l/imagemagick-7.1.0_16-x86_64-1.txz: Upgraded.
l/python-Jinja2-3.0.3-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-MarkupSafe-2.0.1-x86_64-1.txz: Added.
Added missing dependency of Mako.
l/python-PyYAML-6.0-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-doxypypy-0.8.8.6-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-doxyqml-0.5.1-x86_64-1.txz: Added.
Added missing dependency of kapidox.
l/python-pbr-5.8.0-x86_64-1.txz: Added.
Added missing dependency of python-pysol_cards.
extra/tigervnc/tigervnc-1.12.0-x86_64-2.txz: Rebuilt.
Use the upstream vncserver script, patched to search in some additional
locations for a startup script: $HOME/.vnc/xstartup, $HOME/.xinitrc, and
/etc/X11/xinit/xinitrc.
Add a symlink for vncserver in the old location (/usr/bin/vncserver).
Thanks to 0XBF.
ap/mariadb-10.5.13-x86_64-2.txz: Rebuilt.
Install /etc/security/user_map.conf as /etc/security/user_map.conf.new to
protect it from being overwritten by future upgrades.
Thanks to Markus Wiesner.
d/python3-3.9.9-x86_64-2.txz: Rebuilt.
Do not patch posix_user platlib to use $HOME/.local/lib64 on 64-bit - use
$HOME/.local/lib for all platforms. This avoids a warning from pip about the
install location not matching between distutils and sysconfig. Note that this
might require already installed modules to be moved from $HOME/.local/lib64
to $HOME/.local/lib (or they could be removed and then reinstalled).
At first this seemed to be a non-optimal solution for this issue, but other
distributions are taking this same approach and it appears that the
posix_user platlib setting has always been ignored until recently.
If this causes any unexpected issues, let me know.
Thanks to redneonglow and alijkl.
n/fetchmail-6.4.24-x86_64-1.txz: Upgraded.
d/python3-3.9.9-x86_64-1.txz: Upgraded.
This is a bugfix release, fixing four bugs in Python 3.9.8 (including an
argparse regression in Python 3.9.8 which caused complex command-line tools
to fail recognizing sub-commands properly). It also makes a couple of
corrections to the documentation.
For more information, see:
https://docs.python.org/release/3.9.9/whatsnew/changelog.html
l/libjpeg-turbo-2.1.2-x86_64-1.txz: Upgraded.
l/python-setuptools_scm-6.3.2-x86_64-1.txz: Added.
This is needed when building some Python modules to correctly parse their
metadata, as recently discovered with importlib_metadata and zipp. While
we'll stick to the version of Markdown that we've got, it seems like a good
idea to get this in before the release to help prevent people from running
into similar "version 0.0.0" issues with other Python modules.
Thanks to USUARIONUEVO.
l/python-tomli-1.2.2-x86_64-1.txz: Added.
This is needed by setuptools_scm. Also, the SlackBuild contains a nice
example of using a setup.py shim to setuptools for a Python module that
only contains pyproject.toml and not setup.py.
Thanks to Heinz Wiesinger.
l/qtkeychain-0.13.2-x86_64-1.txz: Upgraded.
n/libmbim-1.26.2-x86_64-1.txz: Upgraded.
n/libnftnl-1.2.1-x86_64-1.txz: Upgraded.
n/nftables-1.0.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.3.2/releasenotes/
extra/php8/php8-8.0.13-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
a/bash-5.1.012-x86_64-1.txz: Upgraded.
a/cryptsetup-2.4.2-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.3-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.3-x86_64-1.txz: Upgraded.
d/ccache-4.5.1-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.3-x86-1.txz: Upgraded.
k/kernel-source-5.15.3-noarch-1.txz: Upgraded.
kde/latte-dock-0.10.4-x86_64-1.txz: Upgraded.
n/php-7.4.26-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
XML: special character is breaking the path in xml function.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707
(* Security fix *)
x/ibus-1.5.25-x86_64-5.txz: Rebuilt.
Fixed paths in:
[PATCH] client/gtk3/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
xap/audacious-4.1-x86_64-3.txz: Rebuilt.
Removed the extra menu entry for the GTK+ version as this can just be
selected in the settings. Thanks to franzen.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Clearly we're going to have to trend more carefully for things to settle down,
so consider this RC2 and a much harder freeze. A test mass rebuild was done
here and there are no more "fails to build from source" remaining (thanks to
nobodino for some amazing and relentless testing).
a/exfatprogs-1.1.3-x86_64-1.txz: Upgraded.
ap/lxc-4.0.11-x86_64-3.txz: Rebuilt.
