.0.18.
extra/grub/grub-0.97-i486-2.tgz: Upgraded to grubconfig-1.28.
+--------------------------+
Sat Aug 5 23:22:13 CDT 2006
a/usbutils-0.72-i486-1.tgz: Upgraded to usbutils-0.72, patched to add
       back usbmodules since hotplug will need it for as long as the 2.4.x
       kernel is supported.
ap/mdadm-2.5.2-i486-1.tgz: Upgraded to mdadm-2.5.2.
ap/mysql-5.0.24-i486-1.tgz: Upgraded to mysql-5.0.24.
       Suggested by Willy Sudiarto Raharjo.
l/lesstif-0.95.0-i486-1.tgz: Upgraded to lesstif-0.95.0.
       Suggested by Rene Huber.
xap/xpdf-3.01-i486-4.tgz: Fixed a window resizing bug.
       Thanks to Luis for the patch.
+--------------------------+
Sat Aug 5 00:42:09 CDT 2006
a/aaa_elflibs-11.0.0-i486-3.tgz: Added new versions of libattr and libacl.
       Added lib/libsysfs.so.2.0.0.
a/acl-2.2.39_1-i486-1.tgz: Upgraded to acl-2.2.39-1.
a/attr-2.4.32_1-i486-1.tgz: Upgraded to attr-2.4.32-1.
a/pciutils-2.2.3-i486-1.tgz: Upgraded to pciutils-2.2.3.
       Thanks to Eric Hameleers for the encouragement. :-)
a/pcmcia-cs-3.2.8-i486-2.tgz: Patched /etc/rc.d/rc.pcmcia to work with either
       pcmcia-cs or pcmciautils.
a/sysfsutils-2.0.0-i486-1.tgz: Added sysfsutils-2.0.0.
       Thanks to Piter Punk.
a/xfsprogs-2.8.10_1-i486-1.tgz: Upgraded to xfsprogs-2.8.10-1.
       Thanks to Marco Berizzi for pointing out the new XFS programs.
ap/alsa-utils-1.0.11-i486-2.tgz: Fixed uncompressed manpage. Thanks to Seb.
ap/dmapi-2.2.5_1-i486-1.tgz: Upgraded to dmapi-2.2.5-1.
ap/xfsdump-2.2.38_1-i486-1.tgz: Upgraded to xfsdump-2.2.38-1.
kde/kdebase-3.5.4-i486-2.tgz: Patched to fix video redirects in Konqueror.
       Thanks to Frédéric L. W. Meunier for the bug report and patch link.
l/freetype-2.1.9-i486-1.tgz: Moved from the X to the L series.
       This makes more sense because freetype does not depend on any X11 libraries,
       and because PHP has now been built linked to libfreetype.
l/libusb-0.1.12-i486-1.tgz: Upgraded to libusb-0.1.12.
       Thanks to Gunnar Florus Johansen and CJ Johnson for the recommendation.
n/links-2.1pre23-i486-1.tgz: Upgraded to links-2.1pre23.
n/php-4.4.3-i486-1.tgz: Upgraded to php-4.4.3.
       From the announcement of the release:
       The security issues resolved include the following:
       * Disallow certain characters in session names.
       * Fixed a buffer overflow inside the wordwrap() function.
       * Prevent jumps to parent directory via the 2nd parameter of the
       tempnam() function.
       * Improved safe_mode check for the error_log() function.
       * Fixed cross-site scripting inside the phpinfo() function.
       The PHP 4.4.3 release announcement may be found on their web site:
       http://www.php.net
       NOTE: Slackware's PHP package now requires the freetype library.
       (* Security fix *)
xap/xchat-2.6.6-i486-2.tgz: Patched to fix Finnish translation errors.
       Thanks to C Johnson for pointing out that there was a new official patch.
extra/linux-2.6.16.27/kernel-modules-2.6.16.27-i486-4.tgz:
       Fixed 2.4 kernel detection for loading the apm module.
testing/packages/linux-2.6.17.7/kernel-modules-2.6.17.7-i486-3.tgz:
       Fixed 2.4 kernel detection for loading the apm module.
+--------------------------+
Fri Aug 4 02:36:54 CDT 2006
xap/mozilla-firefox-1.5.0.6-i686-1.tgz: Upgraded to firefox-1.5.0.6.
xap/seamonkey-1.0.4-i486-1.tgz: Upgraded to seamonkey-1.0.4.
+--------------------------+
Thu Aug 3 01:26:43 CDT 2006
a/gettext-0.15-i486-1.tgz: Upgraded to gettext-0.15.
       Thanks to steveo for noticing that this was missing from the ChangeLog.
a/lilo-22.7.1-i486-1.tgz: Reverted to lilo-22.7.1 after reports from Aaron Lee
       and Philip Langdale that versions 22.7.2+ skip the boot menu on some machines.
a/sysvinit-2.84-i486-60.tgz: Fixed rc.S to use /etc/rc.d/rc.modules.local
       properly. Bug reported by Dieter Rauschenberger, Ricardo García, and Luis.
       Use "/bin/sh" not "." to start rc.modules.local in case someone uses "exit".
       Merged more LVM changes from Cal Peake in rc.S and rc.M, including removing
       many uses of "sleep", so if anyone needed those let me know.
ap/at-3.1.10-i486-1.tgz: Upgraded to at-3.1.10. Added missing at_allow.5
       manpage. Thanks to James Michael Fultz.
ap/cdparanoia-IIIalpha9.8-i486-2.tgz: Patched to compile with gcc-3.4.6, and
       added a batch to the build directory for later that will use the 2.6.x
       kernel's SG_IO ioctl. Thanks to Bradley Reed.
d/gettext-tools-0.15-i486-1.tgz: Upgraded to gettext-tools-0.15.
       Thanks to steveo for noticing that this was missing from the ChangeLog.
l/arts-1.5.4-i486-1.tgz: Upgraded to arts-1.5.4.
kde/*: Upgraded to KDE 3.5.4. I know I told at least a few people that I
       wasn't planning on including this in Slackware 11.0 at the last minute,
       and there have been a couple of patches needed for it already.
       Please test quickly. :-)
kdei/kde-i18n*: Upgraded kde-i18n packages for KDE 3.5.4.
n/dnsmasq-2.32-i486-2.tgz: Rebuilt after build script fixes from Fred Emmott
       (moving the chown -R), and some more from me. Strangely, none of these
       fixes seemed to make any difference in the package that was output,
       but trust me, the build script is much better now. :-)
n/gnupg-1.4.5-i486-1.tgz: Upgraded to gnupg-1.4.5.
       From the gnupg-1.4.5 NEWS file:
       * Fixed 2 more possible memory allocation attacks. They are
       similar to the problem we fixed with 1.4.4. This bug can easily
       be be exploited for a DoS; remote code execution is not entirely
       impossible.
       (* Security fix *)
+--------------------------+
Tue Aug 1 19:04:52 CDT 2006
a/sysvinit-2.84-i486-59.tgz: In rc.S, give first priority to
       "rc.modules.local" if it exists.
       Try to shut down OpenLDAP in rc.6. Thanks to Ricardson Williams.
       Merged some more LVM fixes into rc.6. Thanks to Cal Peake.
d/autoconf-2.60-noarch-1.tgz: Upgraded to autoconf-2.60.
kde/qca-tls-1.0-i486-2.tgz: Use the actual Qt installation path and not the
       /usr/lib/qt symlink or the qca-tls module will be erased if the Qt package
       is installed after this one (as happens in a new installation).
       Thanks to Richard Fuller for the bug report.
extra/checkinstall/checkinstall-1.6.0-i486-1.tgz:
       Upgraded to checkinstall-1.6.0.
testing/packages/lvm2/device-mapper-1.02.08-i486-1.tgz:
       Upgraded to device-mapper.1.02.08.
testing/packages/lvm2/lvm2-2.02.07-i486-1.tgz: Upgraded to LVM2.2.02.07.
+--------------------------+
Tue Aug 1 01:11:11 CDT 2006
a/aaa_elflibs-11.0.0-i486-2.tgz: Added /usr/lib/libslang.so.2.0.6.
a/bin-11.0-i486-3.tgz: Removed /sbin/rescan-scsi-bus, which is better packaged
       along with the /etc/rc.d/rc.scanluns script in the sysvinit package.
a/sysvinit-2.84-i486-58.tgz: Added symlinks for lastb. Make the install
       script create /var/log/btmp if it doesn't already exist.
       Thanks to Menno Duursma, Tomas Matejicek, and Gerardo Exequiel Pozzi.
       Upgraded to the latest rescan-scsi-bus script.
       Thanks to Mircea Baciu for pointing it out.
       Use "tac" to deactivate LVM partitions in reverse order.
       Thanks to Luigi Genoni.
       Make sure usbfs gets mounted if it's in the kernel but hotplug is not used.
       Thanks to Cal Peake.
       If rc.M sees an executable rc.openldap, start it.
       Thanks to Christopher Linnet.
       In rc.scanluns, show the command that's being executed.
ap/jed-0.99_18-i486-3.tgz: Relinked against libslang.so.2.0.6. This does
       seem to be the path of least resistance. :-)
d/subversion-1.3.2-i486-3.tgz: Rebuilt to fix wrong file ownerships in the
       book included in the documentation. Thanks to Philip Lyons.
kde/kdenetwork-3.5.3-i486-3a.tgz: Patched for ICQ protocol changes.
kde/qca-1.0-i486-1.tgz: Added qca-1.0.
kde/qca-tls-1.0-i486-1.tgz: Added qca-tls-1.0. This and the qca package are
       needed to support SSL connections with the Jabber(R) protocol in Kopete.
       Thanks to Eric Hameleers, Markus Stauffer, and "--==HITMAN==--" for
       suggesting the addition of these QCA packages.
l/atk-1.10.3-i486-2.tgz: Fixed slack-desc typo. Thanks to Nick Chorley.
l/slang-2.0.6-i486-1.tgz: Added slang-2.0.6.
l/slang1-1.4.9-i486-1.tgz: Renamed from slang-1.4.9-i486-1.tgz.
n/irssi-0.8.10a-i486-3.tgz: Fixed some strange directory permissions in the
       documentation directory. Thanks to J.
tcl/tcl-8.4.13-i486-2.tgz: Added /usr/include/tcl-private/{generic,unix}
       headers. Thanks to Sergio Luis for recommending this, as there are some
       sources out there that require these header files.
+--------------------------+
Sun Jul 30 19:16:38 CDT 2006
n/samba-3.0.23a-i486-2.tgz: Fixed bad symlink to "using_samba" in the docs.
       Thanks to Valentin Avram and William Hunt for reporting this.
ap/jed-0.99_18-i486-2.tgz: Reverted to isearch.sl from jed-0.99_16.
       The version shipped in 0.99_18 seems to have problems unless jed is linked
       with slang-2, which we're putting off for a little while due to the major
       version bump and to let code that uses slang have a little time to catch up.
       Thanks to Luigi Genoni for the bug report and fix.
       Thanks as well to Petri Kaukasoina who also reported the problem.
ap/mysql-5.0.22-i486-2.tgz: Reverted to MySQL-5.0.22. Evidently MySQL-5.0.23
       was never officially released due to bugs, but made it to the mirror sites
       anyway. Beat Vontobel's web site has some additional information about this:
       http://www.futhark.ch/mysql/148.html
       Thanks very much to Jakub Jankowski telling me the deal about 5.0.23.
ap/vim-7.0.042-i486-2.tgz: Upgraded to ctags-5.6.
       Thanks to Michael Iatrou for pointing out the new ctags.
       Fixed a bug in the build script's patchlevel determination if $CWD contains
       a dot. Thanks to Christophe Legras for the bug report and fix.
xap/vim-gvim-7.0.042-i486-2.tgz: Rebuilt. Fixed a bug in the build script's
       patchlevel determination. Thanks to Christophe Legras.
       Fixed an undefined variable in the vim-gvim build script.
       Thanks to Bryan Germann.
+--------------------------+
Sun Jul 30 01:05:56 CDT 2006
a/devs-2.3.1-noarch-23.tgz: Fixed /dev/usb/scanner* group.
       Thanks to Niels Kristian Bech Jensen.
       Added /dev/fuse device. Thanks to Piter Punk.
       Added /dev/mapper/control device.
a/kernel-modules-2.4.32-i486-5.tgz: Applied a patch to fix the X11 direct
       rendering support for X.Org versions 6.9.0 and newer.
       Thanks to Marin Mitov.
       Specify the kernel version in the install script's depmod.
       Thanks to Piter Punk.
ap/mysql-5.0.23-i486-1.tgz: Upgraded to mysql-5.0.23.
       Suggested by Willy Sudiarto Raharjo.
d/oprofile-0.9.1-i486-2.tgz: Recompiled with gcc-3.4.6.
       Thanks to Sunil Amitkumar Janki for pointing out that this was the last
       package in Slackware still linked to libstdc++.so.5.
d/subversion-1.3.2-i486-2.tgz: Recompiled against the new apr and apr-util
       packages. See below for details.
k/kernel-source-2.4.32-noarch-2.tgz: Applied a patch to fix the X11 direct
       rendering support for X.Org versions 6.9.0 and newer.
       Thanks to Marin Mitov.
l/alsa-driver-1.0.11_2.4.32-i486-3.tgz: Specify the kernel version in the
       install script's depmod. Thanks to Piter Punk.
l/apr-1.2.7-i486-1.tgz: Added apr-1.2.7. This is needed by subversion and
       other projects like Apache2. Thanks to Eugene Crosser for the suggestion
       and detailed rationale behind not using the apr/apr-util in subversion.
l/apr-util-1.2.7-i486-1.tgz: Added apr-util-1.2.7.
       This is needed by subversion and other projects.
n/bind-9.3.2-i486-4.tgz: Recompiled with --enable-threads.
       Thanks to Marin Mitov for the suggestion.
xap/gxine-0.5.7-i486-1.tgz: Upgraded to gxine-0.5.7.
xap/imagemagick-6.2.8_7-i486-1.tgz: Upgraded to ImageMagick-6.2.8-7.
bootdisks/*: Prepped bootdisk version numbers.
extra/linux-2.6.16.27/alsa-driver-1.0.11_2.6.16.27-i486-2.tgz: Specify the
       kernel version in the install script's depmod. Thanks to Piter Punk.
extra/linux-2.6.16.27/kernel-modules-2.6.16.27-i486-3.tgz: Specify the
       kernel version in the install script's depmod. Thanks to Piter Punk.
extra/slackpkg/slackpkg-2.06-noarch-1.tgz: Upgraded to slackpkg-2.06-noarch-1.
       Thanks to Piter Punk.
testing/packages/linux-2.6.17.7/kernel-modules-2.6.17.7-i486-2.tgz: Specify
       the kernel version in the install script's depmod. Thanks to Piter Punk.
+--------------------------+
Fri Jul 28 17:32:54 CDT 2006
n/apache-1.3.37-i486-1.tgz: Upgraded to apache-1.3.37.
       From the announcement on httpd.apache.org:
       This version of Apache is security fix release only. An off-by-one flaw
       exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3
       since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0.
       The Slackware Security Team feels that the vast majority of installations
       will not be configured in a vulnerable way but still suggests upgrading to
       the new apache and mod_ssl packages for maximum security.
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
       And see Apache's announcement here:
       http://www.apache.org/dist/httpd/Announcement1.3.html
       (* Security fix *)
n/mod_ssl-2.8.28_1.3.37-i486-1.tgz: Upgraded to mod_ssl-2.8.28-1.3.37.
+--------------------------+
Fri Jul 28 02:28:10 CDT 2006
a/bin-11.0-i486-2.tgz: Updated rescan-scsi-bus for 2.6 kernel compatibility.
       Upgraded to eject-2.1.5.
+--------------------------+
Thu Jul 27 16:27:57 CDT 2006
n/nmap-4.11-i486-1.tgz: Upgraded to nmap-4.11.
       Suggested by Willy Sudiarto Raharjo.
xap/mozilla-firefox-1.5.0.5-i686-1.tgz: Upgraded to firefox-1.5.0.5.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
xap/mozilla-thunderbird-1.5.0.5-i686-1.tgz: Upgraded to thunderbird-1.5.0.5.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
xap/seamonkey-1.0.3-i486-1.tgz: Upgraded to seamonkey-1.0.3.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
+--------------------------+
Wed Jul 26 20:51:13 CDT 2006
a/aaa_elflibs-11.0.0-i486-1.tgz: Refreshed libraries, added attr and acl.
a/lilo-22.7.2.1-i486-2.tgz: OK, now the patch is actually applied. :-)
       Thanks to arny -- I'm evidently too used to using "zcat" for patches.
a/sysvinit-2.84-i486-57.tgz: Merged the following changes:
       Try to use a kernel specific rc.modules script if one is found.
       Added rc.scanluns to look for devices on non-zero LUNs.
       Shut down sshd in rc.6 so connections don't hang;
       Thanks to Michael Iatrou and Steven Saner for reporting this issue.
       Changed how LVM2 is deactivated in rc.6 (thanks to Cal Peake).
       Previously there were problems since / might have already been remounted as
       read-only before LVM2 was taken down. Now I suspect there could be problems
       if the / is on LVM, so perhaps this is not the optimal solution...
       Umount CIFS filesystems in rc.6 (thanks to Jef Oliver).
       Umount NFS, SMB, and CIFS filesystems in rc.K;
       Thanks to Drew, and to Eric Hameleers for the bug reports.
       Fixed chown root:utmp in rc.S to use ':', not '.' (thanks to Adiel Mittmann).
       Remove saslauthd.pid (if present) in rc.S (thanks to Andy Preston).
       Stop saslauthd properly in rc.6 (thanks to Andy Preston).
       Don't shut down networking in rc.6 if / is on NFS (thanks to Luca Fabbro).
       Add a one second sleep after starting rc.udev. According to Robby Workman
       this is just enough time for some slower devices to activate for mount.
       Load rc.keymap in rc.K (thanks to Ignacio Bermejo).
       Use "respawn" rather than "wait" for runlevel 4 (thanks to Wayne Marshall).
       Don't try to mount sysfs twice in rc.S (thanks to Moo).
d/python-2.4.3-i486-4.tgz: Fixed build script bugs. Thanks to Fred Emmott.
d/ruby-1.8.4-i486-2.tgz: Recompiled with --enable-shared
       and --enable-install-doc. Thanks to Fernando Lujan.
xap/fluxbox-1.0rc2-i486-1.tgz: Upgraded to fluxbox-1.0rc2.
