blender-3.0.1-x86_64-1_ap.txz: Upgraded.
a/haveged-1.9.22-x86_64-1.txz: Upgraded.
a/which-2.25-x86_64-1.txz: Upgraded.
l/nodejs-24.16.0-x86_64-1.txz: Upgraded.
l/qt5-5.15.19_20260520_aa749695-x86_64-1.txz: Upgraded.
x/fontconfig-2.18.0-x86_64-1.txz: Upgraded.
a/xfsprogs-7.0.1-x86_64-1.txz: Upgraded.
ap/hplip-3.26.4-x86_64-1.txz: Upgraded.
ap/tmux-3.6b-x86_64-1.txz: Upgraded.
d/ruby-4.0.5-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Use-after-free in pthread-based getaddrinfo timeout handler.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-46727
(* Security fix *)
d/valgrind-3.27.1-x86_64-1.txz: Upgraded.
kde/marble-23.08.5-x86_64-14.txz: Rebuilt.
Recompiled against protobuf-35.0.
l/PyQt6-6.10.2-x86_64-1.txz: Added.
Thanks to Gérard Monpontet.
l/PyQt6_sip-13.11.1-x86_64-1.txz: Added.
Thanks to Gérard Monpontet.
l/SDL3_ttf-3.2.2-x86_64-1.txz: Added.
Thanks to alienBOB.
l/protobuf-35.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
(Or, at least, we've been told to always expect ABI breakage)
l/python-certifi-2026.5.20-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2026.5.20.19-x86_64-1.txz: Upgraded.
l/qt6-6.10.3_20260330_6417867c-x86_64-4.txz: Rebuilt.
Recompiled against protobuf-35.0.
n/bind-9.20.23-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fix outgoing zone transfers' quota issue.
Limit resolver server list size.
Fix GSS-API resource leak.
Fix crash in resolver when SIG(0)-signed responses are received under load.
Add system test for HTTP/2 SETTINGS frame flood.
Disable recursion, UPDATE, and NOTIFY for non-IN views.
For more information, see:
https://kb.isc.org/docs/CVE-2026-3592
https://kb.isc.org/docs/CVE-2026-3039
https://kb.isc.org/docs/CVE-2026-5947
https://kb.isc.org/docs/CVE-2026-3593
https://kb.isc.org/docs/CVE-2026-5946
https://www.cve.org/CVERecord?id=CVE-2026-3592
https://www.cve.org/CVERecord?id=CVE-2026-3039
https://www.cve.org/CVERecord?id=CVE-2026-5947
https://www.cve.org/CVERecord?id=CVE-2026-3593
https://www.cve.org/CVERecord?id=CVE-2026-5946
(* Security fix *)
n/mosh-1.4.0-x86_64-20.txz: Rebuilt.
Recompiled against protobuf-35.0.
n/rsync-3.4.3-x86_64-1.txz: Upgraded.
This update fixes security issues:
TOCTOU symlink race condition allowing local privilege escalation in daemon
mode without chroot.
Hostname/ACL bypass on an rsync daemon configured with `daemon chroot = /X`
in rsyncd.conf when the chroot tree lacks DNS resolution support.
Integer overflow in the compressed-token decoder enabling remote memory
disclosure to an authenticated daemon peer.
Symlink races on path-based system calls in "use chroot = no" daemon mode.
Out-of-bounds read in the receiver's recv_files() enabling remote
denial-of-service of any client pulling from a malicious server.
