l/system-config-printer-1.5.12-x86_64-1.txz: Upgraded.
n/sshfs-3.6.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.2/releasenotes/
a/aaa_terminfo-6.1_20191026-x86_64-1.txz: Upgraded.
a/cryptsetup-2.2.2-x86_64-1.txz: Upgraded.
a/lvm2-2.03.06-x86_64-1.txz: Upgraded.
d/Cython-0.29.14-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20191026-x86_64-1.txz: Upgraded.
Restore the --without-normal option to skip static libraries as used in 14.2.
Thanks to Richard Narron.
x/xterm-349-x86_64-2.txz: Rebuilt.
In /etc/app-defaults/XTerm, use terminus-medium instead of terminus-bold.
Thanks to igadoter.
a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218https://www.samba.org/samba/security/CVE-2019-14833.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833https://www.samba.org/samba/security/CVE-2019-14847.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/imagemagick-6.9.10_70-x86_64-1.txz: Upgraded.
x/libinput-1.14.3-x86_64-1.txz: Upgraded.
x/mkfontdir-1.0.7-noarch-2.txz: Removed.
The mkfontdir wrapper script and man page are provided by recent versions
of the mkfontscale package, making the mkfontdir package redundant.
Thanks to DarkVision.
x/mkfontscale-1.2.1-x86_64-2.txz: Rebuilt.
Moved the mkfontdir install script to this package since it includes the
mkfontdir wrapper script now.
xap/gimp-2.10.14-x86_64-1.txz: Upgraded.
l/pycairo-1.18.2-x86_64-1.txz: Upgraded.
x/libglvnd-1.2.0-x86_64-3.txz: Rebuilt.
It seems that Mesa now expects libglvnd to provide the header files, so this
has been rebuilt without --disable-headers. These headers remain missing on
the system after doing so: GL/gl_mangle.h, glx_mangle.h, and GLES3/gl3ext.h.
If anything still requires those headers, please let me know and we'll look
into what can be done about it. Thanks to TheRealGrogan for the heads-up.
ap/man-db-2.9.0-x86_64-1.txz: Upgraded.
d/ccache-3.7.5-x86_64-1.txz: Upgraded.
l/librsvg-2.46.3-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.0/releasenotes/
d/python-2.7.17-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Update vendorized expat library version to 2.2.8.
Disallow URL paths with embedded whitespace or control characters into the
underlying http client request. Such potentially malicious header injection
URLs now cause an httplib.InvalidURL exception to be raised.
Avoid file reading by disallowing ``local-file://`` and ``local_file://``
URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and
:meth:`urllib.URLopener.retrieve`.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
(* Security fix *)
n/proftpd-1.3.6b-x86_64-1.txz: Upgraded.
a/getty-ps-2.1.0b-x86_64-4.txz: Removed.
a/lha-114i-x86_64-2.txz: Removed.
Removed due to vague licensing terms.
a/lhasa-0.3.1-x86_64-1.txz: Added.
This is an extraction-only LHA utility with an OSI approved license.
a/shadow-4.7-x86_64-2.txz: Rebuilt.
Added /etc/environment.new to fix "sudo -i" noise.
ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2174-x86_64-1.txz: Upgraded.
l/netpbm-10.88.00-x86_64-1.txz: Upgraded.
n/ca-certificates-20191018-noarch-1.txz: Upgraded.
n/samba-4.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded.
xap/xfractint-20.04p13-x86_64-2.txz: Removed.
xap/xv-3.10a-x86_64-9.txz: Removed.
extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
Moved here from the A series due to commercial use restrictions.
extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded.
Moved here from the XAP series due to commercial use restrictions.
extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt.
Moved here from the XAP series due to non-commercial use shareware license.
ap/sudo-1.8.28p1-x86_64-1.txz: Upgraded.
This is a bugfix release:
A fix in sudo-1.8.28 caused "sudo -v" to prompt for a password when
"verifypw" is set to "all" (the default) and all of the user's sudoers
entries are marked with NOPASSWD.
l/xapian-core-1.4.13-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.1-x86_64-1.txz: Upgraded.
x/xf86-input-wacom-0.38.0-x86_64-1.txz: Upgraded.
ap/ghostscript-9.50-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-2.txz: Rebuilt.
Have the profile scripts just check for -x /etc/rc.d/rc.iceccd, since pgrep
with --ns $$ isn't working for non-root users. Thanks to Leopold E. Midha.
d/python-pip-19.3-x86_64-1.txz: Upgraded.
n/bluez-5.51-x86_64-2.txz: Rebuilt.
Fixed path to obexd in org.bluez.obex.service.
Thanks to Jean-Philippe Guillemin.
x/xf86-video-ati-19.1.0-x86_64-1.txz: Upgraded.
ap/sudo-1.8.28-x86_64-1.txz: Upgraded.