       Thanks to Andrew Brouwers for letting me know about this.
xap/xchat-2.6.6-i486-1.tgz: Upgraded to xchat-2.6.6. Thanks to CJ Johnson.
+--------------------------+
Wed Jul 26 01:55:38 CDT 2006
a/lilo-22.7.2.1-i486-1.tgz: Upgraded to lilo-22.7.2.1.
       Thanks to James W. Laferriere for pointing out the patch.
a/kernel-ide-2.4.32-i486-4.tgz: Fixed gzipped System.map.
a/udev-071-i486-2.tgz: Applied pty patch from Ken Milmore.
       Fixed world writable documentation permissions reported by John Jenkins after
       a discussion about whether that was really the right course of action. ;-)
       Merged IEEE1394 RAW device handling changes from Christian Casteyde.
ap/joe-3.5-i486-1.tgz: Upgraded to joe-3.5.
ap/vim-7.0.042-i486-1.tgz: Upgraded to the latest patchlevel.
       Added many extra features.
       Thanks to Ricardo García for requesting omni completion for
       vim, which got me thinking about all kinds of ways to improve
       this and the (renamed) vim-gvim package. :-)
d/clisp-2.39-i486-1.tgz: Upgraded to clisp-2.39 and libsigsegv-2.4.
d/git-1.4.1.1-i486-1.tgz: Upgraded to git-1.4.1.1.
d/m4-1.4.5-i486-1.tgz: Upgraded to m4-1.4.5.
d/mercurial-0.9.1-i486-1.tgz: Upgraded to mercurial-0.9.1.
d/python-2.4.3-i486-3.tgz: Merged the python, python-demo, and python-tools
       packages, bloating the python package by a whopping 2%!
d/ruby-1.8.4-i486-1.tgz: Added Ruby since Amarok needs it...
kde/amarok-1.4.1-i486-1.tgz: Upgraded to amarok-1.4.1.
kde/kdeaccessibility-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdeaddons-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdeadmin-3.5.3-i486-3.tgz: Recompiled.
kde/kdeartwork-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdebase-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdebindings-3.5.3-i486-3.tgz: Recompiled.
       I wasn't able to get the Ruby binding to compile... sorry.
kde/kdeedu-3.5.3-i486-3.tgz: Recompiled.
kde/kdegames-3.5.3-i486-3.tgz: Recompiled.
kde/kdegraphics-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdelibs-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdemultimedia-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdenetwork-3.5.3-i486-3.tgz: Recompiled.
kde/kdepim-3.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
kde/kdesdk-3.5.3-i486-3.tgz: Recompiled.
kde/kdetoys-3.5.3-i486-3.tgz: Recompiled.
kde/kdeutils-3.5.3-i486-3.tgz: Recompiled.
kde/kdevelop-3.3.3-i486-2.tgz: Recompiled.
kde/kdewebdev-3.5.3-i486-3.tgz: Recompiled.
kde/koffice-1.5.2-i486-2.tgz: Recompiled to use libpng.so.3.
kde/qt-3.3.6-i486-2.tgz: Recompiled with a patch by Lars Knoll to fix
       Arabic scripts.
l/arts-1.5.3-i486-3.tgz: Recompiled to use libpng.so.3.
l/aspell-0.60.4-i486-1.tgz: Upgraded to aspell-0.60.4.
l/libpng-1.2.12-i486-1.tgz: Upgraded to libpng-1.2.12.
       The libpng.so has gone .3 -> .0 -> .3. I'll see what I can do about getting
       everything that's linked to .0 relinked with .3, as that's the major library
       number Slackware 10.2's libpng.so is using. There is a .0 symlink to keep
       any code that was compiled while that was the number working just fine, but
       I will recompile a bunch of things mostly for the sake not using this link.
       It works either way, but I have an OCD about silly things like this. ;-)
l/libwmf-0.2.8.4-i486-2.tgz: Recompiled to use libpng.so.3.
l/libwmf-docs-0.2.8.4-noarch-2.tgz: Rebuilt.
l/libmusicbrainz-2.1.3-i486-1.tgz: Upgraded to libmusicbrainz-2.1.3.
l/sdl-1.2.11-i486-1.tgz: Upgraded to sdl-1.2.11.
       Thanks to Jesper Juhl for the heads-up.
l/libtunepimp-0.4.2-i486-2.tgz: Patched an overflow (CVE-2006-3600).
       Yes, there is libtunepimp-0.5.0. Probably less supported by the existing
       codebase, and certainly not tested for as long. We will wait for the next
       cycle on that, especially as it requires a couple of new dependencies.
       (* Security fix *)
       (-current only)
n/dhcpcd-2.0.4-i486-2.tgz: Patched to move the pid/config directory back to
       /etc/dhcpc, since /var may not yet be mounted when dhcpcd is started.
       Issue noted by John Jenkins.
n/links-2.1pre22-i486-2.tgz: Recompiled to use libpng.so.3.
n/mutt-1.4.2.2i-i486-1.tgz: Upgraded to mutt-1.4.2.2i.
       This release fixes CVE-2006-3242, a buffer overflow that could be triggered
       by a malicious IMAP server.
       [Connecting to malicious IMAP servers must be common, right? -- Ed.]
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
       (* Security fix *)
n/nfs-utils-1.0.9-i486-1.tgz: Upgraded to nfs-utils-1.0.9.
n/php-4.4.2-i486-5.tgz: Recompiled to use libpng.so.3.
n/samba-3.0.23a-i486-1.tgz: Upgraded to samba-3.0.23a.
       Removed /sbin/umount.smbfs symlink which was causing problems at shutdown.
       Thanks to Robby Workman for the bug report.
t/tetex-3.0-i486-3.tgz: Recompiled against libpng-1.2.12.
t/tetex-doc-3.0-i486-3.tgz: Rebuilt.
x/fontconfig-2.2.3-i486-1.tgz: Split fontconfig into a separate package.
       Look, we're modularizing for ease of maintainance! :-)
x/freetype-2.1.9-i486-1.tgz: Split freetype into a separate package.
       Patched CVE-2006-1861 linux 2.6.x setuid() related bugs.
       (* Security fix *)
x/x11-6.9.0-i486-5.tgz: Rebuilt. Removed fontconfig/freetype files.
       Patched some more possible linux 2.6.x setuid() related bugs:
       http://lists.freedesktop.org/archives/xorg-announce/2006-June/000100.html
       (* Security fix *)
x/x11-devel-6.9.0-i486-5.tgz: Rebuilt. Removed fontconfig/freetype files.
       Patched with setuid() usage fixes as described above. Again, this issue
       is only vulnerable on certain 2.6 kernels.
       (* Security fix *)
x/x11-docs-6.9.0-noarch-5.tgz: Rebuilt. Removed fontconfig/freetype files.
x/x11-docs-html-6.9.0-noarch-5.tgz: Rebuilt.
x/x11-fonts-100dpi-6.9.0-noarch-5.tgz: Rebuilt.
x/x11-fonts-cyrillic-6.9.0-noarch-5.tgz: Rebuilt.
x/x11-fonts-misc-6.9.0-noarch-5.tgz: Rebuilt.
x/x11-fonts-scale-6.9.0-noarch-5.tgz: Rebuilt.
x/x11-xdmx-6.9.0-i486-5.tgz: Rebuilt.
x/x11-xnest-6.9.0-i486-5.tgz: Rebuilt.
x/x11-xvfb-6.9.0-i486-5.tgz: Rebuilt.
xap/gimp-2.2.12-i486-1.tgz: Upgraded to gimp-2.2.12.
       This release fixes a security hole in the XCF parser.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404
       (* Security fix *)
xap/imagemagick-6.2.8_4-i486-1.tgz: Upgraded to ImageMagick-6.2.8-4.
xap/seamonkey-1.0.2-i486-2.tgz: Recompiled to use libpng.so.3.
xap/vim-gvim-7.0.042-i486-1.tgz: Renamed from "xvim", now requires the
       vim package from the AP series. Shared files have been eliminated.
xap/xine-lib-1.1.2-i686-1.tgz: Upgraded to xine-lib-1.1.2.
       According to xinehq.de's announcement:
       There are three security fixes:
       - CVE-2005-4048: possible buffer overflow in libavcodec (crafted PNGs);
       - CVE-2006-2802: possible buffer overflow in the HTTP plugin;
       - possible buffer overflow via bad indexes in specially-crafted AVI files.
       (* Security fix *)
xap/xsane-0.991-i486-2.tgz: Recompiled to use libpng.so.3.
extra/aspell-word-lists/aspell-*tgz: Rebuilt, with several packages upgraded.
extra/dejavu-ttf/dejavu-ttf-20060720_995-noarch-1.tgz: Added DejaVu fonts.
       Thanks to Lukasz Stelmach for the initial build script.
extra/k3b/k3b-0.12.16-i486-2.tgz: Recompiled to use libpng.so.3.
extra/linux-2.6.16.27/kernel-modules-2.6.16.27-i486-2.tgz:
       Made a slight adjustment to rc.modules-2.6.16.27 to attempt to silence it
       when used on a machine running a 2.4.x kernel and without an activated
       parallel port. I don't think it helped (or hurt) though...
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.17.7.
testing/packages/linux-2.6.17.7/kernel-generic-2.6.17.7-i486-1.tgz:
       Upgraded to Linux 2.6.17.7 generic kernel.
testing/packages/linux-2.6.17.7/kernel-headers-2.6.17.7-i386-1.tgz:
       Upgraded to Linux 2.6.17.7 kernel headers.
testing/packages/linux-2.6.17.7/kernel-modules-2.6.17.7-i486-1.tgz
       Upgraded to Linux 2.6.17.7 kernel modules.
testing/packages/linux-2.6.17.7/kernel-source-2.6.17.7-noarch-1.tgz
       Upgraded to Linux 2.6.17.7 kernel source.
+--------------------------+
Tue Jul 18 22:37:26 CDT 2006
a/lilo-22.7.2-i486-1.tgz: Upgraded to lilo-22.7.2.
kde/koffice-1.5.2-i486-1.tgz: Upgraded to koffice-1.5.2.
       Thanks to the KOffice team who did incredible work on this.
kdei/koffice-l10n-*-noarch-1.tgz:
       Upgraded to l10n packages for koffice-1.5.2.
n/samba-3.0.23-i486-2.tgz: Patched a problem in nsswitch/wins.c that
       caused crashes in the wins and/or winbind libraries. Thanks to
       Mikhail Kshevetskiy for pointing out the issue and offering a
       reference to the patch in Samba's source repository.
Thanks again to Andrea for this batch of kernel packages, and also thanks
       for compiling all those intermediate kernels that were replaced upstream
       and went unreleased in Slackware -current...
       Ah, the things that go on here behind the scenes. ;-)
extra/linux-2.6.16.27/alsa-driver-1.0.11_2.6.16.27-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.27.
extra/linux-2.6.16.27/kernel-generic-2.6.16.27-i486-1.tgz:
       Upgraded to Linux 2.6.16.27 generic kernel.
extra/linux-2.6.16.27/kernel-headers-2.6.16.27-i386-1.tgz:
       Upgraded to Linux 2.6.16.27 kernel headers.
extra/linux-2.6.16.27/kernel-modules-2.6.16.27-i486-1.tgz
       Upgraded to Linux 2.6.16.27 kernel modules.
extra/linux-2.6.16.27/kernel-source-2.6.16.27-noarch-1.tgz
       Upgraded to Linux 2.6.16.27 kernel source.
kernels/huge26.s/*: Upgraded huge26.s kernel to 2.6.16.27.
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.17.6.
testing/packages/linux-2.6.17.6/kernel-generic-2.6.17.6-i486-1.tgz:
       Upgraded to Linux 2.6.17.6 generic kernel.
testing/packages/linux-2.6.17.6/kernel-headers-2.6.17.6-i386-1.tgz:
       Upgraded to Linux 2.6.17.6 kernel headers.
testing/packages/linux-2.6.17.6/kernel-modules-2.6.17.6-i486-1.tgz
       Upgraded to Linux 2.6.17.6 kernel modules.
testing/packages/linux-2.6.17.6/kernel-source-2.6.17.6-noarch-1.tgz
       Upgraded to Linux 2.6.17.6 kernel source.
+--------------------------+
Fri Jul 14 18:31:20 CDT 2006
We *are* getting closer to 11.0, friends.
I'm hoping for a larger changeset soon, but this should be fun to play with
for now as I work on the TODO list; merging, compiling, and initial testing.
n/samba-3.0.23-i486-1.tgz: Upgraded to samba-3.0.23.
       This fixes a minor memory exhaustion DoS in smbd.
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
       (* Security fix *)
kernels/huge26.s/*: Upgraded huge26.s kernel to 2.6.16.24.
       The name of the big kernel with many built-in options has been changed from
       test26.s to huge26.s to reflect that Slackware 11.0 will consider the
       2.6.16.x kernel series to be a supported kernel series. However, I'm
       probably going to leave the bare.i 2.4.32 kernel as the default kernel (or
       perhaps sata.i?) as it has very good performance and probably better security
       due to the simpler and longer-tested design. I might apply or at least make
       available in the kernel-source package for 2.4.32 a patch to fix direct
       rendering with 2.4.x kernels and X.Org 6.9.0 or newer. Since anyone using
       Slackware for server use isn't likely to be loading the DRI modules, it's
       untouched code on those machines and won't affect server stability (well,
       depending on what, if anything, outside of the module is changed in the
       kernel). It is probably a safe enough patch to apply. I'd rather ship 100%
       vanilla kernels (and might, with the patch "on the side"), but DRI does not
       work without the patch past X.Org 6.8.2. Is this enough text here?
       Perhaps I should rename this my "ChangeBlog".
Thanks to Andrea Volkerding for compiling these kernel packages: :-)
extra/linux-2.6.16.24/alsa-driver-1.0.11_2.6.16.24-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.24.
extra/linux-2.6.16.24/kernel-generic-2.6.16.24-i486-1.tgz:
       Upgraded to Linux 2.6.16.24 generic kernel.
extra/linux-2.6.16.24/kernel-headers-2.6.16.24-i386-1.tgz:
       Upgraded to Linux 2.6.16.24 kernel headers.
extra/linux-2.6.16.24/kernel-modules-2.6.16.24-i486-1.tgz
       Upgraded to Linux 2.6.16.24 kernel modules.
extra/linux-2.6.16.24/kernel-source-2.6.16.24-noarch-1.tgz
       Upgraded to Linux 2.6.16.24 kernel source.
testing/packages/linux-2.6.17.4/kernel-generic-2.6.17.4-i486-1.tgz:
       Upgraded to Linux 2.6.17.4 generic kernel.
testing/packages/linux-2.6.17.4/kernel-headers-2.6.17.4-i386-1.tgz:
       Upgraded to Linux 2.6.17.4 kernel headers.
testing/packages/linux-2.6.17.4/kernel-modules-2.6.17.4-i486-1.tgz
       Upgraded to Linux 2.6.17.4 kernel modules.
testing/packages/linux-2.6.17.4/kernel-source-2.6.17.4-noarch-1.tgz
       Upgraded to Linux 2.6.17.4 kernel source.
+--------------------------+
Thu Jun 29 02:03:45 CDT 2006
n/ppp-2.4.4-i486-1.tgz: Upgraded to ppp-2.4.4.
n/rp-pppoe-3.8-i486-2.tgz: Recompiled with --enable-plugin.
       Thanks to Frédéric L. W. Meunier for the suggestion.
extra/k3b/k3b-0.12.16-i486-1.tgz: Upgraded to k3b-0.12.16.
       Thanks to Matthew Johnson for pointing out the new release.
extra/k3b/k3b-i18n-0.12.16-noarch-1.tgz: Upgraded to k3b-i18n-0.12.16.
+--------------------------+
Tue Jun 27 18:18:30 CDT 2006
kde/kdebase-3.5.3-i486-2.tgz: Patched a problem with kdm where it could be
       abused to read any file on the system.
       The official KDE security advisory may be found here:
       http://www.kde.org/info/security/advisory-20060614-1.txt
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449
       (* Security fix *)
       Also patched a non-security issue where KDE's screensaver would not activate.
l/arts-1.5.3-i486-2.tgz: Patched to fix a possible exploit if artswrapper is
       setuid root (which, by default, it is not) and the system is running a 2.6
       kernel. Systems running 2.4 kernels are not affected.
       The official KDE security advisory may be found here:
       http://www.kde.org/info/security/advisory-20060614-2.txt
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
       (* Security fix *)
n/gnupg-1.4.4-i486-1.tgz: Upgraded to gnupg-1.4.4.
       This version fixes a memory allocation issue that could allow an attacker to
       crash GnuPG creating a denial-of-service.
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
n/nn-6.7.3-i486-1.tgz: Upgraded to nn-6.7.3.
       Thanks to Aaron Hsu for helping with this package.
extra/blackbox-0.70.1/blackbox-0.70.1-i486-1.tgz: Upgraded to blackbox-0.70.1.
extra/ham/xastir-1.8.2-i486-2.tgz: Upgraded to xastir-1.8.2.
       Thanks to Arno Verhoeven for the upgraded package.
+--------------------------+
Sun Jun 25 23:59:11 CDT 2006
a/lilo-22.7.1-i486-1.tgz: Upgraded to lilo-22.7.1.
       Thanks to George Iosif for reporting that this new LILO version is
       needed to boot a Toshiba Tecra S3 laptop.
       Thanks to Tomas Matejicek for suggestions on refining the build script.
       This version was also suggested as an upgrade by Rene Huber and Grant.
a/procps-3.2.7-i486-1.tgz: Upgraded to procps-3.2.7 and psmisc-22.2.
ap/jed-0.99_18-i486-1.tgz: Upgraded to jed-0.99_18.
ap/sox-12.18.1-i486-1.tgz: Upgraded to sox-12.18.1.
l/mhash-0.9.7-i486-1.tgz: Upgraded to mhash-0.9.7, which should fix
       some breakage reported by Bradley Reed.
+--------------------------+
Sun Jun 25 00:46:13 CDT 2006
a/coreutils-5.97-i486-1.tgz: Upgraded to coreutils-5.97.
a/gettext-0.14.6-i486-1.tgz: Upgraded to gettext-0.14.6.
ap/joe-3.4-i486-2.tgz: Fixed permissions on some documentation files.
