Sun Nov 27 03:37:52 UTC 2011
d/yasm-1.2.0-x86_64-1.txz:  Upgraded.
l/seamonkey-solibs-2.5-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
xap/mozilla-firefox-8.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-8.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.5-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
testing/packages/mozilla-firefox-9.0b3-x86_64-1.txz:  Upgraded.
+--------------------------+

Tue Nov 29 00:09:21 UTC 2011
testing/packages/mozilla-thunderbird-9.0b2-x86_64-1.txz:  Added.
+--------------------------+

Wed Dec 14 16:22:29 UTC 2011
d/subversion-1.7.2-x86_64-1.txz:  Upgraded.
  This update fixes an issue with "git svn clone" being broken.
  Thanks to Francesco Allertsen for the heads-up.
  Hmmm, perhaps vbatts can tell me what has happened to the ruby bindings...
+--------------------------+

#!/bin/sh

PKGSTASH=/home/installs/PKGs
SLKBSTASH=/home/installs/SlackBuilds/Alien

URL=http://connie.slackware.com/~alien

function get_latest_package_of() {
 PRGNAM=$1
 PKGNAM=$2
 lftp $URL/$PRGNAM/ -e "cls; quit" | grep "$PKGNAM"
}

function get_latest_slackbuilds_of() {
 PRGNAM=$1
 SRCDIRNAM=$2
 (cd $SLKBSTASH
  lftp $URL/$PRGNAM/ -e "mirror --delete $SRCDIRNAM $(basename $PRGNAM) ; quit"
 )
 }

function upgrade_if_needed() {
 PRGNAM=$1
 PKGNAM=$2
 PKG=$(get_latest_package_of $PRGNAM $PKGNAM)

if [ ! -e $PKGSTASH/$PKG ]; then
  rm $PKGSTASH/$PKG
  wget -c $URL/$PRGNAM/$PKG -O $PKGSTASH/$PKG
  upgradepkg --install-new $PKGSTASH/$PKG
 fi
}

function external() {
 upgrade_if_needed "slackbuilds/$1/pkg64/13.37" $2
}

function internal_replacement() {
 upgrade_if_needed "$1/pkg64" $2
}

external "calibre" "calibre-[0-9.]*-x86_64-[0-9]*alien\.txz$"
for i in \
 "libreoffice-[0-9.]*-x86_64-[0-9]*alien\.txz$" \
 "libreoffice-l10n-fr-[0-9.]*-x86_64-[0-9]*alien\.txz$" \
 "libreoffice-mozplugin-[0-9.]*-x86_64-[0-9]*alien\.txz$";
do
 external "libreoffice" "$i"
done
for i in \
 "apache-ant-[0-9.]*-noarch-[0-9.]*.txz" \
 "icedtea-web-[0-9.]*-x86_64-[0-9.]*.txz" \
 "openjdk-[0-9._a-z]*-x86_64-[0-9.]*.txz" \
 "openjre-[0-9._a-z]*-x86_64-[0-9.]*.txz" \
 "rhino-[0-9.]*-noarch-[0-9.]*.txz" \
 "xalan-[0-9.]*-noarch-[0-9.]*.txz" \
 "xerces-[0-9.]*-noarch-[0-9.]*.txz";
do
 internal_replacement "openjdk" "$i"
done
get_latest_slackbuilds_of "slackbuilds/calibre" "build"
get_latest_slackbuilds_of "slackbuilds/libreoffice" "build"
get_latest_slackbuilds_of "openjdk" "sources"