Added some additional packages to the lxc-slackware template:
bridge-utils, dbus, iptables, libnl3, libpcap.
Thanks to linux91 for the hints.
ap/qpdf-10.4.0-x86_64-1.txz: Upgraded.
l/python-docutils-0.17.1-x86_64-3.txz: Rebuilt.
Revert to this version for now since 0.18 isn't compatible with Sphinx.
Thanks to HQuest.
l/python-markdown-3.3.4-x86_64-3.txz: Rebuilt.
Reverted this to fix the Samba build. The newer versions of Markdown require
importlib_metadata and zipp, and adding these also fixes the build, but oddly
the installed PKG-INFO shows version 0.0.0, which I suspect is more breakage
going on with setuptools. I've tried rebuilding all other Python modules here
to see if a more general breakage had crept in somehow, but those are the
only two Python modules I've found that exhibit this issue, and I've found
other similar reports (but no fixes). Markdown-3.3.4 seems to be the safe bet
for now.
n/bind-9.16.23-x86_64-1.txz: Upgraded.
x/libdrm-2.4.107-x86_64-1.txz: Upgraded.
Reverted to 2.4.107 as 2.4.108 does not seem to be completely compatible with
xorg-server-1.20.13. Fixes xf86-video-vmware failing to build from source.
Thanks to nobodino.
ap/ksh93-1.0_7ea95b7-x86_64-1.txz: Upgraded.
Changed the fetch script to pull the 1.0 branch.
Packaged shcomp and man page and additional documentation.
Merged some other changes to the build script.
Thanks to Martijn Dekker (McDutchie).
ap/vim-8.2.3605-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_14-x86_64-1.txz: Upgraded.
l/python-markdown-3.3.5-x86_64-1.txz: Upgraded.
xap/seamonkey-2.53.10-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.10
(* Security fix *)
xap/vim-gvim-8.2.3605-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-4.txz: Rebuilt.
Fixed installation of the Tcl bindings. Thanks to Stuart Winter.
extra/tigervnc/tigervnc-1.12.0-x86_64-1.txz: Upgraded.
Thanks to alienBOB for the original build script, and to 0XBF and Linux From
Scratch for some useful hints on getting this back in shape.
a/kernel-firmware-20211115_f5d5195-noarch-1.txz: Upgraded.
d/git-2.34.0-x86_64-1.txz: Upgraded.
xap/gftp-2.8.0b-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.3.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.3.1/releasenotes/
xfce/xfce4-whiskermenu-plugin-2.6.2-x86_64-1.txz: Upgraded.
d/slacktrack-2.22-x86_64-1.txz: Upgraded.
Test makepkg's response to the package name as part of the pre-build
sanity checks. This catches malformed package names and extension types.
Thanks to Eduard Rozenberg for the suggestion.
Thanks to Stuart Winter.
kde/kstars-3.5.6-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.2-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.2-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.2-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-7.txz: Rebuilt.
rc.M: adjust the startup order to make sure a few services are running when
needed (such as MariaDB for dovecot and postfix). Thanks to Tshane.
ap/ksh93-20211112_d160abc-x86_64-1.txz: Upgraded.
Don't assume that /bin/sh mode is desired when ksh is run from su.
Thanks to McDutchie.
ap/lxc-4.0.11-x86_64-2.txz: Rebuilt.
Move the bash-completion symlinks to the system directory. Thanks to kaott.
d/kernel-headers-5.15.2-x86-1.txz: Upgraded.
k/kernel-source-5.15.2-noarch-1.txz: Upgraded.
l/pipewire-0.3.40-x86_64-1.txz: Upgraded.
n/s-nail-14.9.23-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/sdparm-1.12-x86_64-2.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
a/sysvinit-scripts-15.0-noarch-6.txz: Rebuilt.
rc.{6,S,M}: merged changes for compatibility with LXC containers.
a/udisks-1.0.5-x86_64-10.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
ap/lxc-4.0.11-x86_64-1.txz: Upgraded.
Requires libseccomp-2.5.3.
No more local versions of rc.{6,S,M,inet1}: the regular versions work now.
l/elfutils-0.186-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-11.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
l/libseccomp-2.5.3-x86_64-1.txz: Added.
This is needed by lxc-4.0.11. Thanks to Willy Sudiarto Raharjo.
l/sg3_utils-1.47-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/network-scripts-15.0-noarch-17.txz: Rebuilt.
Merged changes in rc.inet1 to make it compatible with LXC containers.
