Commit graph

719 commits

Author SHA1 Message Date
Patrick J Volkerding
33be03fb13 Tue May 5 20:21:27 UTC 2020
a/hwdata-0.335-noarch-1.txz:  Upgraded.
ap/tmux-3.1b-x86_64-1.txz:  Upgraded.
l/libcap-2.34-x86_64-1.txz:  Upgraded.
n/mutt-1.14.0-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.4.3-x86_64-3.txz:  Rebuilt.
  Added /var/lib/nfs/nfsdcltrack database directory for nfsdcltrack.
  Thanks to upnort.
x/xterm-356-x86_64-1.txz:  Upgraded.
xap/NetworkManager-openvpn-1.8.12-x86_64-1.txz:  Added.
  Thanks to Robby Workman.
xap/mozilla-firefox-68.8.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.8.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2020-17/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12387
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12388
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12389
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6831
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12392
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12393
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12395
  (* Security fix *)
xap/mozilla-thunderbird-68.8.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/68.8.0/releasenotes/
  (* Security fix *)
testing/packages/PAM/libcap-2.34-x86_64-1_pam.txz:  Upgraded.
2020-05-06 08:59:52 +02:00
Patrick J Volkerding
df4c9b0919 Sun May 3 06:47:41 UTC 2020
a/kernel-generic-5.4.38-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.38-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.38-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.38-x86-1.txz:  Upgraded.
d/mercurial-5.4-x86_64-1.txz:  Upgraded.
k/kernel-source-5.4.38-noarch-1.txz:  Upgraded.
l/mozilla-nss-3.52-x86_64-1.txz:  Upgraded.
l/python-distro-1.5.0-x86_64-1.txz:  Upgraded.
l/python-pillow-7.1.2-x86_64-1.txz:  Upgraded.
l/v4l-utils-1.18.1-x86_64-1.txz:  Upgraded.
xap/seamonkey-2.53.2-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.2
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-05-03 17:59:53 +02:00
Patrick J Volkerding
5d2f345306 Fri May 1 18:05:38 UTC 2020
a/cryptsetup-2.3.2-x86_64-1.txz:  Upgraded.
a/sysvinit-scripts-2.1-noarch-30.txz:  Rebuilt.
  rc.S: contents of mounts below /run or /var/run should be visible in both
  /run and /var/run. Thanks to Markus Wiesner.
d/Cython-0.29.17-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
d/python-pip-20.1-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
d/python-setuptools-46.1.3-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/M2Crypto-0.35.2-x86_64-5.txz:  Rebuilt.
  Dropped python2 support.
l/Mako-1.1.2-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/gsettings-desktop-schemas-3.36.1-x86_64-1.txz:  Upgraded.
l/libzip-1.6.1-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
l/oniguruma-6.9.5_rev1-x86_64-1.txz:  Upgraded.
l/pycairo-1.19.1-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/pycups-2.0.1-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/pycurl-7.43.0.5-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/pyparsing-2.4.7-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/python-appdirs-1.4.3-x86_64-5.txz:  Rebuilt.
  Dropped python2 support.
l/python-certifi-2020.4.5.1-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/python-chardet-3.0.4-x86_64-5.txz:  Rebuilt.
  Dropped python2 support.
l/python-docutils-0.16-x86_64-3.txz:  Rebuilt.
  Dropped python2 support.
l/python-enum34-1.1.10-x86_64-1.txz:  Removed.
l/python-future-0.18.2-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/python-idna-2.9-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/python-notify2-0.3.1-x86_64-5.txz:  Rebuilt.
  Dropped python2 support.
l/python-packaging-20.3-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/python-ply-3.11-x86_64-3.txz:  Rebuilt.
  Dropped python2 support.
l/python-pygments-2.6.1-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/python-requests-2.23.0-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/python-sane-2.8.3-x86_64-5.txz:  Rebuilt.
  Dropped python2 support.
l/python-six-1.14.0-x86_64-2.txz:  Rebuilt.
  Dropped python2 support.
l/python-urllib3-1.25.9-x86_64-1.txz:  Upgraded.
  Dropped python2 support.
l/python2-module-collection-2.7.18-x86_64-1.txz:  Added.
  Time to quarantine these python2 modules and pin the versions where they
  are (or in the case of setuptools, downgrade to the last version that doesn't
  complain). This will keep most of the standard python2 add-ons in one package
  so that we can upgrade modules for python3 without having to worry about
  python2 support getting dropped upstream.
n/dnsmasq-2.81-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
n/gnutls-3.6.13-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
n/nettle-3.6-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
x/mesa-20.0.6-x86_64-1.txz:  Upgraded.
x/pyxdg-0.26-x86_64-3.txz:  Rebuilt.
  Dropped python2 support.
x/ttf-tlwg-0.7.2-noarch-1.txz:  Upgraded.
x/xorg-server-1.20.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
x/xorg-server-xephyr-1.20.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
x/xorg-server-xnest-1.20.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
x/xorg-server-xvfb-1.20.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
x/xorg-server-xwayland-1.20.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
x/xterm-355-x86_64-1.txz:  Upgraded.
xap/rdesktop-1.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.6.
extra/tigervnc/tigervnc-1.10.1-x86_64-3.txz:  Rebuilt.
  Recompiled against nettle-3.6.
2020-05-02 08:59:53 +02:00
Patrick J Volkerding
bb3d80d1a7 Thu Apr 30 04:58:02 UTC 2020
a/kernel-generic-5.4.36-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.36-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.36-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.36-x86-1.txz:  Upgraded.
k/kernel-source-5.4.36-noarch-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-30 18:00:04 +02:00
Patrick J Volkerding
9c2212f2f0 Wed Apr 29 20:19:12 UTC 2020
ap/tmux-3.1a-x86_64-1.txz:  Upgraded.
d/cmake-3.17.2-x86_64-1.txz:  Upgraded.
n/curl-7.70.0-x86_64-1.txz:  Upgraded.
n/openldap-client-2.4.50-x86_64-1.txz:  Upgraded.
xap/audacious-4.0.3-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.0.3-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.3-x86_64-1_alsa.txz:  Upgraded.