       Thanks to Nathan Black for noticing they were wrong.
ap/mdadm-2.5.1-i486-1.tgz: Upgraded to mdadm-2.5.1.
d/gdb-6.5-i486-1.tgz: Upgraded to gdb-6.5.
d/gettext-tools-0.14.6-i486-1.tgz: Upgraded to gettext-tools-0.14.6.
d/git-1.4.0-i486-1.tgz: Upgraded to git-1.4.0.
       Added the man pages.
       Thanks to Seb for pointing out the git-manpages archive on kernel.org.
l/gtk+2-2.8.19-i486-1.tgz: Upgraded to gtk+-2.8.19.
       Looks like there's a bit more fallout over the PNG -lz debate...
       Thanks to Jason A Miller and Giacomo Lozito for reporting the problem
       with PNG images and pointing out the needed patch.
testing/packages/php-5.1.4/php-5.1.4-i486-2.tgz: Recompiled with --enable-soap.
       Thanks to Aleksandar Jevremovic for the suggestion.
+--------------------------+
Thu Jun 22 23:10:53 CDT 2006
a/e2fsprogs-1.38-i486-2.tgz: Reverted to e2fsprogs-1.38 due to reports of
       broken floppy support (e2fsck /dev/fd0). Since there were no bug reports
       here regarding e2fsprogs-1.38 (other than it not being the latest version),
       I'm reverting to the last known working version to play it safe.
       Thanks to Mikhail Zotov for reporting this issue along with an example of
       how to easily reproduce it.
n/getmail-4.6.3-noarch-1.tgz: Upgraded to getmail-4.6.3.
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.22.
testing/packages/linux-2.6.16.22/alsa-driver-1.0.11_2.6.16.22-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.22.
testing/packages/linux-2.6.16.22/kernel-generic-2.6.16.22-i486-1.tgz:
       Upgraded to Linux 2.6.16.22 generic kernel.
       I hope everyone had plenty of time to test that last kernel. ;-)
testing/packages/linux-2.6.16.22/kernel-headers-2.6.16.22-i386-1.tgz:
       Upgraded to Linux 2.6.16.22 kernel headers.
testing/packages/linux-2.6.16.22/kernel-modules-2.6.16.22-i486-1.tgz
       Upgraded to Linux 2.6.16.22 kernel modules.
testing/packages/linux-2.6.16.22/kernel-source-2.6.16.22-noarch-1.tgz
       Upgraded to Linux 2.6.16.22 kernel source.
+--------------------------+
Thu Jun 22 00:40:30 CDT 2006
l/sdl-1.2.10-i486-3.tgz: Recompiled with --disable-x11-shared to
       avoid problems with nVidia's drivers.
       Thanks to Giacomo Lozito for reporting this issue.
n/dhcpcd-2.0.4-i486-1.tgz: Switched to dhcpcd version 2.0.4 after
       receiving some reports of problems with the latest version. There
       were no reports of problems with dhcpcd-2.0.1 here, and it was only
       upgraded in order to have the new, shiny version. But, rather than
       go all the way back to 2.0.1, we'll try 2.0.4 since one report was
       detailed enough to note that 2.0.4 worked while 2.0.6 didn't.
       Thanks to christian laubscher, Luca, and Dave Miller for providing
       useful data about these problems.
       In case anyone upstream is reading this, one of the problems was
       dhcpcd failing to work with the DHCP server built into the ZyXEL
       Prestige 650H-E1 router, and another issue was that after 2.0.4 it
       would no longer work with token ring.
       If any of these people have the time to test this new package and
       report success or failure, it would be appreciated. :-)
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.21.
testing/packages/linux-2.6.16.21/alsa-driver-1.0.11_2.6.16.21-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.21.
testing/packages/linux-2.6.16.21/kernel-generic-2.6.16.21-i486-1.tgz:
       Upgraded to Linux 2.6.16.21 generic kernel.
testing/packages/linux-2.6.16.21/kernel-headers-2.6.16.21-i386-1.tgz:
       Upgraded to Linux 2.6.16.21 kernel headers.
testing/packages/linux-2.6.16.21/kernel-modules-2.6.16.21-i486-1.tgz
       Upgraded to Linux 2.6.16.21 kernel modules.
testing/packages/linux-2.6.16.21/kernel-source-2.6.16.21-noarch-1.tgz
       Upgraded to Linux 2.6.16.21 kernel source.
+--------------------------+
Mon Jun 19 00:28:53 CDT 2006
xap/xchat-2.6.4-i486-2.tgz: Patched to fix proxy support.
       Thanks to Bren and Stefan Misch for pointing out the patch.
+--------------------------+
Thu Jun 15 00:39:04 CDT 2006
a/e2fsprogs-1.39-i486-1.tgz: Upgraded to e2fsprogs-1.39.
ap/man-pages-2.33-noarch-1.tgz: Upgraded to man-pages-2.33.
ap/quota-3.13-i486-1.tgz: Upgraded to quota-3.13.
d/cvs-1.11.22-i486-1.tgz: Upgraded to cvs-1.11.22.
l/fribidi-0.10.7-i486-1.tgz: Upgraded to fribidi-0.10.7.
l/libgsf-1.14.1-i486-1.tgz: Upgraded to libgsf-1.14.1.
l/librsvg-2.14.4-i486-1.tgz: Upgraded to librsvg-2.14.4.
l/libxml2-2.6.26-i486-1.tgz: Upgraded to libxml2-2.6.26.
l/libxslt-1.1.17-i486-1.tgz: Upgraded to libxslt-1.1.17.
l/libwmf-0.2.8.4-i486-1.tgz: Upgraded to libwmf-0.2.8.4.
l/libwmf-docs-0.2.8.4-noarch-1.tgz: Upgraded to libwmf-0.2.8.4 docs.
l/libwpd-0.8.5-i486-1.tgz: Upgraded to libwpd-0.8.5.
       This might require a few things to be recompiled, so please report
       any compatibility issues here.
l/mhash-0.9.6-i486-1.tgz: Upgraded to mhash-0.9.6.
n/curl-7.15.4-i486-1.tgz: Upgraded to curl-7.15.4.
n/irssi-0.8.10a-i486-2.tgz: Patched to fix a pointer bug that causes irssi
       to dump core on exit. Thanks to Andrew Brouwers for the bug report and
       pointers to a discussion and patch.
n/lftp-3.4.7-i486-1.tgz: Upgraded to lftp-3.4.7.
n/nmap-4.10-i486-1.tgz: Upgraded to nmap-4.10.
n/ntp-4.2.2-i486-1.tgz: Upgraded to ntp-4.2.2.
n/openldap-client-2.3.24-i486-1.tgz: Upgraded to openldap-2.3.24.
n/sendmail-8.13.7-i486-1.tgz: Upgraded to sendmail-8.13.7.
       Fixes a potential denial of service problem caused by excessive recursion
       leading to stack exhaustion when attempting delivery of a malformed MIME
       message. This crashes sendmail's queue processing daemon, which in turn
       can lead to two problems: depending on the settings, these crashed
       processes may create coredumps which could fill a drive partition; and
       such a malformed message in the queue will cause queue processing to
       cease when the message is reached, causing messages that are later in
       the queue to not be processed.
       Sendmail's complete advisory may be found here:
       http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
       Sendmail has also provided an FAQ about this issue:
       http://www.sendmail.com/security/advisories/SA-200605-01/faq.shtml
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
       (* Security fix *)
n/sendmail-cf-8.13.7-noarch-1.tgz: Upgraded to sendmail-8.13.7 configs.
xap/fluxbox-1.0rc-i486-1.tgz: Upgraded to fluxbox-1.0rc.
       I considered using --prefix=/usr here since X.Org will be moving from
       /usr/X11R6 to /usr when Slackware absorbs the modular release, but I
       think it will be best to wait and make those changes all at once.
       This, BTW, will be sometime after the 11.0 release. This current to
       stable cycle has already taken too much time (10.2 is in need of
       replacement), and introducing changes that might break things at this
       point would be foolhardy. Although there's still quite a bit in the
       TODO queue here I'm making my steps carefully as -current is very
       stable, and I think it should ship as a stable 11.0 soon so that we can
       get back to the business of breaking things in -current. :-)
xap/imagemagick-6.2.8_0-i486-1.tgz: Upgraded to ImageMagick-6.2.8-0.
xap/xchat-2.6.4-i486-1.tgz: Upgraded to xchat-2.6.4.
xap/xsane-0.991-i486-1.tgz: Upgraded to xsane-0.991.
       Thanks to Nicolas Friedli for pointing out that I'd had this source
       ready to compile in source/xap/xsane for a couple of months. :-)
+--------------------------+
Mon Jun 12 07:46:26 CDT 2006
d/doxygen-1.4.7-i486-1.tgz: Touched/resynced as this package got mangled
       in upload somehow. Thanks to Marin Mitov for pointing this out.
+--------------------------+
Sun Jun 11 17:27:32 CDT 2006
d/doxygen-1.4.7-i486-1.tgz: Upgraded to doxygen-1.4.7.
kde/amarok-1.4.0a-i486-1.tgz: Upgraded to amarok-1.4.0a.
       Thanks to Steven Robson for pointing out the stealth re-release.
l/sdl-1.2.10-i486-2.tgz: Fixed the ./configure options so that SDL does not
       use dlopen() to link to the shared graphics libraries, as dlopen() wasn't
       working with the new PNG library. Thanks to François Cojean and
       Raphaël Prevost for bug report and patch.
n/bootp-2.4.3-i486-2.tgz: Patched to work with 2.6.x kernels.
       Thanks to Simon Munton.
n/dhcpcd-2.0.6-i486-1.tgz: Upgraded to dhcpcd-2.0.6.
       Moved /etc/dhcpc/dhcpcd.exe to /etc/dhcpc/dhcpcd.exe-sample to prevent
       error messages in the log files. The sources install this as non-
       executable, and there's little reason that I can see to use it in its
       default form as it only puts redundant information in the logs.
       It might be a useful stub for some other purpose though...
       Thanks to David Houlden and Luis for reporting the issue.
n/dnsmasq-2.32-i486-1.tgz: Upgraded to dnsmasq-2.32.
extra/slackpkg/slackpkg-2.05-noarch-7.tgz: Upgraded to slackpkg-2.05-noarch-7.
       Thanks to Piter Punk.
+--------------------------+
Thu Jun 8 00:11:35 CDT 2006
a/acl-2.2.34-i486-1.tgz: Moved from AP series since so many binaries require
       this (or will). Made acl an ADD (required) package in the tagfile.
a/attr-2.4.28-i486-1.tgz: Moved from AP series since so many binaries require
       this (or will). Made attr an ADD (required) package in the tagfile.
d/mercurial-0.9-i486-2.tgz: Fixed missing man pages. (thanks to Seb)
d/python-2.4.3-i486-2.tgz: Rebuilt with --enable-ipv6.
       I don't know if this option actually does anything, but it can't hurt. ;-)
       Suggested by Lukasz Stelmach.
d/python-demo-2.4.3-noarch-2.tgz: Rebuilt.
d/python-tools-2.4.3-noarch-2.tgz: Rebuilt.
n/samba-3.0.22-i486-2.tgz: Recompiled with --with-acl-support=yes.
       Suggested by Ricardson Williams.
+--------------------------+
Mon Jun 5 18:57:15 CDT 2006
a/jfsutils-1.1.11-i486-1.tgz: Upgraded to jfsutils-1.1.11.
n/apache-1.3.36-i486-1.tgz: Upgraded to apache-1.3.36.
n/mod_ssl-2.8.27_1.3.36-i486-1.tgz: Upgraded to mod_ssl-2.8.27-1.3.36.
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.20.
testing/packages/linux-2.6.16.20/alsa-driver-1.0.11_2.6.16.20-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.20.
testing/packages/linux-2.6.16.20/kernel-generic-2.6.16.20-i486-1.tgz:
       Upgraded to Linux 2.6.16.20 generic kernel.
testing/packages/linux-2.6.16.20/kernel-headers-2.6.16.20-i386-1.tgz:
       Upgraded to Linux 2.6.16.20 kernel headers.
testing/packages/linux-2.6.16.20/kernel-modules-2.6.16.20-i486-1.tgz
       Upgraded to Linux 2.6.16.20 kernel modules.
testing/packages/linux-2.6.16.20/kernel-source-2.6.16.20-noarch-1.tgz
       Upgraded to Linux 2.6.16.20 kernel source.
+--------------------------+
Sun Jun 4 22:17:14 CDT 2006
a/sharutils-4.6.3-i486-1.tgz: Upgraded to sharutils-4.6.3.
ap/joe-3.4-i486-1.tgz: Upgraded to joe-3.4.
ap/mysql-5.0.22-i486-1.tgz: Upgraded to mysql-5.0.22.
       This fixes an SQL injection vulnerability.
       For more details, see the MySQL 5.0.22 release announcement here:
       http://lists.mysql.com/announce/365
       The CVE entry for this issue will be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2753
       (* Security fix *)
kde/kdeaccessibility-3.5.3-i486-1.tgz: Upgraded to kdeaccessibility-3.5.3.
kde/kdeaddons-3.5.3-i486-1.tgz: Upgraded to kdeaddons-3.5.3.
kde/kdeadmin-3.5.3-i486-1.tgz: Upgraded to kdeadmin-3.5.3.
kde/kdeartwork-3.5.3-i486-1.tgz: Upgraded to kdeartwork-3.5.3.
kde/kdebase-3.5.3-i486-1.tgz: Upgraded to kdebase-3.5.3.
kde/kdebindings-3.5.3-i486-1.tgz: Upgraded to kdebindings-3.5.3.
kde/kdeedu-3.5.3-i486-1.tgz: Upgraded to kdeedu-3.5.3.
kde/kdegames-3.5.3-i486-1.tgz: Upgraded to kdegames-3.5.3.
kde/kdegraphics-3.5.3-i486-1.tgz: Upgraded to kdegraphics-3.5.3.
kde/kdelibs-3.5.3-i486-1.tgz: Upgraded to kdelibs-3.5.3.
kde/kdemultimedia-3.5.3-i486-1.tgz: Upgraded to kdemultimedia-3.5.3.
kde/kdenetwork-3.5.3-i486-1.tgz: Upgraded to kdenetwork-3.5.3.
kde/kdepim-3.5.3-i486-1.tgz: Upgraded to kdepim-3.5.3.
kde/kdesdk-3.5.3-i486-1.tgz: Upgraded to kdesdk-3.5.3.
kde/kdetoys-3.5.3-i486-1.tgz: Upgraded to kdetoys-3.5.3.
kde/kdeutils-3.5.3-i486-1.tgz: Upgraded to kdeutils-3.5.3.
kde/kdevelop-3.3.2-i486-1.tgz: Upgraded to kdevelop-3.3.2.
kde/kdewebdev-3.5.3-i486-1.tgz: Upgraded to kdewebdev-3.5.3.
kde/koffice-1.5.1-i486-1.tgz: Upgraded to koffice-1.5.1.
kdei/kde-i18n-*-3.5.3-noarch-1.tgz: Upgraded to kde-i18n-3.5.3.
kdei/koffice-l10n-*-1.5.1-noarch-1.tgz:
       Upgraded to l10n packages for koffice-1.5.1.
l/arts-1.5.3-i486-1.tgz: Upgraded to arts-1.5.3.
l/jre-1_5_0_07-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
       Runtime Environment Version 5.0, Release 7.
n/getmail-4.6.1-noarch-1.tgz: Upgraded to getmail-4.6.1.
n/links-2.1pre22-i486-1.tgz: Upgraded to links-2.1pre22.
xap/mozilla-firefox-1.5.0.4-i686-1.tgz: Upgraded to firefox-1.5.0.4.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
xap/mozilla-thunderbird-1.5.0.4-i686-1.tgz: Upgraded to thunderbird-1.5.0.4.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
xap/seamonkey-1.0.2-i486-1.tgz: Upgraded to seamonkey-1.0.2.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
xap/xlockmore-5.22-i486-1.tgz: Upgraded to xlockmore-5.22.
xap/xscreensaver-5.00-i486-1.tgz: Upgraded to xscreensaver-5.00.
extra/jdk-1.5.0_07/jdk-1_5_0_07-i586-1.tgz: Upgraded to Java(TM) 2
       Platform Standard Edition Development Kit Version 5.0, Release 7.
+--------------------------+
Wed May 31 18:37:58 CDT 2006
a/hotplug-2004_09_23-noarch-8.tgz: Patched net.agent to use rc.inet1
       to shut down interfaces that use DHCP. Thanks to Lew Pitcher,
       Ismael Cortes, and Nuts Mueller, who all suggested possible solutions
       for an issue which arose when dhcpcd's .pid file was shifted from
       /etc/dhcpc/ to /var/run/.
ap/mdadm-2.5-i486-1.tgz: Upgraded to mdadm-2.5.
d/subversion-1.3.2-i486-1.tgz: Upgraded to subversion-1.3.2.
       Added back the HTML book -- thanks to Jan Rafaj for pointing out that
       this had gone missing in the last subversion package.
xap/gkrellm-2.2.9-i486-1.tgz: Upgraded to gkrellm-2.2.9.
       Suggested by Willy Sudiarto Raharjo.
extra/slackpkg/slackpkg-2.04-noarch-6.tgz: Upgraded to
       slackpkg-2.04-noarch-6. Thanks to Piter Punk.
testing/packages/linux-2.6.16.19/alsa-driver-1.0.11_2.6.16.19-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.19.
testing/packages/linux-2.6.16.19/kernel-generic-2.6.16.19-i486-1.tgz:
       Upgraded to Linux 2.6.16.19 generic kernel.
testing/packages/linux-2.6.16.19/kernel-headers-2.6.16.19-i386-1.tgz:
       Upgraded to Linux 2.6.16.19 kernel headers.
testing/packages/linux-2.6.16.19/kernel-modules-2.6.16.19-i486-1.tgz
       Upgraded to Linux 2.6.16.19 kernel modules.
       Thanks to Nuts Mueller for the rc.modules typo fixes.
testing/packages/linux-2.6.16.19/kernel-source-2.6.16.19-noarch-1.tgz
       Upgraded to Linux 2.6.16.19 kernel source.