Fixed a bug where an sudo user may be able to run a command as root when
the Runas specification explicitly disallows root access as long as the
ALL keyword is listed first.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287
(* Security fix *)
a/pkgtools-15.0-noarch-26.txz: Rebuilt.
upgradepkg: add spaces to --dry-run package list. Thanks to Markus Wiesner.
l/aspell-0.60.8-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-9.txz: Rebuilt.
rc.inet1: Fix typos and spacing.
rc.inet2: Start rc.firewall first. This had been later in the script due to
the now unsupported idea of having /usr on NFS. Thanks to abga.
rc.inet2: If present and executable, start the Kerberos init scripts.
rc.inet2: Remove obsolete rpc.pcnfsd/rpc.bwnfsd section from the end.
n/proftpd-1.3.6a-x86_64-1.txz: Upgraded.
xap/pan-0.146-x86_64-1.txz: Upgraded.
ap/cups-filters-1.25.11-x86_64-1.txz: Upgraded.
x/libX11-1.6.9-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.1.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.1.2/releasenotes/
d/vala-0.46.3-x86_64-1.txz: Upgraded.
l/libsoup-2.68.2-x86_64-1.txz: Upgraded.
n/openssh-8.1p1-x86_64-1.txz: Upgraded.
ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
x/libXvMC-1.0.12-x86_64-3.txz: Rebuilt.
Reverted to the stock xvmc.pc since Mesa has been fixed to work with it.
x/libglvnd-1.2.0-x86_64-2.txz: Rebuilt.
x/mesa-19.2.1-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.24-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-24.txz: Rebuilt.
installpkg: support --no-overwrite option for upgradepkg's second install
pass. Don't use this option directly unless you have a good reason.
upgradepkg: call installpkg with --no-overwrite for the second install pass.
This cuts the drive writes for a package upgrade almost in half so we can
be kinder to SSDs.
ap/nano-4.5-x86_64-1.txz: Upgraded.
l/gmime-3.2.4-x86_64-1.txz: Upgraded.
l/gnu-efi-3.0.10-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.12-x86_64-1.txz: Upgraded.
testing/packages/rust-1.38.0-x86_64-2.txz: Rebuilt.
The package size here has been put on a tremendous diet.
Thanks to Andrew Clemons and Willy Sudiarto Raharjo for help with this.
Compile test results:
firefox-68.1.0esr: fail
firefox-69.0.2: pass
seamonkey-2.49.5: pass
thunderbird-68.1.1: fail
a/haveged-1.9.8-x86_64-1.txz: Upgraded.
ap/screen-4.7.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2108-x86_64-1.txz: Upgraded.
d/rust-1.37.0-x86_64-1.txz: Upgraded.
Reverting to rust-1.37.0 after verified reports that the newer Rust is
unable to compile Firefox or Thunderbird. There are some patches for this
appearing in the repos, but they are extensive changes that don't look like
they could be cherry-picked. Hey, at least this Rust version works and is
not bloated. :) Moving forward we'll be testing new versions of Rust to
make sure that they can compile the sources that we need Rust for before
merging them into the tree. Firefox has been verified to build here with
rust-1.37.0 and gcc/g++ from gcc-9.2.0 or clang/clang++ from llvm-9.0.0.
l/libcap-ng-0.7.10-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2108-x86_64-1.txz: Upgraded.
d/llvm-9.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to orbea for getting this working and cleaning up the build script.
d/vala-0.46.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_67-x86_64-1.txz: Upgraded.
Fixed --disable-opencl configure option. Thanks to Markus Wiesner for the
bug report and to upstream for the quick fix.
n/NetworkManager-1.20.4-x86_64-1.txz: Upgraded.
n/gnutls-3.6.10-x86_64-1.txz: Upgraded.
x/freeglut-3.2.1-x86_64-1.txz: Upgraded.
x/libglvnd-1.1.1-x86_64-2.txz: Upgraded.
Reverted to this version since I'm seeing some errors linking with Mesa
libraries with the newer one. Thanks to nobodino for the bug report.
x/mesa-19.2.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-9.0.0 and libglvnd-1.1.1.
x/xf86-video-vmware-13.3.0-x86_64-3.txz: Rebuilt.
Recompiled against llvm-9.0.0.
a/f2fs-tools-1.13.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
ap/rpm-4.15.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.38.0-x86_64-1.txz: Upgraded.
It seems that rust-1.38.0 builds fewer shared objects causing the package
size to bloat to almost double. I held this back overnight to compile some
modified builds to see if the old build behavior could be restored but
didn't have any luck, so I'll put this out as-is for now. Any help debloating
this package would be appreciated. Note that it also had to be bootstrapped
from the official binaries using LOCAL_BOOTSTRAP=NO. That's not all that
unusual for Rust, but perhaps that's another problem...
l/fribidi-1.0.7-x86_64-1.txz: Upgraded.
l/fuse3-3.7.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.1-x86_64-1.txz: Upgraded.
d/python-2.7.16-x86_64-3.txz: Rebuilt.
