Commit graph

390 commits

Author SHA1 Message Date
Patrick J Volkerding
e1cb531b52 Thu Nov 7 21:46:13 UTC 2024
a/libblockdev-3.2.1-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-45.txz:  Rebuilt.
  /etc/default/geninitrd: Add AUTOGENERATE_INITRD variable for disabling
  automatically generating the initrd when the kernel package is upgraded.
  The hook to trigger this will be in the next kernel-generic package.
  setup.01.mkinitrd: skip generating an initrd if we're called from the
  kernel doinst.sh and AUTOGENERATE_INITRD=false.
  geninitrd: Look for an override script called /usr/local/sbin/geninitrd,
  not /usr/local/bin/geninitrd-custom. Thanks to GazL.
ap/mariadb-11.4.4-x86_64-2.txz:  Rebuilt.
  rc.mysqld: use mariadbd-safe, not mysqld_safe. Thanks to teoberi.
d/cmake-3.31.0-x86_64-1.txz:  Upgraded.
l/expat-2.6.4-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Fix crash within function XML_ResumeParser from a NULL pointer dereference
  by disallowing function XML_StopParser to (stop or) suspend an unstarted
  parser. A new error code XML_ERROR_NOT_STARTED was introduced to properly
  communicate this situation.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-50602
  (* Security fix *)
n/gpgme-1.24.0-x86_64-1.txz:  Upgraded.
  Added libqgpgmeqt6.
xap/ffmpegthumbnailer-2.2.3-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.4.2esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.2esr/releasenotes/
2024-11-07 23:42:38 +01:00
Patrick J Volkerding
f8dec74059 Mon Nov 4 19:08:43 UTC 2024
ap/mariadb-10.11.10-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://mariadb.com/kb/en/mariadb-10-11-10-release-notes/
n/netatalk-4.0.4-x86_64-1.txz:  Upgraded.
xap/audacious-4.4.2-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.4.2-x86_64-1.txz:  Upgraded.
2024-11-04 20:29:54 +01:00
Patrick J Volkerding
32ccce4a53 Wed Oct 30 21:03:27 UTC 2024
ap/vim-9.1.0821-x86_64-1.txz:  Upgraded.
d/llvm-19.1.3-x86_64-1.txz:  Upgraded.
d/python-setuptools-75.3.0-x86_64-1.txz:  Upgraded.
l/PyQt5-5.15.11-x86_64-2.txz:  Rebuilt.
  Recompiled to drop the QtWebKit and QtWebKitWidgets bindings.
  Thanks to jloco.
l/libclc-19.1.3-x86_64-1.txz:  Upgraded.
l/libnl3-3.11.0-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-2.txz:  Rebuilt.
  Make sure liblz4.pc uses lib${LIBDIRSUFFIX}. Thanks to af7567.
l/mozjs128-128.4.0esr-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.21.1-x86_64-3.txz:  Rebuilt.
  Recompiled using --with-lua. Thanks to Luigi Trovato.
n/fetchmail-6.5.0-x86_64-1.txz:  Upgraded.
n/gnupg2-2.4.6-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.3-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.14-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
x/xorg-server-xephyr-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-24.1.4-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
xap/mozilla-firefox-128.4.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-56/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/vim-gvim-9.1.0821-x86_64-1.txz:  Upgraded.
xap/xaos-4.3.3-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-2.txz:  Rebuilt.
  Rebuilt against xorg-server-21.1.14.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
2024-10-30 23:24:55 +01:00
Patrick J Volkerding
4967f0e2be Tue Oct 22 23:55:03 UTC 2024
a/elilo-3.16-x86_64-18.txz:  Rebuilt.
  eliloconfig: if we don't find initrd-generic.img, try to fall back on
  /boot/initrd.gz. Thanks to rworkman.
a/kernel-firmware-20241022_e1d9577-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.5-x86_64-1.txz:  Upgraded.
a/less-668-x86_64-1.txz:  Upgraded.
a/openssl11-solibs-1.1.1zb-x86_64-1.txz:  Upgraded.
a/sysvinit-3.11-x86_64-1.txz:  Upgraded.
a/usbutils-018-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.11.5-x86-1.txz:  Upgraded.
d/parallel-20241022-noarch-1.txz:  Upgraded.
d/swig-4.3.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.5-noarch-1.txz:  Upgraded.
l/libvisio-0.1.8-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.21.16-x86_64-1.txz:  Upgraded.
n/openssl11-1.1.1zb-x86_64-1.txz:  Upgraded.
  Apply patch to fix a security issue:
  Harden BN_GF2m_poly2arr against misuse.
  This CVE was fixed by the 1.1.1zb release that is only available to
  subscribers to OpenSSL's premium extended support. The patch was prepared
  by backporting from the OpenSSL-3.0 repo. The reported version number has
  been updated so that vulnerability scanners calm down.
  Thanks to Ken Zalewski for the patch!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-9143
  (* Security fix *)
xap/gucharmap-16.0.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.3esr/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-23 03:12:37 +02:00
Patrick J Volkerding
3cd2369178 Mon Oct 21 19:11:58 UTC 2024
d/meson-1.6.0-x86_64-1.txz:  Upgraded.
kde/okteta-0.26.18-x86_64-1.txz:  Upgraded.
l/gjs-1.82.1-x86_64-1.txz:  Upgraded.
l/gspell-1.14.0-x86_64-1.txz:  Added.
  Pan has switched to this instead of gtkspell3.
  Nothing else in Slackware uses gtkspell3 -- perhaps it should be removed?
l/vte-0.78.1-x86_64-1.txz:  Upgraded.
n/nghttp2-1.64.0-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.33-x86_64-1.txz:  Upgraded.
xap/pan-0.161-x86_64-1.txz:  Upgraded.
xfce/mousepad-0.6.3-x86_64-1.txz:  Upgraded.
2024-10-21 21:30:18 +02:00
Patrick J Volkerding
6ffeb4181c Thu Oct 10 22:42:17 UTC 2024
a/hostname-3.24-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20241010_c410e4c-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.14-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-39.txz:  Rebuilt.
  Symlink /boot/remove-orphaned-initrds into /usr/sbin to get it in the $PATH.
a/pkgtools-15.1-noarch-14.txz:  Rebuilt.
  Renamed kernel-backup to make-kernel-backup.
  We'll leave it in /boot where it's more likely to be noticed, but also
  add a symlink in /usr/sbin so that it's in the $PATH.
  Support /etc/default/make-kernel-backup.
  Test to see if $KERNEL_FILE is actually a Linux kernel.
d/kernel-headers-6.10.14-x86-1.txz:  Upgraded.
k/kernel-source-6.10.14-noarch-1.txz:  Upgraded.
l/python-sphinx-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-3.0.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.34.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.1esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.1esr/releasenotes/
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.3-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.3-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.3-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-11 01:59:58 +02:00
Patrick J Volkerding
194d2d2fc5 Wed Oct 9 21:09:16 UTC 2024
a/dracut-104-x86_64-1.txz:  Upgraded.
d/cmake-3.30.5-x86_64-1.txz:  Upgraded.
d/subversion-1.14.4-x86_64-1.txz:  Upgraded.
l/mozjs128-128.3.1esr-x86_64-1.txz:  Upgraded.
l/openexr-3.3.1-x86_64-1.txz:  Upgraded.
l/python-charset-normalizer-3.4.0-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.11-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.5-x86_64-1.txz:  Upgraded.
x/libime-1.1.9-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.3.1esr-x86_64-1.txz:  Upgraded.
  This update contains a critical security fix:
  Use-after-free in Animation timeline.
  "An attacker was able to achieve code execution in the content process by
  exploiting a use-after-free in Animation timelines. We have had reports of
  this vulnerability being exploited in the wild."
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-51/
    https://www.cve.org/CVERecord?id=CVE-2024-9680
  (* Security fix *)
2024-10-10 00:58:09 +02:00
Patrick J Volkerding
1e755d579a Tue Oct 1 18:01:38 UTC 2024
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
a/kernel-firmware-20241001_95bfe08-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.12-x86_64-1.txz:  Upgraded.
a/pkgtools-15.1-noarch-12.txz:  Rebuilt.
  makepkg: when looking for ELF objects with --remove-rpaths or
  --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
  of the directory or filename.
  Also warn about /tmp rpaths after the package is built.
ap/cups-2.4.11-x86_64-1.txz:  Upgraded.
ap/cups-browsed-2.0.1-x86_64-2.txz:  Rebuilt.
  Mitigate security issue that could lead to a denial of service or
  the execution of arbitrary code.
  Rebuilt with --with-browseremoteprotocols=none to disable incoming
  connections, since this daemon has been shown to be insecure. If you
  actually use cups-browsed, be sure to install the new
  /etc/cups/cups-browsed.conf.new containing this line:
  BrowseRemoteProtocols none
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
  (* Security fix *)
d/kernel-headers-6.10.12-x86-1.txz:  Upgraded.
d/llvm-18.1.8-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
d/luajit-2.1.1727621189-x86_64-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
k/kernel-source-6.10.12-noarch-1.txz:  Upgraded.
kde/kimageformats-5.116.0-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/kio-extras-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/krita-5.2.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/libindi-2.1.0-x86_64-1.txz:  Upgraded.
l/cryfs-0.10.3-x86_64-13.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/espeak-ng-1.51.1-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/ffmpeg-7.1-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/gst-plugins-bad-free-1.24.8-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/imagemagick-7.1.1_38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/libgsf-1.14.53-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.5-x86_64-1.txz:  Upgraded.
l/libvncserver-0.9.14-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/mozjs128-128.3.0esr-x86_64-1.txz:  Upgraded.
l/netpbm-11.08.00-x86_64-1.txz:  Upgraded.
l/opencv-4.10.0-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/openexr-3.3.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-glad2-2.0.8-x86_64-1.txz:  Upgraded.
l/python-pyproject-hooks-1.2.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/woff2-20231106_0f4d304-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
n/openobex-1.7.2-x86_64-6.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
x/marisa-0.2.6-x86_64-11.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
xap/gimp-2.10.38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
xap/mozilla-firefox-128.3.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-47
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-8900
    https://www.cve.org/CVERecord?id=CVE-2024-9396
    https://www.cve.org/CVERecord?id=CVE-2024-9397
    https://www.cve.org/CVERecord?id=CVE-2024-9398
    https://www.cve.org/CVERecord?id=CVE-2024-9399
    https://www.cve.org/CVERecord?id=CVE-2024-9400
    https://www.cve.org/CVERecord?id=CVE-2024-9401
    https://www.cve.org/CVERecord?id=CVE-2024-9402
  (* Security fix *)
xap/xlockmore-5.80-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.1-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.1-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-01 22:04:37 +02:00
Patrick J Volkerding
5d952c9da3 Fri Sep 27 21:10:23 UTC 2024
a/pkgtools-15.1-noarch-11.txz:  Rebuilt.
  makepkg: added options --remove-rpaths, --remove-tmp-rpaths.