2020-04-30 08:59:51 +02:00
Patrick J Volkerding
fc35afb36c Tue Apr 28 20:18:40 UTC 2020
ap/cups-2.3.3-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
  The ppdOpen function did not handle invalid UI constraint.
  ppdcSource::get_resolution function did not handle invalid resolution strings.
  The ippReadIO function may under-read an extension.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
  (* Security fix *)
l/imagemagick-7.0.10_10-x86_64-1.txz:  Upgraded.
n/samba-4.12.2-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
  A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
  use-after-free in Samba's AD DC LDAP server.
  A deeply nested filter in an un-authenticated LDAP search can exhaust the
  LDAP server's stack memory causing a SIGSEGV.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
  (* Security fix *)
testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz:  Upgraded.
  This update fixes two security issues:
  The ppdOpen function did not handle invalid UI constraint.
  ppdcSource::get_resolution function did not handle invalid resolution strings.
  The ippReadIO function may under-read an extension.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
  (* Security fix *)
testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz:  Upgraded.
  This update fixes two security issues:
  A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
  use-after-free in Samba's AD DC LDAP server.
  A deeply nested filter in an un-authenticated LDAP search can exhaust the
  LDAP server's stack memory causing a SIGSEGV.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
  (* Security fix *)
2020-04-29 08:59:53 +02:00
Patrick J Volkerding
1cf9f87b65 Mon Apr 27 20:27:30 UTC 2020
a/mkinitrd-1.4.11-x86_64-15.txz:  Rebuilt.
  Use the standard mktemp utility from GNU coreutils, not the old tempfile.
d/help2man-1.47.15-x86_64-1.txz:  Upgraded.
l/aspell-en-2019.10.06_0-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.20-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_9-x86_64-1.txz:  Upgraded.
n/irssi-1.2.2-x86_64-2.txz:  Rebuilt.
  Fixed ctrl-space killing input with recent glib.
  Thanks to tramtrist and Urchlay.
x/xterm-354-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-de-20161207_7_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-ga-5.1_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-it-2.4_20070901_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-ml-0.04_1-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-pl-6.0_20200327_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-pt_BR-20131030_12_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-pt_PT-20190329_1_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-sk-2.02_0-x86_64-1.txz:  Upgraded.
extra/aspell-word-lists/aspell-tl-0.4_0-x86_64-1.txz:  Upgraded.
2020-04-28 08:59:53 +02:00
Patrick J Volkerding
6e0d30774b Sun Apr 26 18:28:01 UTC 2020
d/meson-0.54.1-x86_64-1.txz:  Upgraded.
l/vte-0.60.2-x86_64-1.txz:  Upgraded.
n/fetchmail-6.4.4-x86_64-1.txz:  Upgraded.
n/s-nail-14.9.19-x86_64-1.txz:  Upgraded.
2020-04-27 08:59:52 +02:00
Patrick J Volkerding
e6a0a756a3 Sun Apr 26 03:34:28 UTC 2020
d/rust-1.43.0-x86_64-2.txz:  Rebuilt.
  Patched and recompiled with the system LLVM 10 instead of the bundled LLVM 9.
2020-04-26 08:59:53 +02:00
Patrick J Volkerding
fc0b7eb5cb Fri Apr 24 18:54:41 UTC 2020
a/bash-5.0.017-x86_64-1.txz:  Upgraded.
a/kernel-generic-5.4.35-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.35-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.35-x86_64-1.txz:  Upgraded.
a/mcelog-169-x86_64-1.txz:  Upgraded.
ap/nvme-cli-1.11.1-x86_64-1.txz:  Upgraded.
ap/powertop-2.12-x86_64-1.txz:  Upgraded.
ap/tmux-3.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.35-x86-1.txz:  Upgraded.
d/parallel-20200422-noarch-1.txz:  Upgraded.
d/rust-1.43.0-x86_64-1.txz:  Upgraded.
d/vala-0.48.5-x86_64-1.txz:  Upgraded.
k/kernel-source-5.4.35-noarch-1.txz:  Upgraded.
l/gmm-5.4-noarch-1.txz:  Upgraded.
l/librsvg-2.48.4-x86_64-1.txz:  Upgraded.
l/sip-4.19.22-x86_64-1.txz:  Upgraded.
n/dhcpcd-8.1.9-x86_64-1.txz:  Upgraded.
x/mesa-20.0.5-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-25 08:59:53 +02:00
Patrick J Volkerding
bf29f9a870 Wed Apr 22 02:19:37 UTC 2020
a/kernel-firmware-20200421_78c0348-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.34-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.34-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.34-x86_64-1.txz:  Upgraded.
a/openssl-solibs-1.1.1g-x86_64-1.txz:  Upgraded.
d/git-2.26.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  With a crafted URL that contains a newline or empty host, or lacks
  a scheme, the credential helper machinery can be fooled into
  providing credential information that is not appropriate for the
  protocol in use and host being contacted.
  Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the
  credentials are not for a host of the attacker's choosing; instead,
  they are for some unspecified host (based on how the configured
  credential helper handles an absent "host" parameter).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
  (* Security fix *)
d/kernel-headers-5.4.34-x86-1.txz:  Upgraded.
d/vala-0.48.4-x86_64-1.txz:  Upgraded.
k/kernel-source-5.4.34-noarch-1.txz:  Upgraded.