Rebuilt against glibc-2.30 to get rid of #define HAVE_STROPTS_H 1
in pyconfig.h. Thanks to ecd102.
d/python3-3.7.4-x86_64-2.txz: Rebuilt.
Rebuilt against glibc-2.30 to get rid of #define HAVE_STROPTS_H 1
in pyconfig.h. Thanks to ecd102.
n/openobex-1.7.2-x86_64-3.txz: Rebuilt.
Build/install extra openobex apps. Thanks to Dave Woodfall.
x/xf86-video-intel-20190724_6f4972d5-x86_64-1.txz: Upgraded.
extra/google-chrome/google-chrome.SlackBuild: Upgraded.
Patched the packaging script to handle either control.tar.gz or
control.tar.xz.
a/eudev-3.2.8-x86_64-2.txz: Rebuilt.
Blacklisted mlx_wdt in watchdog.conf. Thanks to Robby Workman.
l/libical-3.0.6-x86_64-1.txz: Upgraded.
n/rpcbind-1.2.5-x86_64-2.txz: Rebuilt.
Added patch from git master to fix a segfault.
Fixed application of the next patch.
Thanks to Robby Workman.
x/freeglut-3.2.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.7-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-13.txz: Rebuilt.
Add libargon2 and libgcc_s for cryptsetup LUKS2 support.
Add jfs (thanks to gus3 on LQ) and xfs (thanks to klipkyle on LQ) repair
tools to initrd if those filesystems are used.
Support PARTUUID in mkinitrd_command_generator.sh (thanks to luvr on LQ).
Fixes and enhancements to docs suggested on LQ.
Thanks to Robby Workman.
a/sysvinit-2.96-x86_64-1.txz: Upgraded.
ap/vim-8.1.2022-x86_64-1.txz: Upgraded.
d/bison-3.4.2-x86_64-1.txz: Upgraded.
d/ccache-3.7.4-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-1.txz: Upgraded.
d/meson-0.51.2-x86_64-2.txz: Rebuilt.
Fix meson configure crash. Thanks to orbea.
l/dbus-python-1.2.12-x86_64-1.txz: Upgraded.
l/pulseaudio-13.0-x86_64-1.txz: Upgraded.
l/python-certifi-2019.9.11-x86_64-1.txz: Upgraded.
x/libwacom-1.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2022-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-10.txz: Rebuilt.
Fix "include /etc/ld.so.conf.d/*.conf" repeats in /etc/ld.so.conf.
l/imagemagick-6.9.10_64-x86_64-1.txz: Upgraded.
l/seamonkey-solibs-2.49.5-x86_64-1.txz: Removed.
This package was included years ago to support a few things that needed
nss/nspr, but we've since included that in the mozilla-nss package.
Nothing should be using this anymore.
xap/seamonkey-2.49.5-x86_64-2.txz: Rebuilt.
Added additional options to more closely match the official build:
--enable-rust --enable-js-shell --enable-elf-hack --enable-release
--enable-calendar
Thanks to ljb643 for the bug report.
Removed /usr/lib{,64}/seamonkey from /etc/ld.so.conf.
l/dbus-python-1.2.10-x86_64-1.txz: Upgraded.
l/glib2-2.60.7-x86_64-1.txz: Upgraded.
l/librsvg-2.44.15-x86_64-1.txz: Upgraded.
l/pyparsing-2.4.2-x86_64-1.txz: Upgraded.
n/samba-4.10.8-x86_64-1.txz: Upgraded.
This update addresses a security issue:
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10197.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
(* Security fix *)
a/logrotate-3.15.1-x86_64-1.txz: Upgraded.
l/libnl3-3.5.0-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.1.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.1.0/releasenotes/
a/bash-5.0.011-x86_64-1.txz: Upgraded.
a/findutils-4.7.0-x86_64-1.txz: Upgraded.
ap/squashfs-tools-4.4-x86_64-1.txz: Upgraded.
n/irssi-1.2.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Use after free when receiving duplicate CAP found by Joseph Bisch.
For more information, see:
https://irssi.org/security/html/irssi_sa_2019_08https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15717
(* Security fix *)
x/libvdpau-1.3-x86_64-1.txz: Upgraded.
d/ccache-3.7.3-x86_64-1.txz: Upgraded.
l/libvisio-0.1.7-x86_64-1.txz: Upgraded.
n/bind-9.14.4-x86_64-2.txz: Rebuilt.
Updated to the latest named.root in the caching-example configs.
Thanks to 3rensho for the bug report.
n/s-nail-14.9.15-x86_64-1.txz: Upgraded.
n/whois-5.5.1-x86_64-1.txz: Upgraded.
xap/xlockmore-5.58-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.66-x86_64-1.txz: Upgraded.
ap/amp-0.7.6-x86_64-3.txz: Rebuilt.
Patched to clean up the code for a modern compiler and to not use overly
aggressive optimizations that can lead to crashes. Thanks to Labinnah.
d/doxygen-1.8.16-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.66-x86-1.txz: Upgraded.
d/scons-3.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.66-noarch-1.txz: Upgraded.
n/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.9-x86_64-1.txz: Upgraded.
x/libinput-1.14.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/mcelog-164-x86_64-1.txz: Upgraded.
a/os-prober-1.77-x86_64-3.txz: Rebuilt.
