a/aaa_elflibs-15.0-x86_64-22.txz: Rebuilt.
Upgraded: libcap.so.2.33, libncurses.so.6.2, libncursesw.so.6.2,
libpcre.so.1.2.12, libpcreposix.so.0.0.7, libtinfo.so.6.2, libform.so.6.2,
libformw.so.6.2, libglib-2.0.so.0.6400.1, libgmodule-2.0.so.0.6400.1,
libgobject-2.0.so.0.6400.1, libgthread-2.0.so.0.6400.1,
liblber-2.4.so.2.10.12, libldap-2.4.so.2.10.12, libmenu.so.6.2,
libmenuw.so.6.2, libpanel.so.6.2, libpanelw.so.6.2, libstdc++.so.6.0.28.
a/xfsprogs-5.5.0-x86_64-1.txz: Upgraded.
ap/sudo-1.8.31p1-x86_64-1.txz: Upgraded.
This is a bugfix release:
Sudo once again ignores a failure to restore the RLIMIT_CORE resource limit,
as it did prior to version 1.8.29. Linux containers don't allow RLIMIT_CORE
to be set back to RLIM_INFINITY if we set the limit to zero, even for root,
which resulted in a warning from sudo.
d/help2man-1.47.13-x86_64-1.txz: Upgraded.
d/perl-5.30.2-x86_64-1.txz: Upgraded.
Also upgraded to Devel-CheckLib-1.14, DBI-1.643, and IO-Socket-SSL-2.067.
n/ModemManager-1.12.8-x86_64-1.txz: Upgraded.
n/bluez-5.54-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.2.131.2-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.64.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_0-x86_64-1.txz: Upgraded.
l/libical-3.0.8-x86_64-1.txz: Upgraded.
l/librsvg-2.48.0-x86_64-1.txz: Upgraded.
l/libsoup-2.70.0-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.51-x86_64-1.txz: Upgraded.
xap/libnma-1.8.28-x86_64-1.txz: Added.
This is the NetworkManager GUI client library, which was previously
provided by network-manager-applet. It's now a standalone project, and
is required by network-manager-applet and other NetworkManager frontends.
xap/network-manager-applet-1.16.0-x86_64-1.txz: Upgraded.
This requires the new libnma package.
a/cryptsetup-2.3.0-x86_64-2.txz: Rebuilt.
Include some additional documentation. Thanks to regdub.
a/sdparm-1.11-x86_64-1.txz: Upgraded.
ap/moc-2.5.2-x86_64-6.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/glib-networking-2.64.0-x86_64-1.txz: Upgraded.
l/glib2-2.64.0-x86_64-1.txz: Upgraded.
l/gvfs-1.44.0-x86_64-1.txz: Upgraded.
l/libnl-1.1.4-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tdb-1.4.3-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tevent-0.10.2-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
n/bind-9.16.0-x86_64-3.txz: Rebuilt.
Applied upstream patch to fix a discrepancy in the quota code that can
result in a situation where the count is not properly decremented in
some cases.
n/dovecot-2.3.10-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.13-x86_64-2.txz: Rebuilt.
This needed a rebuild for ppp-2.4.8. Thanks to regdub.
x/libinput-1.15.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-1_pam.txz: Upgraded.
a/sdparm-1.10-x86_64-3.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
a/udisks-1.0.5-x86_64-5.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
d/cmake-3.16.5-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-6.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
n/curl-7.69.0-x86_64-1.txz: Upgraded.
n/cyrus-sasl-2.1.27-x86_64-3.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
n/ntp-4.2.8p14-x86_64-1.txz: Upgraded.
n/ppp-2.4.8-x86_64-1.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-3_pam.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
testing/packages/PAM/ppp-2.4.8-x86_64-1_pam.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
a/dialog-1.3_20200228-x86_64-1.txz: Upgraded.
l/Mako-1.1.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_27-x86_64-1.txz: Upgraded.
l/libcap-2.33-x86_64-1.txz: Upgraded.
n/bind-9.16.0-x86_64-2.txz: Rebuilt.
rc.bind: ensure /var/run/named exists before starting named. Thanks to MarcT.
rc.bind: when stopping named, only kill processes in the current namespace.
x/libevdev-1.9.0-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.20-noarch-1.txz: Upgraded.
xap/seamonkey-2.53.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.1
(* Security fix *)
testing/packages/PAM/libcap-2.33-x86_64-1_pam.txz: Upgraded.
a/ed-1.16-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.14-x86_64-3.txz: Rebuilt.
Rebuilt to add wayland backend.
l/libuv-1.34.2-x86_64-1.txz: Added.
This is needed by bind-9.16.0.
l/qt5-5.13.2-x86_64-2.txz: Rebuilt.
Rebuilt to add wayland support.
Use the system ffmpeg, not the bundled one.
n/bind-9.16.0-x86_64-1.txz: Upgraded.
rc.bind: don't change file ownerships in /var/named. Thanks to voegelas.
n/proftpd-1.3.6c-x86_64-1.txz: Upgraded.
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *)
x/libinput-1.15.2-x86_64-1.txz: Upgraded.
x/xkbcomp-1.4.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/proftpd-1.3.6c-x86_64-1_pam.txz: Upgraded.
No CVEs assigned, but this sure looks like a security issue:
Use-after-free vulnerability in memory pools during data transfer.
(* Security fix *)
a/gptfdisk-1.0.5-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200219_2277987-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.21-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-5.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-4.txz: Rebuilt.
ap/cdparanoia-III_10.2-x86_64-3.txz: Rebuilt.
Moved man page from /usr/man/jp/man1/ to /usr/man/ja/man1/. Thanks to Xsane.
Don't ship the static libraries.
d/kernel-headers-5.4.21-x86-1.txz: Upgraded.
k/kernel-source-5.4.21-noarch-1.txz: Upgraded.
