Patrick J Volkerding
|
ff3b814028
|
Thu Dec 19 23:02:54 UTC 2019
d/cmake-3.16.2-x86_64-1.txz: Upgraded.
d/rust-1.40.0-x86_64-1.txz: Upgraded.
Package debloating patches are no longer needed.
No build regressions noted with Firefox, Seamonkey, or Thunderbird.
l/glib2-2.62.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_9-x86_64-1.txz: Upgraded.
l/wavpack-5.2.0-x86_64-1.txz: Upgraded.
Fixed denial-of-service and other potential security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6767
(* Security fix *)
n/bind-9.14.9-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fixed a bug that caused named to leak memory on reconfiguration when
any GeoIP2 database was in use. [GL #1445]
Fixed several possible race conditions discovered by Thread Sanitizer.
n/mutt-1.13.2-x86_64-1.txz: Upgraded.
n/php-7.4.1-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Bcmath: Buffer underflow in bc_shift_addsub.
Core: link() silently truncates after a null byte on Windows.
Core: DirectoryIterator class silently truncates after a null byte.
Core: mail() may release string with refcount==1 twice.
EXIF: Use-after-free in exif parsing under memory sanitizer.
EXIF: Heap-buffer-overflow READ in exif.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11049
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
(* Security fix *)
x/intel-vaapi-driver-2.4.0-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.126.0-x86_64-2.txz: Rebuilt.
Install SPIRV headers in two places to fix building shaderc.
Thanks to orbea.
xfce/exo-0.12.11-x86_64-1.txz: Upgraded.
|
2019-12-20 08:59:50 +01:00 |
|