mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
13 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Patrick J Volkerding
|
da18c48c6c |
Thu Sep 19 19:16:36 UTC 2024
ap/ghostscript-10.04.0-x86_64-1.txz: Upgraded.
This release fixes security issues:
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-46951
https://www.cve.org/CVERecord?id=CVE-2024-46952
https://www.cve.org/CVERecord?id=CVE-2024-46953
https://www.cve.org/CVERecord?id=CVE-2024-46954
https://www.cve.org/CVERecord?id=CVE-2024-46955
https://www.cve.org/CVERecord?id=CVE-2024-46956
(* Security fix *)
ap/man-db-2.13.0-x86_64-2.txz: Rebuilt.
/etc/cron.daily/man-db: add -c to the options since it's nearly two orders
of magnitude faster than it used to be, and that bypasses some assumptions
(possibly invalid) about what to skip when updating an existing database.
Thanks to B Watson and Didier Spaier.
l/LibRaw-0.21.3-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.24.8-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.24.8-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.24.8-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.24.8-x86_64-1.txz: Upgraded.
l/gstreamer-1.24.8-x86_64-1.txz: Upgraded.
l/libxml2-2.13.4-x86_64-1.txz: Upgraded.
l/libzip-1.11.1-x86_64-1.txz: Upgraded.
l/protobuf-28.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-128.2.2esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.2.2esr/releasenotes/
|
||
|
Patrick J Volkerding
|
dc0a887503 |
Mon May 20 18:42:49 UTC 2024
a/less-655-x86_64-1.txz: Upgraded. Switch to lesspipe.sh from https://github.com/wofr06. Thanks to zsd. ap/ghostscript-10.03.1-x86_64-1.txz: Upgraded. ap/man-pages-6.8-noarch-1.txz: Upgraded. ap/mariadb-10.11.8-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MariaDB Server executes to compromise the server. This could result in unauthorized update, insert or delete access to some of the data as well as unauthorized read access to a subset of the data and unauthorized ability to cause a partial denial of service. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-21096 (* Security fix *) d/doxygen-1.11.0-x86_64-1.txz: Upgraded. d/llvm-18.1.6-x86_64-1.txz: Upgraded. kde/attica-5.116.0-x86_64-1.txz: Upgraded. kde/baloo-5.116.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.116.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.116.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.116.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.116.0-x86_64-1.txz: Upgraded. kde/kactivities-5.116.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.116.0-x86_64-1.txz: Upgraded. kde/kapidox-5.116.0-x86_64-1.txz: Upgraded. kde/karchive-5.116.0-x86_64-1.txz: Upgraded. kde/kauth-5.116.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.116.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.116.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.116.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.116.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.116.0-x86_64-1.txz: Upgraded. kde/kconfig-5.116.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.116.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.116.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.116.0-x86_64-1.txz: Upgraded. kde/kcrash-5.116.0-x86_64-1.txz: Upgraded. kde/kdav-5.116.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.116.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.116.0-x86_64-1.txz: Upgraded. kde/kded-5.116.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.116.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.116.0-x86_64-1.txz: Upgraded. kde/kdesu-5.116.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.116.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.116.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.116.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.116.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.116.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.116.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.116.0-x86_64-1.txz: Upgraded. kde/kholidays-5.116.0-x86_64-1.txz: Upgraded. kde/khtml-5.116.0-x86_64-1.txz: Upgraded. kde/ki18n-5.116.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.116.0-x86_64-1.txz: Upgraded. kde/kidletime-5.116.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.116.0-x86_64-1.txz: Upgraded. kde/kinit-5.116.0-x86_64-1.txz: Upgraded. kde/kio-5.116.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.116.