ap/moc-2.5.2-x86_64-5.txz: Rebuilt.
Patched and recompiled against ffmpeg-4.1.4. Thanks to Heinz Wiesinger.
ap/vim-8.1.1710-x86_64-1.txz: Upgraded.
d/cmake-3.15.0-x86_64-1.txz: Upgraded.
e/emacs-26.2-x86_64-2.txz: Rebuilt.
Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
bad signature from GNU ELPA for archive-contents.
Thanks to Stefan Monnier and Eric Lindblad.
kde/k3b-2.0.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/kfilemetadata-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/nepomuk-core-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/alsa-plugins-1.1.9-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/ffmpeg-4.1.4-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gegl-0.4.16-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gst-plugins-libav-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gvfs-1.40.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_54-x86_64-1.txz: Upgraded.
l/libvisual-plugins-0.4.0-x86_64-4.txz: Rebuilt.
Patched to fix a segmentation fault while loading plugin file.
Thanks to alienBOB.
l/libvpx-1.8.1-x86_64-1.txz: Upgraded.
n/curl-7.65.2-x86_64-1.txz: Upgraded.
xap/MPlayer-20190717-x86_64-1.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
xap/audacious-plugins-3.10.1-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
xap/vim-gvim-8.1.1710-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.9-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/MPlayer-20190717-x86_64-1_alsa.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-2_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-3_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/ffmpeg-4.1.4-x86_64-1_alsa.txz: Upgraded.
Shared library .so-version bump.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-5_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
a/kernel-generic-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.57-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.57-x86-1.txz: Upgraded.
k/kernel-source-4.19.57-noarch-1.txz: Upgraded.
l/Mako-1.0.13-x86_64-1.txz: Upgraded.
l/SDL2_image-2.0.5-x86_64-1.txz: Upgraded.
n/postfix-3.4.6-x86_64-1.txz: Upgraded.
xap/blueman-2.0.8-x86_64-2.txz: Rebuilt.
Reverted to blueman-2.0.8 as I'm also seeing connection issues here with
the newer version.
xap/xscreensaver-5.43-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1-x86_64-1.txz: Upgraded.
This doesn't seem to be working properly. Any patches are welcome.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/vim-8.1.1601-x86_64-1.txz: Upgraded.
Built with --disable-canberra. Thanks to Markus Wiesner.
l/harfbuzz-2.5.3-x86_64-1.txz: Upgraded.
n/nettle-3.5.1-x86_64-1.txz: Upgraded.
n/nftables-0.9.1-x86_64-1.txz: Upgraded.
t/texlive-2019.190626-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Johannes Schoepfer.
xap/blueman-2.1-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
xap/vim-gvim-8.1.1601-x86_64-1.txz: Upgraded.
a/aaa_terminfo-6.1_20190518-x86_64-1.txz: Upgraded.
ap/qpdf-8.4.2-x86_64-1.txz: Upgraded.
l/libidn2-2.2.0-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20190518-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.16.1-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.6-x86_64-1.txz: Upgraded.
This is a small bug fix release for rdesktop 1.8.5. An issue was discovered
soon after release where it was impossible to connect to some servers. This
issue has now been fixed, but otherwise this release is identical to 1.8.5.
xfce/Thunar-1.8.6-x86_64-1.txz: Upgraded.
xfce/thunar-volman-0.9.2-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/vim-8.1.1239-x86_64-1.txz: Upgraded.
l/python-urllib3-1.25.2-x86_64-1.txz: Upgraded.
xap/easytag-2.4.3-x86_64-2.txz: Rebuilt.
Upgraded (again) to easytag-2.4.3.
Reverted the upstream commit that was corrupting ogg and opus files.