Off-by-one out-of-bounds stack write in the rsync client's HTTP CONNECT proxy
handler (`establish_proxy_connection()` in `socket.c`).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-29518
https://www.cve.org/CVERecord?id=CVE-2026-43617
https://www.cve.org/CVERecord?id=CVE-2026-43618
https://www.cve.org/CVERecord?id=CVE-2026-43619
https://www.cve.org/CVERecord?id=CVE-2026-43620
https://www.cve.org/CVERecord?id=CVE-2026-45232
(* Security fix *)
a/haveged-1.9.21-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Missing exit out of permission check could lead to root exploit.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-41054
(* Security fix *)
ap/ghostscript-10.07.1-x86_64-1.txz: Upgraded.
d/llvm-22.1.6-x86_64-1.txz: Upgraded.
d/tree-sitter-0.26.9-x86_64-1.txz: Upgraded.
l/libclc-22.1.6-x86_64-1.txz: Upgraded.
l/mozjs140-140.11.0esr-x86_64-1.txz: Upgraded.
l/python-numpy-2.4.6-x86_64-1.txz: Upgraded.
l/python-setuptools-gettext-0.1.18-x86_64-1.txz: Upgraded.
x/mesa-26.1.1-x86_64-1.txz: Upgraded.
x/xev-1.2.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-140.11.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2026-48
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
xap/mozilla-thunderbird-140.11.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.11.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
a/xfsprogs-7.0.1-aarch64-1.txz: Upgraded.
ap/hplip-3.26.4-aarch64-1.txz: Upgraded.
ap/tmux-3.6b-aarch64-1.txz: Upgraded.
d/ruby-4.0.5-aarch64-1.txz: Upgraded.
This update fixes a security issue:
Use-after-free in pthread-based getaddrinfo timeout handler.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-46727
(* Security fix *)
d/valgrind-3.27.1-aarch64-1.txz: Upgraded.
kde/marble-23.08.5-aarch64-14.txz: Rebuilt.
Recompiled against protobuf-35.0.
l/PyQt6-6.10.2-aarch64-1.txz: Added.
Thanks to Gérard Monpontet.
l/PyQt6_sip-13.11.1-aarch64-1.txz: Added.
Thanks to Gérard Monpontet.
l/SDL3_ttf-3.2.2-aarch64-1.txz: Added.
Thanks to alienBOB.
l/protobuf-35.0-aarch64-1.txz: Upgraded.
Shared library .so-version bump.
(Or, at least, we've been told to always expect ABI breakage)
l/python-certifi-2026.5.20-aarch64-1.txz: Upgraded.
l/python-trove-classifiers-2026.5.20.19-aarch64-1.txz: Upgraded.
l/qt6-6.10.3_20260330_6417867c-aarch64-4.txz: Rebuilt.
Recompiled against protobuf-35.0.
n/bind-9.20.23-aarch64-1.txz: Upgraded.
This update fixes security issues:
Fix outgoing zone transfers' quota issue.
Limit resolver server list size.
Fix GSS-API resource leak.
Fix crash in resolver when SIG(0)-signed responses are received under load.
Add system test for HTTP/2 SETTINGS frame flood.
Disable recursion, UPDATE, and NOTIFY for non-IN views.
For more information, see:
https://kb.isc.org/docs/CVE-2026-3592
https://kb.isc.org/docs/CVE-2026-3039
https://kb.isc.org/docs/CVE-2026-5947
https://kb.isc.org/docs/CVE-2026-3593
https://kb.isc.org/docs/CVE-2026-5946
https://www.cve.org/CVERecord?id=CVE-2026-3592
https://www.cve.org/CVERecord?id=CVE-2026-3039
https://www.cve.org/CVERecord?id=CVE-2026-5947
https://www.cve.org/CVERecord?id=CVE-2026-3593
https://www.cve.org/CVERecord?id=CVE-2026-5946
(* Security fix *)
n/mosh-1.4.0-aarch64-19.txz: Rebuilt.
Recompiled against protobuf-35.0.
n/rsync-3.4.3-aarch64-1.txz: Upgraded.
This update fixes security issues:
TOCTOU symlink race condition allowing local privilege escalation in daemon
mode without chroot.
Hostname/ACL bypass on an rsync daemon configured with `daemon chroot = /X`
in rsyncd.conf when the chroot tree lacks DNS resolution support.