SND_SOC n -> m
SPI n -> y
VFIO_PCI_VGA n -> y
+ADE7854_SPI m
+ADT7316_SPI m
+BMC150_ACCEL_SPI m
+BMG160_SPI m
+BMP280_SPI m
+FXAS21002C_SPI m
+HTS221_SPI m
+IIO_ST_ACCEL_SPI_3AXIS m
+IIO_ST_GYRO_SPI_3AXIS m
+IIO_ST_MAGN_SPI_3AXIS m
+IIO_ST_PRESS_SPI m
+IIO_ST_SENSORS_SPI m
+INPUT_AD714X_SPI m
+INPUT_ADXL34X_SPI m
+KXSD9_SPI m
+REGMAP_SPI m
+SND_COMPRESS_OFFLOAD m
+SND_DESIGNWARE_I2S m
+SND_DESIGNWARE_PCM y
+SND_DMAENGINE_PCM m
+SND_HDA_EXT_CORE m
+SND_I2S_HI6210_I2S m
+SND_PCM_ELD y
+SND_PCM_IEC958 y
+SND_SIMPLE_CARD m
+SND_SIMPLE_CARD_UTILS m
+SND_SOC_AC97_BUS y
+SND_SOC_AC97_CODEC m
+SND_SOC_ACPI m
+SND_SOC_ACPI_INTEL_MATCH m
+SND_SOC_ADAU1761 m
+SND_SOC_ADAU1761_I2C m
+SND_SOC_ADAU1761_SPI m
+SND_SOC_ADAU17X1 m
+SND_SOC_ADAU7002 m
+SND_SOC_ADAU_UTILS m
+SND_SOC_AMD_ACP m
+SND_SOC_AMD_ACP3x m
+SND_SOC_AMD_CZ_DA7219MX98357_MACH m
+SND_SOC_AMD_CZ_RT5645_MACH m
+SND_SOC_BD28623 m
+SND_SOC_COMPRESS y
+SND_SOC_CROS_EC_CODEC m
+SND_SOC_CS35L34 m
+SND_SOC_CS35L35 m
+SND_SOC_CS35L36 m
+SND_SOC_CS42L42 m
+SND_SOC_CS43130 m
+SND_SOC_CX2072X m
+SND_SOC_DA7213 m
+SND_SOC_DA7219 m
+SND_SOC_DMIC m
+SND_SOC_ES7134 m
+SND_SOC_ES7241 m
+SND_SOC_ES8316 m
+SND_SOC_ES8328 m
+SND_SOC_ES8328_I2C m
+SND_SOC_ES8328_SPI m
+SND_SOC_GENERIC_DMAENGINE_PCM y
+SND_SOC_HDAC_HDA m
+SND_SOC_HDAC_HDMI m
+SND_SOC_HDMI_CODEC m
+SND_SOC_I2C_AND_SPI m
+SND_SOC_INTEL_APL m
+SND_SOC_INTEL_BDW_RT5677_MACH m
+SND_SOC_INTEL_BROADWELL_MACH m
+SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_BXT_RT298_MACH m
+SND_SOC_INTEL_BYTCR_RT5640_MACH m
+SND_SOC_INTEL_BYTCR_RT5651_MACH m
+SND_SOC_INTEL_BYT_CHT_CX2072X_MACH m
+SND_SOC_INTEL_BYT_CHT_DA7213_MACH m
+SND_SOC_INTEL_BYT_CHT_ES8316_MACH m
+SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH m
+SND_SOC_INTEL_CFL m
+SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH m
+SND_SOC_INTEL_CHT_BSW_NAU8824_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5645_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5672_MACH m
+SND_SOC_INTEL_CML_H m
+SND_SOC_INTEL_CML_LP m
+SND_SOC_INTEL_CNL m
+SND_SOC_INTEL_DA7219_MAX98357A_GENERIC m
+SND_SOC_INTEL_GLK m
+SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH m
+SND_SOC_INTEL_HASWELL m
+SND_SOC_INTEL_HASWELL_MACH m
+SND_SOC_INTEL_KBL m
+SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_KBL_DA7219_MAX98927_MACH m
+SND_SOC_INTEL_KBL_RT5660_MACH m
+SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH m
+SND_SOC_INTEL_MACH y
+SND_SOC_INTEL_SKL m
+SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH m
+SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH m
+SND_SOC_INTEL_SKL_RT286_MACH m
+SND_SOC_INTEL_SKYLAKE m
+SND_SOC_INTEL_SKYLAKE_COMMON m
+SND_SOC_INTEL_SKYLAKE_FAMILY m
+SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC y
+SND_SOC_INTEL_SKYLAKE_SSP_CLK m
+SND_SOC_INTEL_SST m
+SND_SOC_INTEL_SST_ACPI m
+SND_SOC_INTEL_SST_FIRMWARE m
+SND_SOC_INTEL_SST_TOPLEVEL y
+SND_SOC_MAX9759 m
+SND_SOC_MAX98088 m
+SND_SOC_MAX98090 m
+SND_SOC_MAX98357A m
+SND_SOC_MAX98373 m
+SND_SOC_MAX9867 m
+SND_SOC_MAX98927 m
+SND_SOC_NAU8540 m
+SND_SOC_NAU8824 m
+SND_SOC_NAU8825 m
+SND_SOC_PCM1789 m
+SND_SOC_PCM1789_I2C m
+SND_SOC_PCM186X m
+SND_SOC_PCM186X_I2C m
+SND_SOC_PCM186X_SPI m
+SND_SOC_PCM3060 m
+SND_SOC_PCM3060_I2C m
+SND_SOC_PCM3060_SPI m
+SND_SOC_RL6231 m
+SND_SOC_RL6347A m
+SND_SOC_RT286 m
+SND_SOC_RT298 m
+SND_SOC_RT5640 m
+SND_SOC_RT5645 m
+SND_SOC_RT5651 m
+SND_SOC_RT5660 m
+SND_SOC_RT5663 m
+SND_SOC_RT5670 m
+SND_SOC_RT5677 m
+SND_SOC_RT5677_SPI m
+SND_SOC_RT5682 m
+SND_SOC_SIGMADSP m
+SND_SOC_SIGMADSP_REGMAP m
+SND_SOC_SIMPLE_AMPLIFIER m
+SND_SOC_SOF m
+SND_SOC_SOF_ACPI m
+SND_SOC_SOF_APOLLOLAKE m
+SND_SOC_SOF_APOLLOLAKE_SUPPORT y
+SND_SOC_SOF_BAYTRAIL m
+SND_SOC_SOF_BAYTRAIL_SUPPORT y
+SND_SOC_SOF_CANNONLAKE m
+SND_SOC_SOF_CANNONLAKE_SUPPORT y
+SND_SOC_SOF_COFFEELAKE m
+SND_SOC_SOF_COFFEELAKE_SUPPORT y
+SND_SOC_SOF_COMETLAKE_H m
+SND_SOC_SOF_COMETLAKE_H_SUPPORT y
+SND_SOC_SOF_COMETLAKE_LP m
+SND_SOC_SOF_COMETLAKE_LP_SUPPORT y
+SND_SOC_SOF_ELKHARTLAKE m
+SND_SOC_SOF_ELKHARTLAKE_SUPPORT y
+SND_SOC_SOF_GEMINILAKE m
+SND_SOC_SOF_GEMINILAKE_SUPPORT y
+SND_SOC_SOF_HDA m
+SND_SOC_SOF_HDA_AUDIO_CODEC y
+SND_SOC_SOF_HDA_COMMON m
+SND_SOC_SOF_HDA_LINK y
+SND_SOC_SOF_HDA_LINK_BASELINE m
+SND_SOC_SOF_ICELAKE m
+SND_SOC_SOF_ICELAKE_SUPPORT y
+SND_SOC_SOF_INTEL_ACPI m
+SND_SOC_SOF_INTEL_ATOM_HIFI_EP m
+SND_SOC_SOF_INTEL_COMMON m
+SND_SOC_SOF_INTEL_HIFI_EP_IPC m
+SND_SOC_SOF_INTEL_PCI m
+SND_SOC_SOF_INTEL_TOPLEVEL y
+SND_SOC_SOF_MERRIFIELD m
+SND_SOC_SOF_MERRIFIELD_SUPPORT y
+SND_SOC_SOF_OPTIONS m
+SND_SOC_SOF_PCI m
+SND_SOC_SOF_PROBE_WORK_QUEUE y
+SND_SOC_SOF_TIGERLAKE m
+SND_SOC_SOF_TIGERLAKE_SUPPORT y
+SND_SOC_SOF_TOPLEVEL y
+SND_SOC_SOF_XTENSA m
+SND_SOC_SPDIF m
+SND_SOC_SSM4567 m
+SND_SOC_TAS6424 m
+SND_SOC_TDA7419 m
+SND_SOC_TLV320AIC32X4 m
+SND_SOC_TLV320AIC32X4_I2C m
+SND_SOC_TLV320AIC32X4_SPI m
+SND_SOC_TOPOLOGY y
+SND_SOC_TS3A227E m
+SND_SOC_TSCS42XX m
+SND_SOC_WM8524 m
+SND_SPI y
+SND_SST_ATOM_HIFI2_PLATFORM m
+SND_SST_ATOM_HIFI2_PLATFORM_ACPI m
+SND_SST_ATOM_HIFI2_PLATFORM_PCI m
+SND_SST_IPC m
+SND_SST_IPC_ACPI m
+SND_SST_IPC_PCI m
+SPI_MASTER y
+ST_UVIS25_SPI m
l/gegl-0.4.22-x86_64-1.txz: Upgraded.
l/glib2-2.62.5-x86_64-1.txz: Upgraded.
l/python-requests-2.23.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.22.8-x86_64-1.txz: Upgraded.
n/openssh-8.2p1-x86_64-2.txz: Rebuilt.
n/php-7.4.3-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Phar: Files added to tar with Phar::buildFromIterator have
all-access permissions.
Phar: heap-buffer-overflow in phar_extract_file.
Session: Null Pointer Dereference in PHP Session Upload Progress.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7061https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
(* Security fix *)
x/mesa-20.0.0-x86_64-1.txz: Upgraded.