In a new configuration, don't add freedb.musicbrainz.org as an automatic
CDDB server. Musicbrainz shut down this service permanently on March 18
and easytag breaks/hangs if it attempts to contact it. If your account
has already run easytag previously, you should go to Edit -> Preferences ->
CDDB and blank out the hostname field containing "freedb.musicbrainz.org".
xap/vim-gvim-8.1.1239-x86_64-1.txz: Upgraded.
ap/ksh93-20190416_7d7bba3e-x86_64-1.txz: Upgraded.
ap/sysstat-12.1.4-x86_64-1.txz: Upgraded.
l/gvfs-1.40.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/icu4c-64.2-x86_64-1.txz: Upgraded.
l/libcddb-1.3.2-x86_64-6.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/libcdio-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
l/zstd-1.4.0-x86_64-1.txz: Upgraded.
n/dhcpcd-7.2.0-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Trying to login with 8bit username containing invalid UTF8 input causes
auth process to crash if auth policy is enabled. This could be used rather
easily to cause a DoS. Similar crash also happens during mail delivery
when using invalid UTF8 in From or Subject header when OX push
notification driver is used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691
(* Security fix *)
n/nghttp2-1.38.0-x86_64-1.txz: Upgraded.
n/openssh-8.0p1-x86_64-1.txz: Upgraded.
This release contains a mitigation for a weakness in the scp(1) tool
and protocol (CVE-2019-6111): when copying files from a remote system
to a local directory, scp(1) did not verify that the filenames that
the server sent matched those requested by the client. This could
allow a hostile server to create or clobber unexpected local files
with attacker-controlled content.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
(* Security fix *)
xap/MPlayer-20190418-x86_64-1.txz: Upgraded.
Compiled against libcdio-2.1.0.
xap/audacious-plugins-3.10.1-x86_64-2.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz: Upgraded.
Compiled against libcdio-2.1.0.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libcdio-2.1.0.
a/hwdata-0.320-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.20-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.20-x86_64-1.txz: Upgraded.
a/mcelog-162-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.20-x86-1.txz: Upgraded.
d/opencl-headers-2.2-noarch-2.txz: Rebuilt.
Don't trigger "#pragma message" in cl_version.h when falling back on a
default version of OpenCL to target. Applications such as ffmpeg detect
this as an error and fail to compile.
k/kernel-source-4.19.20-noarch-1.txz: Upgraded.
l/ffmpeg-3.4.5-x86_64-2.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
Reenabled libsmbclient support.
l/gst-plugins-good-1.14.4-x86_64-2.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
l/libvpx-1.8.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/curl-7.64.0-x86_64-1.txz: Upgraded.
This release fixes the following security issues:
NTLM type-2 out-of-bounds buffer read.
NTLMv2 type-3 header stack buffer overflow.
SMTP end-of-response out-of-bounds read.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
(* Security fix *)
n/samba-4.9.4-x86_64-2.txz: Rebuilt.
Added time.h to libsmbclient.h to fix ffmpeg compatibility.
Thanks to USUARIONUEVO.
xap/xine-lib-1.2.9-x86_64-4.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/gzip-1.10-x86_64-1.txz: Upgraded.
a/lvm2-2.03.02-x86_64-1.txz: Upgraded.
a/os-prober-1.77-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-24.txz: Rebuilt.
rc.6: Don't umount /dev/shm or tmpfs mounts under /run as it causes long
warnings/timeouts at shutdown/reboot on systems using LVM.
Don't use --ignorelockingfailure when deactivating LVM.
l/gc-8.0.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_21-x86_64-1.txz: Upgraded.
l/libclc-20181127_1ecb16d-x86_64-1.txz: Upgraded.
l/librsvg-2.44.11-x86_64-1.txz: Upgraded.
l/zstd-1.3.8-x86_64-1.txz: Upgraded.
xap/blueman-2.0.7-x86_64-1.txz: Upgraded.
xap/xscreensaver-5.42-x86_64-1.txz: Upgraded.
xfce/xfce4-taskmanager-1.2.2-x86_64-1.txz: Upgraded.
ap/texinfo-6.5-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
ap/vim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
d/perl-5.28.1-x86_64-1.txz: Upgraded.
Upgraded DBD-mysql-4.049, DBI-1.642, abd IO-Socket-SSL-2.060.
Added Devel-CheckLib-1.13 (needed by DBD-mysql-4.049).
kde/perlkde-4.14.3-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
kde/perlqt-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/epic5-2.0.1-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/irssi-1.1.1-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/net-snmp-5.8-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/ntp-4.2.8p12-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/hexchat-2.14.2-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/mozilla-thunderbird-60.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.2/releasenotes/
xap/rxvt-unicode-9.22-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/vim-gvim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
xfce/xfce4-systemload-plugin-1.2.2-x86_64-1.txz: Upgraded.
n/mutt-1.11.0-x86_64-2.txz: Rebuilt.