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.116.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.116.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.116.0-x86_64-1.txz: Upgraded. kde/kjs-5.116.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.116.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.116.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.116.0-x86_64-1.txz: Upgraded. kde/knotifications-5.116.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.116.0-x86_64-1.txz: Upgraded. kde/kpackage-5.116.0-x86_64-1.txz: Upgraded. kde/kparts-5.116.0-x86_64-1.txz: Upgraded. kde/kpeople-5.116.0-x86_64-1.txz: Upgraded. kde/kplotting-5.116.0-x86_64-1.txz: Upgraded. kde/kpty-5.116.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.116.0-x86_64-1.txz: Upgraded. kde/kross-5.116.0-x86_64-1.txz: Upgraded. kde/krunner-5.116.0-x86_64-1.txz: Upgraded. kde/kservice-5.116.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.116.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.116.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.116.0-x86_64-1.txz: Upgraded. kde/kwallet-5.116.0-x86_64-1.txz: Upgraded. kde/kwayland-5.116.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.116.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.116.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.116.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.116.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.116.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.116.0-x86_64-1.txz: Upgraded. kde/oxygen-icons-5.116.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.116.0-x86_64-1.txz: Upgraded. kde/prison-5.116.0-x86_64-1.txz: Upgraded. kde/purpose-5.116.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.116.0-x86_64-1.txz: Upgraded. kde/solid-5.116.0-x86_64-1.txz: Upgraded. kde/sonnet-5.116.0-x86_64-1.txz: Upgraded. kde/syndication-5.116.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.116.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.116.0-x86_64-1.txz: Upgraded. l/gi-docgen-2024.1-x86_64-1.txz: Upgraded. l/libass-0.17.2-x86_64-1.txz: Upgraded. l/libcap-2.70-x86_64-1.txz: Upgraded. l/libedit-20240517_3.1-x86_64-1.txz: Upgraded. l/qt5-5.15.13_20240519_56514bcd-x86_64-1.txz: Upgraded. n/iw-6.9-x86_64-1.txz: Upgraded. n/nghttp2-1.62.1-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
66e838eb2b |
Thu Mar 7 20:40:08 UTC 2024
ap/ghostscript-10.03.0-x86_64-1.txz: Upgraded. This update addresses a security issue: A vulnerability was identified in the way Ghostscript/GhostPDL called tesseract for the OCR devices, which could allow arbitrary code execution. Thanks to J_W for the heads-up. (* Security fix *) ap/lxc-4.0.12-x86_64-3.txz: Rebuilt. lxc-slackware.in: include gnupg2 (not gnupg) for slackpkg. ap/slackpkg-15.0.10-noarch-3.txz: Rebuilt. core-functions.sh: use gpg2, not gpg. d/Cython-3.0.9-x86_64-1.txz: Upgraded. d/git-2.44.0-x86_64-2.txz: Rebuilt. Include git-subtree. Thanks to gwhl. d/llvm-18.1.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. kde/kdevelop-23.08.5-x86_64-2.txz: Rebuilt. Recompiled against llvm-18.1.0. l/openexr-3.2.3-x86_64-1.txz: Upgraded. l/python-importlib_metadata-7.0.2-x86_64-1.txz: Upgraded. l/python-trove-classifiers-2024.3.3-x86_64-1.txz: Upgraded. l/qt5-5.15.12_20240228_6609503f-x86_64-1.txz: Upgraded. Compiled against llvm-18.1.0. l/qt6-6.6.2_20240210_15b7e743-x86_64-3.txz: Rebuilt. Recompiled against llvm-18.1.0. l/spirv-llvm-translator-18.1.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/gnupg2-2.4.5-x86_64-1.txz: Upgraded. n/libassuan-2.5.7-x86_64-1.txz: Upgraded. n/postfix-3.9.0-x86_64-1.txz: Upgraded. x/mesa-24.0.2-x86_64-2.txz: Rebuilt. Recompiled against llvm-18.1.0 and spirv-llvm-translator-18.1.0. isolinux/initrd.img: Rebuilt. Fixed kernel version. Thanks to chrisVV. usb-and-pxe-installers/usbboot.img: Rebuilt. Fixed kernel version. Thanks to chrisVV. |
||
|
Patrick J Volkerding
|
bafbc3db1b |
Wed Nov 1 23:42:44 UTC 2023