Added Wayland platform support.
x/wayland-1.18.0-x86_64-1.txz: Added.
x/wayland-protocols-1.18-noarch-1.txz: Added.
x/xorg-server-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xephyr-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-1.20.7-x86_64-2.txz: Added.
xap/gimp-2.10.16-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/openssh-8.2p1-x86_64-2_pam.txz: Rebuilt.
/etc/pam.d/sshd: add commented out pam_tally2 example.
testing/packages/PAM/shadow-4.8.1-x86_64-5_pam.txz: Rebuilt.
/etc/pam.d/system-auth: add support for pam_group, remove pam_tally2.
Thanks to ivandi.
/etc/pam.d/*: Don't use tabs.
testing/packages/PAM/util-linux-2.35.1-x86_64-4_pam.txz: Rebuilt.
/etc/pam.d/login: add commented out pam_tally2 example.
/etc/pam.d/*: Don't use tabs.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/gtk+3-3.24.14-x86_64-2.txz: Rebuilt.
Rebuilt with -DG_ENABLE_DEBUG. Thanks to Bindestreck.
Also built with -DG_DISABLE_CAST_CHECKS and -Dbroadway_backend=true.
l/imagemagick-7.0.9_24-x86_64-1.txz: Upgraded.
n/bind-9.14.10-x86_64-2.txz: Rebuilt.
rc.bind: make sure it works with a non-root user specified in $NAMED_OPTIONS.
Thanks to Luigi Trovato.
n/tin-2.4.4-x86_64-1.txz: Upgraded.
xap/blackbox-0.76-x86_64-1.txz: Upgraded.
testing/packages/PAM/libcap-2.32-x86_64-1_pam.txz: Upgraded.
a/shadow-4.8.1-x86_64-4.txz: Rebuilt.
Recompiled using --with-group-name-max-length=32. Thanks to Bart van der Hall.
ap/cups-filters-1.27.1-x86_64-1.txz: Upgraded.
d/git-2.25.1-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.14-x86_64-1.txz: Upgraded.
l/libcap-2.32-x86_64-1.txz: Upgraded.
l/python-idna-2.9-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-4_pam.txz: Rebuilt.
Recompiled using --with-group-name-max-length=32. Thanks to Bart van der Hall.
ap/ksh93-20200131_e4fea8c5-x86_64-1.txz: Upgraded.
ap/zsh-5.8-x86_64-1.txz: Upgraded.
l/brotli-1.0.7-x86_64-1.txz: Added.
l/gmime-3.2.6-x86_64-1.txz: Upgraded.
l/hyphen-2.8.8-x86_64-1.txz: Added.
l/openal-soft-1.20.1-x86_64-1.txz: Upgraded.
Thanks to Skaendo and Willy Sudiarto Raharjo.
l/qt5-webkit-5.212.0_alpha3-x86_64-1.txz: Added.
Thanks to alienBOB.
l/woff2-20180531_a0d0ed7-x86_64-1.txz: Added.
n/bluez-5.53-x86_64-1.txz: Upgraded.
n/mutt-1.13.4-x86_64-1.txz: Upgraded.
n/samba-4.11.6-x86_64-3.txz: Rebuilt.
n/socat-1.7.3.4-x86_64-1.txz: Added.
n/whois-5.5.6-x86_64-1.txz: Upgraded.
testing/packages/PAM/samba-4.11.6-x86_64-3_pam.txz: Rebuilt.
Added patches to fix joining a DC when using krb5. Looks like the patches are
already upstreamed in the latest 4.12.0-rc. Thanks to camerabambai.
a/libcgroup-0.41-x86_64-6.txz: Rebuilt.
ap/mariadb-10.4.12-x86_64-2.txz: Rebuilt.
d/Cython-0.29.15-x86_64-1.txz: Upgraded.
d/cmake-3.16.4-x86_64-2.txz: Rebuilt.
Recompiled against qt5-5.13.2.
d/doxygen-1.8.17-x86_64-2.txz: Rebuilt.
Recompiled against qt5-5.13.2.
l/ConsoleKit2-1.2.1-x86_64-3.txz: Rebuilt.
l/gnome-keyring-3.34.0-x86_64-2.txz: Rebuilt.
l/imagemagick-7.0.9_23-x86_64-1.txz: Upgraded.
l/polkit-0.116-x86_64-2.txz: Rebuilt.
l/python-future-0.18.2-x86_64-1.txz: Added.
This is needed by fetchmailconf and will probably see additional use as
projects jump off of the sinking Python 2 ship.
l/v4l-utils-1.18.0-x86_64-2.txz: Rebuilt.
Recompiled against qt5-5.13.2.
n/cifs-utils-6.10-x86_64-3.txz: Rebuilt.
n/fetchmail-6.4.2-x86_64-1.txz: Upgraded.
n/pinentry-1.1.0-x86_64-3.txz: Rebuilt.
Recompiled against qt5-5.13.2.
n/samba-4.11.6-x86_64-2.txz: Rebuilt.
n/wpa_supplicant-2.9-x86_64-2.txz: Rebuilt.
Recompiled against qt5-5.13.2.
xap/xpdf-4.02-x86_64-3.txz: Rebuilt.
Recompiled against qt5-5.13.2.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-3_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/cifs-utils-6.10-x86_64-3_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-2_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/libcgroup-0.41-x86_64-6_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/libpwquality-1.4.2-x86_64-2_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
Remove .la files in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/mariadb-10.4.12-x86_64-2_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/pam-1.3.1-x86_64-2_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security to support
multilib. Thanks to GazL.
testing/packages/PAM/polkit-0.116-x86_64-2_pam.txz: Rebuilt.
Rebuilt using --with-pam-module-dir=/lib${LIBDIRSUFFIX}/security.
testing/packages/PAM/samba-4.11.6-x86_64-2_pam.txz: Rebuilt.
Put the pam security modules in /lib${LIBDIRSUFFIX}/security.
a/kernel-generic-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.20-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-3.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-3.txz: Rebuilt.
d/kernel-headers-5.4.20-x86-1.txz: Upgraded.
k/kernel-source-5.4.20-noarch-1.txz: Upgraded.
l/ConsoleKit2-1.2.1-x86_64-2.txz: Rebuilt.
l/dconf-editor-3.34.4-x86_64-1.txz: Upgraded.
l/libxkbcommon-0.10.0-x86_64-1.txz: Added.
l/openal-soft-1.19.1-x86_64-1.txz: Added.
l/qt5-5.13.2-x86_64-1.txz: Added.
Thanks to alienBOB.
n/openssh-8.2p1-x86_64-1.txz: Upgraded.
Potentially incompatible changes:
* ssh(1), sshd(8): the removal of "ssh-rsa" from the accepted
CASignatureAlgorithms list.
* ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
from the default key exchange proposal for both the client and
server.
* ssh-keygen(1): the command-line options related to the generation
and screening of safe prime numbers used by the
diffie-hellman-group-exchange-* key exchange algorithms have
changed. Most options have been folded under the -O flag.
* sshd(8): the sshd listener process title visible to ps(1) has
changed to include information about the number of connections that
are currently attempting authentication and the limits configured
by MaxStartups.
x/mesa-19.3.4-x86_64-2.txz: Rebuilt.
Reverted "[PATCH] swr: Fix GCC 4.9 checks." which makes X fail to start with
an illegal instruction on some hardware.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-2_pam.txz: Rebuilt.
Rebuilt with --disable-libcgmanager to fix setting limits on PAM.
Thanks to gattocarlo.
testing/packages/PAM/openssh-8.2p1-x86_64-1_pam.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-3_pam.txz: Rebuilt.
Moved some of the /etc/pam.d/ file to the util-linux package where they
more properly belong.
testing/packages/PAM/util-linux-2.35.1-x86_64-3_pam.txz: Rebuilt.
Added some /etc/pam.d/ files previously in the shadow package.
Changed /etc/pam.d/{chfn,chsh} and made chfn/chsh setuid root to fix them.