  Thanks to Petri Kaukasoina for code examples.
ap/tmux-3.5-x86_64-1.txz:  Upgraded.
d/cmake-3.30.4-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.105-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.5-x86_64-1.txz:  Upgraded.
l/sof-firmware-2024.09-noarch-1.txz:  Upgraded.
xap/audacious-4.4.1-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4.1-x86_64-1.txz:  Upgraded.
2024-09-28 00:02:43 +02:00
Patrick J Volkerding
f2ee5ebc09 Tue Sep 24 18:42:58 UTC 2024
a/bash-5.2.037-x86_64-1.txz:  Upgraded.
a/dracut-103-x86_64-3.txz:  Rebuilt.
  Don't search for systemd services. Thanks to LuckyCyborg.
d/git-2.46.2-x86_64-1.txz:  Upgraded.
kde/krita-5.2.5-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.2-x86_64-1.txz:  Upgraded.
l/harfbuzz-10.0.0-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.10-x86_64-1.txz:  Upgraded.
xap/mpv-0.39.0-x86_64-1.txz:  Upgraded.
2024-09-24 21:36:52 +02:00
Patrick J Volkerding
23ef992213 Mon Sep 23 20:01:35 UTC 2024
d/parallel-20240922-noarch-1.txz:  Upgraded.
l/libarchive-3.7.6-x86_64-1.txz:  Upgraded.
  This release fixes a tar regression introduced in libarchive 3.7.5.
xap/geeqie-2.5-x86_64-2.txz:  Rebuilt.
  -Dgq_helpdir and -Dgq_htmldir should be relative to the prefix (/usr).
  Thanks to mickski56.
2024-09-23 22:28:56 +02:00
Patrick J Volkerding
bd636593ca Sat Sep 21 19:10:51 UTC 2024
d/meson-1.5.2-x86_64-1.txz:  Upgraded.
l/python-sphinx-8.0.2-x86_64-2.txz:  Rebuilt.
  Upgraded extension modules: sphinxcontrib_applehelp-2.0,
  sphinxcontrib_devhelp-2.0.0, sphinxcontrib_htmlhelp-2.1.0,
  sphinxcontrib_qthelp-2.0.0, sphinxcontrib_serializinghtml-2.0.0.
  Thanks to USUARIONUEVO.
xap/geeqie-2.5-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.3esr/releasenotes/
2024-09-21 21:29:14 +02:00
Patrick J Volkerding
a3b3d6e164 Mon Sep 16 19:58:49 UTC 2024
d/python-setuptools-75.1.0-x86_64-1.txz:  Upgraded.
d/strace-6.11-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-47.0-noarch-1.txz:  Upgraded.
l/gsettings-desktop-schemas-47.1-x86_64-1.txz:  Upgraded.
l/json-c-0.18_20240915-x86_64-1.txz:  Upgraded.
l/python-idna-3.10-x86_64-1.txz:  Upgraded.
n/iproute2-6.11.0-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.9-x86_64-1.txz:  Upgraded.
xap/gucharmap-16.0.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.1esr/releasenotes/
2024-09-16 23:01:19 +02:00
Patrick J Volkerding
06728159b3 Sat Sep 14 18:15:34 UTC 2024
a/mkinitrd-1.4.11-x86_64-36.txz:  Rebuilt.
  setup.01.mkinitrd (aka geninitrd): Set GENINITRD_SILENT to anything to
  generate the initrd silently.
l/iso-codes-4.17.0-noarch-1.txz:  Upgraded.
l/libarchive-3.7.5-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  fix multiple vulnerabilities identified by SAST (#2251, #2256)
  cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258)
  lzop: prevent integer overflow (#2174)
  rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696)
  rar4: fix CVE-2024-26256 (#2269)
  rar4: fix OOB in delta and audio filter (#2148, #2149)
  rar4: fix out of boundary access with large files (#2179)
  rar4: add boundary checks to rgb filter (#2210)
  rar4: fix OOB access with unicode filenames (#2203)
  rar5: clear 'data ready' cache on window buffer reallocs (#2265)
  rpm: calculate huge header sizes correctly (#2158)
  unzip: unify EOF handling (#2175)
  util: fix out of boundary access in mktemp functions (#2160)
  uu: stop processing if lines are too long (#2168)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-20696
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)
l/python-hatch-vcs-0.4.0-x86_64-1.txz:  Added.
  This is needed to build urllib3-2.2.3.
l/python-idna-3.9-x86_64-1.txz:  Upgraded.
l/python-urllib3-2.2.3-x86_64-1.txz:  Upgraded.
n/bind-9.20.1-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.79-x86_64-1.txz:  Upgraded.
2024-09-14 20:58:45 +02:00
Patrick J Volkerding
d0f56a1b42 Fri Sep 13 18:37:35 UTC 2024
l/gobject-introspection-1.82.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.56.0-x86_64-1.txz:  Upgraded.
l/libpng-1.6.44-x86_64-1.txz:  Upgraded.
l/mlt-7.28.0-x86_64-1.txz:  Upgraded.
l/orc-0.4.40-x86_64-1.txz:  Upgraded.
l/python-zipp-3.20.2-x86_64-1.txz:  Upgraded.
l/unicode-ucd-16.0.0-noarch-1.txz:  Upgraded.
xap/gucharmap-16.0.0-x86_64-1.txz:  Upgraded.
2024-09-13 21:00:36 +02:00
Patrick J Volkerding
7ff3810884 Tue Sep 3 21:07:09 UTC 2024
a/cryptsetup-2.7.5-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240903_7a7a88f-noarch-1.txz:  Upgraded.
a/openssl-solibs-3.3.2-x86_64-1.txz:  Upgraded.
ap/xfsdump-3.2.0-x86_64-1.txz:  Upgraded.
d/opencl-headers-2024.05.08-noarch-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-1.txz:  Upgraded.
l/mozjs115-115.15.0esr-x86_64-1.txz:  Upgraded.
n/openssl-3.3.2-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Fixed possible denial of service in X.509 name checks.
  Fixed possible buffer overread in SSL_select_next_proto().
  For more information, see:
    https://openssl-library.org/news/secadv/20240903.txt
    https://openssl-library.org/news/secadv/20240627.txt
    https://www.cve.org/CVERecord?id=CVE-2024-6119
    https://www.cve.org/CVERecord?id=CVE-2024-5535
  (* Security fix *)
n/samba-4.21.0-x86_64-1.txz:  Upgraded.
x/libevdev-1.13.3-x86_64-1.txz:  Upgraded.
x/xterm-394-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.2.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.2.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-40/
    https://www.cve.org/CVERecord?id=CVE-2024-8385
    https://www.cve.org/CVERecord?id=CVE-2024-8381
    https://www.cve.org/CVERecord?id=CVE-2024-8382
    https://www.cve.org/CVERecord?id=CVE-2024-8383
    https://www.cve.org/CVERecord?id=CVE-2024-8384
    https://www.cve.org/CVERecord?id=CVE-2024-8386
    https://www.cve.org/CVERecord?id=CVE-2024-8387
  (* Security fix *)
xap/seamonkey-2.53.19-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.19
  (* Security fix *)
2024-09-04 00:33:23 +02:00
Patrick J Volkerding
3e4363cb32 Tue Aug 13 20:33:27 UTC 2024
ap/moc-2.6_alpha3-x86_64-4.txz:  Rebuilt.
  The ffmpeg7 patch isn't 100% there, so rebuild without the ffmpeg plugin.
ap/sqlite-3.46.1-x86_64-1.txz:  Upgraded.
kde/digikam-8.4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/ffmpegthumbs-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/k3b-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/kfilemetadata-5.116.0-x86_64-6.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/kpipewire-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/alsa-plugins-1.2.12-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/ffmpeg-7.0.2-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Compiled against vulkan-sdk-1.3.290.0.
l/freetype-2.13.3-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/gst-plugins-bad-free-1.24.6-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/gst-plugins-libav-1.24.6-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/gtk4-4.14.4-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/libplacebo-7.349.0-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/mlt-7.24.0-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/opencv-4.10.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/pipewire-1.2.2-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
  Recompiled against vulkan-sdk-1.3.290.0.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/spirv-llvm-translator-18.1.3-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/fcitx5-gtk-5.1.3-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/ibus-1.5.30-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/mesa-24.1.5-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/vulkan-sdk-1.3.290.0-x86_64-1.txz:  Upgraded.
xap/MPlayer-20240812-x86_64-1.txz:  Upgraded.