Wed Feb  1 23:20:04 UTC 2012
$(fortune) just obtained logging in to stamp the Changelog, finally:
  "You single-handedly fought your way into this hopeless mess."
Well, we'll work on rectifying that situation.  :-)  Sorry about the
lack of updates...  everything here blew up all at once, it seemed, but
equipment, upstream targets, and reality all seem to be settling down
enough to get these updates out and have them be an actual improvement
over what's already up.  Hope to have more soon.  Cheers!
l/seamonkey-solibs-2.7-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-10.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.7-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
+--------------------------+
Wed Feb  1 16:08:12 CST 2012
testing/packages/mozilla-firefox-10.0-x86_64-1.txz:  Upgraded.
testing/packages/mozilla-thunderbird-10.0-x86_64-1.txz:  Upgraded.
+--------------------------+
Wed Feb  1 16:08:11 CST 2012
a/kernel-generic-3.2.2-x86_64-1.txz:  Upgraded.
a/kernel-huge-3.2.2-x86_64-1.txz:  Upgraded.
a/kernel-modules-3.2.2-x86_64-1.txz:  Upgraded.
a/openssl-solibs-0.9.8t-x86_64-1.txz:  Upgraded.
  This fixes a bug where DTLS applications were not properly supported.  This
  bug could have allowed remote attackers to cause a denial of service via
  unspecified vectors.
  CVE-2012-0050 has been assigned to this issue.
  For more details see:
    http://openssl.org/news/secadv_20120118.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
  (* Security fix *)
d/kernel-headers-3.2.2-x86-1.txz:  Upgraded.
e/emacs-23.4-x86_64-1.txz:  Upgraded.
k/kernel-source-3.2.2-noarch-1.txz:  Upgraded.
n/openssl-0.9.8t-x86_64-1.txz:  Upgraded.
  This fixes a bug where DTLS applications were not properly supported.  This
  bug could have allowed remote attackers to cause a denial of service via
  unspecified vectors.
  CVE-2012-0050 has been assigned to this issue.
  For more details see:
    http://openssl.org/news/secadv_20120118.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0050
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/mozilla-firefox-10.0b6-x86_64-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+
Wed Feb  1 16:08:10 CST 2012
a/coreutils-8.15-x86_64-1.txz:  Upgraded.
  This will be provided as a patch to fix some important issues with ext4.
  Thanks to Georgy Salnikov for the notification.
a/glibc-solibs-2.14.1-x86_64-3.txz:  Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz:  Rebuilt.
a/kernel-generic-3.2.1-x86_64-1.txz:  Upgraded.
a/kernel-huge-3.2.1-x86_64-1.txz:  Upgraded.
a/kernel-modules-3.2.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-3.2.1-x86-1.txz:  Upgraded.
k/kernel-source-3.2.1-noarch-1.txz:  Upgraded.
l/glibc-2.14.1-x86_64-3.txz:  Rebuilt.
l/glibc-i18n-2.14.1-x86_64-3.txz:  Rebuilt.
l/glibc-profile-2.14.1-x86_64-3.txz:  Rebuilt.