Added /etc/pam.d/{runuser,runuser-l}.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/sysvinit-scripts-2.1-noarch-29.txz: Rebuilt.
rc.S: make /var/run a bind mount to /run. Thanks to Robby Workman.
rc.S: make a few adjustments to temporary file cleanup.
rc.M: drop additional checks on starting rc.syslog.
a/util-linux-2.35.1-x86_64-2.txz: Rebuilt.
d/bison-3.5.2-x86_64-1.txz: Upgraded.
l/pcre-8.44-x86_64-1.txz: Upgraded.
l/sdl-1.2.15-x86_64-9.txz: Rebuilt.
Replaced missing SDL_ttf docs. Thanks to Stuart Winter.
n/krb5-1.18-x86_64-1.txz: Upgraded.
x/mesa-19.3.4-x86_64-1.txz: Upgraded.
testing/packages/PAM/util-linux-2.35.1-x86_64-2_pam.txz: Rebuilt.
Added /etc/default/su containing 'ALWAYS_SET_PATH yes' to ensure that
ENV_SUPATH from /etc/login.defs is used for the $PATH with plain 'su'.
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded.
a/lvm2-2.03.08-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-2.txz: Rebuilt.
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz: Upgraded.
k/kernel-source-5.4.19-noarch-1.txz: Upgraded.
VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added.
testing/packages/binutils-2.34-x86_64-1.txz: Removed.
testing/packages/glibc-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/man-pages-5.05-noarch-2.txz: Rebuilt.
Clean up /usr/man directory moving miscellaneous documentation to
/usr/doc/man-pages-5.05. Thanks to Xsane.
d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
a/cryptsetup-2.3.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200203_6d9f399-noarch-1.txz: Upgraded.
ap/xfsdump-3.1.9-x86_64-1.txz: Upgraded.
d/mercurial-5.3-x86_64-1.txz: Upgraded.
l/libzip-1.6.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.2-x86_64-3.txz: Rebuilt.
Added /etc/exports.d directory.
Removed the bogus sanity checks. Sure, we could try to "fix" them, but this
seems to be the path of least resistance.
n/postfix-3.4.9-x86_64-1.txz: Upgraded.
x/libinput-1.15.1-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.2.131.1-x86_64-1.txz: Upgraded.
xap/sane-1.0.29-x86_64-1.txz: Upgraded.
a/util-linux-2.35.1-x86_64-1.txz: Upgraded.
a/zerofree-1.1.1-x86_64-1.txz: Added.
Also queued up for the next installer build. Thanks to bifferos.
ap/sudo-1.8.31-x86_64-1.txz: Upgraded.
This update fixes a security issue:
In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can
trigger a stack-based buffer overflow in the privileged sudo process.
(pwfeedback is a default setting in some Linux distributions; however, it
is not the default for upstream or in Slackware, and would exist only if
enabled by an administrator.) The attacker needs to deliver a long string
to the stdin of getln() in tgetpass.c.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634
(* Security fix *)
n/NetworkManager-1.22.6-x86_64-1.txz: Upgraded.
n/openldap-client-2.4.49-x86_64-1.txz: Upgraded.
xfce/Thunar-1.8.11-x86_64-1.txz: Removed.
xfce/thunar-1.8.12-x86_64-1.txz: Added.
Changed package name from "Thunar" to "thunar" to follow upstream's naming.
a/kernel-generic-5.4.16-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.16-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.16-x86_64-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.73-x86_64-5.txz: Rebuilt.
gnome-doc-tools: Make '/usr/bin/xml2po' and its accompanying Python module
build against Python3.
Thanks to bassmadrigal and ponce on LQ for the report and the patch.
docbook2x: Removed '--disable-maintainer-mode' configuration flag because
it's no longer valid.
Thanks to Stuart Winter.
d/kernel-headers-5.4.16-x86-1.txz: Upgraded.
k/kernel-source-5.4.16-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_elflibs-15.0-x86_64-21.txz: Rebuilt.
Upgraded: libisl.so.22.0.1.
Added: libkeyutils.so.1.9.
a/kernel-generic-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.15-x86_64-1.txz: Upgraded.
a/pciutils-3.6.4-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-1.txz: Upgraded.
d/check-0.14.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.15-x86-1.txz: Upgraded.
d/make-4.2.1-x86_64-5.txz: Rebuilt.
Drop back to make-4.2.1 since make-4.3 is breaking a few builds. We'll
revisit it later after sources have caught up to it or regressions have
been patched upstream.
d/python-pip-20.0.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.15-noarch-1.txz: Upgraded.
l/imagemagick-7.0.9_18-x86_64-1.txz: Upgraded.
l/python-packaging-20.1-x86_64-1.txz: Upgraded.
n/php-7.4.2-x86_64-3.txz: Rebuilt.
php.ini: Added extension=gd and extension=zip. Thanks to avian.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20200122_1eb2408-noarch-1.txz: Upgraded.
a/pciutils-3.6.3-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-30.txz: Rebuilt.
removepkg: prevent upgradepkg noise when a directory turns into a symlink.
setup.vi-ex: don't make symlinks if the targets don't exist.
d/cmake-3.16.3-x86_64-1.txz: Upgraded.
d/distcc-3.3.3-x86_64-3.txz: Rebuilt.
Move symlink tree into /usr/lib/distcc/, and make a link in /usr/lib64/ if
needed. Seems like this is how everyone else sets it up. Thanks to hpfeil.
Recompiled against krb5-1.17.1 (--with-auth).
d/parallel-20200122-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.8-x86_64-1.txz: Upgraded.
n/bind-9.14.10-x86_64-1.txz: Upgraded.
This is a bugfix release:
With some libmaxminddb versions, named could erroneously match an IP address
not belonging to any subnet defined in a given GeoIP2 database to one of the
existing entries in that database. [GL #1552]
Fix line spacing in `rndc secroots`. Thanks to Tony Finch. [GL #2478]
Recompiled against krb5-1.17.1 (--with-gssapi).
n/dhcp-4.4.2-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.19-x86_64-1.txz: Upgraded.
n/php-7.4.2-x86_64-2.txz: Rebuilt.
Patched for c-client library API change. Thanks to ecd102.
Recompiled against krb5-1.17.1 (--with-kerberos).
a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
a/aaa_terminfo-6.1_20200118-x86_64-1.txz: Upgraded.
d/make-4.3-x86_64-1.txz: Upgraded.
d/python-setuptools-45.1.0-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20200118-x86_64-1.txz: Upgraded.
n/alpine-2.22-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.4.2esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.4.2/releasenotes/https://bugzilla.mozilla.org/show_bug.cgi?id=1602726
a/elvis-2.2_0-x86_64-5.txz: Rebuilt.
Don't make /usr/bin/{ex,vi} symlinks.
a/kernel-generic-5.4.11-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.11-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.11-x86_64-1.txz: Upgraded.
a/nvi-1.81.6-x86_64-1.txz: Added.
This is an implementation of the classic ex/vi text editor written by Keith
Bostic. Due to this having UTF8 support which elvis lacks, we'll have it
take over the ex/vi symlinks if they aren't already pointing to a different
choice. Note that the removal of vi/ex symlinks from the elvis and vim
packages might cause your ex/vi symlinks to point to this after all the ex/vi
packages have been upgraded. You can set them to your preferences using
pkgtool -> Setup -> vi-ex.
a/pkgtools-15.0-noarch-29.txz: Rebuilt.
Added an installer/pkgtool menu to select the default ex/vi editor.
ap/vim-8.2.0114-x86_64-1.txz: Upgraded.
Don't make /usr/bin/{ex,vi} symlinks.
d/kernel-headers-5.4.11-x86-1.txz: Upgraded.
d/python-setuptools-45.0.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.11-noarch-1.txz: Upgraded.
l/imagemagick-7.0.9_15-x86_64-1.txz: Upgraded.
n/ethtool-5.4-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0114-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/ccache-3.7.7-x86_64-1.txz: Upgraded.
l/libpsl-0.21.0-x86_64-2.txz: Rebuilt.