  Recompiled against ffmpeg-7.0.2.
xap/audacious-plugins-4.4-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/ffmpegthumbnailer-2.2.2-x86_64-6.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/freerdp-2.11.7-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/mpv-0.38.0-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
  Recompiled against vulkan-sdk-1.3.290.0.
xap/ssr-0.4.4-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/xine-lib-1.2.13-x86_64-8.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/xscreensaver-6.09-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
2024-08-13 23:09:21 +02:00
Patrick J Volkerding
bfbaf18b4a Mon Aug 12 18:41:11 UTC 2024
d/cbindgen-0.26.0-x86_64-3.txz:  Rebuilt.
  Revert this until FF/TB are patched. Thanks to Lenard Spencer.
l/M2Crypto-0.42.0-x86_64-1.txz:  Upgraded.
l/libedit-20240808_3.1-x86_64-1.txz:  Upgraded.
l/python-lxml-5.3.0-x86_64-1.txz:  Upgraded.
l/python-zipp-3.20.0-x86_64-1.txz:  Upgraded.
xap/ddd-3.4.1-x86_64-1.txz:  Upgraded.
xap/pan-0.160-x86_64-1.txz:  Upgraded.
testing/packages/aaa_glibc-solibs-2.40-x86_64-2.txz:  Added.
testing/packages/glibc-2.40-x86_64-2.txz:  Added.
  Let's test building with -fno-omit-frame-pointer and
  -mno-omit-leaf-frame-pointer added to the CFLAGS (thanks alienBOB),
  and --enable-multi-arch added to the configure options as suggested
  by iive. Hopefully they will test and report if these changes fix
  the reported stability issues when running Steam.
testing/packages/glibc-i18n-2.40-x86_64-2.txz:  Added.
testing/packages/glibc-profile-2.40-x86_64-2.txz:  Added.
2024-08-12 21:02:23 +02:00
Patrick J Volkerding
fcf512a278 Wed Aug 7 04:03:09 UTC 2024
a/bash-5.2.032-x86_64-2.txz:  Rebuilt.
  Patched a C compatibility error with GCC 14 in the configure.ac script that
  was causing the printf builtin to malfunction.
  Thanks to elMoco for the bug report.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-4.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
n/curl-8.9.1-x86_64-2.txz:  Rebuilt.
  This is a bugfix release.
  [PATCH] sigpipe: init the struct so that first apply ignores.
  Thanks to ponce.
n/samba-4.20.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.1.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.1.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-35/
    https://www.cve.org/CVERecord?id=CVE-2024-7518
    https://www.cve.org/CVERecord?id=CVE-2024-7519
    https://www.cve.org/CVERecord?id=CVE-2024-7520
    https://www.cve.org/CVERecord?id=CVE-2024-7521
    https://www.cve.org/CVERecord?id=CVE-2024-7522
    https://www.cve.org/CVERecord?id=CVE-2024-7524
    https://www.cve.org/CVERecord?id=CVE-2024-7525
    https://www.cve.org/CVERecord?id=CVE-2024-7526
    https://www.cve.org/CVERecord?id=CVE-2024-7527
    https://www.cve.org/CVERecord?id=CVE-2024-7528
    https://www.cve.org/CVERecord?id=CVE-2024-7529
    https://www.cve.org/CVERecord?id=CVE-2024-7531
  (* Security fix *)
xap/mozilla-thunderbird-128.1.0esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.1.0esr/releasenotes/
2024-08-07 07:22:03 +02:00
Patrick J Volkerding
054967ebe9 Mon Aug 5 21:58:24 UTC 2024
a/cracklib-2.10.2-x86_64-1.txz:  Upgraded.
ap/ksh93-1.0.10-x86_64-1.txz:  Upgraded.
ap/nvme-cli-2.10.2-x86_64-1.txz:  Upgraded.
d/Cython-3.0.11-x86_64-1.txz:  Upgraded.
d/binutils-2.43-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/cmake-3.30.2-x86_64-1.txz:  Upgraded.
  Recompiled against binutils-2.43.
d/oprofile-1.4.0-x86_64-14.txz:  Rebuilt.
kde/calligra-3.2.1-x86_64-43.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/cantor-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kfilemetadata-5.116.0-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kile-2.9.93-x86_64-36.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kitinerary-23.08.5-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/krita-5.2.3-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kstars-3.7.2-x86_64-1.txz:  Upgraded.
kde/labplot-2.11.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/libindi-2.0.9-x86_64-1.txz:  Upgraded.
kde/okular-23.08.5-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
l/SDL2-2.30.6-x86_64-1.txz:  Upgraded.
l/abseil-cpp-20240722.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/ffmpeg-6.1.2-x86_64-1.txz:  Upgraded.
  This is a temporary improvment. ;-)
l/fluidsynth-2.3.6-x86_64-1.txz:  Upgraded.
l/libdeflate-1.21-x86_64-1.txz:  Upgraded.
l/libnvme-1.10-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.103-x86_64-1.txz:  Upgraded.
l/mozjs115-115.14.0esr-x86_64-1.txz:  Upgraded.
l/poppler-24.08.0-x86_64-2.txz:  Rebuilt.
  Shared library .so-version bump.
l/protobuf-27.3-x86_64-2.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
l/python-wheel-0.44.0-x86_64-1.txz:  Upgraded.
l/readline-8.2.013-x86_64-1.txz:  Upgraded.
n/c-ares-1.33.0-x86_64-1.txz:  Upgraded.
n/mosh-1.4.0-x86_64-3.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
x/libFS-1.0.10-x86_64-1.txz:  Upgraded.
x/libXfont2-2.0.7-x86_64-1.txz:  Upgraded.
x/libXtst-1.2.5-x86_64-1.txz:  Upgraded.
x/x11perf-1.7.0-x86_64-1.txz:  Upgraded.
xap/pavucontrol-6.1-x86_64-1.txz:  Upgraded.
2024-08-06 01:03:55 +02:00
Patrick J Volkerding
3dae50af06 Fri Jul 26 18:26:05 UTC 2024
a/cracklib-2.10.1-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240726_8bdce1c-noarch-1.txz:  Upgraded.
l/pangomm2-2.54.0-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.6-x86_64-1.txz:  Upgraded.
n/nmap-7.95-x86_64-2.txz:  Rebuilt.
  Make sure zenmap.desktop has an icon in /usr/share/pixmaps.
  Thanks to USUARIONUEVO.
n/rpcbind-1.2.7-x86_64-1.txz:  Upgraded.
x/ibus-libpinyin-1.15.8-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.31-x86_64-1.txz:  Upgraded.
xap/blueman-2.4.3-x86_64-1.txz:  Upgraded.
2024-07-26 21:06:15 +02:00
Patrick J Volkerding
c9ced48b11 Tue Jul 23 18:54:25 UTC 2024
Hey folks, we got a new glibc and are beginning the process of baking the new
default compile flags into the toolchain, the graphics stack, and whatever else
happens along. Enjoy! :-)
a/aaa_glibc-solibs-2.40-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-2.txz:  Rebuilt.
  Fix build against recent ext2fs.h. Thanks to shipujin.
a/xfsprogs-6.9.0-x86_64-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-3.txz:  Rebuilt.
ap/slackpkg-15.0.10-noarch-4.txz:  Rebuilt.
  Prefer gpg1 again. Going with the modern gpg with more dependencies was
  a mistake in this case. (now we know why gnupg-1 is still around :-)
  Thanks to Petri Kaukasoina.
d/binutils-2.42-x86_64-3.txz:  Rebuilt.
d/cargo-vendor-filterer-0.5.14-x86_64-2.txz:  Rebuilt.
d/cbindgen-0.26.0-x86_64-2.txz:  Rebuilt.
d/ccache-4.10.2-x86_64-1.txz:  Upgraded.
d/cmake-3.30.1-x86_64-2.txz:  Rebuilt.
d/gcc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-14.1.0-x86_64-2.txz:  Rebuilt.
d/libgccjit-14.1.0-x86_64-2.txz:  Rebuilt.
d/libtool-2.4.7-x86_64-8.txz:  Rebuilt.
d/parallel-20240722-noarch-1.txz:  Upgraded.
d/pkg-config-0.29.2-x86_64-5.txz:  Rebuilt.
d/python-setuptools-71.1.0-x86_64-1.txz:  Upgraded.
d/ruby-3.3.4-x86_64-2.txz:  Rebuilt.
d/rust-bindgen-0.69.4-x86_64-2.txz:  Rebuilt.
d/strace-6.10-x86_64-1.txz:  Upgraded.
d/subversion-1.14.3-x86_64-3.txz:  Rebuilt.
e/emacs-29.4-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.16.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.11-x86_64-1.txz:  Upgraded.
l/PyQt5_sip-12.15.0-x86_64-2.txz:  Rebuilt.
l/argon2-20190702-x86_64-6.txz:  Rebuilt.
l/ffmpeg-6.1.1-x86_64-5.txz:  Rebuilt.
l/glibc-2.40-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
l/glibc-i18n-2.40-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.40-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.5-x86_64-2.txz:  Rebuilt.
l/libcdio-paranoia-10.2+2.0.2-x86_64-1.txz:  Upgraded.
l/libclc-18.1.8-x86_64-3.txz:  Rebuilt.
l/libproxy-0.5.8-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-1.txz:  Upgraded.
l/poppler-24.07.0-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-1.txz:  Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Rebuilt.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-3.txz:  Rebuilt.
l/sip-6.8.6-x86_64-2.txz:  Rebuilt.
l/spirv-llvm-translator-18.1.2-x86_64-2.txz:  Rebuilt.
l/v4l-utils-1.28.0-x86_64-1.txz:  Upgraded.
n/bind-9.18.28-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
n/fetchmail-6.4.39-x86_64-1.txz:  Upgraded.
n/obexftp-0.24.2-x86_64-13.txz:  Rebuilt.
n/pinentry-1.3.1-x86_64-2.txz:  Rebuilt.
n/wpa_supplicant-2.11-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.6-x86_64-3.txz:  Rebuilt.
x/ibus-m17n-1.4.30-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.122-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-10.txz:  Rebuilt.
x/mesa-24.1.4-x86_64-2.txz:  Rebuilt.
x/vulkan-sdk-1.3.275.0-x86_64-3.txz:  Rebuilt.
xap/audacious-4.4-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4-x86_64-2.txz:  Rebuilt.
xap/mozilla-thunderbird-128.0.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.0.1esr/releasenotes/
xap/xaos-4.3.2-x86_64-2.txz:  Rebuilt.
extra/emacs-regular-build/emacs-29.4-x86_64-2_regular.txz:  Rebuilt.