+--------------------------+
Sat May 27 19:14:31 CDT 2006
a/coreutils-5.96-i486-1.tgz: Upgraded to coreutils-5.96.
l/glib2-2.10.3-i486-1.tgz: Upgraded to glib-2.10.3.
l/gtk+2-2.8.18-i486-1.tgz: Upgraded to gtk+-2.8.18.
l/pango-1.12.3-i486-1.tgz: Upgraded to pango-1.12.3.
n/dnsmasq-2.31-i486-1.tgz: Upgraded to dnsmasq-2.31.
n/cyrus-sasl-2.1.22-i486-1.tgz: Upgraded to cyrus-sasl-2.1.22.
n/openldap-client-2.3.23-i486-1.tgz: Upgraded to openldap-2.3.23.
xap/imagemagick-6.2.7_8-i486-1.tgz: Upgraded to ImageMagick-6.2.7-8.
extra/parted/parted-1.7.1-i486-1.tgz: Upgraded to parted-1.7.1.
+--------------------------+
Mon May 22 21:44:07 CDT 2006
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.18.
testing/packages/linux-2.6.16.18/alsa-driver-1.0.11_2.6.16.18-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.18.
testing/packages/linux-2.6.16.18/kernel-generic-2.6.16.18-i486-1.tgz:
       Upgraded to Linux 2.6.16.18 generic kernel.
testing/packages/linux-2.6.16.18/kernel-headers-2.6.16.18-i386-1.tgz:
       Upgraded to Linux 2.6.16.18 kernel headers.
testing/packages/linux-2.6.16.18/kernel-modules-2.6.16.18-i486-1.tgz
       Upgraded to Linux 2.6.16.18 kernel modules.
testing/packages/linux-2.6.16.18/kernel-source-2.6.16.18-noarch-1.tgz
       Upgraded to Linux 2.6.16.18 kernel source.
+--------------------------+
Mon May 22 11:23:48 CDT 2006
a/bin-11.0-i486-1.tgz: Upgraded to ncompress-4.2.4, eject-2.1.4, file-4.17,
       and tree-1.5.0. Removed sharutils, which are now in a separate package.
       Patched a security problem in zoo's fullpath() function that was reported by
       Jean-Sebastien Guay-Leroux. At first this didn't seem like much as zoo is
       old and hardly used, but there are virus scanning programs that scan zoo
       archives. It is a possible problem on any system running zoo like this in
       an automated way, and (of course) could also cause problems if a user were
       to open a malicious zoo archive manually. (though I'd be pretty suspicious
       if someone were to mail me anything using "zoo" in 2006...)
       (* Security fix *)
a/coreutils-5.95-i486-1.tgz: Upgraded to coreutils-5.95.
a/sharutils-4.6.2-i486-1.tgz: Added new sharutils package,
       upgraded to sharutils-4.6.2.
ap/linuxdoc-tools-0.9.21-i486-2.tgz: Added libsgmls-perl_1.03ii.
       Upgraded to the latest upstream linuxdoc-tools package.
       Moved jadetex out of this package and into the tetex package so that
       "mktexlslr" won't need to be run to find jadetex.
       Merged some miscellaneous fixes from the armedslack package.
       Thanks again to Stuart Winter for help on SGML/Docbook issues. :-)
d/git-1.3.3-i486-1.tgz: Upgraded to git-1.3.3.
kde/amarok-1.4.0-i486-1.tgz: Upgraded to amarok-1.4.0.
l/glib2-2.10.2-i486-1.tgz: Upgraded to glib-2.10.2.
l/pango-1.12.2-i486-1.tgz: Upgraded to pango-1.12.2.
l/sdl-1.2.10-i486-1.tgz: Upgraded to SDL-1.2.10, SDL_image-1.2.5,
       SDL_mixer-1.2.7, SDL_net-1.2.6, and SDL_ttf-2.0.8.
l/libxml2-2.6.24-i486-1.tgz: Upgraded to libxml2-2.6.24.
l/libxslt-1.1.16-i486-1.tgz: Upgraded to libxslt-1.1.16.
n/dhcp-3.0.4-i486-1.tgz: Upgraded to dhcp-3.0.4.
n/nfs-utils-1.0.8-i486-1.tgz: Upgraded to nfs-utils-1.0.8.
t/tetex-3.0-i486-2.tgz: Regenerated the etex.fmt files with etex, not pdfetex.
       This is more appropriate since etex is a binary, not a link to pdfetex.
       Thanks to John Breckenridge for reporting the issue.
       Added --disable-a4, and fixed the texconfig for US paper default in the
       build script. Thanks to Marc Benstein and Jingmin Zhou for reporting this.
       Merged jadetex into the teTeX package.
       Moved font build directory (only usable by root anyway) from
       /var/tmp/texfonts to /var/lib/texmf.
       Improved /tmp use security.
       Patched a possible security issue in library code borrowed from xpdf that's
       used in pdfetex.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
       (* Security fix *)
t/tetex-doc-3.0-i486-2.tgz: Rebuilt.
xap/gxine-0.5.6-i486-1.tgz: Upgraded to gxine-0.5.6.
xap/imagemagick-6.2.7_6-i486-1.tgz: Upgraded to ImageMagick-6.2.7-6.
xap/seamonkey-1.0.1-i486-2.tgz: Added seamonkey-1.0.1, which replaces the old
       Mozilla Suite in the XAP series. If Mozilla is not found on the machine, a
       mozilla -> seamonkey link will be created to handle applications that might
       still try to use "mozilla" to open URLs. Also, if Mozilla is not installed,
       then symlinks will be made in /usr/lib/pkgconfig/ from mozilla* ->
       seamonkey*. This should allow most sources designed for Mozilla to compile.
extra/parted/parted-1.7.0-i486-1.tgz: Upgraded to parted-1.7.0.
pasture/mozilla-1.7.13-i486-1.tgz: Moved here from XAP series.
       This won't remain here long, so grab a copy if you want it...
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.17.
testing/packages/linux-2.6.16.17/alsa-driver-1.0.11_2.6.16.17-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.17.
testing/packages/linux-2.6.16.17/kernel-generic-2.6.16.17-i486-1.tgz:
       Upgraded to Linux 2.6.16.17 generic kernel.
testing/packages/linux-2.6.16.17/kernel-headers-2.6.16.17-i386-1.tgz:
       Upgraded to Linux 2.6.16.17 kernel headers.
testing/packages/linux-2.6.16.17/kernel-modules-2.6.16.17-i486-1.tgz
       Upgraded to Linux 2.6.16.17 kernel modules.
testing/packages/linux-2.6.16.17/kernel-source-2.6.16.17-noarch-1.tgz
       Upgraded to Linux 2.6.16.17 kernel source.
+--------------------------+
Sat May 13 21:00:28 CDT 2006
a/bash-3.1.017-i486-1.tgz: Upgraded to bash-3.1.17.
a/openssl-solibs-0.9.8b-i486-1.tgz: Upgraded to openssl-0.9.8b.
ap/vim-7.0.017-i486-1.tgz: Upgraded to vim-7.0.017.
d/git-1.3.2-i486-1.tgz: Added git-1.3.2.
d/mercurial-0.9-i486-1.tgz: Added mercurial-0.9.
n/openssh-4.3p2-i486-1.tgz: Upgraded to openssh-4.3p2.
n/openssl-0.9.8b-i486-1.tgz: Upgraded to openssl-0.9.8b.
xap/xvim-7.0.017-i486-1.tgz: Upgraded to vim-7.0.017 compiled with
       X11 and GTK+ (version 2) support.
kernels/test26.s/*: Upgraded test26.s kernel to 2.6.16.16.
testing/packages/linux-2.6.16.16/alsa-driver-1.0.11_2.6.16.16-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.16.
testing/packages/linux-2.6.16.16/kernel-generic-2.6.16.16-i486-1.tgz:
       Upgraded to Linux 2.6.16.16 generic kernel.
testing/packages/linux-2.6.16.16/kernel-headers-2.6.16.16-i386-1.tgz:
       Upgraded to Linux 2.6.16.16 kernel headers.
testing/packages/linux-2.6.16.16/kernel-modules-2.6.16.16-i486-1.tgz
       Upgraded to Linux 2.6.16.16 kernel modules.
       Added many missing ISA network card modules (thanks to Marc Rubin).
testing/packages/linux-2.6.16.16/kernel-source-2.6.16.16-noarch-1.tgz
       Upgraded to Linux 2.6.16.16 kernel source.
+--------------------------+
Wed May 10 14:23:57 CDT 2006
n/apache-1.3.35-i486-2.tgz: Patched to fix totally broken Include behavior.
       Thanks to Francesco Gringoli for reporting this bug.
+--------------------------+
Tue May 9 16:10:33 CDT 2006
ap/cdrdao-1.2.1-i486-1.tgz: Upgraded to cdrdao-1.2.1.
ap/mysql-5.0.21-i486-1.tgz: Upgraded to mysql-5.0.21.
       This fixes some security issues, including possible information leakage, and
       execution of arbitrary code. Note that the information leakage bugs require
       that the attacker have access to an account on the database. Also note that
       by default, Slackware's rc.mysqld script does *not* allow access to the
       database through the outside network (it uses the --skip-networking option).
       If you've enabled network access to MySQL, it is a good idea to filter the
       port (3306) to prevent access from unauthorized machines.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518
       (* Security fix *)
l/gmp-4.2.1-i486-1.tgz: Upgraded to gmp-4.2.1.
l/libpng-1.2.10-i486-2.tgz: Run ./configure --prefix=/usr to substitute macros
       into libpng12.pc (even though we compile with the custom makefile.)
       Thanks to Ian Bennett for the bug report.
l/mpfr-2.2.0p10-i486-1.tgz: Added mpfr-2.2.0p10. This used to be part of GMP
       but is now a separate project (www.mpfr.org).
n/apache-1.3.35-i486-1.tgz: Upgraded to apache-1.3.35.
       From the official announcement:
       Of particular note is that 1.3.35 addresses and fixes 1 potential
       security issue: CVE-2005-3352 (cve.mitre.org)
       mod_imap: Escape untrusted referer header before outputting in HTML
       to avoid potential cross-site scripting. Change also made to
       ap_escape_html so we escape quotes. Reported by JPCERT
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
       (* Security fix *)
       Upgraded the bundled mm (Shared Memory Allocation) library to mm-1.4.0.
n/gnupg-1.4.3-i486-1.tgz: Upgraded to gnupg-1.4.3.
n/mod_ssl-2.8.26_1.3.35-i486-1.tgz: Upgraded to mod_ssl-2.8.26-1.3.35.
       This is an updated version designed for Apache 1.3.35.
n/php-4.4.2-i486-4.tgz: Recompiled against mm-1.4.0.
       Upgraded to Mail-1.1.10 and XML_RPC-1.4.8 PEAR modules.
       Added /usr/bin/php-cgi (thanks to AthlonRob).
testing/packages/php-5.1.4/php-5.1.4-i486-1.tgz: Upgraded to php-5.1.4.
       Recompiled against mm-1.4.0 (bundled with the new Apache package).
       Added /usr/bin/php-cgi (thanks to AthlonRob).
       Added mysqli and pdo-mysql extensions (suggested by Janusz Dziemidowicz).
+--------------------------+
Wed May 3 21:48:26 CDT 2006
xap/mozilla-firefox-1.5.0.3-i686-1.tgz: Upgraded to firefox-1.5.0.3.
       This upgrade fixes a crash bug that could possibly be used to
       execute code as the Firefox user.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
+--------------------------+
Wed May 3 00:01:38 CDT 2006
a/smartmontools-5.36-i486-1.tgz: Upgraded to smartmontools-5.36.
       Thanks to Jonathan Woithe for letting me know that newer 2.6.x kernels
       need this version to properly support SMART with SATA drives.
l/libpng-1.2.10-i486-1.tgz: Upgraded to libpng-1.2.10.
n/rsync-2.6.8-i486-1.tgz: Upgraded to rsync-2.6.8.
tcl/tcl-8.4.13-i486-1.tgz: Upgraded to tcl-8.4.13.
tcl/tk-8.4.13-i486-1.tgz: Upgraded to tk-8.4.13.
x/x11-6.9.0-i486-4.tgz: Patched with x11r6.9.0-mitri.diff and recompiled.
       A typo in the X render extension allows an X client to crash the server
       and possibly to execute arbitrary code as the X server user (typically
       this is "root".)
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526
       The advisory from X.Org may be found here:
       http://lists.freedesktop.org/archives/xorg/2006-May/015136.html
       (* Security fix *)
x/x11-devel-6.9.0-i486-4.tgz: Patched and recompiled libXrender.
       (* Security fix *)
The rest of these were rebuilt simply to keep the build number consistent.
x/x11-docs-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-docs-html-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-fonts-100dpi-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-fonts-cyrillic-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-fonts-misc-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-fonts-scale-6.9.0-noarch-4.tgz: Rebuilt.
x/x11-xdmx-6.9.0-i486-4.tgz: Rebuilt.
x/x11-xnest-6.9.0-i486-4.tgz: Rebuilt.
x/x11-xvfb-6.9.0-i486-4.tgz: Rebuilt.
+--------------------------+
Sun Apr 30 17:32:22 CDT 2006
a/hotplug-2004_09_23-noarch-7.tgz: Blacklisted the wireless access point
       modules (hostap*) as they can interfere with normal usage of the interface.
       Thanks to Piter Punk.
ap/espgs-8.15.2-i486-1.tgz: Upgraded to espgs-8.15.2.
l/alsa-driver-1.0.11_2.4.32-i486-2.tgz: Patched a problem with the
       via82xx driver. Thanks to user MysticMgcn for entering the bug report,
       to Ismael Cortes for getting me a copy of the patch from ALSA's Hg
       repository, and to ALSA developer Takashi Iwai for the fix itself.
l/alsa-lib-1.0.11-i486-1.tgz: Moved from /testing.
n/nmap-4.03-i486-1.tgz: Upgraded to nmap-4.03.
n/proftpd-1.3.0-i486-1.tgz: Upgraded to proftpd-1.3.0.
n/tin-1.8.2-i486-1.tgz: Upgraded to tin-1.8.2.
n/wireless-tools-28-i486-1.tgz: Upgraded to wireless_tools.28.
       Thanks to Eric Hameleers for the new version of rc.wireless.
xap/mozilla-thunderbird-1.5.0.2-i686-1.tgz: Upgraded to thunderbird-1.5.0.2.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
       (* Security fix *)
testing/packages/linux-2.6.16.9/alsa-driver-1.0.11_2.6.16.9-i486-2.tgz:
       Patched to fix via82xx driver.
+--------------------------+
Mon Apr 24 14:29:50 CDT 2006
a/hotplug-2004_09_23-noarch-6.tgz: Patched rc.hotplug.
       On 2.4 kernels use /sbin/hotplug for hotpluging, but on 2.6 kernels use
       /sbin/udevsend (if udev is being used) instead. This should work better
       on systems using 2.6 kernels with udev and HAL. Among the people pushing
       for this change for a while: Jon Grosshart, Piter Punk, and Eugene Crosser.
       Blacklisted hw_random after reports that it causes some systems to crash.
       Note that rc.hotplug is now installed as rc.hotplug.new, but upgradepkg
       will still replace it for one more package iteration. This will cause
       hotplug to be made executable on machines where it currently is not, so
       be aware of that.
a/slocate-3.1-i486-1.tgz: Upgraded to slocate-3.1.
       This uses a new database format, so you'll have to wait for the cron job or
       run "updatedb -c /etc/updatedb.conf" as root. Thanks to Piotr Simon and
       Erik Jan Tromp for pointing out that the docs for the previous package were
       installed with incorrect permissions.
a/udev-071-i486-1.tgz: Upgraded to udev-071.
       Set ttyUSB devices to mode 660 so that users in group tty can use them.
       Get rid of the 10-udev.hotplug -> /sbin/udevsend symlink in
       /etc/hotplug.d/default. This fixes a race condition with using the hotplug
       event handling system now enabled by default in the latest udev.rules.
       Another nice effect of this is that udevd no longer runs needlessly on 2.4
       systems. WARNING: any existing udev.rules file will be overwritten, so save
       your old file if you have custom rules you'd like to merge in).
       Based on ideas suggested by Eugene Crosser, Piter Punk, and myself.
       In /etc/udev/scripts/make_extra_nodes.sh and floppy-extra-devs.sh, use
       ${udev_root} instead of hardcoding /dev. Thanks to Andreas Schnaiter.
       In /etc/udev/scripts/make_extra_nodes.sh, fixed a bug that caused a bad
       cdrom -> pktcdvd/control symlink to be created if the pktcdvd driver was
       loaded prior to running the make_extra_nodes.sh script.
       Thanks to Kenneth Pettersen for the bug report and fix, and to Giovanni
       Quadriglio who also reported the issue.
       Finally, thanks to Piter Punk for his continued exploration of udev's
       bleeding edge. What's going on there is quite interesting, but there are
       still some issues that have led me to decide it's best to take small steps
       in that direction. For example, it was nice to be able to populate /dev
       before checking the partitions and mounting them read-write, and it seems
       that won't be possible any longer. I've had other reports of hardware that
       wasn't hotplugged correctly, too (and ran into some myself). Mostly it
       seems to be a question of figuring out the proper place in the boot process
       to put udev, but there are also a lot of things we're left to figure out
       concerning the udev rules. We'll get there, but maybe not in the next
       release. This upgrade to udev-071 meets the minimum requirement in the
       2.6.16.9 Documentation/Changes file, and has been heavily tested here and
       found to work well. udev-090 boot the machine faster, but isn't as
       reliable (at least in testing here, with how it's called from our init
       scripts), and I've never been in favor of trading reliability for speed.
ap/alsa-utils-1.0.11-i486-1.tgz: Upgraded to alsa-utils-1.0.11.
ap/mysql-5.0.20a-i486-1.tgz: Upgraded to mysql-5.0.20a.
d/guile-1.8.0-i486-1.tgz: Upgraded to guile-1.8.0.
       I don't think anything in Slackware depends on guile any more, and that the
       only thing that ever did was a solitaire game in GNOME. Since the GNOME
       distributions for Slackware are already including their own guile packages,
       I'm considering this package for removal. How generally useful is it?
       Perhaps something like Ruby in the D series instead would be more useful.
l/alsa-driver-1.0.11_2.4.32-i486-1.tgz: Upgraded to alsa-driver-1.0.11,
       compiled for Linux 2.4.32.
l/alsa-lib-1.0.11rc4-i486-1.tgz: Upgraded to alsa-lib-1.0.11rc4.