Patched netconfig to ensure the proper permissions on rc.networkmanager
when NetworkManager is not chosen.
x/ibus-1.5.25-x86_64-4.txz: Rebuilt.
[PATCH] client/gtk2/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
a/btrfs-progs-5.15-x86_64-1.txz: Upgraded.
a/hwdata-0.353-noarch-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.5.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.3.0esr-x86_64-2.txz: Rebuilt.
Rebuilt with rust-1.54.0, which seems to produce a stable Firefox package.
Looking at this page, it would seem that upstream is probably compiling
the official package with rust-1.54.0:
https://firefox-source-docs.mozilla.org/writing-rust-code/update-policy.html
Normally I'd be inclined to drop back on the version of Rust in the main
tree, but rust-1.56.1 fixes a security issue (one that doesn't affect any
crates used by Firefox), so that doesn't seem to be a good idea.
d/meson-0.59.3-x86_64-1.txz: Upgraded.
Reverted to a version that works better for us. Thanks to nobodino.
l/imagemagick-7.1.0_13-x86_64-1.txz: Upgraded.
l/pcre2-10.39-x86_64-1.txz: Upgraded.
l/sip-4.19.25-x86_64-4.txz: Rebuilt.
Fixed missing sip.h.
n/getmail-6.18.5-x86_64-1.txz: Upgraded.
a/kernel-generic-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.15-x86_64-1.txz: Upgraded.
d/cmake-3.21.4-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.15-x86-1.txz: Upgraded.
k/kernel-source-5.14.15-noarch-1.txz: Upgraded.
We're going to go ahead and take both of those changes that were considered
in /testing. GazL almost had me talked out of the autogroup change, but it's
easy to disable if traditional "nice" behavior is important to someone.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
SCHED_AUTOGROUP n -> y
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
kde/plasma-desktop-5.23.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_12-x86_64-1.txz: Upgraded.
l/librsvg-2.52.3-x86_64-1.txz: Upgraded.
n/bind-9.16.22-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issue:
The "lame-ttl" option is now forcibly set to 0. This effectively disables
the lame server cache, as it could previously be abused by an attacker to
significantly degrade resolver performance.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
(* Security fix *)
n/c-ares-1.18.1-x86_64-1.txz: Upgraded.
n/samba-4.15.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/slackpkg-15.0.8-noarch-1.txz: Upgraded.
Author: piterpunk <piterpunk@slackware.com>
To make it easier to do an unattended slackpkg update/upgrade process,
this commit provides different exit codes for many situations:
0 Successful slackpkg execution.
1 Something wrong happened.
20 No package found to be downloaded, installed, reinstalled,
upgraded, or removed.
50 Slackpkg itself was upgraded and you need to re-run it.
100 There are pending updates.
Code and the main manpage are updated accordingly.
In addition, this commit also:
- removes the ChangeLog.txt in doinst.sh, so the needed
'slackpkg update' after Slackpkg upgrade won't say it's all OK
and doesn't need to redo the package lists
- removes AUTHORS from manpage. Nowadays there is code from many
people in Slackpkg and it seems a bit unfair to have only my and
Evaldo's name listed there.
Signed-off-by: Robby Workman <rworkman@slackware.com>
d/meson-0.60.0-x86_64-1.txz: Upgraded.
l/ffmpeg-4.4.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_11-x86_64-1.txz: Upgraded.
l/libcap-2.60-x86_64-1.txz: Upgraded.
l/libsoup-2.74.1-x86_64-1.txz: Upgraded.
l/sip-4.19.25-x86_64-3.txz: Rebuilt.
Drop the Qt4 modules. Thanks to gmgf.
n/dhcpcd-9.4.1-x86_64-1.txz: Upgraded.
testing/packages/linux-5.14.x/kernel-generic-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-headers-5.14.14-x86-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-huge-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-modules-5.14.14-x86_64-3.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-source-5.14.14-noarch-3.txz: Rebuilt.
Let's enable SCHED_AUTOGROUP, which should improve desktop latency under a
heavy CPU load while being mostly inert on servers. It may be disabled at
boot time with a "noautogroup" kernel parameter, or at runtime like this:
echo 0 > /proc/sys/kernel/sched_autogroup_enabled
Thanks to gbschenkel.
SCHED_AUTOGROUP n -> y
a/aaa_terminfo-6.3-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2021e-noarch-1.txz: Upgraded.
ap/itstool-2.0.7-x86_64-2.txz: Rebuilt.