  INFINIBAND_CXGB3 n -> m
  INFINIBAND_IPOIB_CM n -> y
  INFINIBAND_IPOIB_DEBUG_DATA n -> y
  Thanks to Karl Magnus Kolstø.
l/M2Crypto-0.35.2-x86_64-4.txz:  Rebuilt.
  Don't package typing-3.7.4.1 for python3.
l/netpbm-10.90.01-x86_64-1.txz:  Upgraded.
n/openssl-1.1.1g-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fixed segmentation fault in SSL_check_chain() that could be exploited by a
  malicious peer in a Denial of Service attack.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967
  (* Security fix *)
x/libva-2.7.1-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txz:  Upgraded.
  This update fixes a security issue:
  Fix illegal client float. Thanks to Lev Stipakov.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
  (* Security fix *)
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-22 08:59:52 +02:00
Patrick J Volkerding
72b3c9e90f Tue Apr 21 02:45:06 UTC 2020
d/python-2.7.17-x86_64-2.txz:  Removed.
d/python2-2.7.18-x86_64-1.txz:  Added.
  OK, I know a few people got excited seeing python-2 removed in the previous
  entry, but it's just being renamed to python2 for consistency with the
  python3 package. It's DOA though, and is the final release of the already EOL
  python 2 branch (a "commemorative" release as they say in the announcement).
l/M2Crypto-0.35.2-x86_64-3.txz:  Rebuilt.
  Added python3 modules. Thanks to sombragris and ponce.
l/harfbuzz-2.6.5-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_7-x86_64-1.txz:  Upgraded.
l/libuv-1.37.0-x86_64-1.txz:  Upgraded.
l/libyaml-0.2.4-x86_64-1.txz:  Upgraded.
l/oniguruma-6.9.5-x86_64-1.txz:  Upgraded.
x/pixman-0.40.0-x86_64-1.txz:  Upgraded.
2020-04-21 08:59:53 +02:00
Patrick J Volkerding
a4a9ee5efe Sun Apr 19 21:06:43 UTC 2020
l/neon-0.31.1-x86_64-1.txz:  Upgraded.
n/postfix-3.5.1-x86_64-1.txz:  Upgraded.
n/s-nail-14.9.18-x86_64-1.txz:  Upgraded.
xap/gnuchess-6.2.6-x86_64-1.txz:  Upgraded.
2020-04-20 08:59:52 +02:00
Patrick J Volkerding
c55b2370e9 Fri Apr 17 21:38:36 UTC 2020
a/kernel-firmware-20200417_6314fa0-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.33-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.33-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.33-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.33-x86-1.txz:  Upgraded.
k/kernel-source-5.4.33-noarch-1.txz:  Upgraded.
l/adwaita-icon-theme-3.36.1-noarch-1.txz:  Upgraded.
l/libuv-1.36.0-x86_64-2.txz:  Rebuilt.
  Revert commits that cause BIND to crash. Thanks to Markus Wiesner.
l/wavpack-5.3.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-18 08:59:53 +02:00
Patrick J Volkerding
3021bc8054 Fri Apr 17 04:03:54 UTC 2020
ap/rpm-4.15.1-x86_64-3.txz:  Rebuilt.
  Dropped python2 modules.
l/libcaca-0.99.beta19-x86_64-6.txz:  Rebuilt.
  Dropped python2 modules.
l/libuv-1.36.0-x86_64-1.txz:  Upgraded.
l/libwebp-1.1.0-x86_64-2.txz:  Rebuilt.
  Dropped python2 modules.
l/python-distro-1.4.0-x86_64-2.txz:  Rebuilt.
  Dropped python2 modules.
l/python-docutils-0.16-x86_64-2.txz:  Rebuilt.
  Replace /usr/bin scripts with python3 versions.
l/system-config-printer-1.5.12-x86_64-3.txz:  Rebuilt.
  Dropped python2 modules.
n/openvpn-2.4.9-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix illegal client float. Thanks to Lev Stipakov.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810
  (* Security fix *)
extra/xf86-video-nouveau-blacklist/xf86-video-nouveau-blacklist-1.0-noarch-1.txz:  Added.
  If it is easier for people using slackpkg to leave xf86-video-nouveau
  installed and change the name of this package from xf86-video-nouveau to
  xf86-video-nouveau-blacklist with a $VERSION of 1.0, then so be it.
extra/xf86-video-nouveau-blacklist/xf86-video-nouveau-blacklist-noarch-1.txz:  Removed.
2020-04-17 17:59:56 +02:00
Patrick J Volkerding
56d77dd7f4 Wed Apr 15 19:52:52 UTC 2020
a/xfsprogs-5.6.0-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.18-x86_64-2.txz:  Rebuilt.
  Fixed the version number embedded in pkg-config files and elsewhere.
  Thanks to davjohn for the bug report.
n/bind-9.16.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  DNS rebinding protection was ineffective when BIND 9 is configured as a
  forwarding DNS server. Found and responsibly reported by Tobias Klein.
  [GL #1574]
  (* Security fix *)
2020-04-16 08:59:52 +02:00
Patrick J Volkerding
4bb8e72194 Tue Apr 14 22:26:11 UTC 2020
a/gawk-5.1.0-x86_64-1.txz:  Upgraded.
a/gettext-0.20.2-x86_64-1.txz:  Upgraded.
d/gettext-tools-0.20.2-x86_64-1.txz:  Upgraded.
d/git-2.26.1-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  With a crafted URL that contains a newline in it, the credential helper
  machinery can be fooled to give credential information for a wrong host.
  The attack has been made impossible by forbidding a newline character in
  any value passed via the credential protocol. Credit for finding the
  vulnerability goes to Felix Wilhelm of Google Project Zero.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
  (* Security fix *)
l/glib-networking-2.64.2-x86_64-1.txz:  Upgraded.
l/libsecret-0.20.3-x86_64-1.txz:  Upgraded.
n/php-7.4.5-x86_64-1.txz:  Upgraded.
x/xorgproto-2020.1-x86_64-1.txz:  Upgraded.
xap/audacious-4.0.2-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.0.2-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.2-x86_64-1_alsa.txz:  Upgraded.
