Here are the slackware-current changelog updates:
Wed Apr 30 20:36:48 CDT 2008
12.1 RC4. We think this should be the last one.
a/kernel-generic-184.108.40.206-i486-2.tgz: Patched to fix a security issue in
fs/dnotify.c. The use of dnotify (largely replaced by inotify on 2.6.x
systems) could lead to a local DoS, or possibly a local root hole. We said
we wouldn’t make changes now unless something was “critical” — and it seems
we got what we wished for. 😉 This flaw will also be addressed in the
kernels for previous releases as soon as possible. The patch itself may be
found in source/k/linux-220.127.116.11-CVE-2008-1375-patch/.
For additional information (when the CVE candidate is opened), see:
All the kernel packages below should also be considered security fixes.
(* Security fix *)
a/kernel-generic-smp-18.104.22.168_smp-i686-2.tgz: Patched and recompiled.
a/kernel-huge-22.214.171.124-i486-2.tgz: Patched and recompiled.
a/kernel-huge-smp-126.96.36.199_smp-i686-2.tgz: Patched and recompiled.
a/kernel-modules-188.8.131.52-i486-2.tgz: Patched and recompiled.
a/kernel-modules-smp-184.108.40.206_smp-i686-2.tgz: Patched and recompiled.
d/kernel-headers-220.127.116.11_smp-x86-2.tgz: Rebuilt from a patched source tree.
k/kernel-source-18.104.22.168_smp-noarch-2.tgz: Patched (leaving dnotify.c.orig
for comparison and/or reverting to patch up to a newer kernel later).
extra/linux-22.214.171.124-nosmp-sdk/: Updated SMP to no-SMP kernel source patch.
extra/slackpkg/slackpkg-2.70.3-noarch-1.tgz: Upgraded to
slackpkg-2.70.3-noarch-1 (release ready). Thanks to Piter Punk! -:)
kernels/huge.s/*: Patched and recompiled.
kernels/hugesmp.s/*: Patched and recompiled.
kernels/speakup.s/*: Patched and recompiled.
isolinux/initrd.img: Rebuilt with newly compiled kernel modules.
usb-and-pxe-installers/: Rebuilt usbboot.img with newly compiled