       The reason for 11rc4 rather than 11 is that there was a new subsystem added
       (src/pcm_rate_linear.c) in 11rc5, that I suspect causes aRts to break on
       at least one system using snd-via82xx and/or snd-ac97-codec -- aRts bails
       with a message about a CPU overload. The exact chipset is:
       VIA Technologies, Inc. VT8233/A/8235/8237 AC97 Audio Controller (rev 60)
       It would seem to me that rc4->rc5 was kind of a risky time in the release
       cycle to introduce such a massive change to the codebase. In any case,
       I think it's prudent to stick with alsa-lib-1.0.11rc4 as the default
       alsa-lib version until this gets sorted out upstream.
l/alsa-oss-1.0.11-i486-1.tgz: Upgraded to alsa-oss-1.0.11.
l/libungif-4.1.4-i486-2.tgz: Fixed libgif.so* symlinks.
       Thanks to Wim Speekenbrink.
xap/imagemagick-6.2.7_0-i486-1.tgz: Upgraded to ImageMagick-6.2.7-0.
xap/mozilla-1.7.13-i486-1.tgz: Upgraded to mozilla-1.7.13.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla
       This release marks the end-of-life of the Mozilla 1.7.x series:
       http://developer.mozilla.org/devnews/index.php/2006/04/12/sunset-announcement-for-fxtb-10x-and-mozilla-suite-17x/
       Mozilla Corporation is recommending that users upgrade to Firefox and
       Thunderbird, but if you're a fan of the style of the Mozilla Suite, I'd
       recommend SeaMonkey myself. There's a good chance that Mozilla will not
       ship in the next Slackware release, and SeaMonkey will ship in its place.
       I'd been wondering which way to go with that, but getting an official
       EOL statement about the Mozilla Suite makes it seem like the switch to
       SeaMonkey should happen sooner rather than later.
       (* Security fix *)
extra/slacktrack/slacktrack-1.29-i486-1.tgz: Upgraded to slacktrack-1.29-1.
testing/packages/alsa-lib-1.0.11-i486-1.tgz: Added alsa-lib-1.0.11. This is
       primarily intended for people to verify the issue with VIA sound, look for
       a similar issue with other chipsets as well (seems possible, since the issue
       isn't in any VIA specific code in alsa-driver), and report any useful
       information found to the upstream developers:
       https://bugtrack.alsa-project.org/alsa-bug/
       I reported the issue via (ha;) email, but not through the bug track system.
       The developer I contacted couldn't reproduce the issue and didn't think it
       had anything to do with the rate plugin additions. If other folks test
       alsa-lib-1.0.11 and run into this, and have the time to jump through the
       hoops needed to report the bug at the URL above, I'd appreciate the help.
       At least it would demonstrate that it's not just my machine...
testing/packages/linux-2.6.16.9/alsa-driver-1.0.11_2.6.16.9-i486-1.tgz:
       Upgraded to alsa-driver-1.0.11 compiled for Linux 2.6.16.9.
testing/packages/linux-2.6.16.9/kernel-generic-2.6.16.9-i486-1.tgz:
       Upgraded to Linux 2.6.16.9 generic kernel.
testing/packages/linux-2.6.16.9/kernel-headers-2.6.16.9-i386-1.tgz:
       Upgraded to Linux 2.6.16.9 kernel headers.
testing/packages/linux-2.6.16.9/kernel-modules-2.6.16.9-i486-1.tgz
       Upgraded to Linux 2.6.16.9 kernel modules.
testing/packages/linux-2.6.16.9/kernel-source-2.6.16.9-noarch-1.tgz
       Upgraded to Linux 2.6.16.9 kernel source.
       BTW, I think 2.6.16.x, being the first kernel series in the 2.6 series that
       has been promised some long-lived support, will be the 2.6 kernel you'll see
       in the next Slackware release. If/when 2.6.17 (or 18, etc.) come out, don't
       expect to see me chasing after it immediately. I'm looking for a kernel
       that can be counted on for stability -- not the bleeding edge. Of course,
       once 2.6.16.x is considered tested enough to leave /testing (and it does
       seem close), perhaps a newer kernel might take its place here just for fun.
       Oh and yes -- I did see that 2.6.16.10 is out, and I know that the test26.s
       kernel wasn't yet updated. Due to the Mozilla situation, I can't delay this
       update to be a $SUCKER some more, but you'll see 2.6.16.10 soon. That is,
       if there isn't a newer one first...
+--------------------------+
Mon Apr 17 01:22:15 CDT 2006
kde/koffice-1.5.0-i486-1.tgz: Upgraded to koffice-1.5.0.
kdei/koffice-l10n-*.tgz: Upgraded to l10n packages for koffice-1.5.0.
l/gtk+2-2.8.17-i486-1.tgz: Upgraded to gtk+-2.8.17.
l/lcms-1.15-i486-1.tgz: Upgraded to lcms-1.15.
l/libexif-0.6.13-i486-1.tgz: Upgraded to libexif-0.6.13.
l/libidl-0.8.6-i486-1.tgz: Upgraded to libIDL-0.8.6.
l/libglade-2.5.1-i486-1.tgz: Upgraded to libglade-2.5.1.
l/libgsf-1.14.0-i486-1.tgz: Upgraded to libgsf-1.14.0.
       This has changed the major library version from .1 to .114...
l/libidn-0.6.3-i486-1.tgz: Upgraded to libidn-0.6.3.
l/librsvg-2.14.3-i486-1.tgz: Upgraded to librsvg-2.14.3.
l/libtiff-3.8.2-i486-1.tgz: Upgraded to libtiff-3.8.2.
l/libungif-4.1.4-i486-1.tgz: Upgraded to libungif-4.1.4.
l/libwpd-0.8.4-i486-2.tgz: Recompiled against libgsf-1.14.0.
l/wv2-0.2.2-i486-2.tgz: Recompiled against libgsf-1.14.0.
       Apparently, this needed a recompile anyway (with or without new
       dependencies) in order to fix a compiler incompatibility issue
       between gcc-3.3.x and gcc-3.4.x that was breaking .doc support
       in KWord. Thanks to Marin Mitov and Andrey V. Panov for reporting
       this issue.
n/fetchmail-6.3.4-i486-1.tgz: Upgraded to fetchmail-6.3.4.
n/getmail-4.6.0-noarch-1.tgz: Upgraded to getmail-4.6.0.
n/lftp-3.4.4-i486-1.tgz: Upgraded to lftp-3.4.4.
xap/fluxbox-0.9.15.1-i486-1.tgz: Upgraded to fluxbox-0.9.15.1.
xap/gimp-2.2.11-i486-1.tgz: Upgraded to gimp-2.2.11.
xap/mozilla-firefox-1.5.0.2-i686-1.tgz: Upgraded to firefox-1.5.0.2.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
       (* Security fix *)
extra/k3b/k3b-0.12.15-i486-1.tgz: Upgraded to k3b-0.12.15.
extra/k3b/k3b-i18n-0.12.15-noarch-1.tgz: Upgraded to k3b-i18n-0.12.15.
testing/packages/seamonkey-1.0.1-i486-1.tgz: Upgraded to seamonkey-1.0.1.
       This upgrade fixes several possible security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
       (* Security fix *)
In other news, I am aware of the expat-2.0 release, but this has a couple of
API changes (and a new major library number) and it will take some time for
upstream sources to patch for it. Therefore, expat-2.0 will not be used for
Slackware 11.0 (but might be included in /testing).
There's also a new gmp-4.2, but the shared libraries that are built by this
have lower numbers than the ones from gmp-4.1.4, so that's probably not going
to make the cut this time around, either.
+--------------------------+
Tue Apr 4 18:06:21 CDT 2006
d/make-3.81-i486-1.tgz: Upgraded to make-3.81. Long live make!
d/subversion-1.3.1-i486-1.tgz: Upgraded to subversion-1.3.1.
xap/xscreensaver-4.24-i486-1.tgz: Upgraded to xscreensaver-4.24.
+--------------------------+
Mon Apr 3 21:18:03 CDT 2006
a/findutils-4.2.27-i486-1.tgz: Upgraded to findutils-4.2.27.
d/python-2.4.3-i486-1.tgz: Upgraded to python-2.4.3.
       This now links with Berkeley DB 4.4.x. :-)
d/python-demo-2.4.3-noarch-1.tgz: Upgraded to python-2.4.3 demos.
d/python-tools-2.4.3-noarch-1.tgz: Upgraded to python-2.4.3 tools.
kde/amarok-1.3.9-i486-1.tgz: Added amaroK 1.3.9, a media player for KDE.
kde/kdeaccessibility-3.5.2-i486-1.tgz: Upgraded to kdeaccessibility-3.5.2.
kde/kdeaddons-3.5.2-i486-1.tgz: Upgraded to kdeaddons-3.5.2.
kde/kdeadmin-3.5.2-i486-1.tgz: Upgraded to kdeadmin-3.5.2.
kde/kdeartwork-3.5.2-i486-1.tgz: Upgraded to kdeartwork-3.5.2.
kde/kdebase-3.5.2-i486-1.tgz: Upgraded to kdebase-3.5.2.
kde/kdebindings-3.5.2-i486-1.tgz: Upgraded to kdebindings-3.5.2.
kde/kdeedu-3.5.2-i486-1.tgz: Upgraded to kdeedu-3.5.2.
kde/kdegames-3.5.2-i486-1.tgz: Upgraded to kdegames-3.5.2.
kde/kdegraphics-3.5.2-i486-1.tgz: Upgraded to kdegraphics-3.5.2.
kde/kdelibs-3.5.2-i486-1.tgz: Upgraded to kdelibs-3.5.2.
kde/kdemultimedia-3.5.2-i486-1.tgz: Upgraded to kdemultimedia-3.5.2.
kde/kdenetwork-3.5.2-i486-1.tgz: Upgraded to kdenetwork-3.5.2.
kde/kdepim-3.5.2-i486-1.tgz: Upgraded to kdepim-3.5.2.
kde/kdesdk-3.5.2-i486-1.tgz: Upgraded to kdesdk-3.5.2.
kde/kdetoys-3.5.2-i486-1.tgz: Upgraded to kdetoys-3.5.2.
kde/kdeutils-3.5.2-i486-1.tgz: Upgraded to kdeutils-3.5.2.
kde/kdevelop-3.3.2-i486-1.tgz: Upgraded to kdevelop-3.3.2.
kde/kdewebdev-3.5.2-i486-1.tgz: Upgraded to kdewebdev-3.5.2.
kde/qt-3.3.6-i486-1.tgz: Upgraded to qt-x11-free-3.3.6.
kdei/kde-i18n-*-3.5.2-noarch-1.tgz: Upgraded to kde-i18n-3.5.2.
l/arts-1.5.2-i486-1.tgz: Upgraded to arts-1.5.2.
l/libmusicbrainz-2.1.2-i486-1.tgz: Added libmusicbrainz-2.1.2, a library for
       searching a user-maintained community music metadatabase. This is used
       to tag media files by libtunepimp.
l/libtunepimp-0.4.2-i486-1.tgz: Added libtunepimp-0.4.2. This is a library
       used to support adding metadata tags to music files using the MusicBrainz
       client libraries. These libraries are used by several media players to look
       up track information. (e.g. in Slackware, JuK and amaroK so far)
n/rp-pppoe-3.8-i486-1.tgz: Upgraded to rp-pppoe-3.8.
xap/abiword-2.2.9-i486-1.tgz: Removed. More recent versions of AbiWord no
       longer support compiling without GNOME, and it looks like all of the GNOME
       distributions for Slackware are shipping GNOMEified (and newer) versions of
       this package anyway.
+--------------------------+
Thu Mar 30 21:24:37 CST 2006
n/rsync-2.6.7-i486-1.tgz: Upgraded to rsync-2.6.7.
n/samba-3.0.22-i486-1.tgz: Upgraded to samba-3.0.22.
       This fixes a security issue in previous samba releases where secret machine
       credentials may be written into a log file that is readable by anyone with
       a login account on the machine. The issue affects only the samba-3.0.21
       series (including patches a, b, and c.)
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1059
       (* Security fix *)
+--------------------------+
Sun Mar 26 20:42:28 CST 2006
a/aaa_base-10.2.0-noarch-4.tgz: Chowned all binary directories to root:root.
       /media and /svc will not be added at this time, as /mnt (with subdirectory
       mount points such as /mnt/cdrom and /mnt/tmp) and /var were already
       perfectly adequate for the purposes for which /media and /svc were proposed.
       Polluting the root directory is, IMHO, completely pointless. I suppose in
       the future that at least compatibility symlinks will need to be considered,
       though...
a/bash-3.1.014-i486-1.tgz: Upgraded to bash-3.1 patchlevel 014.
a/jfsutils-1.1.10-i486-1.tgz: Upgraded to jfsutils-1.1.10.
a/module-init-tools-3.2.2-i486-1.tgz: Upgraded to module-init-tools-3.2.2.
       This new version of module-init-tools has been patched to look for module
       configuration information in /etc/modprobe.conf only for 2.4.x kernels.
       For 2.6.x kernels, files found in the directory /etc/modprobe.d/ are used
       instead. Eventually, /etc/modprobe.conf will be phased out in favor of
       the /etc/modprobe.d/ approach. If you have anything in your
       /etc/modprobe.conf that you need, and you are using a 2.6.x kernel, be sure
       to copy the configuration to a file (or files) in /etc/modprobe.d/.
       Hint: ALSA expects sound modules to be configured in /etc/modprobe.d/sound.
ap/groff-1.19.2-i486-1.tgz: Upgraded to groff-1.19.2.
ap/hpijs-2.1.4-i486-1.tgz: Upgraded to hpijs-2.1.4.
       Thanks to Giovanni Venturi for the reminder.
ap/lsof-4.76-i486-1.tgz: Upgraded to lsof-4.76.
ap/most-4.10.2-i486-1.tgz: Upgraded to most-4.10.2.
ap/mysql-5.0.19-i486-1.tgz: Upgraded to mysql-5.0.19.
ap/sox-12.17.9-i486-1.tgz: Upgraded to sox-12.17.9.
ap/vim-6.4.010-i486-1.tgz: Upgraded to VIM 6.4.010.
ap/zsh-4.2.6-i486-1.tgz: Upgraded to zsh-4.2.6.
d/subversion-1.3.0-i486-2.tgz: Fixed broken apr include file permissions.
       Thanks to Andreas Schnaiter for pointing this out.
n/curl-7.15.3-i486-1.tgz: Upgraded to curl-7.15.3.
       This release fixes a security issue discovered by Ulf Harnhammar.
       libcurl uses the given file part of a TFTP URL in a manner that allows a
       malicious user to overflow a heap-based memory buffer due to the lack of
       boundary check. This overflow happens if you pass in a URL with a TFTP
       protocol prefix ("tftp://"), using a valid host and a path part that is
       longer than 512 bytes. The affected flaw can be triggered by a redirect,
       if curl/libcurl is told to follow redirects and an HTTP server points
       the client to a tftp URL with the characteristics described above.
       There is no known exploit at the time of this writing.
       No stable version of Slackware is affected, as the flaw exists only in
       the curl-7.15.x series prior to curl-7.15.3.
       The cURL advisory may be found here:
       http://curl.haxx.se/docs/adv_20060320.html
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1061
       (* Security fix *)
n/epic4-2.4-i486-1.tgz: Upgraded to epic4-2.4.
n/openldap-client-2.3.20-i486-1.tgz: Upgraded to openldap-2.3.20 client
       libraries.
xap/xvim-6.4.010-i486-1.tgz: Upgraded to VIM 6.4.010 (with X support.)
extra/brltty/brltty-3.7.2-i486-1.tgz: Upgraded to brltty-3.7.2.
extra/emacspeak/emacspeak-23.0-i486-1.tgz: Upgraded to emacspeak-23.0.
extra/inn/inn-2.4.3-i486-1.tgz: Upgraded to inn-2.4.3 compiled against
       libdb-4.2. Note that this package DOES NOT preserve configuration
       files, so back them up first! Also, any database files will need to
       be rebuilt due to the move from db-3.3 to db-4.2.
extra/slacktrack/slacktrack-1.28-i486-1.tgz: Upgraded to slacktrack-1.28_1.
+--------------------------+
Wed Mar 22 13:01:23 CST 2006
n/sendmail-8.13.6-i486-1.tgz: Upgraded to sendmail-8.13.6.
       This new version of sendmail contains a fix for a security problem
       discovered by Mark Dowd of ISS X-Force. From sendmail's advisory:
       Sendmail was notified by security researchers at ISS that, under some
       specific timing conditions, this vulnerability may permit a specifically
       crafted attack to take over the sendmail MTA process, allowing remote
       attackers to execute commands and run arbitrary programs on the system
       running the MTA, affecting email delivery, or tampering with other
       programs and data on this system. Sendmail is not aware of any public
       exploit code for this vulnerability. This connection-oriented
       vulnerability does not occur in the normal course of sending and
       receiving email. It is only triggered when specific conditions are
       created through SMTP connection layer commands.
       Sendmail's complete advisory may be found here:
       http://www.sendmail.com/company/advisory/index.shtml
       The CVE entry for this issue may be found here:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
       (* Security fix *)
n/sendmail-cf-8.13.6-noarch-1.tgz: Upgraded to sendmail-8.13.6 configuration
       files.
+--------------------------+
Tue Mar 21 11:17:27 CST 2006
x/x11-6.9.0-i486-3.tgz: Fixed /usr/X11R6/bin/Xorg, which due to being not
       setuid root could not be used by non-root users. Thanks to the many people
       who reported this issue. I tracked it down to a new (or rather, back again)
       behavior of "chown", which is removing the suid/sgid bits from any file that
       it touches. I remember this same situation from the old days, and it's
       why many of the older package builds use a package skeleton and then install
       binaries using "cat" -- this prevents the changing of the permissions.
       If I recall correctly, "strip" also used to do this. Looking in the kernel
       source, I see some mention in fs/open.c about doing this as a safety feature.
       IMO, it doesn't seem like the right thing to do, though. If I want chmod,
       I'll use it, thank you. However, it looks like the feature was added years
       ago, and I have no idea why it has just recently kicked in. I've gone back
       and tested on a Slackware 10.2 box, and it's also showing the same effects
       with "chown", so it seems to me that this sort of breakage should have
       been happening when the x11*-6.9.0-i486-1.tgz packages were built, too,
       but Xorg was properly setuid in that package set. I tried dropping back
       to the previous coreutils, and this also didn't help. It's a mystery.