2020-04-15 08:59:52 +02:00
Patrick J Volkerding
aafeea9fc4 Mon Apr 13 22:16:49 UTC 2020
a/kernel-firmware-20200413_64dba0f-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.32-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.32-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.32-x86_64-1.txz:  Upgraded.
d/doxygen-1.8.18-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.32-x86-1.txz:  Upgraded.
k/kernel-source-5.4.32-noarch-1.txz:  Upgraded.
n/dhcpcd-8.1.8-x86_64-1.txz:  Upgraded.
x/libvdpau-1.4-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-14 08:59:43 +02:00
Patrick J Volkerding
8efda2a1ab Sun Apr 12 20:02:28 UTC 2020
ap/man-pages-5.06-noarch-1.txz:  Upgraded.
l/libyaml-0.2.3-x86_64-1.txz:  Upgraded.
n/dnsmasq-2.81-x86_64-1.txz:  Upgraded.
x/libinput-1.15.5-x86_64-1.txz:  Upgraded.
2020-04-13 08:59:51 +02:00
Patrick J Volkerding
4907ec15b8 Fri Apr 10 20:33:06 UTC 2020
ap/cups-filters-1.27.4-x86_64-1.txz:  Upgraded.
ap/qpdf-10.0.1-x86_64-1.txz:  Upgraded.
ap/sysstat-12.3.2-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.18-x86_64-1.txz:  Upgraded.
l/librsvg-2.48.3-x86_64-1.txz:  Upgraded.
n/libqmi-1.24.10-x86_64-1.txz:  Upgraded.
n/libtirpc-1.2.6-x86_64-1.txz:  Upgraded.
2020-04-11 08:59:51 +02:00
Patrick J Volkerding
e35c3a1aa0 Thu Apr 9 22:20:10 UTC 2020
d/cmake-3.17.1-x86_64-1.txz:  Upgraded.
l/glib2-2.64.2-x86_64-1.txz:  Upgraded.
l/libssh-0.9.4-x86_64-1.txz:  Upgraded.
  Fixed possible DoS in client and server when handling AES-CTR keys
  with OpenSSL.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1730
  (* Security fix *)
2020-04-10 08:59:49 +02:00
Patrick J Volkerding
648447b38a Thu Apr 9 00:53:59 UTC 2020
a/kernel-generic-5.4.31-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.31-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.31-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.31-x86-1.txz:  Upgraded.
k/kernel-source-5.4.31-noarch-1.txz:  Upgraded.
l/mozilla-nss-3.51.1-x86_64-1.txz:  Upgraded.
n/samba-4.12.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-68.7.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/68.7.0/releasenotes/
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-09 08:59:49 +02:00
Patrick J Volkerding
6c51ff9eac Tue Apr 7 22:23:02 UTC 2020
testing/packages/PAM/samba-4.12.1-x86_64-1_pam.txz:  Upgraded.
2020-04-08 08:59:50 +02:00
Patrick J Volkerding
3f40480143 Mon Apr 6 21:23:19 UTC 2020
ap/vim-8.2.0521-x86_64-1.txz:  Upgraded.
d/vala-0.48.3-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_5-x86_64-1.txz:  Upgraded.
x/compiz-0.8.18-x86_64-1.txz:  Upgraded.
xap/audacious-4.0.1-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.0.1-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.2.0521-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.1-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0.1-x86_64-1_alsa.txz:  Upgraded.
testing/packages/PAM/sudo-1.8.31p1-x86_64-1_pam.txz:  Upgraded.
2020-04-07 08:59:49 +02:00
Patrick J Volkerding
c83fbfbb71 Sun Apr 5 21:02:32 UTC 2020
d/bison-3.5.4-x86_64-1.txz:  Upgraded.
kde/k3b-2.0.3-x86_64-7.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
l/gobject-introspection-1.64.1-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_4-x86_64-1.txz:  Upgraded.
l/libdvdnav-6.1.0-x86_64-2.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
  Who bumps an .soname and only boosts the version number by 0.0.1?
  Anyway, sorry to drop the ball a second time. I'll try to avoid this.
  Thanks to gmgf for the bug report.
n/fetchmail-6.4.3-x86_64-1.txz:  Upgraded.
tcl/tclx-8.4.4-x86_64-1.txz:  Upgraded.
xap/MPlayer-20200103-x86_64-2.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
xap/windowmaker-0.95.9-x86_64-1.txz:  Upgraded.
xap/xine-lib-1.2.10-x86_64-2.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/MPlayer-20200103-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/xine-lib-1.2.10-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against libdvdread-6.1.1.
2020-04-06 08:59:52 +02:00
Patrick J Volkerding
a9b559dd10 Sun Apr 5 01:33:45 UTC 2020
kde/calligra-2.9.11-x86_64-34.txz:  Rebuilt.
  Recompiled against glew-2.2.0.
  The libGLEW.so.2.2 .soname (rather than libGLEW.so.2) gets me every time.
  Thanks to marrowsuck for the bug report.
l/libdvdread-6.1.1-x86_64-1.txz:  Upgraded.
x/mesa-20.0.4-x86_64-2.txz:  Rebuilt.
  Recompiled against glew-2.2.0.
2020-04-05 08:59:51 +02:00
Patrick J Volkerding
df9b2cc164 Fri Apr 3 23:07:16 UTC 2020
ap/lsof-4.93.2-x86_64-2.txz:  Rebuilt.
  Fixed the manpage. Thanks to kaott.
ap/sc-7.16-x86_64-7.txz:  Rebuilt.