Fix cleanup() function. Thanks to USUARIONUEVO.
l/ffmpeg-4.2-x86_64-1.txz: Upgraded.
n/iw-5.3-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2-x86_64-1_alsa.txz: Upgraded.
testing/packages/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
This finally drops libnm-glib. I'm curious to hear how this will affect
various NM plugins before merging it into the main tree. Please test and
report any problems.
a/aaa_elflibs-15.0-x86_64-10.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6000.6, libgmodule-2.0.so.0.6000.6,
libgobject-2.0.so.0.6000.6, libgthread-2.0.so.0.6000.6,
liblber-2.4.so.2.10.11, libldap-2.4.so.2.10.11.
Added: libargon2.so.1, libjson-c.so.4.0.0.
a/cryptsetup-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Robby Workman.
a/efibootmgr-20190528_d9eb7f1-x86_64-1.txz: Upgraded.
Even though efibootmgr-17 will compile against efivar from git, it's probably
best to take this from git as well to keep things closely synced.
a/efivar-20190618_272b216-x86_64-1.txz: Upgraded.
Switch to git to fix "efibootmgr -v" failing with a parse error.
a/elilo-3.16-x86_64-10.txz: Rebuilt.
eliloconfig: If /boot/initrd.gz exists, install the generic kernel and initrd.
Otherwise, install the huge kernel.
a/lvm2-2.03.05-x86_64-1.txz: Upgraded.
Back to lvm2-2.03.x (cryptsetup needs it). Hopefully there's been enough time
for most of the bugs to have been ironed out.
l/argon2-20190702-x86_64-3.txz: Rebuilt.
Fix shared library permissions.
l/aspell-0.60.7-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_57-x86_64-1.txz: Upgraded.
l/python-docutils-0.15.1-x86_64-1.txz: Upgraded.
n/ipset-7.3-x86_64-1.txz: Upgraded.
xap/geeqie-1.5-x86_64-1.txz: Upgraded.
xfce/garcon-0.6.4-x86_64-1.txz: Upgraded.
xfce/thunar-volman-0.9.4-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.6-x86_64-1.txz: Upgraded.
a/aaa_elflibs-15.0-x86_64-9.txz: Rebuilt.
Upgraded: libbz2.so.1.0.8, libexpat.so.1.6.9, libglib-2.0.so.0.6000.5,
libgmodule-2.0.so.0.6000.5, libgobject-2.0.so.0.6000.5,
libgthread-2.0.so.0.6000.5, libidn2.so.0.3.6.
Removed: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1,
libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1.
Added: libpcre2-8.so.0.8.0, libpsl.so.5.3.2. These are needed by wget which
is used by slackpkg, so they should be in here. Thanks to OutSiderBR.
ap/lxc-2.0.11_fad08f383-x86_64-1.txz: Upgraded.
Updated from 2.0 git branch.
Ported init script updates from sysvinit-scripts.
d/ccache-3.7.2-x86_64-1.txz: Upgraded.
l/libsigc++-2.10.2-x86_64-1.txz: Upgraded.
n/curl-7.65.3-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fix a regression that caused the progress meter not to appear.
For more information, see:
https://curl.haxx.se/changes.html
n/iputils-20190709-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190717_bf13a71-noarch-1.txz: Upgraded.
ap/mpg123-1.25.11-x86_64-1.txz: Upgraded.
l/gvfs-1.40.2-x86_64-2.txz: Rebuilt.
daemon/meson.build: define gvfs_rpath for libgvfsdaemon.so
This fixes "libgvfscommon.so => not found" running ldd on libgvfsdaemon.so.
Thanks to Robby Workman.
n/bind-9.14.4-x86_64-1.txz: Upgraded.
x/libpciaccess-0.16-x86_64-1.txz: Upgraded.
x/xinput-1.6.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.0.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.0.1esr/releasenotes/
extra/pure-alsa-system/mpg123-1.25.11-x86_64-1_alsa.txz: Upgraded.
ap/moc-2.5.2-x86_64-5.txz: Rebuilt.
Patched and recompiled against ffmpeg-4.1.4. Thanks to Heinz Wiesinger.
ap/vim-8.1.1710-x86_64-1.txz: Upgraded.
d/cmake-3.15.0-x86_64-1.txz: Upgraded.
e/emacs-26.2-x86_64-2.txz: Rebuilt.
Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
bad signature from GNU ELPA for archive-contents.
Thanks to Stefan Monnier and Eric Lindblad.
kde/k3b-2.0.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/kfilemetadata-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/nepomuk-core-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/alsa-plugins-1.1.9-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/ffmpeg-4.1.4-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gegl-0.4.16-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gst-plugins-libav-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gvfs-1.40.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_54-x86_64-1.txz: Upgraded.
l/libvisual-plugins-0.4.0-x86_64-4.txz: Rebuilt.