a/aaa_libraries-15.1-x86_64-22.txz: Rebuilt. Upgraded: libz.so.1.3, libcares.so.2.7.2, libglib-2.0.so.0.7800.1, libgmodule-2.0.so.0.7800.1, libjson-c.so.5.3.0, liblzma.so.5.4.5, libmpfr.so.6.2.1. Removed: libboost_*.so.1.82.0, libicu*.so.72.1. Added (temporarily): libicu*.so.73.2. a/mcelog-196-x86_64-1.txz: Upgraded. a/shadow-4.14.2-x86_64-1.txz: Upgraded. a/xfsprogs-6.5.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. a/xz-5.4.5-x86_64-1.txz: Upgraded. ap/ghostscript-10.02.1-x86_64-1.txz: Upgraded. ap/inxi-3.3.31_1-noarch-1.txz: Upgraded. ap/sqlite-3.44.0-x86_64-1.txz: Upgraded. Compiled against icu4c-74.1. kde/kdeplasma-addons-5.27.9-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. kde/konsole-23.08.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. kde/krita-5.2.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.27.9.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/boost-1.83.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/harfbuzz-8.2.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/icu4c-74.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libical-3.0.17-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/libqalculate-4.8.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/libvisio-0.1.7-x86_64-12.txz: Rebuilt. Recompiled against icu4c-74.1. l/mozjs102-102.15.1esr-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/nodejs-20.9.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. l/qt5-5.15.11_20231024_2b45d158-x86_64-1.txz: Upgraded. Compiled against icu4c-74.1. l/qt5-webkit-5.212.0_alpha4-x86_64-12.txz: Rebuilt. Recompiled against icu4c-74.1. l/vte-0.74.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. n/dovecot-2.3.21-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. n/php-8.2.12-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. n/postfix-3.8.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. n/samba-4.19.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. n/tin-2.6.2-x86_64-3.txz: Rebuilt. Recompiled against icu4c-74.1. t/texlive-2023.230322-x86_64-6.txz: Rebuilt. Recompiled against icu4c-74.1. tcl/tcl-8.6.13-x86_64-2.txz: Rebuilt. Recompiled against icu4c-74.1. xfce/xfconf-4.18.3-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
bde72083a1 |
Sat Sep 12 19:16:03 UTC 2020
a/kernel-generic-5.4.65-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.65-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.65-x86_64-1.txz: Upgraded.
ap/cups-filters-1.28.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.53.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.65-x86-1.txz: Upgraded.
d/meson-0.55.3-x86_64-1.txz: Upgraded.
d/vala-0.50.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.65-noarch-1.txz: Upgraded.
l/glib2-2.66.0-x86_64-1.txz: Upgraded.
l/librsvg-2.50.0-x86_64-1.txz: Upgraded.
l/libssh-0.9.5-x86_64-1.txz: Upgraded.
l/libxkbcommon-1.0.1-x86_64-1.txz: Upgraded.
x/xf86-video-vesa-2.5.0-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.9-x86_64-3.txz: Rebuilt.
Applied upstream patch to fix a PCI related crash on some hardware.
Thanks to Jaroslaw Siebert.
x/xorg-server-xephyr-1.20.9-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.9-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.9-x86_64-3.txz: Rebuilt.
x/xorg-server-xwayland-1.20.9-x86_64-3.txz: Rebuilt.
xap/mozilla-thunderbird-68.12.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.12.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15669
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
30f51193f4 |
Thu Mar 19 22:01:05 UTC 2020
ap/ghostscript-9.52-x86_64-1.txz: Upgraded. l/PyQt5-5.13.2-x86_64-1.txz: Added. l/QScintilla-2.11.4-x86_64-3.txz: Rebuilt. Added PyQt5 support. Thanks to alienBOB. l/sip-4.19.21-x86_64-2.txz: Rebuilt. Recompiled to pick up Qt5 support. n/gpgme-1.13.1-x86_64-3.txz: Rebuilt. Added Qt5 bindings. Thanks to alienBOB. |
||
|
Patrick J Volkerding
|
99054d5dbe |
Fri Mar 13 20:15:29 UTC 2020
a/cryptsetup-2.3.1-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200309_3b3dd5a-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.25-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.25-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.25-x86_64-1.txz: Upgraded.
ap/ghostscript-9.51-x86_64-1.txz: Upgraded.
d/gcc-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-brig-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-g++-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-gdc-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-gfortran-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-gnat-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-go-9.3.0-x86_64-1.txz: Upgraded.
d/gcc-objc-9.3.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.25-x86-1.txz: Upgraded.
d/libtool-2.4.6-x86_64-13.txz: Rebuilt.
Recompiled to update embedded GCC version number.
d/rust-1.42.0-x86_64-1.txz: Upgraded.
d/scons-3.1.2-x86_64-2.txz: Rebuilt.