  Brought back the classic SC. Thanks to dive.
d/Cython-0.29.16-x86_64-1.txz:  Upgraded.
d/mercurial-5.3.2-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.17-x86_64-1.txz:  Upgraded.
n/dhcpcd-8.1.7-x86_64-1.txz:  Upgraded.
n/iproute2-5.6.0-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.101-x86_64-1.txz:  Upgraded.
x/mesa-20.0.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-68.6.1esr-x86_64-1.txz:  Upgraded.
  This release contains critical security fixes and improvements.
  "Under certain conditions, when running the nsDocShell destructor, a race
  condition can cause a use-after-free. We are aware of targeted attacks in
  the wild abusing this flaw."
  "Under certain conditions, when handling a ReadableStream, a race condition
  can cause a use-after-free. We are aware of targeted attacks in the wild
  abusing this flaw."
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.6.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820
  (* Security fix *)
2020-04-04 08:59:51 +02:00
Patrick J Volkerding
fe5dc86cee Thu Apr 2 22:13:11 UTC 2020
a/kernel-generic-5.4.30-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.30-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.30-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.30-x86-1.txz:  Upgraded.
k/kernel-source-5.4.30-noarch-1.txz:  Upgraded.
l/atk-2.36.0-x86_64-1.txz:  Upgraded.
l/libunwind-1.4.0-x86_64-1.txz:  Upgraded.
n/conntrack-tools-1.4.6-x86_64-1.txz:  Upgraded.
n/libnetfilter_conntrack-1.0.8-x86_64-1.txz:  Upgraded.
n/libnftnl-1.1.6-x86_64-1.txz:  Upgraded.
n/nftables-0.9.4-x86_64-1.txz:  Upgraded.
x/mesa-20.0.3-x86_64-1.txz:  Upgraded.
xap/network-manager-applet-1.16.0-x86_64-2.txz:  Rebuilt.
  Rebuilt using meson. Thanks to bassmadrigal.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-03 08:59:50 +02:00
Patrick J Volkerding
7bd3e8d27d Thu Apr 2 06:07:52 UTC 2020
a/hwdata-0.334-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.29-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.29-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.29-x86_64-1.txz:  Upgraded.
a/pkgtools-15.0-noarch-32.txz:  Rebuilt.
  installpkg: handle the uninstall script packaged as /install/douninst.sh.
  removepkg: add --skip-douninst option to skip running the uninstall script.
    Save removed douninst.sh in /var/log/pkgtools/removed_uninstall_scripts.
ap/groff-1.22.4-x86_64-2.txz:  Rebuilt.
  Fixed docdir. Thanks to Xsane.
d/gcc-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-brig-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-9.3.0-x86_64-2.txz:  Rebuilt.
  Patched a compiler bug concerning assumed-shape vs. deferred-shape arrays.
  Thanks to Lockywolf.
d/gcc-gnat-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-9.3.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-9.3.0-x86_64-2.txz:  Rebuilt.
d/kernel-headers-5.4.29-x86-1.txz:  Upgraded.
d/ruby-2.7.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Unsafe Object Creation Vulnerability in JSON (Additional fix).
  Heap exposure vulnerability in the socket library.
  For more information, see:
    https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
    https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933
  (* Security fix *)
k/kernel-source-5.4.29-noarch-1.txz:  Upgraded.
l/graphite2-1.3.14-x86_64-1.txz:  Upgraded.
l/librsvg-2.48.2-x86_64-1.txz:  Upgraded.
l/utf8proc-2.5.0-x86_64-1.txz:  Upgraded.
x/libva-2.7.0-x86_64-1.txz:  Upgraded.
x/libva-utils-2.7.1-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-04-02 10:41:33 +02:00
Patrick J Volkerding
99c7cafd73 Tue Mar 31 19:01:17 UTC 2020
a/dialog-1.3_20200327-x86_64-1.txz:  Upgraded.
a/openssl-solibs-1.1.1f-x86_64-1.txz:  Upgraded.
ap/nano-4.9.1-x86_64-1.txz:  Upgraded.
l/elfutils-0.179-x86_64-1.txz:  Upgraded.
n/gnutls-3.6.13-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support),
  since 3.6.3. The DTLS client would not contribute any randomness to the
  DTLS negotiation, breaking the security guarantees of the DTLS protocol.
  [GNUTLS-SA-2020-03-31, CVSS: high]
  (* Security fix *)
n/httpd-2.4.43-x86_64-1.txz:  Upgraded.
n/openssl-1.1.1f-x86_64-1.txz:  Upgraded.
2020-04-01 08:59:49 +02:00
Patrick J Volkerding
c53350a485 Tue Mar 31 04:00:43 UTC 2020
a/pkgtools-15.0-noarch-31.txz:  Rebuilt.
  removepkg: support an uninstall script. See removepkg(8).
d/meson-0.54.0-x86_64-1.txz:  Upgraded.
2020-03-31 08:59:49 +02:00
Patrick J Volkerding
4f2bf4aab6 Sun Mar 29 23:05:46 UTC 2020
d/ccache-3.7.9-x86_64-1.txz:  Upgraded.
d/llvm-10.0.0-x86_64-2.txz:  Rebuilt.
  Ensure that lit-cpuid is built and installed. Thanks to jkh2cpu.
l/imagemagick-7.0.10_3-x86_64-1.txz:  Upgraded.
l/netpbm-10.90.00-x86_64-1.txz:  Upgraded.
n/mutt-1.13.5-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.4.3-x86_64-2.txz:  Rebuilt.
  Rebuilt with --with-pluginpath=/usr/lib${LIBDIRSUFFIX}/libnfsidmap.