Rebuilt with PYTHON=/usr/bin/python3. Thanks to USUARIONUEVO.
ap/mpg123-1.29.2-x86_64-1.txz: Upgraded.
d/meson-0.59.3-x86_64-1.txz: Upgraded.
d/parallel-20211022-noarch-1.txz: Upgraded.
d/python-pip-21.3.1-x86_64-1.txz: Upgraded.
d/python-setuptools-58.3.0-x86_64-1.txz: Upgraded.
l/exiv2-0.27.5-x86_64-1.txz: Upgraded.
l/ncurses-6.3-x86_64-1.txz: Upgraded.
n/php-7.4.25-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
xap/mozilla-thunderbird-91.2.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.2.1/releasenotes/
testing/packages/linux-5.14.x/kernel-generic-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-headers-5.14.14-x86-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-huge-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-modules-5.14.14-x86_64-2.txz: Rebuilt.
testing/packages/linux-5.14.x/kernel-source-5.14.14-noarch-2.txz: Rebuilt.
These kernels enable CONFIG_PREEMPT=y and CONFIG_PREEMPT_DYNAMIC=y allowing
the kernel preemption model to be specified on the kernel command line
with one of these options: preempt=none, preempt=voluntary, and preempt=full.
Since there is no .config option to set a default, and the default in the
kernel sources is "full" (which is probably not a good default), the
kernel-source.SlackBuild has been modified to add support for an environment
variable CONFIG_PREEMPT_DEFAULT_MODE which can be set to none, voluntary, or
full to set the default kernel preemption model when a command line option
is not provided. These kernels have been built with a preemption model of
"none" (presumably the safest choice which will behave like the kernels we
have shipped before.) The runtime overhead on 64-bit should be negligible.
On 32-bit we lack support for HAVE_STATIC_CALL_INLINE, so spinlocks and
mutexes will have to be approached through a trampoline, adding a very small
amount of overhead. I feel this is probably worth it in order to have the
option to run a kernel with voluntary or full preemption, especially for
gaming or desktop purposes. The reduction in input lag with these modes is
actually quite noticable.
To check the current preemption model, you may use debugfs:
mount -t debugfs none /sys/kernel/debug
cat /sys/kernel/debug/sched/preempt
(none) voluntary full
You may change to a different preemption model on the fly once debugfs is
mounted:
echo voluntary > /sys/kernel/debug/sched/preempt
cat /sys/kernel/debug/sched/preempt
none (voluntary) full
Thanks to Daedra.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
a/lvm2-2.03.13-x86_64-1.txz: Upgraded.
Reverted to working version.
d/rust-1.56.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.39-x86_64-1.txz: Upgraded.
n/krb5-1.19.2-x86_64-2.txz: Rebuilt.
[PATCH] Fix KDC null deref on TGS inner body null server.
This fixes an issue where an authenticated attacker can cause a denial of
service in the KDC by sending a FAST TGS request with no server field.
Thanks to nobodino.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
(* Security fix *)
x/ibus-m17n-1.4.8-x86_64-1.txz: Upgraded.
x/libinput-1.19.2-x86_64-1.txz: Upgraded.
xap/freerdp-2.4.1-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Improper client input validation for gateway connections allows to overwrite
memory.
Improper region checks in all clients allow out of bound write to memory.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
(* Security fix *)
xap/gftp-2.7.1b-x86_64-1.txz: Upgraded.
extra/php8/php8-8.0.12-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
ap/htop-3.1.1-x86_64-1.txz: Upgraded.
d/automake-1.16.2-noarch-4.txz: Rebuilt.
The GNU toolchain is making it increasingly impossible to use our usual
"${ARCH}-slackware-linux" host, erroring out with a host mismatch on at
least GTK+2. So, we'll drop back to this version of automake for now,
with a fix applied for detecting Python 3.10. More than likely we'll be
changing the host to "${ARCH}-slackware-linux-gnu" to satisfy upstream,
but that will have to wait for the next devel cycle.
d/llvm-13.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.55.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/kdevelop-5.6.2-x86_64-6.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/plasma-workspace-5.23.0-x86_64-2.txz: Rebuilt.
Applied upstream patch:
[PATCH] sddm-theme: fix missing password field on "Other" page.
Thanks to USUARIONUEVO and LuckyCyborg.
l/libclc-13.0.0-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
l/python-pillow-8.4.0-x86_64-1.txz: Upgraded.
l/qt5-5.15.3_20211013_5c7c3af5-x86_64-1.txz: Upgraded.
Upgraded to latest git (might as well) and compiled against llvm-13.0.0.
l/spirv-llvm-translator-20210920_098034ea-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
x/mesa-21.2.4-x86_64-1.txz: Upgraded.