Integer overflow in the compressed-token decoder enabling remote memory
disclosure to an authenticated daemon peer.
Symlink races on path-based system calls in "use chroot = no" daemon mode.
Out-of-bounds read in the receiver's recv_files() enabling remote
denial-of-service of any client pulling from a malicious server.
Off-by-one out-of-bounds stack write in the rsync client's HTTP CONNECT proxy
handler (`establish_proxy_connection()` in `socket.c`).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-29518
https://www.cve.org/CVERecord?id=CVE-2026-43617
https://www.cve.org/CVERecord?id=CVE-2026-43618
https://www.cve.org/CVERecord?id=CVE-2026-43619
https://www.cve.org/CVERecord?id=CVE-2026-43620
https://www.cve.org/CVERecord?id=CVE-2026-45232
(* Security fix *)
a/bash-5.3.009-aarch64-2.txz: Rebuilt.
Retain the default BASH_LOADABLES_PATH, adjusted for ${LIBDIRSUFFIX}.
Thanks to duncan_roe.
a/dcron-4.5-aarch64-14.txz: Rebuilt.
/etc/default/crond: Set the same minimal PATH that's provided by sysvinit at
boot time to keep things consistent when using rc.crond restart. This PATH
will be used both at boot and with a restart through rc.crond. Feel free to
adjust it if needed.
Thanks to Ken Zalewski.
a/haveged-1.9.21-aarch64-1.txz: Upgraded.
This update fixes a security issue:
Missing exit out of permission check could lead to root exploit.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-41054
(* Security fix *)
a/kernel_armv8-6.18.32-aarch64-1.txz: Upgraded.
Kernel config changes:
CONFIG_VIDEO_MESON_GE2D=m
CONFIG_DRM_MESON=m
CONFIG_DRM_MESON_DW_HDMI=m
CONFIG_DRM_MESON_DW_MIPI_DSI=m
Thanks to warmbit.
a/util-linux-2.42.1-aarch64-1.txz: Upgraded.
ap/ghostscript-10.07.1-aarch64-1.txz: Upgraded.
ap/mariadb-11.8.7-aarch64-1.txz: Upgraded.
ap/sox-14.8.0-aarch64-1.txz: Upgraded.
ap/vim-9.2.0500-aarch64-1.txz: Upgraded.
d/kernel-headers-6.18.32-aarch64-1.txz: Upgraded.
d/llvm-22.1.6-aarch64-1.txz: Upgraded.
d/tree-sitter-0.26.9-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.32-aarch64-1.txz: Upgraded.
l/imagemagick-7.1.2_23-aarch64-1.txz: Upgraded.
l/libclc-22.1.6-aarch64-1.txz: Upgraded.
l/libsigc++-2.12.2-aarch64-1.txz: Upgraded.
l/libsigc++3-3.8.1-aarch64-1.txz: Upgraded.
l/libusb-1.0.30-aarch64-1.txz: Upgraded.
l/libusb-compat-0.1.9-aarch64-1.txz: Upgraded.
l/libxmlb-0.3.27-aarch64-1.txz: Upgraded.
l/mozilla-nss-3.124-aarch64-1.txz: Upgraded.
l/mozjs140-140.11.0esr-aarch64-1.txz: Upgraded.
l/python-lxml-6.1.1-aarch64-1.txz: Upgraded.
l/python-numpy-2.4.6-aarch64-1.txz: Upgraded.
l/python-setuptools-gettext-0.1.18-aarch64-1.txz: Upgraded.
x/libXi-1.8.3-aarch64-1.txz: Upgraded.
x/mesa-26.1.1-aarch64-1.txz: Upgraded.
x/xev-1.2.7-aarch64-1.txz: Upgraded.
xap/mozilla-firefox-140.11.0esr-aarch64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2026-48
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
xap/mozilla-thunderbird-140.11.0esr-aarch64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.11.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
xap/vim-gvim-9.2.0500-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
kernels/*: Upgraded.