  Thanks to lecho.
x/xorg-server-1.20.8-x86_64-1.txz:  Upgraded.
x/xorg-server-xephyr-1.20.8-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-1.20.8-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-1.20.8-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-1.20.8-x86_64-1.txz:  Upgraded.
2020-03-30 08:59:51 +02:00
Patrick J Volkerding
f845c97d2d Sat Mar 28 05:48:42 UTC 2020
a/lvm2-2.03.09-x86_64-1.txz:  Upgraded.
d/guile-3.0.2-x86_64-1.txz:  Upgraded.
l/glib-networking-2.64.1-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.16-x86_64-1.txz:  Upgraded.
l/gvfs-1.44.1-x86_64-1.txz:  Upgraded.
l/librsvg-2.48.1-x86_64-1.txz:  Upgraded.
l/vte-0.60.1-x86_64-1.txz:  Upgraded.
xap/audacious-4.0-x86_64-3.txz:  Rebuilt.
  Also support GTK+ interface, including a .desktop file for it.
xap/audacious-plugins-4.0-x86_64-3.txz:  Rebuilt.
  Rebuilt with --enable-gtk.
extra/pure-alsa-system/audacious-plugins-4.0-x86_64-3_alsa.txz:  Rebuilt.
  Rebuilt with --enable-gtk.
extra/pure-alsa-system/qt5-5.13.2-x86_64-3_alsa.txz:  Added.
2020-03-28 17:59:48 +01:00
Patrick J Volkerding
b0afb726e7 Thu Mar 26 22:37:06 UTC 2020
x/libwacom-1.3-x86_64-1.txz:  Upgraded.
2020-03-27 08:59:49 +01:00
Patrick J Volkerding
f1c067fa42 Wed Mar 25 22:53:06 UTC 2020
a/e2fsprogs-1.45.6-x86_64-2.txz:  Rebuilt.
  Fixed RELEASE-NOTES dangling symlink.
a/kernel-generic-5.4.28-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.28-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.28-x86_64-1.txz:  Upgraded.
ap/nano-4.9-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.28-x86-1.txz:  Upgraded.
d/llvm-10.0.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/rust-1.42.0-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-10.0.0.
d/scons-3.1.2-x86_64-3.txz:  Rebuilt.
  Fixed shebangs for python3, removed useless .bat files.
  Thanks to teeemcee and ponce.
d/vala-0.48.2-x86_64-1.txz:  Upgraded.
k/kernel-source-5.4.28-noarch-1.txz:  Upgraded.
l/libgsf-1.14.47-x86_64-1.txz:  Upgraded.
l/neon-0.31.0-x86_64-1.txz:  Upgraded.
l/netpbm-10.89.03-x86_64-1.txz:  Upgraded.
l/qt5-5.13.2-x86_64-3.txz:  Rebuilt.
  Recompiled against llvm-10.0.0.
x/mesa-20.0.2-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-10.0.0.
xfce/thunar-1.8.14-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-03-26 08:59:49 +01:00
Patrick J Volkerding
62f75c0a4e Tue Mar 24 05:08:25 UTC 2020
n/curl-7.69.1-x86_64-3.txz:  Rebuilt.
  Removed --with-ca-bundle=/usr/share/curl/ca-bundle.crt and
  added --without-ca-bundle. Thanks to drgibbon and Willy Sudiarto Raharjo.
2020-03-24 08:59:49 +01:00
Patrick J Volkerding
4e99f850dd Sun Mar 22 19:58:16 UTC 2020
l/glibmm-2.64.2-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_2-x86_64-1.txz:  Upgraded.
l/libcue-2.2.1-x86_64-1.txz:  Added.
  The initial use for this is adding CUE support to audacious-plugins.
l/libdvdnav-6.1.0-x86_64-1.txz:  Upgraded.
l/libdvdread-6.1.0-x86_64-1.txz:  Upgraded.
xap/audacious-4.0-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.0-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/audacious-plugins-4.0-x86_64-1_alsa.txz:  Upgraded.
2020-03-23 08:59:49 +01:00
Patrick J Volkerding
16310a1914 Sun Mar 22 01:55:55 UTC 2020
a/kernel-generic-5.4.27-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.27-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.27-x86_64-1.txz:  Upgraded.
a/tcsh-6.22.02-x86_64-3.txz:  Rebuilt.
  Actually apply the shell history patch this time. Thanks to jmccue.
ap/cups-filters-1.27.3-x86_64-1.txz:  Upgraded.
d/automake-1.16.2-noarch-1.txz:  Upgraded.
d/kernel-headers-5.4.27-x86-1.txz:  Upgraded.
d/parallel-20200322-noarch-1.txz:  Upgraded.
k/kernel-source-5.4.27-noarch-1.txz:  Upgraded.
l/gmime-3.2.7-x86_64-1.txz:  Upgraded.
l/pangomm-2.42.1-x86_64-1.txz:  Upgraded.
n/gnupg2-2.2.20-x86_64-1.txz:  Upgraded.
xap/xaos-3.7-x86_64-1.txz:  Upgraded.
xap/xscreensaver-5.44-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/PAM/xscreensaver-5.44-x86_64-1_pam.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-03-22 08:59:48 +01:00
Patrick J Volkerding
4e5b493e88 Fri Mar 20 18:58:08 UTC 2020
a/kernel-firmware-20200320_edf390c-noarch-1.txz:  Upgraded.
ap/vim-8.2.0418-x86_64-1.txz:  Upgraded.
d/cmake-3.17.0-x86_64-1.txz:  Upgraded.
l/fuse3-3.9.1-x86_64-1.txz:  Upgraded.
x/igt-gpu-tools-1.25-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.2.0418-x86_64-1.txz:  Upgraded.