2024-07-23 22:50:05 +02:00
Patrick J Volkerding
56ac679460 Sat Jul 13 20:26:06 UTC 2024
l/librsvg-2.58.2-x86_64-1.txz:  Upgraded.
l/pulseaudio-17.0-x86_64-4.txz:  Rebuilt.
  Add directories /etc/pulse/{default,system}.pa.d to avoid log warnings.
  Thanks to gmgf.
xap/mozilla-thunderbird-128.0esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.0esr/releasenotes/
2024-07-13 23:18:17 +02:00
Patrick J Volkerding
4d6224ab70 Tue Jul 2 19:31:00 UTC 2024
ap/ksh93-1.0.9-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-42.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/cantor-23.08.5-x86_64-8.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/kfilemetadata-5.116.0-x86_64-4.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/kile-2.9.93-x86_64-35.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/kitinerary-23.08.5-x86_64-6.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/krita-5.2.3-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
kde/okular-23.08.5-x86_64-6.txz:  Rebuilt.
  Recompiled against poppler-24.07.0.
l/ffmpeg-6.1.1-x86_64-4.txz:  Rebuilt.
  Recompiled against libplacebo-7.349.0.
l/gdbm-1.24-x86_64-1.txz:  Upgraded.
l/libplacebo-7.349.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/poppler-24.07.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-trove-classifiers-2024.7.2-x86_64-1.txz:  Upgraded.
n/getmail-6.19.02-x86_64-1.txz:  Upgraded.
n/httpd-2.4.60-x86_64-2.txz:  Rebuilt.
  This update is to fix a regression and to note security issues that were not
  listed in the CHANGES file included with the source code.
  Fixed a regression where a config file using AddType rather than AddHandler
  could cause raw PHP files to be downloaded rather than processed.
  Thanks to Nobby6.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.60
    https://www.cve.org/CVERecord?id=CVE-2024-39573
    https://www.cve.org/CVERecord?id=CVE-2024-38477
    https://www.cve.org/CVERecord?id=CVE-2024-38476
    https://www.cve.org/CVERecord?id=CVE-2024-38475
    https://www.cve.org/CVERecord?id=CVE-2024-38474
    https://www.cve.org/CVERecord?id=CVE-2024-38473
    https://www.cve.org/CVERecord?id=CVE-2024-38472
    https://www.cve.org/CVERecord?id=CVE-2024-36387
  (* Security fix *)
xap/mpv-0.38.0-x86_64-4.txz:  Rebuilt.
  Recompiled against libplacebo-7.349.0.
2024-07-02 22:02:25 +02:00
Patrick J Volkerding
2a236157ac Mon Jun 24 21:17:14 UTC 2024
a/grub-2.12-x86_64-6.txz:  Rebuilt.
  Added update-grub script. Thanks to LuckyCyborg.
  Also add grub-update symlink.
  Disable the submenus. Thanks to LuckyCyborg.
  Also find initrd-${tag}-${version}.gz and initrd-${tag}.gz. Thanks to gwhl.
  Support kernel symlinks/files named vmlinu[xz]-generic, vmlinu[xz]-custom,
  and vmlinu[xz]-huge. Thanks to Petri Kaukasoina.
  Enabled os-prober again. It works here, and (at least with lilo) we've always
  been friendly to dual-booting. It's easy to disable if you don't like it.
  Sorry to LuckyCyborg. ;-)
d/parallel-20240622-noarch-1.txz:  Upgraded.
kde/qca-2.3.9-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_34-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.2-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p18-x86_64-4.txz:  Rebuilt.
  In ntp.conf, don't use direct logging to /var/log/ntp. Instead use the syslog
  facility to avoid having to restart ntpd when the logs are rotated.
  We'll still rotate /var/log/ntp if we see it, though.
  Thanks to Petri Kaukasoina.
xap/NetworkManager-openvpn-1.12.0-x86_64-1.txz:  Upgraded.
2024-06-24 23:59:55 +02:00
Patrick J Volkerding
205c5c25f5 Fri Jun 14 22:38:45 UTC 2024
a/iniparser-4.2.3-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.22.6-x86_64-1.txz:  Upgraded.
l/dav1d-1.4.3-x86_64-1.txz:  Upgraded.
l/editorconfig-core-c-0.12.8-x86_64-1.txz:  Upgraded.
l/enchant-2.8.1-x86_64-1.txz:  Upgraded.
l/freecell-solver-6.10.0-x86_64-1.txz:  Upgraded.
l/qt5-5.15.14_20240607_570f5b21-x86_64-1.txz:  Upgraded.
  Fix build with ninja 1.12.x. Thanks to ctrlaltca, gmgf, and lucabon.
xap/audacious-4.4-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.4-x86_64-1.txz:  Upgraded.
2024-06-15 02:02:20 +02:00
Patrick J Volkerding
167022426d Mon Jun 10 19:23:44 UTC 2024
ap/stow-2.4.0-x86_64-1.txz:  Added.
  Thanks to r1w1s1.
ap/texinfo-7.1-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
ap/vim-9.1.0473-x86_64-1.txz:  Upgraded.
  Compiled against perl-5.40.0.
d/ccache-4.10-x86_64-2.txz:  Rebuilt.
  Avoid downloading doctest.h at build time. Thanks to lucabon.
d/perl-5.40.0-x86_64-1.txz:  Upgraded.
  Upgraded:  DBD-mysql-4.052, Path-Tiny-0.146, URI-5.28.
d/subversion-1.14.3-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
kde/plasma-workspace-5.27.11.1-x86_64-2.txz:  Rebuilt.
  [PATCH] Fix writing ICEAuthority file.
l/glib2-2.80.3-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_33-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
l/pango-1.54.0-x86_64-1.txz:  Upgraded.
l/python-packaging-24.1-x86_64-1.txz:  Upgraded.
n/epic5-2.1.12-x86_64-9.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
n/irssi-1.4.5-x86_64-3.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
n/net-snmp-5.9.4-x86_64-5.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
n/ntp-4.2.8p18-x86_64-3.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
n/openldap-2.6.8-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
xap/hexchat-2.16.2-x86_64-3.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
xap/pidgin-2.14.13-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
xap/rxvt-unicode-9.31-x86_64-3.txz:  Rebuilt.
  Recompiled against perl-5.40.0.
xap/vim-gvim-9.1.0473-x86_64-1.txz:  Upgraded.
  Compiled against perl-5.40.0.
xap/xscreensaver-6.09-x86_64-1.txz:  Upgraded.
xfce/xfce4-power-manager-4.18.4-x86_64-1.txz:  Upgraded.
xfce/xfce4-session-4.18.4-x86_64-1.txz:  Upgraded.
2024-06-10 22:00:40 +02:00
Patrick J Volkerding
dbe41c2d3f Thu Jun 6 19:44:49 UTC 2024
kde/kstars-3.7.1-x86_64-1.txz:  Upgraded.
l/mlt-7.24.0-x86_64-2.txz:  Rebuilt.
  Add build options -DMOD_QT6=ON and -DMOD_GLXANIMATE_QT6=ON.
  Thanks to gmgf and sombragris.
l/protobuf-27.1-x86_64-1.txz:  Upgraded.
n/ipset-7.22-x86_64-1.txz:  Upgraded.
n/php-8.3.8-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Bypass of CVE-2012-1823, Argument Injection in PHP-CGI.
  Filter bypass in filter_var FILTER_VALIDATE_URL.
  Bypass of CVE-2024-1874.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.8
    https://www.cve.org/CVERecord?id=CVE-2024-4577
    https://www.cve.org/CVERecord?id=CVE-2024-5458
    https://www.cve.org/CVERecord?id=CVE-2024-5585
  (* Security fix *)
x/libinput-1.26.0-x86_64-1.txz:  Upgraded.
x/libwacom-2.12.0-x86_64-1.txz:  Upgraded.
x/mesa-24.1.1-x86_64-1.txz:  Upgraded.
xap/pan-0.159-x86_64-1.txz:  Upgraded.
2024-06-06 22:47:45 +02:00
Patrick J Volkerding
40d0483337 Wed Jun 5 19:06:36 UTC 2024
a/kernel-firmware-20240604_22643bb-noarch-1.txz:  Upgraded.
a/less-657-x86_64-1.txz:  Upgraded.
a/openssl-solibs-3.3.1-x86_64-1.txz:  Upgraded.
d/cmake-3.29.4-x86_64-1.txz:  Upgraded.
l/poppler-24.06.0-x86_64-1.txz:  Upgraded.
l/protobuf-27.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-zipp-3.19.2-x86_64-1.txz:  Upgraded.
l/qt6-6.7.1_20240516_6977d02f-x86_64-2.txz:  Rebuilt.
  Recompiled against protobuf-27.0.
n/ca-certificates-20240604-noarch-1.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
n/mosh-1.4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against protobuf-27.0.
n/openssl-3.3.1-x86_64-1.txz:  Upgraded.