Put info file in /usr/info and compress it.
Don't include /usr/info/dir.
Thanks to Edward Trumbo.
After upgrading this package, you'll need to reinstall the texinfo package
to restore the missing /usr/info/dir file.
n/wget-1.20-x86_64-1.txz: Upgraded.
a/btrfs-progs-v4.19-x86_64-1.txz: Upgraded.
a/haveged-1.9.4-x86_64-2.txz: Rebuilt.
rc.haveged: eliminate startup noise.
a/kernel-generic-4.19.1-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.1-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.1-x86_64-1.txz: Upgraded.
d/cmake-3.12.4-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.1-x86-1.txz: Upgraded.
k/kernel-source-4.19.1-noarch-1.txz: Upgraded.
Temporarily build in speakup drivers until the modular ones are fixed.
Thanks to Didier Spaier.
SPEAKUP m -> y
SPEAKUP_SYNTH_ACNTPC m -> y
SPEAKUP_SYNTH_ACNTSA m -> y
SPEAKUP_SYNTH_APOLLO m -> y
SPEAKUP_SYNTH_AUDPTR m -> y
SPEAKUP_SYNTH_BNS m -> y
SPEAKUP_SYNTH_DECEXT m -> y
SPEAKUP_SYNTH_DECTLK m -> y
SPEAKUP_SYNTH_DTLK m -> y
SPEAKUP_SYNTH_DUMMY m -> y
SPEAKUP_SYNTH_KEYPC m -> y
SPEAKUP_SYNTH_LTLK m -> y
SPEAKUP_SYNTH_SOFT m -> y
SPEAKUP_SYNTH_SPKOUT m -> y
SPEAKUP_SYNTH_TXPRT m -> y
l/alsa-lib-1.1.7-x86_64-2.txz: Rebuilt.
Fixed PCM interval. Thanks to aaditya.
l/xapian-core-1.4.9-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/eudev-3.2.5-x86_64-4.txz: Upgraded.
More bugs, unreplaced macros, and systemd-specific stuff have been found in
the eudev-3.2.6 release. Since there don't seem to be any improvements that
would merit closely following the bleeding edge on this one, we'll revert
back to eudev-3.2.5 which worked fine.
a/kernel-firmware-20181001_7c81f23-noarch-1.txz: Upgraded.
ap/at-3.1.23-x86_64-1.txz: Upgraded.
ap/hplip-3.18.9-x86_64-1.txz: Upgraded.
d/mercurial-4.7.2-x86_64-1.txz: Upgraded.
x/libpthread-stubs-0.4-x86_64-3.txz: Rebuilt.
Rebuilt since this should not be "noarch".
xap/mozilla-firefox-60.2.2esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.htmlhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-24/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387
(* Security fix *)
xap/mozilla-thunderbird-60.2.1-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.2.1/releasenotes/
xfce/Thunar-1.8.2-x86_64-1.txz: Upgraded.
a/eudev-3.2.6-x86_64-1.txz: Upgraded.
a/glibc-solibs-2.28-x86_64-2.txz: Upgraded.
a/grub-2.02-x86_64-3.txz: Rebuilt.
Patched to fix compatibility with recent xfsprogs. Thanks to Markus Wiesner.
a/kernel-generic-4.14.71-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.71-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.71-x86_64-1.txz: Upgraded.
ap/opus-tools-0.2-x86_64-1.txz: Upgraded.
ap/sqlite-3.25.1-x86_64-1.txz: Upgraded.
d/icecream-20180905_cdc6ff8-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.71-x86-1.txz: Upgraded.
d/llvm-7.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
k/kernel-source-4.14.71-noarch-1.txz: Upgraded.
l/ffmpeg-3.4.4-x86_64-2.txz: Rebuilt.
Don't try to link with Samba since the latest version is not compatible.
l/glibc-2.28-x86_64-2.txz: Upgraded.