2020-03-21 08:59:48 +01:00
Patrick J Volkerding
30f51193f4 Thu Mar 19 22:01:05 UTC 2020
ap/ghostscript-9.52-x86_64-1.txz:  Upgraded.
l/PyQt5-5.13.2-x86_64-1.txz:  Added.
l/QScintilla-2.11.4-x86_64-3.txz:  Rebuilt.
  Added PyQt5 support. Thanks to alienBOB.
l/sip-4.19.21-x86_64-2.txz:  Rebuilt.
  Recompiled to pick up Qt5 support.
n/gpgme-1.13.1-x86_64-3.txz:  Rebuilt.
  Added Qt5 bindings. Thanks to alienBOB.
2020-03-20 08:59:33 +01:00
Patrick J Volkerding
9e2e1c45f7 Thu Mar 19 01:45:30 UTC 2020
Don't bother with 5.4.26 folks, just wait for the next one. Trust me.
a/tcsh-6.22.02-x86_64-2.txz:  Rebuilt.
  Fixed merging history from multiple shells. Thanks to jmccue.
a/xz-5.2.5-x86_64-1.txz:  Upgraded.
d/git-2.25.2-x86_64-1.txz:  Upgraded.
l/glibmm-2.64.1-x86_64-1.txz:  Upgraded.
n/bind-9.16.1-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.10-x86_64-2.txz:  Rebuilt.
x/libinput-1.15.4-x86_64-1.txz:  Upgraded.
x/mesa-20.0.2-x86_64-1.txz:  Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-2_pam.txz:  Rebuilt.
  Recompiled using --with-pam. Thanks to HQuest.
2020-03-19 08:59:27 +01:00
Patrick J Volkerding
89ee2f9778 Tue Mar 17 22:11:07 UTC 2020
Happy Feast of Saint Patrick. Stay safe everyone.
a/openssl-solibs-1.1.1e-x86_64-1.txz:  Upgraded.
d/ccache-3.7.8-x86_64-1.txz:  Upgraded.
l/glibmm-2.64.0-x86_64-1.txz:  Upgraded.
n/openssl-1.1.1e-x86_64-1.txz:  Upgraded.
  Fixed an overflow bug in the x64_64 Montgomery squaring procedure
  used in exponentiation with 512-bit moduli.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
  (* Security fix *)
n/php-7.4.4-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Core: get_headers() silently truncates after a null byte
  EXIF: Use-of-uninitialized-value in exif
  MBstring: mb_strtolower: stack-buffer-overflow at php_unicode_tolower_full
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7066
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7064
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7065
  (* Security fix *)
2020-03-18 08:59:45 +01:00
Patrick J Volkerding
25ffb4a7fa Mon Mar 16 21:20:17 UTC 2020
a/kernel-firmware-20200316_8eb0b28-noarch-1.txz:  Upgraded.
l/imagemagick-7.0.10_1-x86_64-1.txz:  Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-1.txz:  Upgraded.
n/libqmi-1.24.8-x86_64-1.txz:  Upgraded.
n/postfix-3.5.0-x86_64-1.txz:  Upgraded.
2020-03-17 08:59:49 +01:00
Patrick J Volkerding
3b63d76134 Sun Mar 15 19:50:24 UTC 2020
a/aaa_elflibs-15.0-x86_64-22.txz:  Rebuilt.
  Upgraded: libcap.so.2.33, libncurses.so.6.2, libncursesw.so.6.2,
  libpcre.so.1.2.12, libpcreposix.so.0.0.7, libtinfo.so.6.2, libform.so.6.2,
  libformw.so.6.2, libglib-2.0.so.0.6400.1, libgmodule-2.0.so.0.6400.1,
  libgobject-2.0.so.0.6400.1, libgthread-2.0.so.0.6400.1,
  liblber-2.4.so.2.10.12, libldap-2.4.so.2.10.12, libmenu.so.6.2,
  libmenuw.so.6.2, libpanel.so.6.2, libpanelw.so.6.2, libstdc++.so.6.0.28.
a/xfsprogs-5.5.0-x86_64-1.txz:  Upgraded.
ap/sudo-1.8.31p1-x86_64-1.txz:  Upgraded.
  This is a bugfix release:
  Sudo once again ignores a failure to restore the RLIMIT_CORE resource limit,
  as it did prior to version 1.8.29. Linux containers don't allow RLIMIT_CORE
  to be set back to RLIM_INFINITY if we set the limit to zero, even for root,
  which resulted in a warning from sudo.
d/help2man-1.47.13-x86_64-1.txz:  Upgraded.
d/perl-5.30.2-x86_64-1.txz:  Upgraded.
  Also upgraded to Devel-CheckLib-1.14, DBI-1.643, and IO-Socket-SSL-2.067.
n/ModemManager-1.12.8-x86_64-1.txz:  Upgraded.
n/bluez-5.54-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.2.131.2-x86_64-1.txz:  Upgraded.
2020-03-16 08:59:49 +01:00
Patrick J Volkerding
99054d5dbe Fri Mar 13 20:15:29 UTC 2020
a/cryptsetup-2.3.1-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20200309_3b3dd5a-noarch-1.txz:  Upgraded.
a/kernel-generic-5.4.25-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.25-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.25-x86_64-1.txz:  Upgraded.
ap/ghostscript-9.51-x86_64-1.txz:  Upgraded.
d/gcc-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-brig-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-g++-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-gdc-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-gfortran-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-gnat-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-go-9.3.0-x86_64-1.txz:  Upgraded.
d/gcc-objc-9.3.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.4.25-x86-1.txz:  Upgraded.
d/libtool-2.4.6-x86_64-13.txz:  Rebuilt.
  Recompiled to update embedded GCC version number.
d/rust-1.42.0-x86_64-1.txz:  Upgraded.
d/scons-3.1.2-x86_64-2.txz:  Rebuilt.
  Drop python2 support and switch to python3.
k/kernel-source-5.4.25-noarch-1.txz:  Upgraded.
