slackware-current/source/d/strace/strace.url

3 lines
107 B
Text
Raw Normal View History

Fri Dec 28 00:23:43 UTC 2018 a/aaa_elflibs-15.0-x86_64-3.txz: Rebuilt. Moved libsigsegv.so.2 from /usr/lib{,64} to /lib{,64}. Upgraded: libcap.so.2.26, libelf-0.175.so, libfuse.so.2.9.8, libexpat.so.1.6.8, libglib-2.0.so.0.5800.2, libgmodule-2.0.so.0.5800.2, libgobject-2.0.so.0.5800.2, libgthread-2.0.so.0.5800.2, libjpeg.so.62.3.0, liblber-2.4.so.2.10.10, libldap-2.4.so.2.10.10, libpng16.so.16.36.0, libstdc++.so.6.0.25, libtdb.so.1.3.16, libtiff.so.5.4.0, libtiffxx.so.5.4.0, libturbojpeg.so.0.2.0. ap/vim-8.1.0648-x86_64-1.txz: Upgraded. d/nasm-2.14.02-x86_64-1.txz: Upgraded. d/strace-4.26-x86_64-1.txz: Upgraded. l/libsigsegv-2.12-x86_64-3.txz: Rebuilt. Moved shared library into /lib{,64} to avoid problems when /usr is on a separate partition. Thanks to TommyC7. But please note: that has never been a recommended configuration (it was always a bad idea prone to corner-case bugs), and with basically everyone else moving everything into /usr, no upstream is developing with this scenario in mind these days. Some of the problems caused by separate /usr are simply not possibly to fix in a straightforward fashion. Consider it a completely unsupported configuration choice. While it's not my style to make the installer refuse to allow it, I won't be bending over backwards to try to fix bugs related to this in the future. If I recall properly, the original rationale was to make it possible for /usr to reside on a shared network partition, which might have made sense back when 40MB was a typical hard drive size. I can think of no good rationale now (and no, I don't think making /usr read-only helps security in any tangible way). n/wget-1.20.1-x86_64-1.txz: Upgraded. x/xf86-video-chips-1.3.0-x86_64-1.txz: Upgraded. x/xf86-video-neomagic-1.3.0-x86_64-1.txz: Upgraded. x/xterm-341-x86_64-1.txz: Upgraded. xap/audacious-3.10.1-x86_64-1.txz: Upgraded. xap/audacious-plugins-3.10.1-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0648-x86_64-1.txz: Upgraded.
2018-12-28 01:23:43 +01:00
https://github.com/strace/strace
Tue Jan 30 22:01:28 UTC 2024 a/lzip-1.24-x86_64-1.txz: Upgraded. a/openssl-solibs-3.2.1-x86_64-1.txz: Upgraded. ap/alsa-utils-1.2.11-x86_64-1.txz: Upgraded. ap/sqlite-3.45.1-x86_64-1.txz: Upgraded. d/binutils-2.42-x86_64-1.txz: Upgraded. Shared library .so-version bump. d/cmake-3.28.2-x86_64-1.txz: Upgraded. d/oprofile-1.4.0-x86_64-13.txz: Rebuilt. Recompiled against binutils-2.42. d/strace-6.7-x86_64-1.txz: Upgraded. kde/digikam-8.2.0-x86_64-5.txz: Rebuilt. Recompiled against libpng-1.6.42. l/alsa-lib-1.2.11-x86_64-1.txz: Upgraded. l/libpng-1.6.42-x86_64-1.txz: Upgraded. Fixed the implementation of the macro function png_check_sig(). This was an API regression, introduced in libpng-1.6.41. Reported by Matthieu Darbois. l/lmdb-0.9.32-x86_64-1.txz: Upgraded. l/neon-0.33.0-x86_64-1.txz: Upgraded. l/opencv-4.9.0-x86_64-3.txz: Rebuilt. Recompiled against libpng-1.6.42. l/qt5-5.15.12_20240103_b8fd1448-x86_64-4.txz: Rebuilt. Recompiled against libpng-1.6.42. l/talloc-2.4.2-x86_64-1.txz: Upgraded. l/tdb-1.4.10-x86_64-1.txz: Upgraded. l/tevent-0.16.1-x86_64-1.txz: Upgraded. n/openldap-2.6.7-x86_64-1.txz: Upgraded. n/openssl-3.2.1-x86_64-1.txz: Upgraded. This update fixes possible denial-of-service security issues: A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL did not correctly check for this case. A fix has been applied to prevent a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue prior to this fix. OpenSSL APIs that were vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the "-pubin" and "-check" options on untrusted data. To resolve this issue RSA keys larger than OPENSSL_RSA_MAX_MODULUS_BITS will now fail the check immediately with an RSA_R_MODULUS_TOO_LARGE error reason. Fix excessive time spent in DH check / generation with large Q parameter value. Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-0727 https://www.cve.org/CVERecord?id=CVE-2023-6237 https://www.cve.org/CVERecord?id=CVE-2023-5678 (* Security fix *) xap/MPlayer-20240130-x86_64-1.txz: Upgraded. Fixed build script to exit on errors. Patched to build against gettext-0.22.4. Thanks to Matteo Bernardini. xap/xine-lib-1.2.13-x86_64-7.txz: Rebuilt. Recompiled against libpng-1.6.42.
2024-01-30 23:01:28 +01:00
https://github.com/strace/strace/releases/download/v6.7/strace-6.7.tar.xz