       Anyway, my first thought was to simply move the "chmod 4711" on Xorg to
       after the last "chown" in the build script, but decided that the best way
       to handle this is to begin phasing out the use of the "bin" group on
       binaries and binary directories. There was never any use to this ever, so
       far as I can tell. I think someone working on the FHS just thought that
       root:bin looked nicer, or something. ;-) Most distributions install
       binaries as root:root now anyway, and the latest standards no longer
       require root:bin. Since it doesn't matter, don't expect everything to
       change all at once -- don't send bug reports concerning files or
       directories that "should be" root:bin or root:root. We will move away
       from root:bin to root:root as new packages are built.
       I sure hope "strip" doesn't start acting up next...
x/x11-devel-6.9.0-i486-3.tgz: Rebuilt. Really, there was no need to rebuild
       this or the below packages, but I like a consistent build number when it's
       not too much trouble to have it.
x/x11-docs-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-docs-html-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-fonts-100dpi-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-fonts-cyrillic-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-fonts-misc-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-fonts-scale-6.9.0-noarch-3.tgz: Rebuilt.
x/x11-xdmx-6.9.0-i486-3.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-3.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-3.tgz: Recompiled.
+--------------------------+
Mon Mar 20 09:29:15 CST 2006
x/x11-6.9.0-i486-2.tgz: Patched with x11r6.9.0-geteuid.diff.
       From the x.org security page:
       * March 20, 2006 - A security vulnerability has been found in the X.Org
       server as shipped with X11R6.9.0 and X11R7.0 (xorg-server 1.0.0 and
       1.0.1) -- this is CVE-2006-0745. Local users were able to escalate
       privileges to root and cause a DoS if the Xorg server was installed
       setuid root (the default). Note that earlier releases are not
       vulnerable.
       For more information (eventually), see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0745
       (* Security fix *)
       Since this issue does not affect any stable/released version of Slackware,
       there will no security advisory on the mailing list. Those running -current
       should keep up with the ChangeLog to stay on top of new developments.
x/x11-devel-6.9.0-i486-2.tgz: Recompiled.
x/x11-docs-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-docs-html-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-fonts-100dpi-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-fonts-cyrillic-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-fonts-misc-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-fonts-scale-6.9.0-noarch-2.tgz: Rebuilt.
x/x11-xdmx-6.9.0-i486-2.tgz: Recompiled.
x/x11-xnest-6.9.0-i486-2.tgz: Recompiled.
x/x11-xvfb-6.9.0-i486-2.tgz: Recompiled.
testing/packages/linux-2.6.15.6/kernel-source-2.6.15.6-noarch-2.tgz:
       Removed spurious "asm" symlink in /. Thanks to xgizzmo.
+--------------------------+
Fri Mar 17 16:42:40 CST 2006
l/cairo-1.0.4-i486-1.tgz: Upgraded to cairo-1.0.4.
l/gtk+2-2.8.16-i486-1.tgz: Upgraded to gtk+-2.8.16.
n/dnsmasq-2.27-i486-1.tgz: Upgraded to dnsmasq-2.27.
Oh, and happy St. Patrick's day! :-)
+--------------------------+
Tue Mar 14 18:01:26 CST 2006
n/stunnel-4.15-i486-2.tgz: Fixed messed up /var/lib perms.
       Thanks to Adam Dawidowski for the bug report.
+--------------------------+
Mon Mar 13 18:53:57 CST 2006
a/aaa_base-10.2.0-noarch-3.tgz: Added /var/empty directory.
a/gawk-3.1.5-i486-2.tgz: Applied bugfix from the gawk mailing list to fix a
       problem with newer glibc versions pulling that "*** free(): invalid pointer"
       trick we all love. :-) Thanks to Grant for sending in a link to the fix.
a/glibc-solibs-2.3.6-i486-3.tgz: Recompiled against 2.4.32 and 2.6.15.6
       kernel headers. Yes, I have seen that shiny-looking glibc-2.4 release on
       ftp.gnu.org, but glibc-2.4 completely drops support for linuxthreads, and
       therefore will not support vanilla Linux 2.4.x kernels. I don't think
       we're quite ready for that yet around here.
a/glibc-zoneinfo-2.3.6-noarch-3.tgz: Updated timezone data from tzdata2006c.
a/kernel-ide-2.4.32-i486-3.tgz: Recompiled with gcc-3.4.6.
a/kernel-modules-2.4.32-i486-4.tgz: Recompiled with gcc-3.4.6.
       Thanks to Piter Punk for all the help revising the default entries in
       /etc/rc.d/rc.modules.new to be more accurate for 2.6.x kernels. I've tried
       to make it function in the default state under 2.4.x kernels too, though
       some of the modules have different names in 2.4 vs. 2.6...
       Also thanks to Didier Spaier for suggesting an example for DMA usage in the
       section of rc.modules that loads the parallel-port support.
d/gcc-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
d/gcc-g++-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
d/gcc-g77-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
d/gcc-gnat-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
d/gcc-java-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
d/gcc-objc-3.4.6-i486-1.tgz: Upgraded to gcc-3.4.6.
l/alsa-driver-1.0.11rc3_2.4.32-i486-1.tgz: Upgraded to alsa-driver-1.0.11rc3
       compiled for Linux 2.4.32. The 2.6.15.6 kernel does not work properly using
       the modules in alsa-driver-1.0.10, but works fine with these. Although I'm
       normally against using release candidates, I thought in this case that the
       version of alsa-driver used by the 2.4 and 2.6 kernels should be the same
       since the package does install some header files that would overlap. It's
       worked fine on both 2.4.32 and 2.6.15.6 here, and the other alsa-* packages
       compile against it without errors (so I don't see a need to update those).
       I think this will work, but let me know if this upgrade causes any problems.
l/db44-4.4.20-i486-1.tgz: For consistency, change the name of this package from
       db4 to db44, and move the header files into /usr/include/db44/, since that's
       the directory where the next version of Python will be looking for them.
       Oh, and on that topic, I've had a few people send in or provide links to
       patches that fix compiling the latest Python with db-4.4. Thanks, but it's
       still a more conservative approach to wait until db-4.4 is officially
       supported upstream. BTW, none of the patches were exactly the same. :-)
       db-4.3 would also work, but it's probably not worth introducing yet-another
       already old version of db over.
       Added the --enable-cxx option. (Suggested by Kevin Brammer)
l/glibc-2.3.6-i486-3.tgz: Recompiled against 2.4.32 and 2.6.15.6 kernel
       headers. Added /var/run/nscd/ directory (thanks to Dirk van Deun).
       Updated timezone data from tzdata2006c.
l/glibc-i18n-2.3.6-noarch-3.tgz: Rebuilt.
l/glibc-profile-2.3.6-i486-3.tgz: Recompiled against 2.4.32 and 2.6.15.6
       kernel headers.
l/gtk+2-2.8.14-i486-1.tgz: Upgraded to gtk+2-2.8.14.
n/gnupg-1.4.2.2-i486-1.tgz: Upgraded to gnupg-1.4.2.2.
       There have been two security related issues reported recently with GnuPG.
       From the GnuPG 1.4.2.1 and 1.4.2.2 NEWS files:
       Noteworthy changes in version 1.4.2.2 (2006-03-08)
       * Files containing several signed messages are not allowed any
       longer as there is no clean way to report the status of such
       files back to the caller. To partly revert to the old behaviour
       the new option --allow-multisig-verification may be used.
       Noteworthy changes in version 1.4.2.1 (2006-02-14)
       * Security fix for a verification weakness in gpgv. Some input
       could lead to gpgv exiting with 0 even if the detached signature
       file did not carry any signature. This is not as fatal as it
       might seem because the suggestion as always been not to rely on
       th exit code but to parse the --status-fd messages. However it
       is likely that gpgv is used in that simplified way and thus we
       do this release. Same problem with "gpg --verify" but nobody
       should have used this for signature verification without
       checking the status codes anyway. Thanks to the taviso from
       Gentoo for reporting this problem.
       (* Security fix *)
n/popa3d-1.0.1-i486-1.tgz: Upgraded to popa3d-1.0.1.
n/stunnel-4.15-i486-1.tgz: Upgraded to stunnel-4.15.
bootdisks/*: Rebuilt using the recompiled 2.4.32 kernels.
extra/k3b/k3b-0.12.14-i486-1.tgz: Upgraded to k3b-0.12.14.
extra/k3b/k3b-i18n-0.12.14-noarch-1.tgz: Upgraded to k3b-i18n-0.12.14.
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.32-i486-3.tgz:
       Recompiled with gcc-3.4.6.
extra/linux-wlan-ng/linux-wlan-ng-0.2.3_2.6.15.6-i486-1.tgz:
       Recompiled with gcc-3.4.6 for Linux 2.6.15.6.
kernels/*.?/*: Recompiled 2.4.32 kernels with gcc-3.4.6, upgraded
       test26.s kernel to 2.6.15.6.
pasture/gnupg-1.2.7-i486-1.tgz: This can rest here for a little while
       just in case gnupg-1.4.2.2 causes any problems, but I doubt it will.
       I also think gnupg-1.2.7 is still secure when used securely (if that
       makes any sense ;-), or I wouldn't even leave it in /pasture...
testing/packages/linux-2.6.15.6/alsa-driver-1.0.11rc3_2.6.15.6-i486-1.tgz
       Upgraded to alsa-driver-1.0.11rc3 compiled for Linux 2.6.15.6.
       This should fix the "free_hot_cold_page" issue that was occuring with
       alsa-driver-1.0.10 and the 2.6.15+ kernels. It fixes it here,
       anyway. :-)
testing/packages/linux-2.6.15.6/kernel-generic-2.6.15.6-i486-1.tgz
       Upgraded to Linux 2.6.15.6 generic kernel.
testing/packages/linux-2.6.15.6/kernel-headers-2.6.15.6-i386-1.tgz
       Upgraded to Linux 2.6.15.6 kernel headers.
testing/packages/linux-2.6.15.6/kernel-modules-2.6.15.6-i486-1.tgz
       Upgraded to Linux 2.6.15.6 kernel modules.
testing/packages/linux-2.6.15.6/kernel-source-2.6.15.6-noarch-1.tgz
       Upgraded to Linux 2.6.15.6 kernel source.
+--------------------------+
Sat Mar 4 19:54:26 CST 2006
a/xfsprogs-2.7.11-i486-2.tgz: Fixed .gz.gz double compression on
       the manpages. Turns out they were already installed compressed.
       Thanks to Dave Fullerton.
       Fixed /usr/lib/libhandle.so symlink.
       Thanks to Luigi Genoni.
ap/dmapi-2.2.3-i486-2.tgz: Fixed /usr/lib/libdm.so symlink.
       Thanks to Luigi Genoni.
ap/xfsdump-2.2.33-i486-2.tgz: Recompiled to link with libhandle.
d/python-2.4.2-i486-2.tgz: Recompiled against Berkeley DB 4.2.52
       to get _bsddb.so and dbm.so to build. Python finds the db-4.2.52
       headers fine in /usr/include/db42/, so I guess that's the right
       place for them. :-)
d/python-demo-2.4.2-noarch-2.tgz: Rebuilt.
d/python-tools-2.4.2-noarch-2.tgz: Rebuilt.
l/db42-4.2.52-i486-3.tgz: Added a db-4.2.52 package (called db42)
       as a non-default version of Berkeley DB 4.x, since some things
       still aren't ready for db-4.4.x, and it's probably best not to
       force the issue until the changes needed for db-4.4.x are made
       upstream where needed. Oh, I've had a report that subversion-1.3.0
       isn't working with db-4.4.x -- can anyone confirm this? I'm not
       running any kind of test repository here, so feedback on whether
       subversion could use a recompile against db-4.2 would be helpful.
n/proftpd-1.3.0rc4-i486-1.tgz: Upgraded to proftpd-1.3.0rc4.
+--------------------------+
Wed Mar 1 20:25:56 CST 2006
a/coreutils-5.94-i486-2.tgz: Restored ginstall -> install symlinks
       which are still needed to build some things. Thanks to Rich.
extra/bash-completion/bash-completion-20060301-noarch-1.tgz:
       Upgraded to bash-completion-20060301.
+--------------------------+
Tue Feb 28 20:50:44 CST 2006
a/bash-3.1-i486-3.tgz: Patched with additional official patches
       bash31-008 through bash31-011.
a/util-linux-2.12r-i486-1.tgz: Upgraded to util-linux-2.12r.
a/xfsprogs-2.7.11-i486-1.tgz: Upgraded to xfsprogs-2.7.11.
       Split acl, attr, dmapi, and xfsdump into separate packages and
       moved them into the AP series. This location was a bit of a judgement
       call since acl, attr, and dmapi contain libraries, but so do some other
       packages outside L. Anyway, it does seem to me that xfsdump should go
       in AP, and that these packages should all be found in the same place.
ap/acl-2.2.34-i486-1.tgz: Upgraded to acl-2.2.34, split out of xfsprogs
       package.
ap/attr-2.4.28-i486-1.tgz: Upgraded to attr-2.4.28, split out of xfsprogs
       package.
ap/dmapi-2.2.3-i486-1.tgz: Upgraded to dmapi-2.2.3, split out of xfsprogs
       package.
ap/xfsdump-2.2.33-i486-1.tgz: Upgraded to xfsdump-2.2.33, split out of
       xfsprogs package.
d/clisp-2.38-i486-2.tgz: Added some additional modules for CLISP.
       Thanks to Bradley Reed for the hint.
f/linux-faqs-20060228-noarch-1.tgz: Updated from ibiblio.org.
f/linux-howtos-20060228-noarch-1.tgz: Upgraded to Linux-HOWTOs-20060228.
l/gtk+2-2.8.13-i486-1.tgz: Upgraded to gtk+-2.8.13.
l/pango-1.10.4-i486-1.tgz: Upgraded to pango-1.10.4.
n/bind-9.3.2-i486-3.tgz: Modified rc.bind to try to use rndc to stop the
       nameserver before resorting to killall, and added some additional comments
       about loading the "capability" module on 2.6+ kernels.
n/samba-3.0.21c-i486-1.tgz: Upgraded to samba-3.0.21c.
+--------------------------+
Mon Feb 20 14:20:17 CST 2006
ap/dvd+rw-tools-6.1-i486-1.tgz: Upgraded to dvd+rw-tools-6.1.
kdei/kde-i18n-sv-3.5.1-noarch-1a.tgz: Fixed with a rebuild. Thanks to
       Nille Kungen for pointing out that the -1 package was missing files.
n/bind-9.3.2-i486-2.tgz: Patched to remove the use of the obsolete setsockopt
       SO_BSDCOMPAT that was putting annoying warnings in /var/log/syslog when bind
       binaries were run under a 2.6.x kernel. Thanks to Marin Glibic.
       Fixed missing nslookup.1 man page. Thanks to Lior Kadosh.
n/tin-1.8.1-i486-1.tgz: Upgraded to tin-1.8.1.
+--------------------------+
Thu Feb 16 14:01:26 CST 2006
OK, I think I have everything that used libreadline.so.4 recompiled
with the exception of AbiWord, as the --disable-gnome option no
longer seems to work with abiword-2.4.2 -- it still demands
libgnomeprint and all of its dependencies. Anyone know a way around
this one? If not, AbiWord will likely be removed soon. It's
included in all of the GNOME distributions for Slackware anyway...
a/bash-3.1-i486-2.tgz: Applied official bash patches 006 and 007.
a/coreutils-5.94-i486-1.tgz: Upgraded to coreutils-5.94.
a/sed-4.1.5-i486-1.tgz: Upgraded to sed-4.1.5.
ap/bc-1.06-i486-3.tgz: Recompiled with new libreadline.
ap/gimp-print-4.2.7-i486-2.tgz: Recompiled with new libreadline.
ap/rzip-2.1-i486-1.tgz: Upgraded to rzip-2.1.
d/guile-1.6.7-i486-2.tgz: Recompiled with new libreadline.
l/gtk+2-2.8.12-i486-1.tgz: Upgraded to gtk+2-2.8.12.
l/pilot-link-0.11.8-i486-3.tgz: Recompiled with new libreadline.
n/ntp-4.2.0a-i486-1.tgz: Upgraded to ntp-stable-4.2.0a-20060127
       compiled with new libreadline.
xap/fvwm-2.4.19-i486-5.tgz: Recompiled with new libreadline.
xap/gftp-2.0.18-i486-2.tgz: Recompiled with new libreadline.
xap/gnuchess-5.07-i486-2.tgz: Recompiled with new libreadline.
xap/xine-ui-0.99.4-i686-2.tgz: Recompiled with new libreadline.
extra/parted/parted-1.6.25.1-i486-1.tgz: Upgraded to parted-1.6.25.1,
       compiled with new libreadline.
testing/packages/gnupg-1.4.2.1-i486-1.tgz: Upgraded to gnupg-1.4.2.1.
       This fixes an issue where gpg could exit with zero in certain cases
       where a detached "signature" actually contained no signature.
       However, according to the NEWS file "nobody should have used this
       for signature verification without checking the status codes" with
       --status-fd. Considering that (and especially this package's placement
       in the /testing directory) I'm not going to issue an advisory here,
       though the NEWS file does admit it is a security weakness.
+--------------------------+
Tue Feb 14 16:08:52 CST 2006
n/php-4.4.2-i486-3.tgz: Fixed some more bugs from the 4.4.2 release...
       hopefully the third time is the charm.
       Replaced PEAR packages for which the 4.4.2 release contained incorrect
       md5sums: Archive_Tar-1.3.1, Console_Getopt-1.2, and HTML_Template_IT-1.1.3.
       (this last one was also not upgraded to the stable version that was released
       on 2005-11-01) Sorry to have delayed the advisories, but these bugs had to
       be fixed first. IMHO, the security issues are of dubious severity anyway,
       or a more agressive approach would have been taken (though this would likely
       have caused a lot of people to upgrade to the broken -1 or -2 package
       revisions, so anyone who didn't know about this until now was probably saved
       a hassle.)
       Upgraded other PEAR modules to HTTP-1.4.0, Net_SMTP-1.2.8, and XML_RPC-1.4.5.
       Thanks again to Krzysztof Oledzki for the bug report.
testing/packages/php-5.1.2/php-5.1.2-i486-2.tgz: The same junk
       dotfiles were installed in php-5.1.2, too. Cleaned them out
       of the root directory of the package. Thanks to Tyler McGrath
       for reporting this.