Patched for new gtk-doc. Thanks to Matteo Bernardini.
l/pyparsing-2.4.6-x86_64-1.txz: Upgraded.
l/python-packaging-20.0-x86_64-1.txz: Upgraded.
l/python-pygments-2.5.2-x86_64-1.txz: Added.
This is needed by gtk-doc.
n/iputils-20190709-x86_64-2.txz: Rebuilt.
Patched for new libcap. Thanks to Matteo Bernardini.
x/fonttosfnt-1.1.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.4.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.4.0/releasenotes/https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
a/dialog-1.3_20191210-x86_64-1.txz: Upgraded.
a/shadow-4.8-x86_64-2.txz: Rebuilt.
Don't ship /etc/environment.new since sudo is no longer complaining about it.
ap/lxc-2.0.11_fad08f383-x86_64-4.txz: Rebuilt.
Make sure all initial devices are properly created.
Fix accidental handling of rc.lxc as a modified-for-lxc init script.
Thanks to crts.
d/python-setuptools-44.0.0-x86_64-1.txz: Upgraded.
l/libedit-20191231_3.1-x86_64-1.txz: Upgraded.
l/python-pillow-7.0.0-x86_64-1.txz: Upgraded.
Happy 2020 to the Slackware community! :-)
a/aaa_terminfo-6.1_20191228-x86_64-1.txz: Upgraded.
a/smartmontools-7.1-x86_64-1.txz: Upgraded.
ap/sudo-1.8.30-x86_64-1.txz: Upgraded.
d/python-setuptools-43.0.0-x86_64-1.txz: Upgraded.
l/boost-1.72.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
Patched to fix missing boost/serialization/split_member.hpp include.
This fixes the lightspark build at SBo. Thanks to orbea.
l/ffmpeg-4.2.2-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20191228-x86_64-1.txz: Upgraded.
l/netpbm-10.89.00-x86_64-1.txz: Upgraded.
n/epic5-2.1.1-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
Thanks to Willy Sudiarto Raharjo for pointing this one out.
n/whois-5.5.4-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.130.0-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2.2-x86_64-1_alsa.txz: Upgraded.
a/kmod-26-x86_64-3.txz: Rebuilt.
This doesn't build with --enable-python and python3-3.8.1, so we'll
disable it for now. The python additions don't appear to be widely
packaged anyway.
a/util-linux-2.34-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/hplip-3.19.12-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/ksh93-20191228_5abcbd06-x86_64-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.73-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/lxc-2.0.11_fad08f383-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/rpm-4.15.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/Cython-0.29.14-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/clisp-2.50_20191103_c26de7873-x86_64-1.txz: Upgraded.
d/distcc-3.3.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/gdb-8.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/llvm-9.0.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/meson-0.52.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python-pip-19.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python-setuptools-42.0.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python3-3.8.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
kde/pykde4-4.14.3-x86_64-10.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/Mako-1.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/PyQt-4.12.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/QScintilla-2.11.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/alsa-lib-1.2.1.2-x86_64-2.txz: Rebuilt.
Recompiled without --enable-mixer-pymods.
l/dbus-python-1.2.14-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/gexiv2-0.12.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/gobject-introspection-1.62.0-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libcaca-0.99.beta19-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libcap-ng-0.7.10-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libproxy-0.4.15-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libwebp-1.0.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libwmf-0.2.8.4-x86_64-9.txz: Rebuilt.
Correct the path for the GDK_PIXBUF_DIR.
Thanks to B. Watson and Robby Workman.
l/libxml2-2.9.10-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/newt-0.52.21-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycairo-1.18.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycups-1.9.74-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycurl-7.43.0.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pygobject-2.28.7-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pygobject3-3.34.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pyparsing-2.4.5-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-appdirs-1.4.3-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-certifi-2019.11.28-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-chardet-3.0.4-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-docutils-0.15.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-idna-2.8-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-notify2-0.3.1-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-packaging-19.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-pillow-6.2.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-ply-3.11-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-requests-2.22.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-sane-2.8.3-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-six-1.13.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-urllib3-1.25.7-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/sip-4.19.20-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/system-config-printer-1.5.12-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/talloc-2.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/tdb-1.4.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/tevent-0.10.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/urwid-1.0.3-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/zstd-1.4.4-x86_64-2.txz: Rebuilt.
Fix libdir in libzstd.pc. Thanks to orbea.
n/gpgme-1.13.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/obexftp-0.24.2-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/pssh-2.3.1-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/s-nail-14.9.16-x86_64-1.txz: Upgraded.
n/samba-4.11.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
x/pyxdg-0.26-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
x/xcb-proto-1.13-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
xap/blueman-2.1.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
xap/hexchat-2.14.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
extra/pure-alsa-system/alsa-lib-1.2.1.2-x86_64-2_alsa.txz: Rebuilt.
Recompiled without --enable-mixer-pymods.
isolinux/initrd.img: Rebuilt.
SeTEFI: Patched to remove extra whitespace from lsblk output.
Thanks to Didier Spaier.
usb-and-pxe-installers/usbboot.img: Rebuilt.
SeTEFI: Patched to remove extra whitespace from lsblk output.
Thanks to Didier Spaier.
a/kernel-generic-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-huge-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-modules-5.4.6-x86_64-2.txz: Rebuilt.
ap/vim-8.2.0050-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.6-x86-2.txz: Rebuilt.
k/kernel-source-5.4.6-noarch-2.txz: Rebuilt.
Apparently MODULE_SIG was enabled by SECURITY_LOCKDOWN_LSM. We'll turn both
of those off to avoid needlessly tainting the kernel.
-LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY n
-LOCK_DOWN_KERNEL_FORCE_INTEGRITY n
-LOCK_DOWN_KERNEL_FORCE_NONE y
-MODULE_SIG_ALL n
-MODULE_SIG_FORCE n
-MODULE_SIG_FORMAT y
-MODULE_SIG_HASH "sha256"
-MODULE_SIG_KEY "certs/signing_key.pem"
-MODULE_SIG_SHA1 n
-MODULE_SIG_SHA224 n
-MODULE_SIG_SHA256 y
-MODULE_SIG_SHA384 n
-MODULE_SIG_SHA512 n
-SECURITY_LOCKDOWN_LSM_EARLY y
MODULE_SIG y -> n
SECURITY_LOCKDOWN_LSM y -> n
l/imagemagick-7.0.9_12-x86_64-1.txz: Upgraded.
l/libcap-2.29-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0050-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-5.4.6-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.6-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.6-x86_64-1.txz: Upgraded.
a/procps-ng-3.3.16-x86_64-2.txz: Rebuilt.
Patched to hardcode the pgrep command string buffer size to 4096 as was done
in the previous release. This avoids an allocation error when the stack size
is unlimited. Thanks to Jeroslaw Siebert.
a/xfsprogs-5.4.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.6-x86-1.txz: Upgraded.
k/kernel-source-5.4.6-noarch-1.txz: Upgraded.
l/QScintilla-2.11.4-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.4-x86_64-1.txz: Upgraded.
n/lftp-4.9.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_elflibs-15.0-x86_64-17.txz: Rebuilt.
Upgraded: libcap.so.2.28, libelf-0.178.so, libglib-2.0.so.0.6200.4,
libgmodule-2.0.so.0.6200.4, libgobject-2.0.so.0.6200.4,
libgthread-2.0.so.0.6200.4, libidn2.so.0.3.7, libpcre2-8.so.0.9.0,
libtdb.so.1.4.3.
Added: libffi.so.6.0.4, libffi.so.7.1.0.
a/file-5.38-x86_64-2.txz: Rebuilt.
Patched to fix ELF shared libraries misidentified as "statically linked."
a/kernel-firmware-20191220_6871bff-noarch-1.txz: Upgraded.
a/openssl10-solibs-1.0.2u-x86_64-1.txz: Upgraded.
(* Security fix *)
d/guile-2.2.6-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
d/llvm-9.0.1-x86_64-1.txz: Upgraded.