  This update fixes bugs and one low severity security issue:
  Calling the OpenSSL API function SSL_free_buffers may cause memory to be
  accessed that was previously freed in some situations. Our investigations
  indicate that this function is rarely used by applications.
  For more information, see:
    https://www.openssl.org/news/secadv/20240528.txt
    https://www.cve.org/CVERecord?id=CVE-2024-4741
  (* Security fix *)
2024-06-05 23:01:12 +02:00
Patrick J Volkerding
bace514a49 Sat Jun 1 19:52:37 UTC 2024
a/findutils-4.10.0-x86_64-1.txz:  Upgraded.
a/logrotate-3.22.0-x86_64-1.txz:  Upgraded.
  Thanks to opty for getting our changes accepted upstream.
a/sysvinit-scripts-15.1-noarch-18.txz:  Rebuilt.
  rc.M: start dnsmasq before ntpd. Thanks to lostintime.
d/git-2.45.2-x86_64-1.txz:  Upgraded.
d/poke-4.1-x86_64-1.txz:  Upgraded.
kde/fcitx5-configtool-5.1.6-x86_64-1.txz:  Upgraded.
kde/kwin-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against wayland-1.23.0 since it seems they broke the ABI.
  Let me know if anything else needs help.
kde/libindi-2.0.8-x86_64-1.txz:  Upgraded.
l/mujs-1.3.4-x86_64-1.txz:  Added.
l/python-zipp-3.19.1-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p18-x86_64-2.txz:  Rebuilt.
  rc.ntp: properly create the PID file on start.
  Add /etc/default/ntp to configure ntpd startup options since some people are
  needing to add -4 to avoid an error.
  Thanks to rkelsen and teoberi.
x/fcitx5-5.1.10-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.6-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.4-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.4-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.1.6-x86_64-1.txz:  Upgraded.
x/fcitx5-table-other-5.1.3-x86_64-1.txz:  Upgraded.
x/libime-1.1.8-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.9-x86_64-1.txz:  Upgraded.
xap/blueman-2.4.2-x86_64-1.txz:  Upgraded.
xap/mpv-0.38.0-x86_64-3.txz:  Rebuilt.
  Recompiled against mujs-1.3.4.
2024-06-01 22:44:21 +02:00
Patrick J Volkerding
1a40eac63e Fri May 31 23:52:07 UTC 2024
d/luajit-2.0.1716656478-x86_64-1.txz:  Added.
  Thanks to Erik Falor.
n/proftpd-1.3.8b-x86_64-4.txz:  Rebuilt.
  Build with mod_wrap2 and mod_wrap2_file instead of mod_wrap, which has
  problems with ipv6. Thanks to jayjwa.
xap/mpv-0.38.0-x86_64-2.txz:  Rebuilt.
  [PATCH 1/4] av_common: parent mp_get_lavf_demuxer contents to the list.
  [PATCH 2/4] stream: implement get_protocols method for stream_lavf.
  [PATCH 3/4] build: dynamically generate mpv.desktop file protocols.
  [PATCH 4/4] stream_lavf: don't add ffmpeg bluray or dvd protocols.
  Thanks to gmgf.
  Build against luajit. Thanks to pm_a_cup_of_tea.
2024-06-01 02:30:41 +02:00
Patrick J Volkerding
9f8168864e Fri May 31 18:49:48 UTC 2024
a/hwdata-0.383-noarch-1.txz:  Upgraded.
a/pciutils-3.13.0-x86_64-1.txz:  Upgraded.
d/ccache-4.10-x86_64-1.txz:  Upgraded.
d/meson-1.4.1-x86_64-1.txz:  Upgraded.
d/ruby-3.3.2-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.27.11.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.27.11.1-x86_64-1.txz:  Upgraded.
kde/tokodon-23.08.5-x86_64-1.txz:  Added.
l/libvpx-1.14.1-x86_64-1.txz:  Upgraded.
l/python-requests-2.32.3-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.0-x86_64-1.txz:  Upgraded.
n/getmail-6.19.00-x86_64-1.txz:  Upgraded.
x/libevdev-1.13.2-x86_64-1.txz:  Upgraded.
x/wayland-1.23.0-x86_64-1.txz:  Upgraded.
xap/gnuplot-6.0.1-x86_64-1.txz:  Upgraded.
xap/mpv-0.38.0-x86_64-1.txz:  Added.
  Evidently we need one more media player. ;-)
  Thanks to John Vogel Corning, Andreas Guldstrand, and Christoph Willing.
2024-05-31 21:34:09 +02:00
Patrick J Volkerding
c903d3bfd7 Sun May 26 00:07:39 UTC 2024
a/kernel-firmware-20240519_ec8627e-noarch-1.txz:  Upgraded.
a/kernel-generic-6.9.2-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.9.2-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.9.2-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.9.2-x86-1.txz:  Upgraded.
e/emacspeak-60.0-x86_64-2.txz:  Rebuilt.
  Fixed dangling symlink. Thanks to marav.
k/kernel-source-6.9.2-noarch-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-40.txz:  Rebuilt.
  Recompiled against gsl-2.8.
kde/krita-5.2.2-x86_64-10.txz:  Rebuilt.
  Recompiled against gsl-2.8.
kde/kstars-3.7.0-x86_64-2.txz:  Rebuilt.
  Recompiled against gsl-2.8.
kde/libindi-2.0.7-x86_64-2.txz:  Rebuilt.
  Recompiled against gsl-2.8.
kde/stellarsolver-2.5-x86_64-2.txz:  Rebuilt.
  Recompiled against gsl-2.8.
kde/step-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against gsl-2.8.
l/dav1d-1.4.2-x86_64-1.txz:  Upgraded.
l/glib2-2.80.2-x86_64-2.txz:  Rebuilt.
  [PATCH 1/2] gmenuexporter: Fix a NULL pointer dereference on an error
  handling path.
  [PATCH 2/2] gactiongroupexporter: Fix memory problems on an error
  handling path.
  Thanks to Philip Withnall and Arleson.
l/gsl-2.8-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/librsvg-2.58.1-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.7-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p18-x86_64-1.txz:  Upgraded.
x/igt-gpu-tools-1.28-x86_64-3.txz:  Rebuilt.
  Recompiled against gsl-2.8.
xap/sane-1.3.1-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.78-x86_64-1.txz:  Upgraded.
xap/xsnow-3.7.9-x86_64-2.txz:  Rebuilt.
  Recompiled against gsl-2.8.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-05-26 02:44:46 +02:00
Patrick J Volkerding
983b468de9 Thu May 23 18:47:30 UTC 2024
a/etc-15.1-x86_64-12.txz:  Rebuilt.
  Remove less related profile variables from /etc/profile.
a/exfatprogs-1.2.3-x86_64-1.txz:  Upgraded.
a/less-655-x86_64-2.txz:  Rebuilt.
  Create /etc/profile.d/less.{csh,sh} for less related profile variables.
  By default, don't display the informational messages on the top line
  of the output (this can be configured in less.{csh,sh}.
  Don't attempt special handling of .log files as it breaks viewing a file
  such as foo.log.bz2.
d/parallel-20240522-noarch-1.txz:  Upgraded.
l/python-trove-classifiers-2024.5.22-x86_64-1.txz:  Upgraded.
x/mesa-24.1.0-x86_64-1.txz:  Upgraded.
x/xterm-392-x86_64-1.txz:  Upgraded.
xap/pavucontrol-6.0-x86_64-1.txz:  Upgraded.
2024-05-23 21:28:36 +02:00
Patrick J Volkerding
abc3e67678 Sun May 12 19:10:12 UTC 2024
a/less-654-x86_64-1.txz:  Upgraded.
d/ninja-1.12.1-x86_64-1.txz:  Upgraded.
n/whois-5.5.23-x86_64-1.txz:  Upgraded.
  Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
  and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
  TLD servers.
extra/bittornado/bittornado-0.3.18-noarch-3.txz:  Removed.
  Obsolete and based on python2.
2024-05-12 21:28:58 +02:00
Patrick J Volkerding
16bea606de Sat May 4 17:37:11 UTC 2024
a/elvis-2.2_0-x86_64-9.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
a/gettext-0.22.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
a/procps-ng-4.0.4-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/bc-1.07.1-x86_64-6.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/bpe-2.01.00-x86_64-7.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/gutenprint-5.3.4-x86_64-4.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/ispell-3.4.06-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/joe-4.6-x86_64-5.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/nvme-cli-2.9.1-x86_64-1.txz:  Upgraded.
ap/powertop-2.15-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/sc-7.16-x86_64-11.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/screen-4.9.1-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
ap/xfsdump-3.1.12-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/clisp-2.50_20230718_669249717-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/cmake-3.29.2-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/cscope-15.9-x86_64-4.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/gettext-tools-0.22.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/guile-3.0.9-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/lua-5.4.6-x86_64-6.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
d/poke-4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
kde/kalgebra-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/enchant-2.7.3-x86_64-1.txz:  Upgraded.
l/gdbm-1.23-x86_64-3.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/lame-3.100-x86_64-5.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/libcdio-2.1.0-x86_64-4.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/libedit-20230828_3.1-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/libnjb-2.2.7-x86_64-5.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/libnvme-1.9-x86_64-1.txz:  Upgraded.
l/libqalculate-5.0.0-x86_64-3.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
l/python-pygments-2.18.0-x86_64-1.txz:  Upgraded.
l/qtkeychain-0.14.3-x86_64-1.txz:  Upgraded.
l/readline-8.2.010-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/elm-2.5.8-x86_64-8.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/epic5-2.1.12-x86_64-8.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/iftop-1.0pre4-x86_64-5.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/metamail-2.7-x86_64-11.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/mtr-0.95-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/net-snmp-5.9.4-x86_64-4.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/netkit-ftp-0.17-x86_64-8.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/netkit-ntalk-0.17-x86_64-8.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/netwatch-1.3.1_2-x86_64-6.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/nn-6.7.3-x86_64-9.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/php-8.3.6-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/samba-4.20.0-x86_64-3.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/telnet-0.17-x86_64-7.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/wpa_supplicant-2.10-x86_64-4.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
n/ytalk-3.3.0-x86_64-7.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
xap/MPlayer-20240403-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
xap/ddd-3.4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
xap/gnuchess-6.2.9-x86_64-2.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
xap/xine-ui-0.99.14-x86_64-3.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
y/bsd-games-2.17-x86_64-5.txz:  Rebuilt.