Drop python2 support and switch to python3.
k/kernel-source-5.4.25-noarch-1.txz: Upgraded.
GCC_VERSION 90200 -> 90300
l/libuv-1.35.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.22.10-x86_64-1.txz: Upgraded.
n/postfix-3.4.10-x86_64-1.txz: Upgraded.
xap/blueman-2.1.2-x86_64-2.txz: Rebuilt.
This needed a rebuild for glib2-2.64.1. Thanks to Lockywolf.
xap/mozilla-thunderbird-68.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.6.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6814
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
6cf0967631 |
Tue Oct 15 20:58:56 UTC 2019
ap/ghostscript-9.50-x86_64-1.txz: Upgraded. d/icecream-1.3-x86_64-2.txz: Rebuilt. Have the profile scripts just check for -x /etc/rc.d/rc.iceccd, since pgrep with --ns $$ isn't working for non-root users. Thanks to Leopold E. Midha. d/python-pip-19.3-x86_64-1.txz: Upgraded. n/bluez-5.51-x86_64-2.txz: Rebuilt. Fixed path to obexd in org.bluez.obex.service. Thanks to Jean-Philippe Guillemin. x/xf86-video-ati-19.1.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
7f86ecac76 |
Thu Apr 4 19:06:36 UTC 2019
ap/ghostscript-9.27-x86_64-1.txz: Upgraded. d/python-setuptools-40.9.0-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_37-x86_64-1.txz: Upgraded. l/readline-8.0.000-x86_64-2.txz: Rebuilt. Recompiled to link rlfe against the new libreadline. Thanks to Toutatis. |
||
|
Patrick J Volkerding
|
44f92d940d |
Thu Nov 22 05:56:56 UTC 2018
a/kernel-generic-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.3-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1a-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-21.txz: Rebuilt.
rc.S: Don't run rc.fuse - udev takes care of the FUSE module and filesystem.
rc.S: Support replacing the /etc/mtab file with a symlink to /proc/mounts.
rc.6: Show more information when unmounting filesystems at shutdown.
ap/ghostscript-9.26-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.11-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://mariadb.com/kb/en/library/mariadb-10311-release-notes/
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3282
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2016-9843
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3174
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3143
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3156
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3251
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3185
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3277
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3162
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3173
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3200
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3284
(* Security fix *)
d/cmake-3.13.0-x86_64-1.txz: Upgraded.
d/git-2.19.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.63-x86-1.txz: Upgraded.
d/kernel-headers-4.19.3-x86-1.txz: Upgraded.
d/vala-0.42.3-x86_64-1.txz: Added.
k/kernel-source-4.19.3-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-3.30.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.30.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.30.0-x86_64-1.txz: Upgraded.
l/atk-2.30.0-x86_64-1.txz: Upgraded.
l/atkmm-2.28.0-x86_64-1.txz: Upgraded.
l/dconf-0.28.0-x86_64-1.txz: Upgraded.
dconf and dconf-editor require Vala; the alternative would be to try to
stick with the old versions forever, and we don't want to do that.
l/dconf-editor-3.30.2-x86_64-1.txz: Upgraded.
l/gcr-3.28.0-x86_64-3.txz: Rebuilt.
Recompiled to add Vala bindings.
l/gdk-pixbuf2-2.38.0-x86_64-1.txz: Upgraded.
l/gexiv2-0.10.9-x86_64-1.txz: Upgraded.
l/glib-networking-2.58.0-x86_64-1.txz: Upgraded.
l/glib2-2.58.1-x86_64-1.txz: Upgraded.
l/glibmm-2.58.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.58.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.1-x86_64-1.txz: Upgraded.
l/gtkmm3-3.24.0-x86_64-1.txz: Upgraded.
l/gvfs-1.38.1-x86_64-1.txz: Upgraded.
l/libcap-2.26-x86_64-1.txz: Upgraded.
l/libpsl-0.20.1-x86_64-1.txz: Added.
Required by libsoup.
l/libsoup-2.64.2-x86_64-1.txz: Upgraded.
l/pangomm-2.42.0-x86_64-1.txz: Upgraded.
l/pygobject3-3.30.2-x86_64-1.txz: Upgraded.
l/vte-0.54.2-x86_64-1.txz: Upgraded.
n/openssl-1.1.1a-x86_64-1.txz: Upgraded.