n/ca-certificates-20111211-noarch-1.txz:  Upgraded.
  Removes DigiNotar and other untrusted certificates.
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/mozilla-firefox-10.0b4-x86_64-1.txz:  Added.
testing/packages/mozilla-thunderbird-10.0b4-x86_64-1.txz:  Added.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+
Wed Feb  1 15:47:47 CST 2012
Hey folks!  Have a few overdue updates to the toolchain.  This has all been
built and rebuild (and upgraded) far too many times IMHO to wait around yet
again to get 3.2.1 in place and bump some compiler deps to get ARM working...
what was that about the echo $(fortune -m "goal of Computer Science" ) ?
Anyway, please test and report problems and we'll have another round here
shortly.
a/glibc-solibs-2.14.1-x86_64-3.txz:  Rebuilt.
a/glibc-zoneinfo-2011i_2011n-noarch-3.txz:  Rebuilt.
a/kernel-firmware-20120109git-noarch-1.txz:  Upgraded.
a/kernel-generic-3.1.8-x86_64-1.txz:  Upgraded.
a/kernel-huge-3.1.8-x86_64-1.txz:  Upgraded.
a/kernel-modules-3.1.8-x86_64-1.txz:  Upgraded.
ap/htop-1.0-x86_64-1.txz:  Upgraded.
d/gcc-4.6.2-x86_64-1.txz:  Upgraded.
d/gcc-g++-4.6.2-x86_64-1.txz:  Upgraded.
d/gcc-gfortran-4.6.2-x86_64-1.txz:  Upgraded.
d/gcc-gnat-4.6.2-x86_64-1.txz:  Upgraded.
d/gcc-go-4.6.2-x86_64-1.txz:  Added.
d/gcc-java-4.6.2-x86_64-1.txz:  Upgraded.
d/gcc-objc-4.6.2-x86_64-1.txz:  Upgraded.
d/kernel-headers-3.1.8-x86-1.txz:  Upgraded.
d/slacktrack-2.10-x86_64-1.txz:  Upgraded.
e/emacs-23.3b-x86_64-1.txz:  Upgraded.
k/kernel-source-3.1.8-noarch-1.txz:  Upgraded.
l/freetype-2.4.8-x86_64-1.txz:  Upgraded.
  Some vulnerabilities in handling CID-keyed PostScript fonts have
  been fixed.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
  (* Security fix *)
l/glibc-2.14.1-x86_64-3.txz:  Rebuilt.
  Patched to provide compile support for NIS and RPC again.
l/glibc-i18n-2.14.1-x86_64-3.txz:  Rebuilt.
l/glibc-profile-2.14.1-x86_64-3.txz:  Rebuilt.
l/seamonkey-solibs-2.6.1-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
n/sendmail-8.14.5-x86_64-1.txz:  Upgraded.
n/sendmail-cf-8.14.5-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-9.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-9.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.6.1-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/announce/
  (* Security fix *)
xap/x3270-3.3.12ga7-x86_64-1.txz:  Upgraded.
xap/xfractint-20.04p11-x86_64-1.txz:  Upgraded.
pasture/gcc-4.5.3-x86_64-2.txz:  Moved to /pasture.
pasture/gcc-g++-4.5.3-x86_64-2.txz:  Moved to /pasture.
pasture/gcc-gfortran-4.5.3-x86_64-2.txz:  Moved to /pasture.
pasture/gcc-gnat-4.5.3-x86_64-2.txz:  Moved to /pasture.
pasture/gcc-java-4.5.3-x86_64-2.txz:  Moved to /pasture.
pasture/gcc-objc-4.5.3-x86_64-2.txz:  Moved to /pasture.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
+--------------------------+