a/kernel_armv8-6.18.31-aarch64-1.txz: Upgraded.
d/kernel-headers-6.18.31-aarch64-1.txz: Upgraded.
k/kernel-source-6.18.31-aarch64-1.txz: Upgraded.
l/SDL2_net-2.4.0-aarch64-1.txz: Upgraded.
l/hyphen-2.8.9-aarch64-1.txz: Upgraded.
l/libpaper-2.2.8-aarch64-1.txz: Upgraded.
l/python-numpy-2.4.5-aarch64-1.txz: Upgraded.
n/postfix-3.11.3-aarch64-1.txz: Upgraded.
installer/*: Rebuilt.
kernels/*: Upgraded.
patches/packages/bind-9.18.49-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Fix outgoing zone transfers' quota issue.
Limit resolver server list size.
Fix GSS-API resource leak.
Avoid unbounded recursion loop.
Disable recursion, UPDATE, and NOTIFY for non-IN views.
For more information, see:
https://kb.isc.org/docs/CVE-2026-3592
https://kb.isc.org/docs/CVE-2026-3039
https://kb.isc.org/docs/CVE-2026-5947
https://kb.isc.org/docs/CVE-2026-5950
https://kb.isc.org/docs/CVE-2026-5946
https://www.cve.org/CVERecord?id=CVE-2026-3592
https://www.cve.org/CVERecord?id=CVE-2026-3039
https://www.cve.org/CVERecord?id=CVE-2026-5947
https://www.cve.org/CVERecord?id=CVE-2026-5950
https://www.cve.org/CVERecord?id=CVE-2026-5946
(* Security fix *)
patches/packages/rsync-3.4.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
TOCTOU symlink race condition allowing local privilege escalation in daemon
mode without chroot.
Hostname/ACL bypass on an rsync daemon configured with `daemon chroot = /X`
in rsyncd.conf when the chroot tree lacks DNS resolution support.
Integer overflow in the compressed-token decoder enabling remote memory
disclosure to an authenticated daemon peer.
Symlink races on path-based system calls in "use chroot = no" daemon mode.
Out-of-bounds read in the receiver's recv_files() enabling remote
denial-of-service of any client pulling from a malicious server.
Off-by-one out-of-bounds stack write in the rsync client's HTTP CONNECT proxy
handler (`establish_proxy_connection()` in `socket.c`).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-29518
https://www.cve.org/CVERecord?id=CVE-2026-43617
https://www.cve.org/CVERecord?id=CVE-2026-43618
https://www.cve.org/CVERecord?id=CVE-2026-43619
https://www.cve.org/CVERecord?id=CVE-2026-43620
https://www.cve.org/CVERecord?id=CVE-2026-45232
(* Security fix *)
patches/packages/haveged-1.9.21-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Missing exit out of permission check could lead to root exploit.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-41054
(* Security fix *)
patches/packages/mozilla-firefox-140.11.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/140.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2026-48
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
patches/packages/mozilla-thunderbird-140.11.0esr-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/140.11.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/
https://www.cve.org/CVERecord?id=CVE-2026-8946
https://www.cve.org/CVERecord?id=CVE-2026-8388
https://www.cve.org/CVERecord?id=CVE-2026-8947
https://www.cve.org/CVERecord?id=CVE-2026-8391
https://www.cve.org/CVERecord?id=CVE-2026-8401
https://www.cve.org/CVERecord?id=CVE-2026-8949
https://www.cve.org/CVERecord?id=CVE-2026-8950
https://www.cve.org/CVERecord?id=CVE-2026-8953
https://www.cve.org/CVERecord?id=CVE-2026-8954
https://www.cve.org/CVERecord?id=CVE-2026-8955
https://www.cve.org/CVERecord?id=CVE-2026-8956
https://www.cve.org/CVERecord?id=CVE-2026-8957
https://www.cve.org/CVERecord?id=CVE-2026-8958
https://www.cve.org/CVERecord?id=CVE-2026-8959
https://www.cve.org/CVERecord?id=CVE-2026-8961
https://www.cve.org/CVERecord?id=CVE-2026-8962
https://www.cve.org/CVERecord?id=CVE-2026-8968
https://www.cve.org/CVERecord?id=CVE-2026-8970
https://www.cve.org/CVERecord?id=CVE-2026-8974
https://www.cve.org/CVERecord?id=CVE-2026-8975
(* Security fix *)
patches/packages/dcron-4.5-x86_64-14_slack15.0.txz: Rebuilt.