+--------------------------+
Fri Feb 10 19:07:13 CST 2006
ap/man-1.6c-i486-2.tgz: Reversed man-1.6c change that caused
       makewhatis to break. Thanks to Robby Workman for the patch.
n/php-4.4.2-i486-2.tgz: Rebuilt the package to clean up some junk
       dotfiles that were installed in the / directory. Harmless, but
       sloppy... Thanks to Krzysztof Oledzki for pointing this out.
+--------------------------+
Thu Feb 9 17:24:25 CST 2006
a/aaa_elflibs-10.2.0-i486-4.tgz: Added /lib/libgcc_s.so.1 ->
       /usr/lib/libgcc_s.so.1 symlink, needed by Oracle 10g RAC support.
       Thanks to Luigi Genoni.
       Upgraded various other libraries.
a/bash-3.1-i486-1.tgz: Upgraded to bash-3.1.
a/coreutils-5.93-i486-1.tgz: Upgraded to coreutils-5.93.
       The DEFAULT_POSIX2_VERSION=199209 is set to provide more
       traditional behavior (thanks to Eric Hameleers), but this may change
       in the future as the newer standards are accepted. Added
       the uname patch (suggested by many), and moved color ls setup
       out of /etc/profile and /etc/csh.login and into scripts in
       /etc/profile.d/. These scripts also replace some functionality
       (setting up aliases and defaults) that is no longer part of the
       dircolors tool.
a/cups-1.1.23-i486-2.tgz: Recompiled against new OpenSSL.
a/cxxlibs-6.0.3-i486-1.tgz: Upgraded to libstdc++ from gcc-3.4.5.
a/etc-5.1-noarch-11.tgz: Removed color ls setup from /etc/profile
       and /etc/csh.login. Fixed csh.login in cases where $TERM or $MANPATH
       are not set. (thanks to Jim Diamond)
a/gettext-0.14.5-i486-1.tgz: Upgraded to gettext-0.14.5.
a/glibc-solibs-2.3.6-i486-2.tgz: Recompiled with gcc-3.4.5
       against the 2.4.32 and 2.6.15.3 kernel headers.
a/glibc-zoneinfo-2.3.6-noarch-2.tgz: Recompiled.
a/gpm-1.20.1-i486-1.tgz: Upgraded to gpm-1.20.1, with many, many patches.
a/openssl-solibs-0.9.8a-i486-1.tgz: Upgraded to openssl-0.9.8a.
       This may require many things to be recompiled. Let me know if I
       skipped anything that matters. :-)
a/pkgtools-10.2.0-i486-6.tgz: Upgraded subset of terminfo database from
       ncurses-5.5. Upgraded to dialog-1.0-20060126.
a/procps-3.2.6-i486-1.tgz: Upgraded to procps-3.2.6.
a/tcsh-6.14.00-i486-2.tgz: Patched to remove built-in color ls, as the new
       coreutils adds an 'su' feature to the shared $LS_COLORS variable that
       causes tcsh to exit. Perhaps tcsh should use a different variable name or
       be less strict about using LS_COLORS? The GNU ls version is probably
       better for most purposes anyway, though.
ap/espgs-8.15.1-i486-1.tgz: Upgraded to espgs-8.15.1.
ap/linuxdoc-tools-0.9.21-i486-1.tgz: Added linuxdoc-tools-0.9.21.
       This package replaces the sgml-tools package and should contain the
       essentials needed to handle modern Linux Docbook/SGML documents. Huge
       thanks are due to Stuart Winter for doing most of the work on transitioning
       Slackware from the old sgml-tools system to this one! :-)
ap/man-1.6c-i486-1.tgz: Upgraded to man-1.6c.
ap/man-pages-2.22-noarch-1.tgz: Upgraded to man-pages-2.22.
ap/mdadm-2.3.1-i486-1.tgz: Upgraded to mdadm-2.3.1.
ap/mysql-5.0.18-i486-1.tgz: Upgraded to mysql-5.0.18.
       (this will require everything linked to MySQL libs to be recompiled)
ap/sgml-tools-1.0.9-i486-12.tgz: Removed. (replaced with linuxdoc-tools)
ap/sudo-1.6.8p12-i486-1.tgz: Upgraded to sudo-1.6.8p12.
       This fixes an issue where a user able to run a Python script through sudo
       may be able to gain root access.
       IMHO, running any kind of scripting language from sudo is still not safe...
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0151
       (* Security fix *)
ap/vorbis-tools-1.1.1-i486-2.tgz: Recompiled.
d/automake-1.9.6-noarch-1.tgz: Upgraded to automake-1.9.6.
d/bison-2.1-i486-1.tgz: Upgraded to bison-2.1.
       I think enough of the upstream sources are expecting bison-2.x now, but let
       me know if you find breakage (for which patches or pointers to upgrades
       would be welcome.)
d/clisp-2.38-i486-1.tgz: Upgraded to clisp-2.38.
d/doxygen-1.4.6-i486-1.tgz: Upgraded to doxygen-1.4.6.
d/gdb-6.4-i486-1.tgz: Upgraded to gdb-6.4.
d/gettext-tools-0.14.5-i486-1.tgz: Upgraded to gettext-0.14.5 tools.
d/m4-1.4.4-i486-1.tgz: Upgraded to m4-1.4.4.
d/make-3.80-i486-2.tgz: Fixed an out-of-memory bug in make, since
       nobody upstream seems concerned about putting out a fixed make
       release any time soon. Is "make" dead? ;-)
       Reported here by: Mihnea-Costin Grigore, penguinista, and ePAc.
d/nasm-0.98.39-i486-1.tgz: Upgraded to nasm-0.98.39.
d/perl-5.8.8-i486-1.tgz: Upgraded to perl-5.8.8 and DBI-1.50.
d/pkgconfig-0.20-i486-1.tgz: Upgraded to pkgconfig-0.20.
d/python-2.4.2-i486-1.tgz: Upgraded to python-2.4.2.
       The bsddb module didn't build against the new 4.4.x version of
       Berkeley DB. Does anyone care? Or perhaps have a patch? :-)
d/python-demo-2.4.2-noarch-1.tgz: Upgraded to python-2.4.2 demos.
d/python-tools-2.4.2-noarch-1.tgz: Upgraded to python-2.4.2 tools.
d/strace-4.5.14-i486-1.tgz: Upgraded to strace-4.5.14.
kde/k*.tgz: Upgraded to KDE 3.5.1.
kde/koffice-1.4.2-i486-1.tgz: Upgraded to koffice-1.4.2.
kde/qt-3.3.5-i486-1.tgz: Upgraded to qt-3.3.5.
l/arts-1.5.1-i486-1.tgz: Upgraded to arts-1.5.1.
l/aspell-0.60.2-i486-2.tgz: Recompiled.
l/atk-1.10.3-i486-1.tgz: Upgraded to atk-1.10.3.
l/cairo-1.0.2-i486-1.tgz: Added cairo graphics library for GTK+2.
l/db4-4.4.20-i486-1.tgz: Upgraded to Berkeley DB 4.4.20. This will
       require rebuilding any databases that use the older spec as things
       are recompiled to use this, and I'm planning to do that whereever
       possible. Just be glad I don't do this with every new BDB release
       like I used to. :-)
l/glib2-2.8.6-i486-1.tgz: Upgraded to glib-2.8.6.
l/glibc-2.3.6-i486-2.tgz: Recompiled with gcc-3.4.5
       against the 2.4.32 and 2.6.15.3 kernel headers.
l/glibc-i18n-2.3.6-noarch-2.tgz: Rebuilt.
l/glibc-profile-2.3.6-i486-2.tgz: Recompiled with gcc-3.4.5
       against the 2.4.32 and 2.6.15.3 kernel headers.
l/gmp-4.1.4-i486-3.tgz: Recompiled.
l/gtk+2-2.8.11-i486-1.tgz: Upgraded to gtk+-2.8.11.
l/jre-1_5_0_06-i586-1.tgz: Upgraded to Java(TM) 2 Platform Standard Edition
       Runtime Environment Version 5.0, Release 6.
l/libogg-1.1.3-i486-1.tgz: Upgraded to libogg-1.1.3.
l/libtiff-3.7.4-i486-1.tgz: Upgraded to libtiff-3.7.4.
l/libvorbis-1.1.2-i486-1.tgz: Upgraded to libvorbis-1.1.2.
l/libwpd-0.8.4-i486-1.tgz: Upgraded to libwpd-0.8.4.
l/libxml2-2.6.23-i486-1.tgz: Upgraded to libxml2-2.6.23.
l/ncurses-5.5-i486-1.tgz: Upgraded to ncurses-5.5.
l/pango-1.10.3-i486-1.tgz: Upgraded to pango-1.10.3.
l/pcre-6.4-i486-2.tgz: Recompiled.
l/readline-5.1-i486-1.tgz: Upgraded to readline-5.1.
l/sdl-1.2.9-i486-2.tgz: Recompiled.
l/taglib-1.4-i486-2.tgz: Recompiled.
n/apache-1.3.34-i486-2.tgz: Recompiled against db-4.4.
       Support for db-3.3 removed.
n/bind-9.3.2-i486-1.tgz: Upgraded to bind-9.3.2.
n/bitchx-1.1-i486-3.tgz: Recompiled.
n/curl-7.15.1-i486-1.tgz: Upgraded to curl-7.15.1.
n/dhcpcd-2.0.1-i486-1.tgz: Upgraded to dhcpcd-2.0.1.
n/dnsmasq-2.26-i486-1.tgz: Upgraded to dnsmasq-2.26.
n/epic4-2.2-i486-1.tgz: Upgraded to epic4-2.2.
n/fetchmail-6.3.2-i486-1.tgz: Upgraded to fetchmail-6.3.2.
       Presumably this replaces all the known security problems with
       a batch of new unknown ones. (fetchmail is improving, really ;-)
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4348
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0321
       (* Security fix *)
n/getmail-4.4.4-noarch-1.tgz: Upgraded to getmail-4.4.4.
n/imapd-4.64-i486-2.tgz: Recompiled against OpenLDAP client libs.
n/iproute2-2.6.15_060110-i486-1.tgz: Upgraded to iproute2-2.6.15-060110.
n/iptables-1.3.5-i486-1.tgz: Upgraded to iptables-1.3.5.
n/irssi-0.8.10a-i486-1.tgz: Upgraded to irssi-0.8.10a.
n/lftp-3.4.0-i486-1.tgz: Upgraded to lftp-3.4.0.
n/links-2.1pre20-i486-1.tgz: Upgraded to links-2.1pre20.
n/lynx-2.8.5rel.5-i486-2.tgz: Recompiled.
n/mod_ssl-2.8.25_1.3.34-i486-2.tgz: Recompiled against new OpenSSL.
n/mutt-1.4.2.1i-i486-2.tgz: Recompiled against new OpenSSL.
n/nail-11.25-i486-1.tgz: Upgraded to nail-11.25.
n/nmap-4.00-i486-1.tgz: Upgraded to nmap-4.00.
n/openldap-client-2.3.17-i486-1.tgz: Added client libraries and
       binaries for LDAP authentication. (Thanks to Eric Hameleers for
       help with the ./configure options).
n/openssh-4.3p1-i486-1.tgz: Upgraded to openssh-4.3p1.
       This fixes a security issue when using scp to copy files that could
       cause commands embedded in filenames to be executed.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
       (* Security fix *)
n/openssl-0.9.8a-i486-1.tgz: Upgraded to openssl-0.9.8a.
n/php-4.4.2-i486-1.tgz: Upgraded to php-4.4.2.
       Compiled against db-4.4.
       Support for db-3.3 removed.
       Claims to fix "a few small security issues".
       For more information, see:
       http://www.php.net/release_4_4_2.php
       (* Security fix *)
n/pidentd-3.0.19-i486-1.tgz: Upgraded to pidentd-3.0.19.
n/pine-4.64-i486-2.tgz: Recompiled.
n/procmail-3.22-i486-1.tgz: Upgraded to procmail-3.22.
n/proftpd-1.3.0rc3-i486-1.tgz: Upgraded to proftpd-1.3.0rc3. Generally I
       don't like to use release candidates (especially with network services),
       but this one was needed in order to work with the new OpenSSL.
n/rp-pppoe-3.7-i486-1.tgz: Upgraded to rp-pppoe-3.7.
n/samba-3.0.21b-i486-1.tgz: Upgraded to samba-3.0.21b linked with OpenLDAP.
n/sendmail-8.13.5-i486-1.tgz: Upgraded to sendmail-8.13.5.
       This has been relinked with db-4.4.20, so any databases in /etc/mail will
       have to be rebuilt. ( cd /etc/mail ; rm *.db ; make )
n/sendmail-cf-8.13.5-noarch-1.tgz: Upgraded to sendmail-8.13.5 config files.
n/slrn-0.9.8.1-i486-2.tgz: Recompiled.
n/stunnel-4.14-i486-1.tgz: Upgraded to stunnel-4.14.
n/tcpdump-3.9.4-i486-2.tgz: Recompiled.
n/tcpip-0.17-i486-36.tgz: Upgraded to vlan.1.9 and tftp-hpa-0.41.
       Applied Debian's net-tools patch at Cesare Tensi's urging. :-)
n/vsftpd-2.0.4-i486-1.tgz: Upgraded to vsftpd-2.0.4.
n/wget-1.10.2-i486-2.tgz: Recompiled.
n/whois-4.7.11-i486-1.tgz: Upgraded to whois-4.7.11.
n/ytalk-3.3.0-i486-1.tgz: Upgraded to ytalk-3.3.0.
xap/fluxbox-0.9.14-i486-1.tgz: Upgraded to fluxbox-0.9.14.
xap/gaim-1.5.0-i486-2.tgz: Recompiled.
xap/gimp-2.2.10-i486-1.tgz: Upgraded to gimp-2.2.10.
xap/gxine-0.5.4-i486-1.tgz: Upgraded to gxine-0.5.4.
       Thanks to Peter Santoro for the heads-up on the Javascript engine issue.
xap/imagemagick-6.2.6_1-i486-1.tgz: Upgraded to imagemagick-6.2.6-1.
       This has a new major library version number and will require anything
       linked with the ImageMagick shared libraries to be recompiled.
       Several security issues are fixed in this release.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082
       (* Security fix *)
xap/mozilla-1.7.12-i486-2.tgz: Linked libmozjs.so into /usr/lib since gxine
       needs to be able to find it.
xap/mozilla-firefox-1.5.0.1-i686-1.tgz: Upgraded to firefox-1.5.0.1.
       This fixes a DoS issue and some other security bugs.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.1
       (* Security fix *)
xap/pan-0.14.2.91-i486-2.tgz: Recompiled, fixed pan.desktop and moved it
       into the standard .desktop directory.
xap/sane-1.0.17-i486-1.tgz: Upgraded to sane-backends-1.0.17 and
       sane-frontends-1.0.14.
xap/xpdf-3.01-i486-3.tgz: Recompiled with xpdf-3.01pl2.patch to fix
       possible security bugs with malformed PDF files.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3624
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3625
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3626
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3627
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3628
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0301
       (* Security fix *)
xap/xchat-2.6.1-i486-1.tgz: Upgraded to xchat-2.6.1.
xap/xfce-4.2.3.2-i486-1.tgz: Upgraded to xfce-4.2.3.2.
xap/xine-lib-1.1.1-i686-1.tgz: Upgraded to xine-lib-1.1.1.
xap/xscreensaver-4.23-i486-1.tgz: Upgraded to xscreensaver-4.23.
extra/bittornado/bittornado-0.3.14-noarch-1.tgz: Upgraded to
       BitTornado-0.3.14.
extra/bittorrent/bittorrent-4.4.0-noarch-1.tgz: Upgraded to
       BitTorrent-4.4.0. Thanks to Erik Jan Tromp for the doinst.sh
       to automatically edit /etc/mailcap!
extra/jdk-1.5.0_06/jdk-1_5_0_06-i586-1.tgz: Upgraded to Java(TM) 2
       Platform Standard Edition Development Kit Version 5.0, Release 6.
extra/k3b/k3b-0.12.10-i486-1.tgz: Upgraded to k3b-0.12.10.
       Thanks to Robby Workman for noticing that CXXFLAGS needed to be set.
extra/k3b/k3b-i18n-0.12.10-noarch-1.tgz: Upgraded to k3b-i18n-0.12.10.
extra/linux-wlan-ng/linux-wlan-ng-0.2.3_2.6.15.3-i486-1.tgz:
       Recompiled for Linux 2.6.15.3.
kernels/test26.s/*: Upgraded to full-featured Linux 2.6.15.3 kernel.
pasture/lprng-3.8.28-i486-2.tgz: Recompiled against new OpenSSL.
testing/packages/php-5.1.2/php-5.1.2-i486-1.tgz: Upgraded to php-5.1.2.
testing/packages/linux-2.6.15.3/alsa-driver-1.0.10_2.6.15.3-i486-1.tgz:
       Recompiled ALSA modules for Linux 2.6.15.3.
testing/packages/linux-2.6.15.3/kernel-generic-2.6.15.3-i486-1.tgz:
       Upgraded to Linux 2.6.15.3 generic kernel.
testing/packages/linux-2.6.15.3/kernel-headers-2.6.15.3-i386-1.tgz:
       Upgraded to Linux 2.6.15.3 kernel headers.
testing/packages/linux-2.6.15.3/kernel-modules-2.6.15.3-i486-1.tgz:
       Upgraded to Linux 2.6.15.3 kernel modules.
testing/packages/linux-2.6.15.3/kernel-source-2.6.15.3-noarch-1.tgz:
       Upgraded to Linux 2.6.15.3 kernel source.
testing/packages/seamonkey-1.0-i486-1.tgz: Added seamonkey-1.0, which
       will probably be replacing mozilla-1.7.12 in slackware/xap/ soon unless
       doing so ends up breaking too many things. Hopefully it won't -- please
       help test it.
# Old bison packages from slackware/d and /extra moved to /pasture.
# A few sources may still require these unless/until they are updated.
pasture/bison-1.35-i386-1.tgz: Moved to /pasture.
pasture/bison-1.875d-i486-1.tgz: Moved to /pasture.
# We'll see if we can get away with a mass removal of old Berkeley DB
# cruft. Yes, I know this will be painful, but it's not my fault that
# BDB does not stay compatible with itself. This mess had to be cleaned
# up sometime, and in preparation for a .0 release seems as good as any.
pasture/db3-3.3.11-i486-4.tgz: Moved to /pasture.
pasture/db31-3.1.17-i486-1.tgz: Moved to /pasture.
pasture/db4-4.1.25-i386-1.tgz: Moved to /pasture.
pasture/db4-4.2.52-i486-2.tgz: Moved to /pasture.