Compiled against libffi-3.3.
d/python-2.7.17-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
d/python3-3.7.6-x86_64-1.txz: Upgraded.
Compiled against libffi-3.3.
d/ruby-2.6.5-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/glib2-2.62.4-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/libffi-3.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libvpx-1.8.2-x86_64-1.txz: Upgraded.
l/pygobject-2.28.7-x86_64-4.txz: Rebuilt.
Recompiled against libffi-3.3.
l/pygobject3-3.34.0-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/sip-4.19.20-x86_64-1.txz: Upgraded.
n/cifs-utils-6.10-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.3-x86_64-1.txz: Upgraded.
n/openssl10-1.0.2u-x86_64-1.txz: Upgraded.
This update fixes a low severity security issue:
Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in
exponentiation with 512-bit moduli.
For more information, see:
https://www.openssl.org/news/secadv/20191206.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
(* Security fix *)
n/p11-kit-0.23.18.1-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
extra/tigervnc/tigervnc-1.10.1-x86_64-1.txz: Upgraded.
From tigervnc.org: "This is a security release to fix a number of issues
that were found by Kaspersky Lab. These issues affect both the client and
server and could theoretically allow a malicious peer to take control
over the software on the other side. No working exploit is known at this
time, and the issues require the peer to first be authenticated. We still
urge users to upgrade when possible."
(* Security fix *)
a/usb_modeswitch-2.5.2-x86_64-2.txz: Rebuilt.
Seems there's a regression in usb_modeswitch-2.6.0, so let's revert to
usb_modeswitch-2.5.2 but keep the latest usb-modeswitch-data-20191128.
Thanks to Lockywolf.
l/fuse3-3.9.0-x86_64-2.txz: Rebuilt.
Install fuse.conf as fuse.conf.new. This won't prevent an existing config
file from being overwritten with this upgrade, but it will prevent that
from happening again moving forward. Thanks to chrisVV.
a/kernel-firmware-20191215_eefb5f7-noarch-1.txz: Upgraded.
a/mcelog-167-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-14.txz: Rebuilt.
Patched init to fix the case where -T and -C options are used with UUID=.
Thanks to davjohn and GazL.
ap/cups-filters-1.26.0-x86_64-1.txz: Upgraded.
d/re2c-1.3-x86_64-1.txz: Upgraded.
l/fuse3-3.9.0-x86_64-1.txz: Upgraded.
n/mutt-1.13.1-x86_64-1.txz: Upgraded.
ap/hplip-3.19.12-x86_64-1.txz: Upgraded.
ap/pamixer-1.4-x86_64-4.txz: Rebuilt.
Recompiled against boost-1.72.0.
ap/vim-8.2.0000-x86_64-1.txz: Upgraded.
d/bison-3.5-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-33.txz: Rebuilt.
Recompiled against boost-1.72.0.
l/akonadi-1.13.0-x86_64-14.txz: Rebuilt.
Recompiled against boost-1.72.0.
l/boost-1.72.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libssh-0.9.3-x86_64-1.txz: Upgraded.
This fixes a security issue (low impact according to upstream):
Unsanitized location in scp could lead to unwanted command execution.
In addition, the 0.9.3 release benefited from a security audit sponsored
by the Mozilla Open Source Support program. The audit results were used
to improve the overall security and code quality of libssh.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14889
(* Security fix *)
n/libqmi-1.24.2-x86_64-1.txz: Upgraded.
x/compiz-0.8.16.1-x86_64-1.txz: Upgraded.
x/mesa-19.3.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0000-x86_64-1.txz: Upgraded.
ap/mariadb-10.4.11-x86_64-1.txz: Upgraded.
d/cmake-3.16.1-x86_64-1.txz: Upgraded.
d/git-2.24.1-x86_64-1.txz: Upgraded.
l/mozjs52-52.9.0esr-x86_64-2.txz: Removed.
This was used only by polkit-0.115.
l/mozjs60-60.9.0esr-x86_64-1.txz: Added.
This is needed for polkit-0.116.
l/polkit-0.116-x86_64-1.txz: Upgraded.
n/ModemManager-1.12.2-x86_64-1.txz: Upgraded.
xap/xine-ui-0.99.12-x86_64-1.txz: Upgraded.
l/dconf-0.34.0-x86_64-2.txz: Rebuilt.
Rebuilt using the sed replacements suggested by LFS. This fixes a
subsequent build of dconf-editor.
l/glib-networking-2.62.2-x86_64-1.txz: Upgraded.
n/samba-4.11.3-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD DC zone-named record Denial of Service in DNS management server.
DelegationNotAllowed was not enforced in protocol transition on Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
(* Security fix *)
x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded.
a/tcsh-6.22.02-x86_64-1.txz: Upgraded.
ap/vim-8.1.2391-x86_64-1.txz: Upgraded.
l/fuse3-3.8.0-x86_64-2.txz: Rebuilt.
rc.fuse3: Don't source /lib/lsb/init-functions unless it exists.
NOTE: FUSE seems to work fine without starting rc.fuse3, which it why it
isn't actually called from anywhere during system startup.
n/iw-5.4-x86_64-1.txz: Upgraded.
n/php-7.4.0-x86_64-2.txz: Rebuilt.
Rebuilt using --enable-gd=shared and --with-zip=shared.
Thanks to Matteo Bernardini.
xap/gv-3.7.4-x86_64-3.txz: Rebuilt.
Patched to fix save/print features when used with the latest ghostscript.
Added --enable-international build option.
Fixed broken whitespace in the bounding-box patch.
Thanks to Xsane.
xap/vim-gvim-8.1.2391-x86_64-1.txz: Upgraded.
a/hwdata-0.330-noarch-1.txz: Upgraded.
a/lvm2-2.03.07-x86_64-1.txz: Upgraded.
a/tcsh-6.22.01-x86_64-1.txz: Upgraded.
d/python-setuptools-42.0.2-x86_64-1.txz: Upgraded.
n/gnutls-3.6.11.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.2.8-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.3.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.3.0/releasenotes/
ap/xfsdump-3.1.8-x86_64-4.txz: Rebuilt.
Patched for new xfsprogs-5.3.0 API. Thanks to nobodino.
d/cmake-3.16.0-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.18-x86_64-1.txz: Upgraded.
gpg: Prepare against chosen-prefix SHA-1 collisions in key signatures.
This change removes all SHA-1 based key signature newer than 2019-01-19
from the web-of-trust. Note that this includes all key signatures
created with dsa1024 keys. The new option --allow-weak-key-signatures
can be used to override the new and safer behaviour.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855
(* Security fix *)
n/iproute2-5.4.0-x86_64-1.txz: Upgraded.
x/libepoxy-1.5.4-x86_64-1.txz: Upgraded.
n/bind-9.14.8-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Set a limit on the number of concurrently served pipelined TCP queries.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6477
(* Security fix *)
x/mesa-19.2.5-x86_64-1.txz: Upgraded.
testing/packages/kernel-generic-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-headers-5.4.0_rc8-x86-1.txz: Upgraded.
testing/packages/kernel-huge-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-modules-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-source-5.4.0_rc8-noarch-1.txz: Upgraded.
-VBOXSF_FS m
+X86_INTEL_TSX_MODE_AUTO n
+X86_INTEL_TSX_MODE_OFF y
+X86_INTEL_TSX_MODE_ON n
ap/qpdf-9.1.0-x86_64-1.txz: Upgraded.
d/check-0.13.0-x86_64-1.txz: Added.
This is needed to build PulseAudio using Meson.
l/alsa-lib-1.2.1-x86_64-2.txz: Rebuilt.
Merge alsa-topology-conf-1.2.1 and alsa-ucm-conf-1.2.1 into the package.
l/pulseaudio-13.0-x86_64-2.txz: Rebuilt.
Rebuilt with meson. This causes esound support to be dropped, but it's
likely that nobody will care.
l/pyparsing-2.4.5-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.2.1-x86_64-2_alsa.txz: Rebuilt.