  GCC_VERSION 90200 -> 90300
l/libuv-1.35.0-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.22.10-x86_64-1.txz:  Upgraded.
n/postfix-3.4.10-x86_64-1.txz:  Upgraded.
xap/blueman-2.1.2-x86_64-2.txz:  Rebuilt.
  This needed a rebuild for glib2-2.64.1. Thanks to Lockywolf.
xap/mozilla-thunderbird-68.6.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/68.6.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2020-03-14 08:59:50 +01:00
Patrick J Volkerding
2c7220ae76 Wed Mar 11 19:54:51 UTC 2020
ap/hplip-3.20.3-x86_64-1.txz:  Upgraded.
d/vala-0.48.1-x86_64-1.txz:  Upgraded.
l/SDL2-2.0.12-x86_64-1.txz:  Upgraded.
l/gcr-3.36.0-x86_64-1.txz:  Upgraded.
l/glib2-2.64.1-x86_64-1.txz:  Upgraded.
l/gnome-keyring-3.36.0-x86_64-1.txz:  Upgraded.
l/libsecret-0.20.2-x86_64-1.txz:  Upgraded.
n/curl-7.69.1-x86_64-1.txz:  Upgraded.
testing/packages/PAM/gnome-keyring-3.36.0-x86_64-1_pam.txz:  Upgraded.
testing/packages/PAM/hplip-3.20.3-x86_64-1_pam.txz:  Upgraded.
2020-03-12 08:59:49 +01:00
Patrick J Volkerding
35fc44d178 Tue Mar 10 19:53:39 UTC 2020
d/guile-3.0.1-x86_64-1.txz:  Upgraded.
l/SDL2-2.0.10-x86_64-2.txz:  Rebuilt.
  Rebuilt to pick up wayland support. Thanks to franzen.
l/dconf-0.36.0-x86_64-1.txz:  Upgraded.
l/dconf-editor-3.36.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-3.36.0-x86_64-1.txz:  Upgraded.
l/python-pygments-2.5.2-x86_64-1.txz:  Upgraded.
  It seems like the pragmatic thing to do here is to revert this one to fix
  the python2 programs and modules that depend on it. We'll have to do a bit
  more research to determine what the best course of action is regarding
  python2 in general, though. Certainly we shouldn't be requiring python2
  for anything important moving forward, but even that will take some work.
  Plasma 5 as currently built has multiple dependencies on python2, for
  example.
n/bind-9.16.0-x86_64-4.txz:  Rebuilt.
  Drop python2 support and switch to python3.
x/liberation-fonts-ttf-2.1.0-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-68.6.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.6.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2020-09/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
  (* Security fix *)
2020-03-11 08:59:49 +01:00
Patrick J Volkerding
1e4e145b9e Sun Mar 8 19:42:26 UTC 2020
d/bison-3.5.3-x86_64-1.txz:  Upgraded.
d/python-setuptools-45.3.0-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-3.36.0-noarch-1.txz:  Upgraded.
l/at-spi2-core-2.36.0-x86_64-1.txz:  Upgraded.
l/pygobject3-3.36.0-x86_64-1.txz:  Upgraded.
l/python-pygments-2.6.1-x86_64-1.txz:  Upgraded.
2020-03-09 08:59:49 +01:00
Patrick J Volkerding
8579ee8560 Sat Mar 7 20:25:36 UTC 2020
l/gobject-introspection-1.64.0-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.10_0-x86_64-1.txz:  Upgraded.
l/libical-3.0.8-x86_64-1.txz:  Upgraded.
l/librsvg-2.48.0-x86_64-1.txz:  Upgraded.
l/libsoup-2.70.0-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.51-x86_64-1.txz:  Upgraded.
xap/libnma-1.8.28-x86_64-1.txz:  Added.
  This is the NetworkManager GUI client library, which was previously
  provided by network-manager-applet. It's now a standalone project, and
  is required by network-manager-applet and other NetworkManager frontends.
xap/network-manager-applet-1.16.0-x86_64-1.txz:  Upgraded.
  This requires the new libnma package.
2020-03-08 08:59:49 +01:00
Patrick J Volkerding
c3c6055e70 Fri Mar 6 22:10:25 UTC 2020
a/cryptsetup-2.3.0-x86_64-2.txz:  Rebuilt.
  Include some additional documentation. Thanks to regdub.
a/sdparm-1.11-x86_64-1.txz:  Upgraded.
ap/moc-2.5.2-x86_64-6.txz:  Rebuilt.
  Fixed docs permissions. Thanks to regdub.
l/glib-networking-2.64.0-x86_64-1.txz:  Upgraded.
l/glib2-2.64.0-x86_64-1.txz:  Upgraded.
l/gvfs-1.44.0-x86_64-1.txz:  Upgraded.
l/libnl-1.1.4-x86_64-3.txz:  Rebuilt.
  Fixed docs permissions. Thanks to regdub.
l/tdb-1.4.3-x86_64-3.txz:  Rebuilt.
  Fixed docs permissions. Thanks to regdub.
l/tevent-0.10.2-x86_64-3.txz:  Rebuilt.
  Fixed docs permissions. Thanks to regdub.
n/bind-9.16.0-x86_64-3.txz:  Rebuilt.
  Applied upstream patch to fix a discrepancy in the quota code that can
  result in a situation where the count is not properly decremented in
  some cases.
n/dovecot-2.3.10-x86_64-1.txz:  Upgraded.
n/rp-pppoe-3.13-x86_64-2.txz:  Rebuilt.
  This needed a rebuild for ppp-2.4.8. Thanks to regdub.
x/libinput-1.15.3-x86_64-1.txz:  Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-1_pam.txz:  Upgraded.
2020-03-07 08:59:47 +01:00