All packages have been patched where needed for glibc-2.28 and compile
tested here. Thanks to nobodino for the help.
l/glibc-i18n-2.28-x86_64-2.txz: Upgraded.
l/glibc-profile-2.28-x86_64-2.txz: Upgraded.
l/gst-plugins-base-1.14.3-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.14.3-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.14.3-x86_64-1.txz: Upgraded.
l/gstreamer-1.14.3-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_11-x86_64-1.txz: Upgraded.
l/libopusenc-0.2-x86_64-1.txz: Added.
l/librsvg-2.44.3-x86_64-1.txz: Upgraded.
l/opus-1.3_rc2-x86_64-1.txz: Upgraded.
l/opusfile-0.11-x86_64-1.txz: Upgraded.
l/soprano-2.9.4-x86_64-3.txz: Rebuilt.
Recompiled to drop virtuoso dependency.
l/virtuoso-ose-6.1.8-x86_64-9.txz: Removed.
Even KDE4 has migrated away from actually using this for anything. The last
thing in Slackware that was dependent on it was Soprano, which has been
recompiled to no longer use it.
n/postfix-3.3.1-x86_64-2.txz: Rebuilt.
Recompiled so that it quits whining about OpenSSL. Thanks to shastah.
x/mesa-18.2.1-x86_64-1.txz: Upgraded.
Compiled against llvm-7.0.0.
x/xf86-video-vmware-13.3.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-7.0.0.
x/xterm-336-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.4-x86_64-2_alsa.txz: Rebuilt.
Don't try to link with Samba since the latest version is not compatible.
extra/pure-alsa-system/gst-plugins-good-1.14.3-x86_64-1_alsa.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/dmidecode-3.2-x86_64-1.txz: Upgraded.
ap/nano-3.1-x86_64-1.txz: Upgraded.
ap/slackpkg-2.83.0-noarch-4.txz: Rebuilt.
Merged two patches from git:
Clarify that a press of "Enter" is needed to confirm kernel change
Mention possible stale mirror if CHECKSUMS.md5 gpg verify fails
Thanks to Mario Preksavec and Robby Workman.
ap/sqlite-3.25.0-x86_64-1.txz: Upgraded.
ap/xorriso-1.5.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.22-x86_64-2.txz: Rebuilt.
Fixed the build script to clear out the build area properly - previously
it was possible for binaries of the wrong $ARCH to end up in the package.
Thanks to reddog83.
n/gnutls-3.6.3-x86_64-2.txz: Rebuilt.
Merged backported SSL/TLS fixes. Thanks to orbea.
n/samba-4.9.0-x86_64-2.txz: Rebuilt.
Recompiled in case the lmdb package was broken.
a/acpid-2.0.30-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-9.txz: Rebuilt.
Added support for /etc/ld.so.conf.d/. Thanks to Qury.
a/kernel-firmware-20180904_85c5d90-noarch-1.txz: Upgraded.
a/kernel-generic-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.68-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.68-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-22.txz: Rebuilt.
installpkg: prevent noise from the "stray cat" if tar hands it a broken
pipe. Thanks to ivandi.
Also (in the comments) provide a possibly better but untested solution.
Thanks to SeB.
a/sysvinit-2.90-x86_64-2.txz: Rebuilt.
sysvinit-2.90 added an undocumented feature that tries to spawn agetty
if it sees console= in the kernel command line. Avoiding the debate about
whether this code belongs in init at all, at least such a change should
be documented, and probably made opt-in. This patch disables the new
behavior unless "sysvinit_agetty" is also seen in the kernel command line.
It seems like this might have been something added for Hurd, and it might
be wise to stick to what we've got rather than following upstream on this
particular package. If anyone notices any other odd behavior, please let
me know. Thanks to shastah.
a/sysvinit-scripts-2.1-noarch-19.txz: Rebuilt.
When checking for intel_pstate, direct the stderr to /dev/null in case
the file doesn't exist in /sys. Thanks to ivandi.
Allow forcing an option by editing /etc/default/cpufreq.
ap/cups-filters-1.21.2-x86_64-1.txz: Upgraded.
ap/ghostscript-9.24-x86_64-1.txz: Upgraded.