This is a bugfix release.
Rebase the run-parts script on the latest version from Fedora's crontabs
package. Thanks to avian.
rc.crond: ensure world-writable permissions on /run/cron, needed for
crontab -e with some editors. Thanks to lostintime.
Add /etc/default/run-parts. Thanks to lostintime.
run-parts: don't redirect stderr to stdout. Thanks to Thom1b.
run-parts: skip *.orig files. Thanks to metaed.
run-parts.8: document skiping *.orig files. Thanks to metaed.
/etc/default/crond: Set the same minimal PATH that's provided by sysvinit at
boot time to keep things consistent when using rc.crond restart. This PATH
will be used both at boot and with a restart through rc.crond. Feel free to
adjust it if needed. Thanks to Ken Zalewski.
patches/packages/bind-9.18.49-arm-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Fix outgoing zone transfers' quota issue.
Limit resolver server list size.
Fix GSS-API resource leak.
Avoid unbounded recursion loop.
Disable recursion, UPDATE, and NOTIFY for non-IN views.
For more information, see:
https://kb.isc.org/docs/CVE-2026-3592
https://kb.isc.org/docs/CVE-2026-3039
https://kb.isc.org/docs/CVE-2026-5947
https://kb.isc.org/docs/CVE-2026-5950
https://kb.isc.org/docs/CVE-2026-5946
https://www.cve.org/CVERecord?id=CVE-2026-3592
https://www.cve.org/CVERecord?id=CVE-2026-3039
https://www.cve.org/CVERecord?id=CVE-2026-5947
https://www.cve.org/CVERecord?id=CVE-2026-5950
https://www.cve.org/CVERecord?id=CVE-2026-5946
(* Security fix *)
patches/packages/rsync-3.4.3-arm-1_slack15.0.txz: Upgraded.
This update fixes security issues:
TOCTOU symlink race condition allowing local privilege escalation in daemon
mode without chroot.
Hostname/ACL bypass on an rsync daemon configured with `daemon chroot = /X`
in rsyncd.conf when the chroot tree lacks DNS resolution support.
Integer overflow in the compressed-token decoder enabling remote memory
disclosure to an authenticated daemon peer.
Symlink races on path-based system calls in "use chroot = no" daemon mode.
Out-of-bounds read in the receiver's recv_files() enabling remote
denial-of-service of any client pulling from a malicious server.
Off-by-one out-of-bounds stack write in the rsync client's HTTP CONNECT proxy
handler (`establish_proxy_connection()` in `socket.c`).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-29518
https://www.cve.org/CVERecord?id=CVE-2026-43617
https://www.cve.org/CVERecord?id=CVE-2026-43618
https://www.cve.org/CVERecord?id=CVE-2026-43619
https://www.cve.org/CVERecord?id=CVE-2026-43620
https://www.cve.org/CVERecord?id=CVE-2026-45232
(* Security fix *)
patches/packages/dcron-4.5-arm-9_slack15.0.txz: Rebuilt.
This is a bugfix release.
Rebase the run-parts script on the latest version from Fedora's crontabs
package. Thanks to avian.
rc.crond: ensure world-writable permissions on /run/cron, needed for
crontab -e with some editors. Thanks to lostintime.