Patched to fix a segmentation fault while loading plugin file.
Thanks to alienBOB.
l/libvpx-1.8.1-x86_64-1.txz: Upgraded.
n/curl-7.65.2-x86_64-1.txz: Upgraded.
xap/MPlayer-20190717-x86_64-1.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
xap/audacious-plugins-3.10.1-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
xap/vim-gvim-8.1.1710-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.9-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/MPlayer-20190717-x86_64-1_alsa.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-2_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-3_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/ffmpeg-4.1.4-x86_64-1_alsa.txz: Upgraded.
Shared library .so-version bump.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-5_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
a/bzip2-1.0.8-x86_64-1.txz: Upgraded.
Fixes security issues:
bzip2recover: Fix use after free issue with outFile.
Make sure nSelectors is not out of range.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
(* Security fix *)
a/kernel-generic-4.19.59-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.59-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.59-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.59-x86-1.txz: Upgraded.
k/kernel-source-4.19.59-noarch-1.txz: Upgraded.
l/libwebp-1.0.3-x86_64-1.txz: Upgraded.
n/dovecot-2.3.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.57-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.57-x86-1.txz: Upgraded.
k/kernel-source-4.19.57-noarch-1.txz: Upgraded.
l/Mako-1.0.13-x86_64-1.txz: Upgraded.
l/SDL2_image-2.0.5-x86_64-1.txz: Upgraded.
n/postfix-3.4.6-x86_64-1.txz: Upgraded.
xap/blueman-2.0.8-x86_64-2.txz: Rebuilt.
Reverted to blueman-2.0.8 as I'm also seeing connection issues here with
the newer version.
xap/xscreensaver-5.43-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1-x86_64-1.txz: Upgraded.
This doesn't seem to be working properly. Any patches are welcome.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/Cython-0.29.11-x86_64-1.txz: Upgraded.
t/texlive-2019.190626-x86_64-2.txz: Rebuilt.
Patched tabu.sty to fix compiling doxygen.
Thanks to Johannes Schoepfer and nobodino.
x/mesa-19.1.1-x86_64-2.txz: Rebuilt.
Don't build the swr Gallium driver on IA32 - it leads to an illegal
instruction startup crash with CPUs that lack AVX support.
Thanks to Jefferson and Johnson.
xfce/thunar-volman-0.9.3-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.5-x86_64-1.txz: Upgraded.
a/hwdata-0.325-noarch-1.txz: Upgraded.
ap/hplip-3.19.6-x86_64-1.txz: Upgraded.
n/irssi-1.2.1-x86_64-1.txz: Upgraded.
This update fixes a security issue: Use after free when sending SASL login
to the server found by ilbelkyr. May affect the stability of Irssi. SASL
logins may fail, especially during (manual and automated) reconnect.
For more information, see:
https://irssi.org/2019/06/29/irssi-1.2.1-1.1.3-1.0.8-released/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045
(* Security fix *)
xfce/Thunar-1.8.7-x86_64-1.txz: Upgraded.
ap/vim-8.1.1601-x86_64-1.txz: Upgraded.
Built with --disable-canberra. Thanks to Markus Wiesner.
l/harfbuzz-2.5.3-x86_64-1.txz: Upgraded.
n/nettle-3.5.1-x86_64-1.txz: Upgraded.
n/nftables-0.9.1-x86_64-1.txz: Upgraded.
t/texlive-2019.190626-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Johannes Schoepfer.
xap/blueman-2.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
xap/vim-gvim-8.1.1601-x86_64-1.txz: Upgraded.
l/giflib-5.2.1-x86_64-2.txz: Rebuilt.
Install obsolete utilities (if they were built).
If you'd like to see them continued, let upstream know.
l/libarchive-3.4.0-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
l/libzip-1.5.2-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
n/gnutls-3.6.8-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
n/nettle-3.5-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
x/xorg-server-1.20.5-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
x/xorg-server-xephyr-1.20.5-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
x/xorg-server-xnest-1.20.5-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
x/xorg-server-xvfb-1.20.5-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
extra/tigervnc/tigervnc-1.9.0-x86_64-2.txz: Rebuilt.
Recompiled against nettle-3.5.
x/libglvnd-1.1.1-x86_64-2.txz: Rebuilt.
Rebuilt with --sysconfdir=/etc/X11 as expected by the NVIDIA driver.
Thanks to LuckyCyborg.
x/vulkan-sdk-1.1.108.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190620_7ae3a09-noarch-1.txz: Upgraded.
l/cairo-1.16.0-x86_64-1.txz: Upgraded.
Reverted to previous cairo to fix Mozilla crashes.
x/igt-gpu-tools-1.24-x86_64-2.txz: Rebuilt.
Rebuilt against cairo-1.16.0.
l/cairo-1.17.2-x86_64-1.txz: Upgraded.
l/expat-2.2.7-x86_64-1.txz: Upgraded.
n/bind-9.14.3-x86_64-1.txz: Upgraded.