Compiled against llvm-13.0.0.
xap/pidgin-2.14.8-x86_64-1.txz: Upgraded.
a/kernel-firmware-20211012_b563148-noarch-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-26.txz: Rebuilt.
Don't include 40-usb_modeswitch.rules on the initrd. Thanks to LuckyCyborg.
d/scons-4.2.0-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.7-x86_64-1.txz: Upgraded.
xfce/mousepad-0.5.7-x86_64-2.txz: Rebuilt.
Added plugins directory. Thanks to Roman Dyaba.
d/python-pip-21.3-x86_64-1.txz: Upgraded.
l/aspell-en-2020.12.07_0-x86_64-1.txz: Upgraded.
l/boost-1.77.0-x86_64-2.txz: Rebuilt.
Recompiled against python-3.10. Thanks to nobodino and ctrlaltca.
l/qt5-5.15.3_20211006_0243418f-x86_64-1.txz: Upgraded.
Updated from the repo to get a few Wayland related fixes.
n/gnutls-3.7.2-x86_64-1.txz: Upgraded.
n/httpd-2.4.51-x86_64-1.txz: Upgraded.
SECURITY: CVE-2021-42013: Path Traversal and Remote Code
Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete
fix of CVE-2021-41773) (cve.mitre.org)
It was found that the fix for CVE-2021-41773 in Apache HTTP
Server 2.4.50 was insufficient. An attacker could use a path
traversal attack to map URLs to files outside the directories
configured by Alias-like directives.
If files outside of these directories are not protected by the
usual default configuration "require all denied", these requests
can succeed. If CGI scripts are also enabled for these aliased
pathes, this could allow for remote code execution.
This issue only affects Apache 2.4.49 and Apache 2.4.50 and not
earlier versions.
Credits: Reported by Juan Escobar from Dreamlab Technologies,
Fernando MuA+-oz from NULL Life CTF Team, and Shungo Kumasaka
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
(* Security fix *)
a/util-linux-2.37.2-x86_64-3.txz: Rebuilt.
Removed broken /usr/bin/raw symlink. Thanks to marav.
d/gdb-11.1-x86_64-2.txz: Rebuilt.
Don't ship .la files.
d/vala-0.54.2-x86_64-1.txz: Upgraded.
kde/artikulate-21.08.1-x86_64-3.txz: Rebuilt.
Fixed broken COPYING{,.DOC} symlinks. Thanks to marav.
kde/kservice-5.86.0-x86_64-4.txz: Rebuilt.
In /etc/profile.d/kde.{csh,sh}:
Fixed test for kf5 directory. Thanks to LuckyCyborg.
Make adding /etc/kde/xdg to $XDG_CONFIG_DIRS conditional on the existence
of that directory.
l/imagemagick-7.1.0_9-x86_64-1.txz: Upgraded.
n/bind-9.16.21-x86_64-4.txz: Rebuilt.
Removed broken symlink. Thanks to marav.
n/httpd-2.4.50-x86_64-1.txz: Upgraded.
x/cldr-emoji-annotation-37.0_13.0_0_2-noarch-4.txz: Rebuilt.
Fixed broken COPYING symlink. Thanks to marav.
xap/x3270-4.0ga14-x86_64-2.txz: Rebuilt.
Fixed symlinks in html directory. Thanks to marav.
d/python-setuptools-58.2.0-x86_64-1.txz: Upgraded.
kde/kservice-5.86.0-x86_64-3.txz: Rebuilt.
Fix paths in kde.{csh,sh}. Thanks to marco70.
Since kdesu and kxmlgui are looking in /usr/lib${LIBDIRSUFFIX}/kf5 for
some reason, let's just link that location to libexec/kf5 to make things
work again. Also, I'm not sure why these things are in this particular
package, but I guess they had to go somewhere.
l/python-cffi-1.14.6-x86_64-1.txz: Added.
This is needed by hexchat-2.16.0.
l/python-pycparser-2.20-x86_64-1.txz: Added.
This is needed by hexchat-2.16.0.
l/vte-0.66.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.16.0-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.1.5-noarch-1.txz: Upgraded.
x/libva-utils-2.13.0-x86_64-1.txz: Upgraded.
x/noto-fonts-ttf-20171024-noarch-4.txz: Rebuilt.
Package NotoSansCoptic-Regular.ttf and a few other unhinted fonts.
Thanks to Roman Dyaba.
xfce/Greybird-3.22.15-noarch-1.txz: Upgraded.