+--------------------------+
Sat Jan 14 13:41:26 CST 2006
a/kernel-ide-2.4.32-i486-2.tgz: Recompiled with gcc-3.4.5.
       Apparently the nVidia driver demands that the kernel be compiled with the
       same compiler that will be used to compile the kernel module wrapper for the
       binary nVidia driver (though my guess is that if this restriction were not
       coded into their installer that it would work fine), so I've recompiled all
       the 2.4.32 kernels and modules using the new compiler.
a/kernel-modules-2.4.32-i486-3.tgz: Recompiled with gcc-3.4.5.
l/alsa-driver-1.0.10_2.4.32-i486-2.tgz: Recompiled with gcc-3.4.5.
x/x11-docs-html-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
       For those who may not be aware, this is is the exact same code base as
       X11R7.0.0, but is packaged as the traditional single source archive using
       the imake build system. Also, note that this still rightly (IMHO) contains
       freetype-2.1.9. The newer release of freetype (2.1.10) removed some functions
       that various applications use -- I'm hoping that these will be restored.
       Finally, the kernel interface for direct rendering (DRI) seems to have changed,
       and direct rendering with X11R6.9.0 only works on my machines with a 2.6
       kernel. I spent several days trying to produce working DRM kernel modules
       for Linux 2.4.32, but to no avail, so if you're still using a 2.4 kernel
       you'll want to edit your xorg.conf so that the dri module is not loaded
       or you'll likely corrupt your display requiring a reboot. I've tested this
       only with ATI cards and the open source drivers. Perhaps the binary drivers
       from ATI or nVidia would work.
x/x11-fonts-scale-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
x/x11-devel-6.9.0-i486-1.tgz: Upgraded to X11R6.9.0.
x/x11-fonts-100dpi-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
x/x11-xnest-6.9.0-i486-1.tgz: Upgraded to X11R6.9.0.
x/x11-xdmx-6.9.0-i486-1.tgz: Upgraded to X11R6.9.0.
x/x11-fonts-misc-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
x/x11-6.9.0-i486-1.tgz: Upgraded to X11R6.9.0.
x/x11-docs-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
x/x11-fonts-cyrillic-6.9.0-noarch-1.tgz: Upgraded to X11R6.9.0.
x/x11-xvfb-6.9.0-i486-1.tgz: Upgraded to X11R6.9.0.
xap/mozilla-thunderbird-1.5-i686-1.tgz: Upgraded to thunderbird-1.5.
bootdisks/*: Rebuilt using the recompiled 2.4.32 kernels.
extra/linux-wlan-ng/linux-wlan-ng-0.2.3_2.6.14.6-i486-1.tgz:
       Recompiled for Linux 2.6.14.6.
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.32-i486-2.tgz:
       Recompiled with gcc-3.4.5.
kernels/*.?/*: Recompiled 2.4.32 kernels with gcc-3.4.5, upgraded
       test26.s kernel to 2.6.14.6.
testing/packages/linux-2.6.14.6/alsa-driver-1.0.10_2.6.14.6-i486-2.tgz:
       Recompiled for Linux 2.6.14.6.
testing/packages/linux-2.6.14.6/kernel-generic-2.6.14.6-i486-1.tgz:
       Upgraded to Linux 2.6.14.6.
testing/packages/linux-2.6.14.6/kernel-headers-2.6.14.6-i386-1.tgz:
       Upgraded to Linux 2.6.14.6 kernel headers.
testing/packages/linux-2.6.14.6/kernel-modules-2.6.14.6-i486-1.tgz:
       Upgraded to Linux 2.6.14.6 kernel modules.
testing/packages/linux-2.6.14.6/kernel-source-2.6.14.6-noarch-1.tgz:
       Upgraded to Linux 2.6.14.6 kernel source.
+--------------------------+
Thu Dec 15 14:37:27 CST 2005
d/gcc-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
d/gcc-g++-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
d/gcc-g77-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
d/gcc-gnat-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
d/gcc-java-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
d/gcc-objc-3.4.5-i486-1.tgz: Upgraded to gcc-3.4.5.
+--------------------------+
Tue Dec 13 14:01:37 CST 2005
a/kernel-modules-2.4.32-i486-2.tgz: That's what I meant to say below,
       not "l/alsa-driver-1.0.10_2.4.32-i486-1.tgz". I'd been looking at the
       alsa-driver package to see if it had the same issue (it doesn't), and
       then listed the wrong package in the ChangeLog. Sorry about that.
       Oh, and there was really nothing wrong with the modules in the
       kernel-modules-2.4.32-i486-1 package that a 'depmod -a' wouldn't fix.
       That's the only change that went into the package -- the modules are
       the same. Thanks to Victor Keranov for pointing out my mistake.
+--------------------------+
Mon Dec 12 14:33:24 CST 2005
l/alsa-driver-1.0.10_2.4.32-i486-1.tgz: Regenerated 'depmod -a' files,
       as these were referring to uncompressed modules rather than compressed
       ones. Thanks to Malcolm Rowe for pointing this out.
+--------------------------+
Sat Dec 10 23:28:42 CST 2005

It's a girl! :-)

I know a lot of you have been wondering what's going on here, and the news
is that my wife Andrea delivered our first child, a daughter Briah Cecilia
(briah at slackware dot com :-) on 2005-11-22, and that event (and the weeks
that led up to it) has had to take priority over the usual tasks of
download/compile/test/package/upload. But, things should be getting back to
normal here (more or less) over the next couple of weeks, particularly after
the holiday season has come and gone. As you might expect, there are a lot of
friends and relatives who want to see her. :-)

Thanks for your patience, and we now return you to your regularly scheduled
ChangeLog...

a/bash-3.0-i486-4.tgz: Fixed an obscure bug where suspending the first process
       started in a new shell would cause it to hang.
       Thanks to Grant Coady for discovering and fixing this bug.
a/bzip2-1.0.3-i486-2.tgz: Patched a minor bug in the libbz2 shared library
       Makefile to enable support for large files. Thanks to Timothy C. McGrath
       and Manuel Jose Blanca Molinos both of whom pointed out this problem and
       provided fixes.
a/glibc-solibs-2.3.6-i486-1.tgz: Upgraded to glibc-2.3.6 shared libraries.
a/glibc-zoneinfo-2.3.6-noarch-1.tgz: Upgraded to glibc-2.3.6 timezone info.
a/kernel-ide-2.4.32-i486-1.tgz: Upgraded to Linux 2.4.32 bare.i kernel.
a/kernel-modules-2.4.32-i486-1.tgz: Upgraded to Linux 2.4.32 kernel modules.
ap/alsa-utils-1.0.10-i486-1.tgz: Upgraded to alsa-utils-1.0.10.
       In /etc/rc.d/rc.alsa, load snd-seq-oss. (Thanks to Tomas Matejicek)
d/gcc-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4. gcc-4.x isn't ready yet as
       a prime time compiler yet, IMHO -- still too many things it can't compile,
       internal compiler errors, and the like. How much of that is the compiler
       and how much is source needing to be updated is a matter for debate,
       though. Also, the -mcpu=i686 option used in Slackware to optimize
       binaries for i686 or Athlon platforms has changed to -mtune=i686 with the
       gcc-3.4.x compiler series. I'll be updating the SlackBuilds over time as
       the packages are upgraded.
d/gcc-g++-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4.
d/gcc-g77-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4.
d/gcc-gnat-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4.
d/gcc-java-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4.
d/gcc-objc-3.4.4-i486-2.tgz: Upgraded to gcc-3.4.4.
d/kernel-headers-2.4.32-i386-1.tgz: Upgraded to Linux 2.4.32 kernel headers.
k/kernel-source-2.4.32-noarch-1.tgz: Upgraded to Linux 2.4.32 kernel source.
l/alsa-driver-1.0.10_2.4.32-i486-1.tgz: Upgraded to alsa-driver-1.0.10 for
       Linux 2.4.32.
l/alsa-lib-1.0.10-i486-1.tgz: Upgraded to alsa-lib-1.0.10.
l/alsa-oss-1.0.10-i486-1.tgz: Upgraded to alsa-oss-1.0.10.
l/glibc-2.3.6-i486-1.tgz: Upgraded to glibc-2.3.6.
l/glibc-i18n-2.3.6-noarch-1.tgz: Upgraded to glibc-2.3.6 i18n files.
       Added files in /usr/share/locale that hadn't previously been included in
       this package (thanks to Lasse Collin).
l/glibc-profile-2.3.6-i486-1.tgz: Upgraded to glibc-2.3.6.
n/dnsmasq-2.24-i486-1.tgz: Upgraded to dnsmasq-2.24. Thanks to Simon Kelley
       (and one of his anonymous testers) for helping to update the SlackBuild.
n/php-4.4.1-i486-2.tgz: Recompiled with a patch from PHP CVS that fixes issues
       with SquirrelMail and possibly other PHP applications. I'd hoped there would
       be a new PHP out quickly to address this but since there isn't I'm making an
       exception to the usual policy here on merging patches from CVS as a fair
       number of users seem to be affected by this issue. Let me know if this
       doesn't help or if any undesired side effects are noticed.
       This problem was first reported here by Gerardo Exequiel Pozzi, but was
       later reported by too many people to list. Thanks, everyone! :-)
xap/mozilla-firefox-1.5-i686-1.tgz: Upgraded to firefox-1.5.
bootdisks/*: Upgraded to Linux 2.4.32.
extra/linux-wlan-ng/linux-wlan-ng-0.2.1pre25_2.4.32-i486-1.tgz:
       Upgraded to linux-wlan-ng-0.2.1pre25 (for Linux 2.4.32).
extra/linux-wlan-ng/linux-wlan-ng-0.2.3_2.6.14.3-i486-1.tgz
       Upgraded to linux-wlan-ng-0.2.3 (for Linux 2.6.14.3).
isolinux/initrd.img: Upgraded USB/IEEE1394 modules to Linux 2.4.32.
isolinux/network.dsk: Upgraded network modules to Linux 2.4.32.
isolinux/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.32.
kernels/*: Upgraded to Linux 2.4.32 (and test.s to 2.6.14.3).
rootdisks/install.1: Upgraded USB/IEEE1394 modules to Linux 2.4.32.
rootdisks/install.2: Upgraded USB/IEEE1394 modules to Linux 2.4.32.
rootdisks/install.zip: Upgraded USB/IEEE1394 modules to Linux 2.4.32.
rootdisks/network.dsk: Upgraded network modules to Linux 2.4.32.
rootdisks/pcmcia.dsk: Upgraded pcmcia modules to Linux 2.4.32.
testing/packages/linux-2.6.14.3/alsa-driver-1.0.10_2.6.14.3-i486-1.tgz:
       Upgraded to alsa-driver-1.0.10 for Linux 2.6.14.3.
testing/packages/linux-2.6.14.3/kernel-generic-2.6.14.3-i486-1.tgz:
       Upgraded to Linux 2.6.14.3 (generic kernel).
testing/packages/linux-2.6.14.3/kernel-headers-2.6.14.3-i386-1.tgz:
       Upgraded to kernel headers from Linux 2.6.14.3 (see the README
       file in testing/packages/linux-2.6.14.3/ for information about
       why you probably *don't* want to use these headers...)
testing/packages/linux-2.6.14.3/kernel-modules-2.6.14.3-i486-1.tgz:
       Upgraded to kernel modules for Linux 2.6.14.3.
testing/packages/linux-2.6.14.3/kernel-source-2.6.14.3-noarch-1.tgz:
       Upgraded to Linux 2.6.14.3 kernel source.
testing/packages/php-5.1.1/php-5.1.1-i486-1.tgz: Upgraded to php-5.1.1.
       This no longer seems to ship with PEAR, and if anyone knows why this is or
       how to go about adding it back to the package (if it's still required), I'd
       be interested to know.
testing/packages/thunderbird-1.5rc1/mozilla-thunderbird-1.5rc1-i686-1.tgz:
       Added thunderbird-1.5rc1.
+--------------------------+
Mon Nov 7 19:54:57 CST 2005
n/elm-2.5.8-i486-1.tgz: Upgraded to elm2.5.8.
       This fixes a buffer overflow in the parsing of the Expires header that
       could be used to execute arbitrary code as the user running Elm.
       Thanks to Ulf Harnhammar for finding the bug and reminding me to get
       out updated packages to address the issue.
       A reference to the original advisory:
       http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html
+--------------------------+
Sat Nov 5 21:55:21 CST 2005
l/libxml2-2.6.22-i486-1.tgz: Upgraded to libxml2-2.6.22.
       This fixes an issue where libxml2 had declared a variable XML_FEATURE_UNICODE
       that was already used by the expat headers, causing PHP to fail to compile
       when using Slackware's combination of ./configure options.
n/curl-7.12.2-i486-2.tgz: Patched. This addresses a buffer overflow in
       libcurl's NTLM function that could have possible security implications.
       For more details, see:
       http://curl.haxx.se/docs/security.html
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
       (* Security fix *)
n/samba-3.0.20b-i486-1.tgz: Upgraded to samba-3.0.20b.
       This includes various bugfixes. Thanks to Christopher Linnet for reporting
       that this fixes a problem with printing to a printer on an XP machine from
       CUPS. If you use such a configuration, you'll want this upgrade for sure.
n/mod_ssl-2.8.25_1.3.34-i486-1.tgz: Upgraded to mod_ssl-2.8.25-1.3.34.
n/wget-1.10.2-i486-1.tgz: Upgraded to wget-1.10.2.
       This addresses a buffer overflow in wget's NTLM handling function that could
       have possible security implications.
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
       (* Security fix *)
n/php-4.4.1-i486-1.tgz: Upgraded to php-4.4.1.
       Fixes a number of bugs, including several minor security fixes relating to
       the overwriting of the GLOBALS array.
       (* Security fix *)
n/lynx-2.8.5rel.5-i486-1.tgz: Upgraded to lynx-2.8.5rel.5.
       Fixes an issue where the handling of Asian characters when using lynx to
       connect to an NNTP server (is this a common use?) could result in a buffer
       overflow causing the execution of arbitrary code.
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120
       (* Security fix *)
n/apache-1.3.34-i486-1.tgz: Upgraded to apache-1.3.34.
       Fixes this minor security bug: "If a request contains both Transfer-Encoding
       and Content-Length headers, remove the Content-Length, mitigating some HTTP
       Request Splitting/Spoofing attacks."
       (* Security fix *)
n/pine-4.64-i486-1.tgz: Upgraded to pine-4.64.
n/tcpdump-3.9.4-i486-1.tgz: Upgraded to tcpdump-3.9.4.
n/imapd-4.64-i486-1.tgz: Upgraded to imapd-4.64.
       A buffer overflow was reported in the mail_valid_net_parse_work function.
       However, this function in the c-client library does not appear to be called
       from anywhere in imapd. iDefense states that the issue is of LOW risk to
       sites that allow users shell access, and LOW-MODERATE risk to other servers.
       I believe it's possible that it is of NIL risk if the function is indeed
       dead code to imapd, but draw your own conclusions...
       (* Security fix *)
kde/koffice-1.4.1-i486-2.tgz: Patched.
       Fixes a buffer overflow in KWord's RTF import discovered by Chris Evans.
       For more details, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2971
       (* Security fix *)

       There, now hopefully we can start getting some REAL work done around here
       again soon...
+--------------------------+
Thu Oct 13 13:57:25 PDT 2005
a/openssl-solibs-0.9.7g-i486-2.tgz: Patched.
       Fixed a vulnerability that could, in rare circumstances, allow an attacker
       acting as a "man in the middle" to force a client and a server to negotiate
       the SSL 2.0 protocol (which is known to be weak) even if these parties both
       support SSL 3.0 or TLS 1.0.
       For more details, see:
       http://www.openssl.org/news/secadv_20051011.txt
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
       (* Security fix *)
n/openssl-0.9.7g-i486-2.tgz: Patched.
       (* Security fix *)
+--------------------------+
Mon Oct 10 15:14:22 PDT 2005
xap/xine-lib-1.0.3a-i686-1.tgz: Upgraded to xine-lib-1.0.3a.
       This fixes a format string bug where an attacker, if able to upload malicious
       information to a CDDB server and then get a local user to play a certain
       audio CD, may be able to run arbitrary code on the machine as the user
       running the xine-lib linked application.
       For more information, see:
       http://xinehq.de/index.php/security/XSA-2005-1
       (* Security fix *)
+--------------------------+
Sat Oct 8 18:46:14 PDT 2005
d/cvs-1.11.21-i486-1.tgz: Upgraded to cvs-1.11.21.
+--------------------------+
Wed Oct 5 13:04:15 PDT 2005
xap/mozilla-thunderbird-1.0.7-i686-1.tgz: Upgraded to thunderbird-1.0.7.
       This fixes a security issue where URLs passed on the command line to the
       thunderbird shell script were not correctly protected against
       interpretation by the shell. As a result, a malicious URL could contain
       embedded shell commands which would then be executed as the user running
       Thunderbird.
       For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird
       (* Security fix *)
+--------------------------+
Sun Sep 25 22:02:46 PDT 2005
x/x11-6.8.2-i486-4.tgz: Rebuilt with a modified patch for an earlier pixmap
       overflow issue. The patch released by X.Org was slightly different than
       the one that was circulated previously, and is an improved version. There
       have been reports that the earlier patch broke WINE and possibly some
       other programs.
       For more information, see:
       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2495
       (* Security fix *)
x/x11-xdmx-6.8.2-i486-4.tgz: Patched and rebuilt.
x/x11-xnest-6.8.2-i486-4.tgz: Patched and rebuilt.
x/x11-xvfb-6.8.2-i486-4.tgz: Patched and rebuilt.
xap/mozilla-1.7.12-i486-1.tgz: Upgraded to mozilla-1.7.12.
       This fixes several security issues. For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
       (* Security fix *)
xap/mozilla-firefox-1.0.7-i686-1.tgz: Upgraded to firefox-1.0.7.
       This fixes several security issues. For more information, see:
       http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox
       (* Security fix *)
+--------------------------+
Tue Sep 13 12:24:53 PDT 2005
Slackware 10.2 is released.
Thanks to everyone to helped make it possible.
Enjoy! :-)
Slackware® is a registered trademark of Slackware Linux, Inc. All logos and graphics are copyrighted.