Thu Feb  2 16:02:47 UTC 2012
It is cloudy and foggy here today -- I did not see my shadow, and
will not be crawling back into my hole for 6 weeks.  ;-)
testing/packages/mozilla-firefox-11.0b1-x86_64-1.txz:  Added.
+--------------------------+
Thu Feb  2 15:07:23 UTC 2012
a/kernel-firmware-20120202git-noarch-1.txz:  Upgraded.
  There were some reports of a failing checksum on the .asc (which
  did verify, so the package was good).  So, we'll replace it with
  a new build to make sure that it syncs out.
+--------------------------+

Wed Feb  8 01:21:42 UTC 2012
a/cups-1.4.8-x86_64-1.txz:  Upgraded.
a/glibc-solibs-2.14.1-x86_64-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
a/glibc-zoneinfo-2011i_2011n-noarch-4.txz:  Rebuilt.
ap/alsa-utils-1.0.25-x86_64-1.txz:  Upgraded.
ap/hplip-3.11.12-x86_64-1.txz:  Upgraded.
ap/sqlite-3.7.10-x86_64-1.txz:  Upgraded.
l/alsa-oss-1.0.25-x86_64-1.txz:  Upgraded.
l/alsa-lib-1.0.25-x86_64-1.txz:  Upgraded.
l/apr-util-1.4.1-x86_64-1.txz:  Upgraded.
l/glibc-2.14.1-x86_64-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
l/glibc-i18n-2.14.1-x86_64-4.txz:  Rebuilt.
l/glibc-profile-2.14.1-x86_64-4.txz:  Rebuilt.
  Patched an overflow in tzfile.  This was evidently first reported in
  2009, but is only now getting around to being patched.  To exploit it,
  one must be able to write beneath /usr/share/zoneinfo, which is usually
  not possible for a normal user, but may be in the case where they are
  chroot()ed to a directory that they own.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
  (* Security fix *)
n/httpd-2.2.22-x86_64-1.txz:  Upgraded.
  *) SECURITY: CVE-2011-3368 (cve.mitre.org)
     Reject requests where the request-URI does not match the HTTP
     specification, preventing unexpected expansion of target URLs in
     some reverse proxy configurations.  [Joe Orton]
  *) SECURITY: CVE-2011-3607 (cve.mitre.org)
     Fix integer overflow in ap_pregsub() which, when the mod_setenvif module
     is enabled, could allow local users to gain privileges via a .htaccess
     file. [Stefan Fritsch, Greg Ames]
  *) SECURITY: CVE-2011-4317 (cve.mitre.org)
     Resolve additional cases of URL rewriting with ProxyPassMatch or
     RewriteRule, where particular request-URIs could result in undesired
     backend network exposure in some configurations.
     [Joe Orton]
  *) SECURITY: CVE-2012-0021 (cve.mitre.org)
     mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
     string is in use and a client sends a nameless, valueless cookie, causing
     a denial of service. The issue existed since version 2.2.17. PR 52256.
     [Rainer Canavan <rainer-apache 7val com>]
  *) SECURITY: CVE-2012-0031 (cve.mitre.org)
     Fix scoreboard issue which could allow an unprivileged child process
     could cause the parent to crash at shutdown rather than terminate
     cleanly.  [Joe Orton]
  *) SECURITY: CVE-2012-0053 (cve.mitre.org)
     Fix an issue in error responses that could expose "httpOnly" cookies
     when no custom ErrorDocument is specified for status code 400.
     [Eric Covener]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
  (* Security fix *)
n/php-5.3.10-x86_64-1.txz:  Upgraded.
  Fixed arbitrary remote code execution vulnerability reported by Stefan
  Esser, CVE-2012-0830. (Stas, Dmitry)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
  (* Security fix *)
n/proftpd-1.3.4a-x86_64-1.txz:  Upgraded.
  This update fixes a use-after-free() memory corruption error,
  and possibly other unspecified issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130
  (* Security fix *)
n/vsftpd-2.3.5-x86_64-1.txz:  Upgraded.
  Minor version bump, this also works around a hard to trigger heap overflow
  in glibc (glibc zoneinfo caching vuln).  For there to be any possibility
  to trigger the glibc bug within vsftpd, the non-default option
  "chroot_local_user" must be set in /etc/vsftpd.conf.
  Considered 1) low severity (hard to exploit) and 2) not a vsftpd bug :-)
    Nevertheless:
  (* Security fix *)
+--------------------------+

Sat Feb 11 02:37:16 UTC 2012
l/seamonkey-solibs-2.7.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/seamonkey-2.7.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
testing/packages/mozilla-firefox-11.0b2-x86_64-1.txz:  Upgraded.
+--------------------------+

Tue Feb 14 01:57:25 UTC 2012
xap/mozilla-thunderbird-10.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+
Sun Feb 12 23:26:00 UTC 2012
testing/packages/mozilla-thunderbird-11.0b1-x86_64-1.txz:  Added.
testing/packages/seamonkey-2.8b2-x86_64-1.txz:  Added.
testing/packages/seamonkey-solibs-2.8b2-x86_64-1.txz:  Added.
+--------------------------+

Wed Feb 22 18:14:58 UTC 2012
l/libpng-1.4.9-x86_64-1.txz:  Upgraded.
  All branches of libpng prior to versions 1.5.9, 1.4.9, 1.2.47, and 1.0.57,
  respectively, fail to correctly validate a heap allocation in
  png_decompress_chunk(), which can lead to a buffer-overrun and the
  possibility of execution of hostile code on 32-bit systems.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
  (* Security fix *)
l/seamonkey-solibs-2.7.2-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
xap/mozilla-firefox-10.0.2-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
xap/mozilla-thunderbird-10.0.2-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
xap/seamonkey-2.7.2-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
+--------------------------+