Fixed a race condition in dns_dispatch_getnext() that could cause an
assertion failure if a significant number of incoming packets were rejected.
For more information, see:
https://kb.isc.org/docs/cve-2019-6471https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471
(* Security fix *)
x/igt-gpu-tools-1.24-x86_64-1.txz: Upgraded.
x/xorgproto-2019.1-x86_64-1.txz: Upgraded.
xap/xlockmore-5.57-x86_64-1.txz: Upgraded.
a/less-550-x86_64-1.txz: Upgraded.
d/vala-0.44.4-x86_64-1.txz: Upgraded.
n/curl-7.65.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://curl.haxx.se/changes.html
xfce/xfdesktop-4.12.5-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1c-x86_64-1.txz: Upgraded.
l/libevent-2.1.10-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.16-x86_64-1.txz: Upgraded.
n/gnutls-3.6.8-x86_64-1.txz: Upgraded.
n/openssl-1.1.1c-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Prevent over long nonces in ChaCha20-Poly1305.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543
(* Security fix *)
a/gettext-0.20.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.46-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-6.txz: Rebuilt.
Patched to fix a format string error in the es locale that led to an
assertion failure when compiling the Linux kernel.
Thanks to USUARIONUEVO.
d/gcc-brig-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-6.txz: Rebuilt.
d/gettext-tools-0.20.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.46-x86-1.txz: Upgraded.
d/rust-1.35.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.46-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_terminfo-6.1_20190518-x86_64-1.txz: Upgraded.
ap/qpdf-8.4.2-x86_64-1.txz: Upgraded.
l/libidn2-2.2.0-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20190518-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.16.1-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.6-x86_64-1.txz: Upgraded.
This is a small bug fix release for rdesktop 1.8.5. An issue was discovered
soon after release where it was impossible to connect to some servers. This
issue has now been fixed, but otherwise this release is identical to 1.8.5.
xfce/Thunar-1.8.6-x86_64-1.txz: Upgraded.
xfce/thunar-volman-0.9.2-x86_64-1.txz: Upgraded.
a/file-5.37-x86_64-1.txz: Upgraded.
l/python-requests-2.22.0-x86_64-1.txz: Upgraded.
n/iputils-20190515-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.7.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.7.0/releasenotes/
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-4.19.42-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.42-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.42-x86_64-1.txz: Upgraded.
a/tcsh-6.21.00-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.42-x86-1.txz: Upgraded.
k/kernel-source-4.19.42-noarch-1.txz: Upgraded.
x/libglvnd-1.1.1-x86_64-1.txz: Added.
This is the GL Vendor-Neutral Dispatch library, which allows multiple
drivers from different vendors to coexist on the same machine. When
libglvnd is present, the NVIDIA driver will not overwrite any system
files. Note that this is known to work when installing the NVIDIA driver
using the .run installer. Other methods may require adjustment.
This library is now a dependency of Mesa.
Thanks to Heinz Wiesinger.
x/libinput-1.13.2-x86_64-1.txz: Upgraded.
x/mesa-19.0.4-x86_64-1.txz: Upgraded.
Compiled with --enable-libglvnd.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/hwdata-0.323-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.41-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.41-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.41-x86_64-1.txz: Upgraded.
a/usbutils-012-x86_64-1.txz: Upgraded.
ap/lsof-4.93.2-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-brig-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-4.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-4.txz: Rebuilt.
Add support for Objective-C++. Thanks to USUARIONUEVO.
d/kernel-headers-4.19.41-x86-1.txz: Upgraded.
d/python-pip-19.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.41-noarch-1.txz: Upgraded.
l/gegl-0.4.16-x86_64-1.txz: Upgraded.
l/vte-0.56.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.6.3esr-x86_64-1.txz: Upgraded.
This update provides further improvements to re-enable web extensions which
had been disabled for users with a master password set (Bug 1549249).
For more information, see:
https://www.mozilla.org/en-US/firefox/60.6.3/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/tmux-2.9a-x86_64-1.txz: Upgraded.
n/dovecot-2.3.6-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Submission-login crashed with signal 11 due to null pointer access when
authentication was aborted by disconnecting.
Submission-login crashed when authentication was started over TLS secured
channel and invalid authentication message was sent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499
(* Security fix *)
n/php-7.2.18-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue
Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
(* Security fix *)
xfce/exo-0.12.5-x86_64-1.txz: Upgraded.
ap/vim-8.1.1239-x86_64-1.txz: Upgraded.
l/python-urllib3-1.25.2-x86_64-1.txz: Upgraded.
xap/easytag-2.4.3-x86_64-2.txz: Rebuilt.
Upgraded (again) to easytag-2.4.3.
Reverted the upstream commit that was corrupting ogg and opus files.