  Recompiled against ncurses-6.5.
2024-05-04 20:01:05 +02:00
Patrick J Volkerding
7a91946d5a Fri May 3 17:37:59 UTC 2024
a/hwdata-0.382-noarch-1.txz:  Upgraded.
a/ndctl-79-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.4-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.38-x86_64-1.txz:  Upgraded.
2024-05-03 20:00:12 +02:00
Patrick J Volkerding
ff95264870 Fri Apr 26 20:12:32 UTC 2024
a/kernel-firmware-20240426_fc21f47-noarch-1.txz:  Upgraded.
ap/cups-2.4.7-x86_64-3.txz:  Rebuilt.
  Rebuild using --with-rundir=/run/cups.
ap/cups-browsed-2.0.0-x86_64-1.txz:  Added.
  This is the CUPS/IPP print queue browser daemon, previously part of the
  cups-filters package.
ap/cups-filters-2.0.0-x86_64-1.txz:  Upgraded.
l/libarchive-3.7.4-x86_64-1.txz:  Upgraded.
l/libcupsfilters-2.0.0-x86_64-1.txz:  Added.
  This is required by cups-filters-2.0.0.
l/libppd-2.0.0-x86_64-1.txz:  Added.
  This is required by cups-filters-2.0.0.
l/libproxy-0.5.6-x86_64-1.txz:  Upgraded.
x/wayland-protocols-1.36-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-125.0.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-125.0-x86_64-1.txz:  Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz:  Removed.
2024-04-26 23:57:49 +02:00
Patrick J Volkerding
ed81ac8dda Fri Apr 19 19:36:17 UTC 2024
a/elogind-252.23-x86_64-3.txz:  Rebuilt.
  All right, it's time to stop the bleeding (edge). This has been verified as
  the last working version of elogind, so we'll revert for now while moving the
  newer sources into /testing. We didn't actually *need* the 255 branch for
  libgudev (I was mistakenly under that impression), so this will be fine for
  now. We'll keep an eye on upstream and move forward when things settle down.
d/vala-0.56.17-x86_64-1.txz:  Upgraded.
l/gdk-pixbuf2-2.42.11-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.3-x86_64-1.txz:  Upgraded.
l/polkit-124-x86_64-2.txz:  Rebuilt.
  Recompiled against elogind-252.23.
l/python-sphinx-7.3.7-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.46.0-x86_64-2.txz:  Rebuilt.
  Build with meson instead of autotools, since setting session_tracking to
  elogind is ignored with autotools, and is set to consolekit instead.
  While this didn't seem to make a difference in practice, better to get this
  right now and rule it out as part of the issue.
  Thanks to marav and LuckyCyborg for the options hints.
x/xdg-desktop-portal-1.18.4-x86_64-1.txz:  Upgraded.
xap/freerdp-2.11.6-x86_64-1.txz:  Upgraded.
  This release is a security release and addresses multiple issues:
  [Low] OutOfBound Read in zgfx_decompress_segment.
  [Moderate] Integer overflow & OutOfBound Write in
  clear_decompress_residual_data.
  [Low] integer underflow in nsc_rle_decode.
  [Low] OutOfBound Read in planar_skip_plane_rle.
  [Low] OutOfBound Read in ncrush_decompress.
  [Low] OutOfBound Read in interleaved_decompress.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-32041
    https://www.cve.org/CVERecord?id=CVE-2024-32039
    https://www.cve.org/CVERecord?id=CVE-2024-32040
    https://www.cve.org/CVERecord?id=CVE-2024-32458
    https://www.cve.org/CVERecord?id=CVE-2024-32459
    https://www.cve.org/CVERecord?id=CVE-2024-32460
  (* Security fix *)
2024-04-19 21:59:51 +02:00
Patrick J Volkerding
c302fc308c Mon Apr 8 18:44:37 UTC 2024
l/imagemagick-7.1.1_30-x86_64-1.txz:  Upgraded.
l/libarchive-3.7.3-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix possible vulnerability in tar error reporting introduced in f27c173
  by JiaT75.
  For more information, see:
    f27c173d17
    https://github.com/libarchive/libarchive/pull/2101
  (* Security fix *)
n/net-snmp-5.9.4-x86_64-3.txz:  Rebuilt.
  [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp.
  Thanks to walecha.
n/rsync-3.3.0-x86_64-1.txz:  Upgraded.
x/xorg-sgml-doctools-1.12.1-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.36-x86_64-3.txz:  Rebuilt.
  [PATCH] QuitDialog: disconnect signal handler on dialog destroy.
  This fixes a crash on quit.
  Thanks to USUARIONUEVO.
xap/xlockmore-5.77-x86_64-1.txz:  Upgraded.
2024-04-08 21:32:38 +02:00
Patrick J Volkerding
76d67b71a0 Wed Apr 3 19:58:56 UTC 2024
a/kernel-generic-6.6.24-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.24-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.24-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.24-x86-1.txz:  Upgraded.
d/python3-3.11.9-x86_64-1.txz:  Upgraded.
k/kernel-source-6.6.24-noarch-1.txz:  Upgraded.
  -AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
  -GCC11_NO_ARRAY_BOUNDS y
   NUMA_BALANCING n -> y
  +GCC10_NO_ARRAY_BOUNDS y
  +NUMA_BALANCING_DEFAULT_ENABLED y
kde/libindi-2.0.7-x86_64-1.txz:  Upgraded.
l/SDL2-2.30.2-x86_64-1.txz:  Upgraded.
l/aom-3.8.2-x86_64-1.txz:  Added.
  Needed to add AV1 encode/decode support to ffmpeg.
  Thanks to Andrew Strong.
l/dav1d-1.4.1-x86_64-1.txz:  Added.
  Needed to add AV1 decode support to ffmpeg.
l/ffmpeg-6.1.1-x86_64-2.txz:  Rebuilt.
  Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
  Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
  Thanks to glennmcc.
l/gtk4-4.14.2-x86_64-1.txz:  Upgraded.
n/whois-5.5.22-x86_64-1.txz:  Upgraded.
  Fixed a segmentation fault with --no-recursion.
  Updated the .bm and .vi TLD servers.
  Removed 4 new gTLDs which are no longer active.
xap/MPlayer-20240403-x86_64-1.txz:  Upgraded.
  Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
  Thanks to glennmcc.
xap/pan-0.157-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-04-03 23:12:56 +02:00
Patrick J Volkerding
f81c11c624 Sun Mar 31 18:28:19 UTC 2024
ap/hplip-3.23.12-x86_64-4.txz:  Rebuilt.
  Add a few patches from Arch, including one to fix a Unicode error with the
  sixext.py script that causes hp-setup to crash after detecting a printer.
  Thanks to truepatriot76.
d/Cython-3.0.10-x86_64-1.txz:  Upgraded.
d/cargo-vendor-filterer-0.5.13-x86_64-1.txz:  Upgraded.
d/poke-4.0-x86_64-1.txz:  Upgraded.
l/editorconfig-core-c-0.12.7-x86_64-1.txz:  Upgraded.
l/jasper-4.2.3-x86_64-1.txz:  Upgraded.
l/libical-3.0.18-x86_64-1.txz:  Upgraded.
l/pango-1.52.2-x86_64-1.txz:  Upgraded.
l/python-lxml-5.2.0-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.28.1-x86_64-1.txz:  Upgraded.
xap/blueman-2.4-x86_64-1.txz:  Upgraded.
2024-03-31 20:58:48 +02:00
Patrick J Volkerding
44183f6ba3 Fri Mar 29 20:39:11 UTC 2024
Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a
rebuild or upgrade to build against python-3.11.8. Looking at the python
readiness page, it seems like a lot of stuff we use is not certified for
python-3.12 yet (although to be fair, about half as much isn't certified for
python-3.11 either). But 3.11 seems to be the safer choice even though the
final bugfix update is scheduled for Monday. And, if we do decide to move
ahead to 3.12 later on, it'll be a lot easier than this update was.
Enjoy! :-)
a/aaa_libraries-15.1-x86_64-29.txz:  Rebuilt.
  Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0,
  libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0,
  libgthread-2.0.so.0.8000.0.
  Removed: libboost_*.so.1.83.0.
a/libblockdev-2.28-x86_64-3.txz:  Rebuilt.
a/libbytesize-2.8-x86_64-2.txz:  Rebuilt.
a/libpwquality-1.4.5-x86_64-2.txz:  Rebuilt.
a/mcelog-198-x86_64-1.txz:  Upgraded.
a/util-linux-2.40-x86_64-2.txz:  Rebuilt.
a/volume_key-0.3.12-x86_64-8.txz:  Rebuilt.
a/xz-5.6.1-x86_64-2.txz:  Rebuilt.
  Seems like a good idea to build this from a git pull rather than the signed
  release tarballs. :-)
  The liblzma in the previous packages were not found to be vulnerable by the
  detection script, but I'd rather not carry the bad m4 files in our sources.