Add /etc/default/run-parts. Thanks to lostintime.
run-parts: don't redirect stderr to stdout. Thanks to Thom1b.
run-parts: skip *.orig files. Thanks to metaed.
run-parts.8: document skiping *.orig files. Thanks to metaed.
/etc/default/crond: Set the same minimal PATH that's provided by sysvinit at
boot time to keep things consistent when using rc.crond restart. This PATH
will be used both at boot and with a restart through rc.crond. Feel free to
adjust it if needed. Thanks to Ken Zalewski.
patches/packages/haveged-1.9.21-arm-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Missing exit out of permission check could lead to root exploit.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2026-41054
(* Security fix *)
patches/packages/linux-5.15.207/*: Upgraded.
This update fixes a security issue:
ptrace: slightly saner 'get_dumpable()' logic.
For more information, see:
https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn
https://www.cve.org/CVERecord?id=CVE-2026-46333
(* Security fix *)
24/02/2022: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware
15/12/2015: Aggiornato HowTo automatizzare la compilazione del kernel
15/12/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
24/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
22/11/2015: Aggiornato HowTo Automatizzare l'aggiornamento di Slackware current
07/11/2015: Aggiornato HowTo automatizzare la compilazione del kernel
05/11/2015: Nuovo HowTo Automatizzare l'aggiornamento di Slackware current
30/10/2015: Aggiornato HowTo Automatizzare la prima configurazione di Slackware
26/05/2015: Aggiornato HowTo mini Slackware su pendrive
07/05/2015: Aggiornato HowTo automatizzare la compilazione del kernel
13/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
02/04/2015: Aggiornato HowTo automatizzare la compilazione del kernel
Un piccolo script in bash che ho scritto per l'associazione studentesca studentIngegneria dell'università di Salerno.
Questo script se lasciato in esecuzione, alle 13 alza il volume, riproduce un jingle e poi la webradio dell'università.
Alle 15 interrompe la radio, riproduce un altro jingle e riabbassa il volume...
Oggi, 12/02/2009, mi sono attivato la promozione "Naviga 3" con la quale si hanno a disposizione 50MB al giorno per 30 giorni.
com'è intuibile, oltre il raggiungimento dei 50MB verrebbe applicata la normale tariffazione svuotando il credito della sim prima di rendersene conto.
Per ovviare a questo inconveniente, anche grazie all'aiuto di Ansa89 e spina di slacky, ho scritto 2 script, che possono essere sfruttati per esempio con kppp, che killano pppd al raggiungimento dei 50MB...
Oggi, 16 agosto 2008, wiKonf ha introdotto l'uso di aircrack-ng.
Questa nuova versione oltre che portare varie migliorie permette la decrittazione delle chiavi, proponendosi come front-end al noto software aircrack-ng.
Questo vuole solo semplificare operazioni di test per la sicurezza sulle proprie reti o su reti altrui solo con il consenso del leggittimo proprietario, l'autore quindi, non si ritiene responsabile di eventuali usi impropri.
Le grandi invenzioni le dobbiamo alla Xerox! Interfaccia a finestre, mouse e schede ethernet.
Nel lontano 1972 la Xerox aveva gia realizzato un personal computer chiamato Xerox Alto dotato di interfaccia grafica, mouse, disco rigido, interfaccia ethernet e molti applicativi come un word processor, un paint e un programma di gestione e-mail. Dopo ben 11 anni nel 1983, l'Apple, ...
Nulla di più facile con IFS.
Per aver un supporto completo in lettura e scrittura sui file system ext2 e ext3 basterà scaricare ed installare il driver IFS a questo indirizzo http://www.fs-driver.org/ e dopo aver scelto le lettere da assegnare alle unità... magia... compariranno le partizioni di linux in risorse del computer da cui sarà possibile utilizzarle come partizioni native windows. Forzando l'installazione funziona anche su vista.
Condividi sui tuoi social preferiti!
Telegram Facebook Linkedin Twitter Pinterest