In a new configuration, don't add freedb.musicbrainz.org as an automatic
CDDB server. Musicbrainz shut down this service permanently on March 18
and easytag breaks/hangs if it attempts to contact it. If your account
has already run easytag previously, you should go to Edit -> Preferences ->
CDDB and blank out the hostname field containing "freedb.musicbrainz.org".
xap/vim-gvim-8.1.1239-x86_64-1.txz: Upgraded.
ap/tmux-2.9-x86_64-1.txz: Upgraded.
d/python-pip-19.1-x86_64-1.txz: Upgraded.
d/rust-1.34.1-x86_64-1.txz: Upgraded.
d/subversion-1.12.0-x86_64-1.txz: Upgraded.
n/bind-9.14.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
The TCP client quota set using the tcp-clients option could be exceeded
in some cases. This could lead to exhaustion of file descriptors.
In certain configurations, named could crash with an assertion failure if
nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN
from the cache.
For more information, see:
https://kb.isc.org/docs/cve-2018-5743https://kb.isc.org/docs/cve-2019-6467https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467
(* Security fix *)
n/dhcpcd-7.2.1-x86_64-1.txz: Upgraded.
ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded.
ap/sysstat-12.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.40.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/icu4c-64.2-x86_64-1.txz: Upgraded.
l/libcddb-1.3.2-x86_64-6.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/libcdio-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/zstd-1.4.0-x86_64-1.txz: Upgraded.
n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Trying to login with 8bit username containing invalid UTF8 input causes
auth process to crash if auth policy is enabled. This could be used rather
easily to cause a DoS. Similar crash also happens during mail delivery
when using invalid UTF8 in From or Subject header when OX push
notification driver is used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691
(* Security fix *)
n/nghttp2-1.38.0-x86_64-1.txz: Upgraded.
n/openssh-8.0p1-x86_64-1.txz: Upgraded.
This release contains a mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
(* Security fix *)
xap/MPlayer-20190418-x86_64-1.txz: Upgraded.
Compiled against libcdio-2.1.0.
xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded.
Compiled against libcdio-2.1.0.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
ap/nano-4.1-x86_64-1.txz: Upgraded.
l/giflib-5.1.9-x86_64-2.txz: Rebuilt.
Restore GifQuantizeBuffer and other deprecated functions to the shared
library. Thanks to Skaendo.
l/glib2-2.60.1-x86_64-1.txz: Upgraded.
l/orc-0.4.29-x86_64-1.txz: Upgraded.
a/gawk-5.0.0-x86_64-1.txz: Upgraded.
ap/pamixer-1.4-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.70.0.
ap/vim-8.1.1157-x86_64-1.txz: Upgraded.
d/cmake-3.14.2-x86_64-1.txz: Upgraded.
e/emacs-26.2-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-30.txz: Rebuilt.
Recompiled against boost-1.70.0.
l/akonadi-1.13.0-x86_64-12.txz: Rebuilt.
Recompiled against boost-1.70.0.
l/boost-1.70.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Note: Boost now provides its own BoostConfig.cmake config file, and it may
not work with all existing code (here, calligra stumbled over it). At this
point it's not clear if the included cmake config files are buggy, or if
affected projects need to change something in order to use them, but there's
an easy workaround to use cmake's FindBoost.cmake (as was used previously).
Add this to the call to cmake from any affected project (if cmake fails with
an error: "No suitable build variant has been found."):
-DBoost_NO_BOOST_CMAKE=ON
n/libmbim-1.18.2-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-3.txz: Rebuilt.
rc.nfsd: don't try to create the nfsv4recoverydir - the build script will
determine the directory to use and include it in the package.
rc.nfsd: drop 2.4 kernel support, and use better code for mounting the nfsd
filesystem.
Thanks to shasta.
x/libwacom-0.33-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.1157-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded.
a/grub-2.02-x86_64-5.txz: Rebuilt.
Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded.
ap/itstool-2.0.6-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded.
l/libcroco-0.6.13-x86_64-1.txz: Upgraded.
l/libnotify-0.7.8-x86_64-1.txz: Upgraded.
n/cifs-utils-6.9-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt.
Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
World writable files in Samba AD DC private/ dir.
Save registry file outside share as unprivileged user.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
(* Security fix *)
x/libva-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.34-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.34-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.34-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.34-x86-1.txz: Upgraded.
k/kernel-source-4.19.34-noarch-1.txz: Upgraded.
SPEAKUP y -> m
SPEAKUP_SYNTH_ACNTPC y -> m
SPEAKUP_SYNTH_ACNTSA y -> m
SPEAKUP_SYNTH_APOLLO y -> m
SPEAKUP_SYNTH_AUDPTR y -> m
SPEAKUP_SYNTH_BNS y -> m
SPEAKUP_SYNTH_DECEXT y -> m
SPEAKUP_SYNTH_DECTLK y -> m
SPEAKUP_SYNTH_DTLK y -> m
SPEAKUP_SYNTH_DUMMY y -> m
SPEAKUP_SYNTH_KEYPC y -> m
SPEAKUP_SYNTH_LTLK y -> m
SPEAKUP_SYNTH_SOFT y -> m
SPEAKUP_SYNTH_SPKOUT y -> m
SPEAKUP_SYNTH_TXPRT y -> m
Thanks to Didier Spaier.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/vim-8.1.1119-x86_64-1.txz: Upgraded.
l/openjpeg-2.3.1-x86_64-1.txz: Upgraded.