  Here's a test script for anyone wanting to try it:
  if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then
    echo probably vulnerable
  else
    echo probably not vulnerable
  fi
ap/hplip-3.23.12-x86_64-3.txz:  Rebuilt.
ap/linuxdoc-tools-0.9.82-x86_64-5.txz:  Rebuilt.
ap/rpm-4.19.1.1-x86_64-2.txz:  Rebuilt.
ap/undervolt-20210815_e39aea1-x86_64-3.txz:  Rebuilt.
ap/vim-9.1.0225-x86_64-1.txz:  Upgraded.
d/Cython-3.0.9-x86_64-2.txz:  Rebuilt.
d/distcc-3.4-x86_64-5.txz:  Rebuilt.
d/gdb-14.2-x86_64-2.txz:  Rebuilt.
d/gyp-20210831_d6c5dd51-x86_64-3.txz:  Rebuilt.
d/llvm-18.1.2-x86_64-2.txz:  Rebuilt.
d/mercurial-6.7.1-x86_64-2.txz:  Rebuilt.
d/meson-1.4.0-x86_64-2.txz:  Rebuilt.
d/python-pip-24.0-x86_64-2.txz:  Rebuilt.
d/python-setuptools-69.2.0-x86_64-2.txz:  Rebuilt.
d/python3-3.11.8-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/scons-4.7.0-x86_64-2.txz:  Rebuilt.
kde/cantor-23.08.5-x86_64-4.txz:  Rebuilt.
kde/kapidox-5.115.0-x86_64-2.txz:  Rebuilt.
kde/kdev-python-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kig-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kmymoney-5.1.3-x86_64-4.txz:  Rebuilt.
kde/kopeninghours-23.08.5-x86_64-2.txz:  Rebuilt.
kde/krita-5.2.2-x86_64-6.txz:  Rebuilt.
l/M2Crypto-0.41.0-x86_64-2.txz:  Rebuilt.
l/Mako-1.3.2-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.15.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.10-x86_64-2.txz:  Rebuilt.
l/PyQt5_sip-12.13.0-x86_64-2.txz:  Rebuilt.
l/QScintilla-2.14.1-x86_64-3.txz:  Rebuilt.
l/avahi-20240306_709e60f-x86_64-2.txz:  Rebuilt.
l/brotli-1.1.0-x86_64-2.txz:  Rebuilt.
l/dbus-python-1.3.2-x86_64-2.txz:  Rebuilt.
l/gexiv2-0.14.2-x86_64-3.txz:  Rebuilt.
l/gi-docgen-2023.3-x86_64-2.txz:  Rebuilt.
l/glade-3.40.0-x86_64-2.txz:  Rebuilt.
l/gobject-introspection-1.80.0-x86_64-2.txz:  Rebuilt.
l/harfbuzz-8.4.0-x86_64-1.txz:  Upgraded.
l/lensfun-0.3.4-x86_64-2.txz:  Rebuilt.
l/libcaca-0.99.beta20-x86_64-2.txz:  Rebuilt.
l/libcap-ng-0.8.4-x86_64-2.txz:  Rebuilt.
l/libieee1284-0.2.11-x86_64-8.txz:  Rebuilt.
l/libimobiledevice-20231007_04c0233-x86_64-2.txz:  Rebuilt.
l/libnvme-1.8-x86_64-2.txz:  Rebuilt.
l/libplist-2.4.0-x86_64-2.txz:  Rebuilt.
l/libwebp-1.3.2-x86_64-3.txz:  Rebuilt.
l/libxml2-2.12.6-x86_64-3.txz:  Rebuilt.
l/libxslt-1.1.39-x86_64-2.txz:  Rebuilt.
l/newt-0.52.24-x86_64-3.txz:  Rebuilt.
l/protobuf-26.1-x86_64-2.txz:  Rebuilt.
l/pycairo-1.26.0-x86_64-3.txz:  Rebuilt.
l/pycups-2.0.1-x86_64-7.txz:  Rebuilt.
l/pycurl-7.45.3-x86_64-2.txz:  Rebuilt.
l/pygobject3-3.48.1-x86_64-2.txz:  Rebuilt.
l/pyparsing-3.1.2-x86_64-2.txz:  Rebuilt.
l/python-Jinja2-3.1.3-x86_64-2.txz:  Rebuilt.
l/python-MarkupSafe-2.1.5-x86_64-2.txz:  Rebuilt.
l/python-PyYAML-6.0.1-x86_64-3.txz:  Rebuilt.
l/python-alabaster-0.7.16-x86_64-2.txz:  Rebuilt.
l/python-appdirs-1.4.4-x86_64-7.txz:  Rebuilt.
l/python-babel-2.14.0-x86_64-2.txz:  Rebuilt.
l/python-build-1.2.1-x86_64-2.txz:  Rebuilt.
l/python-calver-2022.6.26-x86_64-2.txz:  Rebuilt.
l/python-certifi-2024.2.2-x86_64-2.txz:  Rebuilt.
l/python-cffi-1.16.0-x86_64-2.txz:  Rebuilt.
l/python-chardet-5.2.0-x86_64-2.txz:  Rebuilt.
l/python-charset-normalizer-3.3.2-x86_64-2.txz:  Rebuilt.
l/python-distro-1.9.0-x86_64-2.txz:  Rebuilt.
l/python-dnspython-2.6.1-x86_64-2.txz:  Rebuilt.
l/python-docutils-0.20.1-x86_64-2.txz:  Rebuilt.
l/python-doxypypy-0.8.8.7-x86_64-2.txz:  Rebuilt.
l/python-doxyqml-0.5.3-x86_64-2.txz:  Rebuilt.
l/python-editables-0.5-x86_64-2.txz:  Rebuilt.
l/python-flit-core-3.9.0-x86_64-2.txz:  Rebuilt.
l/python-future-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-glad2-2.0.6-x86_64-2.txz:  Rebuilt.
l/python-hatchling-1.22.4-x86_64-2.txz:  Rebuilt.
l/python-html5lib-1.1-x86_64-2.txz:  Rebuilt.
l/python-idna-3.6-x86_64-2.txz:  Rebuilt.
l/python-imagesize-1.4.1-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-7.1.0-x86_64-2.txz:  Rebuilt.
l/python-installer-0.7.0-x86_64-2.txz:  Rebuilt.
l/python-lxml-5.1.1-x86_64-1.txz:  Upgraded.
l/python-markdown-3.6-x86_64-2.txz:  Rebuilt.
l/python-notify2-0.3.1-x86_64-11.txz:  Rebuilt.
l/python-packaging-24.0-x86_64-2.txz:  Rebuilt.
l/python-pathspec-0.12.1-x86_64-2.txz:  Rebuilt.
l/python-pbr-6.0.0-x86_64-2.txz:  Rebuilt.
l/python-pillow-10.2.0-x86_64-2.txz:  Rebuilt.
l/python-pluggy-1.4.0-x86_64-2.txz:  Rebuilt.
l/python-ply-3.11-x86_64-9.txz:  Rebuilt.
l/python-psutil-5.9.8-x86_64-2.txz:  Rebuilt.
l/python-pycparser-2.21-x86_64-2.txz:  Rebuilt.
l/python-pygments-2.17.2-x86_64-2.txz:  Rebuilt.
l/python-pyproject-hooks-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-pysol_cards-0.16.0-x86_64-2.txz:  Rebuilt.
l/python-pytz-2024.1-x86_64-2.txz:  Rebuilt.
l/python-random2-1.0.2-x86_64-2.txz:  Rebuilt.
l/python-requests-2.31.0-x86_64-2.txz:  Rebuilt.
l/python-sane-2.9.1-x86_64-6.txz:  Rebuilt.
l/python-setuptools_scm-8.0.4-x86_64-2.txz:  Rebuilt.
l/python-six-1.16.0-x86_64-4.txz:  Rebuilt.
l/python-smartypants-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-snowballstemmer-2.2.0-x86_64-2.txz:  Rebuilt.
l/python-sphinx-7.2.6-x86_64-2.txz:  Rebuilt.
l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz:  Rebuilt.
l/python-tomli-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-tomli-w-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-trove-classifiers-2024.3.25-x86_64-2.txz:  Rebuilt.
l/python-typing_extensions-4.10.0-x86_64-2.txz:  Rebuilt.
l/python-typogrify-2.0.7-x86_64-2.txz:  Rebuilt.
l/python-urllib3-2.2.1-x86_64-2.txz:  Rebuilt.
l/python-webencodings-0.5.1-x86_64-2.txz:  Rebuilt.
l/python-wheel-0.43.0-x86_64-2.txz:  Rebuilt.
l/python-zipp-3.18.1-x86_64-2.txz:  Rebuilt.
l/sip-6.8.3-x86_64-2.txz:  Rebuilt.
l/speech-dispatcher-0.11.5-x86_64-2.txz:  Rebuilt.
l/system-config-printer-1.5.18-x86_64-2.txz:  Rebuilt.
l/talloc-2.4.2-x86_64-2.txz:  Rebuilt.
l/tdb-1.4.10-x86_64-2.txz:  Rebuilt.
l/tevent-0.16.1-x86_64-2.txz:  Rebuilt.
n/epic5-2.1.12-x86_64-7.txz:  Rebuilt.
n/fetchmail-6.4.38-x86_64-2.txz:  Rebuilt.
n/getmail-6.18.14-x86_64-2.txz:  Rebuilt.
n/gpgme-1.23.2-x86_64-3.txz:  Rebuilt.
n/net-snmp-5.9.4-x86_64-2.txz:  Rebuilt.
n/nftables-1.0.9-x86_64-2.txz:  Rebuilt.
n/nmap-7.94-x86_64-2.txz:  Rebuilt.
n/nss-pam-ldapd-0.9.12-x86_64-4.txz:  Rebuilt.
n/obexftp-0.24.2-x86_64-12.txz:  Rebuilt.
n/pssh-2.3.5-x86_64-2.txz:  Rebuilt.
n/samba-4.20.0-x86_64-2.txz:  Rebuilt.
x/ibus-1.5.29-x86_64-3.txz:  Rebuilt.
x/ibus-anthy-1.5.16-x86_64-2.txz:  Rebuilt.
x/ibus-hangul-1.5.5-x86_64-2.txz:  Rebuilt.
x/ibus-libpinyin-1.15.7-x86_64-2.txz:  Rebuilt.
x/ibus-table-1.17.4-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-9.txz:  Rebuilt.
x/pyxdg-0.28-x86_64-2.txz:  Rebuilt.
x/xcb-proto-1.16.0-x86_64-3.txz:  Rebuilt.
xap/blueman-2.3.5-x86_64-2.txz:  Rebuilt.
xap/hexchat-2.16.2-x86_64-2.txz:  Rebuilt.
xap/vim-gvim-9.1.0225-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.6-x86_64-3.txz:  Rebuilt.