This update fixes timing side channel attacks on DSA and ECDSA signature
generation that could allow an attacker to recover the private key.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735
(* Security fix *)
x/pixman-0.36.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.7.4-x86_64-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
83d09b5d6f |
Thu Sep 13 21:41:51 UTC 2018
a/sysvinit-scripts-2.1-noarch-20.txz: Rebuilt.
rc.6: it was reported by birdboy that JFS is not properly unmounted unless
the order of unmounting local filesystems followed by remounting the root
filesystem read-only is inverted. I tried that, and although it did get rid
of a "/ filesystem is busy" error during shutdown, the JFS / filesystem was
still checked at boot (and found to be clean). I believe that the existing
order of unmounting non-root filesystems followed by remounting the root
filesystem as read-only is the correct order, and found that putting
another sync between these also gets rid of the error on shutdown, so I've
done that. When using JFS as the root filesystem there's still another
similar error message that's generated earlier in the boot, though. I'm
unable to find any way to shut down a JFS root partition in a way that
leaves it clean enough that fsck will not check it at boot, but it is always
found to be clean so this should only be cosmetic. I recall this behavior of
JFS going all the way back to when it was first added to the kernel. If
anyone has a better fix, I'll take a look at it, but in my opinion it's not
really anything to worry about.
ap/ghostscript-9.25-x86_64-1.txz: Upgraded.
This release fixes problems with argument handling, some unintended
results of the security fixes to the SAFER file access restrictions
(specifically accessing ICC profile files), and some additional
security issues over the recent 9.24 release.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16509
(* Security fix *)
ap/squashfs-tools-20180612_6e242dc-x86_64-1.txz: Upgraded.
Linked against libzstd.so.1. Thanks to alienBOB.
ap/sudo-1.8.25p1-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-4.txz: Rebuilt.
Since baldzhang has pointed out a valid use case for windres on Linux,
we are restoring the "Windows only" utilities, as none of them are
very large and there may be valid uses for the other ones as well.
l/freetype-2.9.1-x86_64-2.txz: Rebuilt.
Patched to build properly if windres is present on the machine.
l/sg3_utils-1.44-x86_64-1.txz: Upgraded.
l/zstd-1.3.5-x86_64-1.txz: Added.
Thanks to alienBOB.
xfce/tumbler-0.2.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
Use the ter-114v terminus font. It has been reported that the font we were
using (ter-v14v) restricts the available console colors from 16 to 8 due
to needing an extra bit for the higher number of available glyphs (though
in testing here I couldn't see any difference). The new font covers
ISO8859-1, ISO8859-15, and Windows-1252 codepages. I'm still not sure it's
the best choice, so additional input is welcomed.
Thanks to bormant.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Use the ter-114v terminus font.
|
||
|
Patrick J Volkerding
|
ce9883adca |
Thu Sep 6 06:15:46 UTC 2018
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
installpkg: prevent noise from the "stray cat" if tar hands it a broken
pipe. Thanks to ivandi.
Also (in the comments) provide a possibly better but untested solution.
Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
sysvinit-2.90 added an undocumented feature that tries to spawn agetty
if it sees console= in the kernel command line. Avoiding the debate about
whether this code belongs in init at all, at least such a change should
be documented, and probably made opt-in. This patch disables the new
behavior unless "sysvinit_agetty" is also seen in the kernel command line.
It seems like this might have been something added for Hurd, and it might
be wise to stick to what we've got rather than following upstream on this
particular package. If anyone notices any other odd behavior, please let
me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
When checking for intel_pstate, direct the stderr to /dev/null in case
the file doesn't exist in /sys. Thanks to ivandi.
Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
Patched multiple -dSAFER sandbox bypass vulnerabilities.
Thanks to Tavis Ormandy.
For more information, see:
https://www.ghostscript.com/doc/9.24/News.htm
https://www.kb.cert.org/vuls/id/332928
(* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for
corrupt symbol version info.
elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
when overriding a dynamic definition.
Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
This update fixes an NTLM password overflow via integer overflow.
For more information, see:
https://curl.haxx.se/docs/CVE-2018-14618.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
(* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
646a5c1cbf |
Mon May 28 19:12:29 UTC 2018
a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. |