Includes many bug fixes (including security fixes).
(* Security fix *)
n/links-2.19-x86_64-1.txz: Upgraded.
n/stunnel-5.51-x86_64-1.txz: Upgraded.
n/wget-1.20.3-x86_64-1.txz: Upgraded.
Fixed a buffer overflow vulnerability:
src/iri.c(do_conversion): Reallocate the output buffer to a larger
size if it is already full.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5953
(* Security fix *)
xap/vim-gvim-8.1.1119-x86_64-1.txz: Upgraded.
ap/ghostscript-9.27-x86_64-1.txz: Upgraded.
d/python-setuptools-40.9.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_37-x86_64-1.txz: Upgraded.
l/readline-8.0.000-x86_64-2.txz: Rebuilt.
Recompiled to link rlfe against the new libreadline. Thanks to Toutatis.
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded.
ap/hplip-3.19.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.32-x86-1.txz: Upgraded.
d/python3-3.7.3-x86_64-1.txz: Upgraded.
Fixed bugs and the following security issues:
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
characters that decompose under IDNA encoding (NFKC-normalization) into
characters that affect how the URL is parsed.
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The
cert parser did not handle CRL distribution points with empty DP or URI
correctly. A malicious or buggy certificate can result into segfault.
Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet
of Cisco.
bpo-35121: Don't send cookies of domain A without Domain attribute to
domain B when domain A is a suffix match of domain B while using a
cookiejar with http.cookiejar.DefaultCookiePolicy policy.
Patch by Karthikeyan Singaravelan.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
(* Security fix *)
d/scons-3.0.5-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.32-noarch-1.txz: Upgraded.
n/curl-7.64.1-x86_64-1.txz: Upgraded.
n/gnutls-3.6.7-x86_64-1.txz: Upgraded.
Fixes security issues:
libgnutls, gnutls tools: Every gnutls_free() will automatically set
the free'd pointer to NULL. This prevents possible use-after-free and
double free issues. Use-after-free will be turned into NULL dereference.
The counter-measure does not extend to applications using gnutls_free().
libgnutls: Fixed a memory corruption (double free) vulnerability in the
certificate verification API. Reported by Tavis Ormandy; addressed with
the change above. [GNUTLS-SA-2019-03-27, #694]
libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
libgnutls: enforce key usage limitations on certificates more actively.
Previously we would enforce it for TLS1.2 protocol, now we enforce it
even when TLS1.3 is negotiated, or on client certificates as well. When
an inappropriate for TLS1.3 certificate is seen on the credentials
structure GnuTLS will disable TLS1.3 support for that session (#690).
libgnutls: enforce the equality of the two signature parameters fields
in a certificate. We were already enforcing the signature algorithm,
but there was a bug in parameter checking code.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Saint Patrick was a gentleman
Who through strategy and stealth
Drove all the snakes from Ireland
Here's toasting to his health -
But not too many toastings
Lest you lose yourself, and then,
Forget the good Saint Patrick
And see all those snakes again.
a/eudev-3.2.7-x86_64-3.txz: Rebuilt.
Added tqmx86_wdt to watchdog.conf. Thanks to Robby Workman.
d/vala-0.44.1-x86_64-1.txz: Upgraded.
kde/ktorrent-4.3.1-x86_64-4.txz: Rebuilt.
Embed a copy of the GeoIP database since the download link no longer works.
l/glibmm-2.58.1-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.43-x86_64-1.txz: Upgraded.
x/imake-1.0.8-x86_64-1.txz: Upgraded.
x/libXdmcp-1.1.3-x86_64-1.txz: Upgraded.
x/libXext-1.3.4-x86_64-1.txz: Upgraded.
x/libXft-2.3.3-x86_64-1.txz: Upgraded.
x/libXmu-1.1.3-x86_64-1.txz: Upgraded.
x/libXrandr-1.5.2-x86_64-1.txz: Upgraded.
x/libXvMC-1.0.11-x86_64-1.txz: Upgraded.
x/libXxf86dga-1.1.5-x86_64-1.txz: Upgraded.
x/libxkbfile-1.1.0-x86_64-1.txz: Upgraded.
x/makedepend-1.0.6-x86_64-1.txz: Upgraded.
x/x11perf-1.6.1-x86_64-1.txz: Upgraded.
x/xf86-video-intel-20190301_6afed33b-x86_64-1.txz: Upgraded.
x/xf86-video-savage-20190128_8579718-x86_64-1.txz: Upgraded.
x/xf86-video-sis-20181217_22d3c79-x86_64-1.txz: Upgraded.
x/xtrans-1.4.0-noarch-1.txz: Upgraded.