Merge alsa-topology-conf-1.2.1 and alsa-ucm-conf-1.2.1 into the package.
ap/alsa-utils-1.2.1-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.1-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.2.1-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/alsa-plugins-1.2.1-x86_64-1_alsa.txz: Upgraded.
testing/packages/kernel-generic-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-headers-5.4.0_rc7-x86-2.txz: Rebuilt.
testing/packages/kernel-huge-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-modules-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-source-5.4.0_rc7-noarch-2.txz: Rebuilt.
CRYPTO_CRC32C_INTEL m -> y
Make modules before cleaning up the source tree. This does some magic in
Module.symvers that fixes building the NVIDIA kernel modules.
l/system-config-printer-1.5.12-x86_64-1.txz: Upgraded.
n/sshfs-3.6.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.2/releasenotes/
a/aaa_terminfo-6.1_20191026-x86_64-1.txz: Upgraded.
a/cryptsetup-2.2.2-x86_64-1.txz: Upgraded.
a/lvm2-2.03.06-x86_64-1.txz: Upgraded.
d/Cython-0.29.14-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20191026-x86_64-1.txz: Upgraded.
Restore the --without-normal option to skip static libraries as used in 14.2.
Thanks to Richard Narron.
x/xterm-349-x86_64-2.txz: Rebuilt.
In /etc/app-defaults/XTerm, use terminus-medium instead of terminus-bold.
Thanks to igadoter.
a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218https://www.samba.org/samba/security/CVE-2019-14833.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833https://www.samba.org/samba/security/CVE-2019-14847.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/imagemagick-6.9.10_70-x86_64-1.txz: Upgraded.
x/libinput-1.14.3-x86_64-1.txz: Upgraded.
x/mkfontdir-1.0.7-noarch-2.txz: Removed.
The mkfontdir wrapper script and man page are provided by recent versions
of the mkfontscale package, making the mkfontdir package redundant.
Thanks to DarkVision.
x/mkfontscale-1.2.1-x86_64-2.txz: Rebuilt.
Moved the mkfontdir install script to this package since it includes the
mkfontdir wrapper script now.
xap/gimp-2.10.14-x86_64-1.txz: Upgraded.
l/pycairo-1.18.2-x86_64-1.txz: Upgraded.
x/libglvnd-1.2.0-x86_64-3.txz: Rebuilt.
It seems that Mesa now expects libglvnd to provide the header files, so this
has been rebuilt without --disable-headers. These headers remain missing on
the system after doing so: GL/gl_mangle.h, glx_mangle.h, and GLES3/gl3ext.h.
If anything still requires those headers, please let me know and we'll look
into what can be done about it. Thanks to TheRealGrogan for the heads-up.
ap/man-db-2.9.0-x86_64-1.txz: Upgraded.
d/ccache-3.7.5-x86_64-1.txz: Upgraded.
l/librsvg-2.46.3-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.0/releasenotes/
d/python-2.7.17-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Update vendorized expat library version to 2.2.8.
Disallow URL paths with embedded whitespace or control characters into the
underlying http client request. Such potentially malicious header injection
URLs now cause an httplib.InvalidURL exception to be raised.
Avoid file reading by disallowing ``local-file://`` and ``local_file://``
URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and
:meth:`urllib.URLopener.retrieve`.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
(* Security fix *)
n/proftpd-1.3.6b-x86_64-1.txz: Upgraded.
a/getty-ps-2.1.0b-x86_64-4.txz: Removed.
a/lha-114i-x86_64-2.txz: Removed.
Removed due to vague licensing terms.
a/lhasa-0.3.1-x86_64-1.txz: Added.
This is an extraction-only LHA utility with an OSI approved license.
a/shadow-4.7-x86_64-2.txz: Rebuilt.
Added /etc/environment.new to fix "sudo -i" noise.
ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2174-x86_64-1.txz: Upgraded.
l/netpbm-10.88.00-x86_64-1.txz: Upgraded.
n/ca-certificates-20191018-noarch-1.txz: Upgraded.
n/samba-4.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded.
xap/xfractint-20.04p13-x86_64-2.txz: Removed.
xap/xv-3.10a-x86_64-9.txz: Removed.
extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
Moved here from the A series due to commercial use restrictions.
extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded.
Moved here from the XAP series due to commercial use restrictions.
extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt.
Moved here from the XAP series due to non-commercial use shareware license.
ap/sudo-1.8.28p1-x86_64-1.txz: Upgraded.
This is a bugfix release:
A fix in sudo-1.8.28 caused "sudo -v" to prompt for a password when
"verifypw" is set to "all" (the default) and all of the user's sudoers
entries are marked with NOPASSWD.
l/xapian-core-1.4.13-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.1-x86_64-1.txz: Upgraded.
x/xf86-input-wacom-0.38.0-x86_64-1.txz: Upgraded.
ap/ghostscript-9.50-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-2.txz: Rebuilt.
Have the profile scripts just check for -x /etc/rc.d/rc.iceccd, since pgrep
with --ns $$ isn't working for non-root users. Thanks to Leopold E. Midha.
d/python-pip-19.3-x86_64-1.txz: Upgraded.
n/bluez-5.51-x86_64-2.txz: Rebuilt.
Fixed path to obexd in org.bluez.obex.service.
Thanks to Jean-Philippe Guillemin.
x/xf86-video-ati-19.1.0-x86_64-1.txz: Upgraded.
ap/sudo-1.8.28-x86_64-1.txz: Upgraded.
Fixed a bug where an sudo user may be able to run a command as root when
the Runas specification explicitly disallows root access as long as the
ALL keyword is listed first.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287
(* Security fix *)
a/pkgtools-15.0-noarch-26.txz: Rebuilt.
upgradepkg: add spaces to --dry-run package list. Thanks to Markus Wiesner.
l/aspell-0.60.8-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-9.txz: Rebuilt.
rc.inet1: Fix typos and spacing.
rc.inet2: Start rc.firewall first. This had been later in the script due to
the now unsupported idea of having /usr on NFS. Thanks to abga.
rc.inet2: If present and executable, start the Kerberos init scripts.
rc.inet2: Remove obsolete rpc.pcnfsd/rpc.bwnfsd section from the end.
n/proftpd-1.3.6a-x86_64-1.txz: Upgraded.
xap/pan-0.146-x86_64-1.txz: Upgraded.
ap/cups-filters-1.25.11-x86_64-1.txz: Upgraded.
x/libX11-1.6.9-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.1.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.1.2/releasenotes/
d/vala-0.46.3-x86_64-1.txz: Upgraded.
l/libsoup-2.68.2-x86_64-1.txz: Upgraded.
n/openssh-8.1p1-x86_64-1.txz: Upgraded.
ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
x/libXvMC-1.0.12-x86_64-3.txz: Rebuilt.
Reverted to the stock xvmc.pc since Mesa has been fixed to work with it.
x/libglvnd-1.2.0-x86_64-2.txz: Rebuilt.
x/mesa-19.2.1-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.24-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-24.txz: Rebuilt.
installpkg: support --no-overwrite option for upgradepkg's second install
pass. Don't use this option directly unless you have a good reason.
upgradepkg: call installpkg with --no-overwrite for the second install pass.
This cuts the drive writes for a package upgrade almost in half so we can
be kinder to SSDs.
ap/nano-4.5-x86_64-1.txz: Upgraded.
l/gmime-3.2.4-x86_64-1.txz: Upgraded.
l/gnu-efi-3.0.10-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.12-x86_64-1.txz: Upgraded.
testing/packages/rust-1.38.0-x86_64-2.txz: Rebuilt.
The package size here has been put on a tremendous diet.
Thanks to Andrew Clemons and Willy Sudiarto Raharjo for help with this.
Compile test results:
firefox-68.1.0esr: fail
firefox-69.0.2: pass
seamonkey-2.49.5: pass
thunderbird-68.1.1: fail
a/haveged-1.9.8-x86_64-1.txz: Upgraded.
ap/screen-4.7.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2108-x86_64-1.txz: Upgraded.
d/rust-1.37.0-x86_64-1.txz: Upgraded.