2024-03-29 22:36:12 +01:00
Patrick J Volkerding
e55090794a Fri Mar 22 20:16:55 UTC 2024
a/volume_key-0.3.12-x86_64-7.txz:  Rebuilt.
  Build python3 bindings.
l/atkmm2-2.36.3-x86_64-1.txz:  Added.
l/boost-1.84.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/glibmm-2.66.7-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.1-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.1-x86_64-1.txz:  Upgraded.
l/gtkmm4-4.14.0-x86_64-1.txz:  Upgraded.
l/unicode-ucd-15.1.0-noarch-1.txz:  Added.
  153MB installed... oh well. Needed by gucharmap.
xap/gucharmap-15.1.3-x86_64-1.txz:  Upgraded.
xap/x3270-4.3ga7-x86_64-1.txz:  Upgraded.
2024-03-22 21:30:31 +01:00
Patrick J Volkerding
0cbf4c3859 Wed Mar 20 21:10:30 UTC 2024
a/libblockdev-2.28-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz:  Rebuilt.
  rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz:  Rebuilt.
  Drop python2 support.
ap/man-pages-6.7-noarch-1.txz:  Upgraded.
d/cmake-3.28.4-x86_64-1.txz:  Upgraded.
d/llvm-18.1.2-x86_64-1.txz:  Upgraded.
d/python2-2.7.18-x86_64-7.txz:  Rebuilt.
  Bundle the final python2 versions of pip and setuptools.
  Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz:  Upgraded.
  Point the /usr/bin/python symlink at python3.9.
  PEP 394 says we can do this, and in a world of ambigious shebangs, this
  is probably the best of the available options.
  This update also fixes security issues:
  bundled libexpat was updated to 2.6.0.
  zipfile is now protected from the "quoted-overlap" zipbomb.
  tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
  working around file system permission errors.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2024-0450
    https://www.cve.org/CVERecord?id=CVE-2023-6597
  (* Security fix *)
d/strace-6.8-x86_64-1.txz:  Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz:  Rebuilt.
  Fixed installed library name. Thanks to reddog83.
  Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz:  Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz:  Rebuilt.
  Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz:  Removed.
  Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz:  Added.
  We'll need this (along with pygtk and pygobject) until we get gimp3.
  Well, we could build gimp without python support, but I really don't think
  that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz:  Upgraded.
n/crda-4.15-x86_64-1.txz:  Removed.
  The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz:  Upgraded.
n/gpgme-1.23.2-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz:  Rebuilt.
  Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz:  Added.
  Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz:  Removed.
  Nothing uses it, and it was never updated for python3. Removed as obsolete.
2024-03-20 23:08:57 +01:00
Patrick J Volkerding
5a8e431607 Wed Mar 20 00:08:59 UTC 2024
a/sysvinit-scripts-15.1-noarch-14.txz:  Rebuilt.
  rc.S: fix motd matching so that it works on a fresh install.
d/scons-4.7.0-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-46.0-noarch-1.txz:  Upgraded.
l/at-spi2-core-2.52.0-x86_64-1.txz:  Upgraded.
l/gcr4-4.2.1-x86_64-1.txz:  Added.
l/gjs-1.80.0-x86_64-1.txz:  Upgraded.
l/glib-networking-2.80.0-x86_64-1.txz:  Upgraded.
l/glib2-2.80.0-x86_64-1.txz:  Upgraded.
l/gobject-introspection-1.80.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-46.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.54.0-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.0-x86_64-1.txz:  Upgraded.
l/mozjs115-115.9.0esr-x86_64-1.txz:  Added.
  Needed by gjs-1.80.0.
l/newt-0.52.24-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/pygobject3-3.48.1-x86_64-1.txz:  Upgraded.
l/python-glad2-2.0.6-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.3-x86_64-1.txz:  Upgraded.
l/vte-0.76.0-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.0-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.4-x86_64-1.txz:  Upgraded.
  This update fixes two medium severity security issues:
  libgnutls: Fix side-channel in the deterministic ECDSA.
  Reported by George Pantelakis (#1516).
  libgnutls: Fixed a bug where certtool crashed when verifying a certificate
  chain with more than 16 certificates. Reported by William Woodruff (#1525)
  and yixiangzhike (#1527).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-28834
    https://www.cve.org/CVERecord?id=CVE-2024-28835
  (* Security fix *)
xap/mozilla-firefox-115.9.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-13/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
xap/mozilla-thunderbird-115.9.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
2024-03-20 02:20:04 +01:00
Patrick J Volkerding
497dcc1ee7 Thu Mar 14 20:01:17 UTC 2024
a/cryptsetup-2.7.1-x86_64-1.txz:  Upgraded.
a/elogind-252.23-x86_64-2.txz:  Rebuilt.
  Install /etc/pam.d/elogind-user as .new. Thanks to Markus Wiesner.
a/kmod-32-x86_64-1.txz:  Upgraded.
a/tcsh-6.24.11-x86_64-1.txz:  Upgraded.
ap/a2ps-4.15.6-x86_64-1.txz:  Upgraded.
d/vala-0.56.16-x86_64-1.txz:  Upgraded.
l/avahi-20240306_709e60f-x86_64-1.txz:  Upgraded.
  Don't reload dbus from the installer.
x/mesa-24.0.3-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.76-x86_64-1.txz:  Upgraded.
xfce/xfce4-screensaver-4.18.3-x86_64-2.txz:  Rebuilt.
  Install /etc/pam.d/xfce4-screensaver as .new. Thanks to Markus Wiesner.
2024-03-14 21:30:41 +01:00
Patrick J Volkerding
47e3f5d9c3 Wed Mar 13 19:46:48 UTC 2024
a/etc-15.1-x86_64-9.txz:  Rebuilt.
  Added proftpd user (97) and proftpd group (97).
  Added nm-openvpn user (320) and nm-openvpn group (320).
  Added openvpn user (443) and openvpn group (443).
  Added overflowuid user (65534) and overflowgid group (65534).
  Thanks to opty for encouraging us to think about nobody.
d/meson-1.4.0-x86_64-1.txz:  Upgraded.
d/python-setuptools-69.2.0-x86_64-1.txz:  Upgraded.
l/expat-2.6.2-x86_64-1.txz:  Upgraded.
  Prevent billion laughs attacks with isolated use of external parsers.
  For more information, see:
    1d50b80cf3
    https://www.cve.org/CVERecord?id=CVE-2024-28757
  (* Security fix *)
l/pipewire-1.0.4-x86_64-1.txz:  Upgraded.
l/python-zipp-3.18.0-x86_64-1.txz:  Upgraded.
n/openvpn-2.6.9-x86_64-2.txz:  Rebuilt.
  Run as openvpn:openvpn. Thanks to rkelsen.
n/proftpd-1.3.8b-x86_64-2.txz:  Rebuilt.
  Run as proftpd:proftpd.
x/libva-2.21.0-x86_64-1.txz:  Upgraded.
x/libva-utils-2.21.0-x86_64-1.txz:  Upgraded.
xap/NetworkManager-openvpn-1.10.2-x86_64-2.txz:  Rebuilt.
  Run as nm-openvpn:nm-openvpn. Thanks to Markus Wiesner.
2024-03-13 21:30:19 +01:00
Patrick J Volkerding
e4d752ef50 Tue Mar 12 19:49:57 UTC 2024
a/elogind-252.23-x86_64-1.txz:  Upgraded.
ap/sqlite-3.45.2-x86_64-1.txz:  Upgraded.
l/jasper-4.2.2-x86_64-1.txz:  Upgraded.
l/libpaper-2.2.5-x86_64-1.txz:  Upgraded.
l/netpbm-11.05.03-x86_64-1.txz:  Upgraded.
l/python-wheel-0.43.0-x86_64-1.txz:  Upgraded.
n/iproute2-6.8.0-x86_64-1.txz:  Upgraded.
xap/sane-1.3.0-x86_64-1.txz:  Upgraded.
2024-03-12 22:30:49 +01:00
Patrick J Volkerding
30130016ee Mon Mar 11 18:29:55 UTC 2024
a/dialog-1.3_20240307-x86_64-1.txz:  Upgraded.
l/libpaper-2.2.3-x86_64-1.txz:  Upgraded.
l/libqalculate-5.0.0-x86_64-1.txz:  Upgraded.
l/pyparsing-3.1.2-x86_64-1.txz:  Upgraded.
l/python-packaging-24.0-x86_64-1.txz:  Upgraded.
n/openssh-9.7p1-x86_64-1.txz:  Upgraded.
  Future deprecation notice
  OpenSSH plans to remove support for the DSA signature algorithm in
  early 2025 and compile-time disable it later this year.
n/wget-1.24.5-x86_64-1.txz:  Upgraded.
x/iceauth-1.0.10-x86_64-1.txz:  Upgraded.
x/libXaw-1.0.16-x86_64-1.txz:  Upgraded.
xap/xaos-4.3.2-x86_64-1.txz:  Upgraded.
2024-03-11 19:59:19 +01:00