Reverting to rust-1.37.0 after verified reports that the newer Rust is
unable to compile Firefox or Thunderbird. There are some patches for this
appearing in the repos, but they are extensive changes that don't look like
they could be cherry-picked. Hey, at least this Rust version works and is
not bloated. :) Moving forward we'll be testing new versions of Rust to
make sure that they can compile the sources that we need Rust for before
merging them into the tree. Firefox has been verified to build here with
rust-1.37.0 and gcc/g++ from gcc-9.2.0 or clang/clang++ from llvm-9.0.0.
l/libcap-ng-0.7.10-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2108-x86_64-1.txz: Upgraded.
d/llvm-9.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to orbea for getting this working and cleaning up the build script.
d/vala-0.46.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_67-x86_64-1.txz: Upgraded.
Fixed --disable-opencl configure option. Thanks to Markus Wiesner for the
bug report and to upstream for the quick fix.
n/NetworkManager-1.20.4-x86_64-1.txz: Upgraded.
n/gnutls-3.6.10-x86_64-1.txz: Upgraded.
x/freeglut-3.2.1-x86_64-1.txz: Upgraded.
x/libglvnd-1.1.1-x86_64-2.txz: Upgraded.
Reverted to this version since I'm seeing some errors linking with Mesa
libraries with the newer one. Thanks to nobodino for the bug report.
x/mesa-19.2.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-9.0.0 and libglvnd-1.1.1.
x/xf86-video-vmware-13.3.0-x86_64-3.txz: Rebuilt.
Recompiled against llvm-9.0.0.
a/f2fs-tools-1.13.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
ap/rpm-4.15.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.38.0-x86_64-1.txz: Upgraded.
It seems that rust-1.38.0 builds fewer shared objects causing the package
size to bloat to almost double. I held this back overnight to compile some
modified builds to see if the old build behavior could be restored but
didn't have any luck, so I'll put this out as-is for now. Any help debloating
this package would be appreciated. Note that it also had to be bootstrapped
from the official binaries using LOCAL_BOOTSTRAP=NO. That's not all that
unusual for Rust, but perhaps that's another problem...
l/fribidi-1.0.7-x86_64-1.txz: Upgraded.
l/fuse3-3.7.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.1-x86_64-1.txz: Upgraded.
d/python-2.7.16-x86_64-3.txz: Rebuilt.
Rebuilt against glibc-2.30 to get rid of #define HAVE_STROPTS_H 1
in pyconfig.h. Thanks to ecd102.
d/python3-3.7.4-x86_64-2.txz: Rebuilt.
Rebuilt against glibc-2.30 to get rid of #define HAVE_STROPTS_H 1
in pyconfig.h. Thanks to ecd102.
n/openobex-1.7.2-x86_64-3.txz: Rebuilt.
Build/install extra openobex apps. Thanks to Dave Woodfall.
x/xf86-video-intel-20190724_6f4972d5-x86_64-1.txz: Upgraded.
extra/google-chrome/google-chrome.SlackBuild: Upgraded.
Patched the packaging script to handle either control.tar.gz or
control.tar.xz.
a/eudev-3.2.8-x86_64-2.txz: Rebuilt.
Blacklisted mlx_wdt in watchdog.conf. Thanks to Robby Workman.
l/libical-3.0.6-x86_64-1.txz: Upgraded.
n/rpcbind-1.2.5-x86_64-2.txz: Rebuilt.
Added patch from git master to fix a segfault.
Fixed application of the next patch.
Thanks to Robby Workman.
x/freeglut-3.2.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.7-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-13.txz: Rebuilt.
Add libargon2 and libgcc_s for cryptsetup LUKS2 support.
Add jfs (thanks to gus3 on LQ) and xfs (thanks to klipkyle on LQ) repair
tools to initrd if those filesystems are used.
Support PARTUUID in mkinitrd_command_generator.sh (thanks to luvr on LQ).
Fixes and enhancements to docs suggested on LQ.
Thanks to Robby Workman.
a/sysvinit-2.96-x86_64-1.txz: Upgraded.
ap/vim-8.1.2022-x86_64-1.txz: Upgraded.
d/bison-3.4.2-x86_64-1.txz: Upgraded.
d/ccache-3.7.4-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-1.txz: Upgraded.
d/meson-0.51.2-x86_64-2.txz: Rebuilt.
Fix meson configure crash. Thanks to orbea.
l/dbus-python-1.2.12-x86_64-1.txz: Upgraded.
l/pulseaudio-13.0-x86_64-1.txz: Upgraded.
l/python-certifi-2019.9.11-x86_64-1.txz: Upgraded.
x/libwacom-1.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2022-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-10.txz: Rebuilt.
Fix "include /etc/ld.so.conf.d/*.conf" repeats in /etc/ld.so.conf.
l/imagemagick-6.9.10_64-x86_64-1.txz: Upgraded.
l/seamonkey-solibs-2.49.5-x86_64-1.txz: Removed.
This package was included years ago to support a few things that needed
nss/nspr, but we've since included that in the mozilla-nss package.
Nothing should be using this anymore.
xap/seamonkey-2.49.5-x86_64-2.txz: Rebuilt.
Added additional options to more closely match the official build:
--enable-rust --enable-js-shell --enable-elf-hack --enable-release
--enable-calendar
Thanks to ljb643 for the bug report.
Removed /usr/lib{,64}/seamonkey from /etc/ld.so.conf.
l/dbus-python-1.2.10-x86_64-1.txz: Upgraded.
l/glib2-2.60.7-x86_64-1.txz: Upgraded.
l/librsvg-2.44.15-x86_64-1.txz: Upgraded.
l/pyparsing-2.4.2-x86_64-1.txz: Upgraded.
n/samba-4.10.8-x86_64-1.txz: Upgraded.
This update addresses a security issue:
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10197.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
(* Security fix *)
a/logrotate-3.15.1-x86_64-1.txz: Upgraded.
l/libnl3-3.5.0-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.1.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.1.0/releasenotes/
a/bash-5.0.011-x86_64-1.txz: Upgraded.
a/findutils-4.7.0-x86_64-1.txz: Upgraded.
ap/squashfs-tools-4.4-x86_64-1.txz: Upgraded.
n/irssi-1.2.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Use after free when receiving duplicate CAP found by Joseph Bisch.
For more information, see:
https://irssi.org/security/html/irssi_sa_2019_08https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15717
(* Security fix *)
x/libvdpau-1.3-x86_64-1.txz: Upgraded.
d/ccache-3.7.3-x86_64-1.txz: Upgraded.
l/libvisio-0.1.7-x86_64-1.txz: Upgraded.
n/bind-9.14.4-x86_64-2.txz: Rebuilt.
Updated to the latest named.root in the caching-example configs.
Thanks to 3rensho for the bug report.
n/s-nail-14.9.15-x86_64-1.txz: Upgraded.
n/whois-5.5.1-x86_64-1.txz: Upgraded.
xap/xlockmore-5.58-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.66-x86_64-1.txz: Upgraded.
ap/amp-0.7.6-x86_64-3.txz: Rebuilt.
Patched to clean up the code for a modern compiler and to not use overly
aggressive optimizations that can lead to crashes. Thanks to Labinnah.
d/doxygen-1.8.16-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.66-x86-1.txz: Upgraded.
d/scons-3.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.66-noarch-1.txz: Upgraded.
n/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.9-x86_64-1.txz: Upgraded.
x/libinput-1.14.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/mcelog-164-x86_64-1.txz: Upgraded.
a/os-prober-1.77-x86_64-3.txz: Rebuilt.
Fix cleanup() function. Thanks to USUARIONUEVO.
l/ffmpeg-4.2-x86_64-1.txz: Upgraded.
n/iw-5.3-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2-x86_64-1_alsa.txz: Upgraded.
testing/packages/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
This finally drops libnm-glib. I'm curious to hear how this will affect
various NM plugins before merging it into the main tree. Please test and
report any problems.