Patched multiple -dSAFER sandbox bypass vulnerabilities.
Thanks to Tavis Ormandy.
For more information, see:
https://www.ghostscript.com/doc/9.24/News.htmhttps://www.kb.cert.org/vuls/id/332928
(* Security fix *)
ap/sudo-1.8.25-x86_64-1.txz: Upgraded.
d/binutils-2.31.1-x86_64-2.txz: Rebuilt.
elf.c (_bfd_elf_get_symbol_version_string): Return _("<corrupt>") for
corrupt symbol version info.
elflink.c (bfd_elf_record_link_assignment): Always clear h->verinfo.verdef
when overriding a dynamic definition.
Thanks to Michael Short for pointing out the upstream patches.
d/ccache-3.4.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.68-x86-1.txz: Upgraded.
d/llvm-6.0.1-x86_64-2.txz: Rebuilt.
Recompiled with -DCLANG_BUILD_SHARED_LIBS=ON to fix issues when multiple
OpenCL drivers are installed. Thanks to Heinz Wiesinger.
d/mercurial-4.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.14.68-noarch-1.txz: Upgraded.
l/mozilla-nss-3.39-x86_64-1.txz: Upgraded.
n/curl-7.61.1-x86_64-1.txz: Upgraded.
This update fixes an NTLM password overflow via integer overflow.
For more information, see:
https://curl.haxx.se/docs/CVE-2018-14618.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14618
(* Security fix *)
n/gnupg2-2.2.10-x86_64-1.txz: Upgraded.
n/libtirpc-1.1.4-x86_64-1.txz: Upgraded.
n/netatalk-3.1.11-x86_64-2.txz: Rebuilt.
rc.atalk: fixed errors in status output. Thanks to marav.
n/nghttp2-1.33.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.14-x86_64-1.txz: Upgraded.
n/stunnel-5.49-x86_64-1.txz: Upgraded.
x/libdrm-2.4.94-x86_64-1.txz: Upgraded.
x/xf86-video-ati-20180824_de88ea27-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
xap/xlockmore-5.56-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
xap/mozilla-thunderbird-60.0-x86_64-2.txz: Rebuilt.
Applied upstream patch to fix crash with folder name with special characters.
Thanks to Karl Magnus Kolstø for the bug report and link to the patch.
a/kernel-generic-4.14.62-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.62-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.62-x86_64-1.txz: Upgraded.
ap/pamixer-1.3.1-x86_64-7.txz: Rebuilt.
Recompiled against boost-1.68.0.
d/cmake-3.12.1-x86_64-1.txz: Upgraded.
d/distcc-3.3-x86_64-3.txz: Rebuilt.
Install masquerade symlinks in /usr/lib${LIBDIRSUFFIX}/distcc/.
d/kernel-headers-4.14.62-x86-1.txz: Upgraded.
k/kernel-source-4.14.62-noarch-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-24.txz: Rebuilt.
Recompiled against boost-1.68.0.
l/akonadi-1.13.0-x86_64-10.txz: Rebuilt.
Recompiled against boost-1.68.0.
l/boost-1.68.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/harfbuzz-1.8.7-x86_64-1.txz: Upgraded.
l/libgsf-1.14.44-x86_64-1.txz: Upgraded.
l/librsvg-2.42.6-x86_64-1.txz: Upgraded.
l/libsoup-2.62.3-x86_64-1.txz: Upgraded.
n/bind-9.12.2_P1-x86_64-1.txz: Upgraded.
Fixed a security issue where named could crash during recursive processing
of DNAME records when "deny-answer-aliases" was in use resulting in a
denial of service. Note that "deny-answer-aliases" is rarely used.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740
(* Security fix *)
xap/audacious-3.10-x86_64-1.txz: Upgraded.
xap/audacious-plugins-3.10-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/audacious-plugins-3.10-x86_64-1_alsa.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/man-db-2.8.4-x86_64-1.txz: Upgraded.
d/gdb-8.1.1-x86_64-1.txz: Upgraded.
d/python-pip-18.0-x86_64-1.txz: Upgraded.
d/python-setuptools-40.0.0-x86_64-1.txz: Upgraded.
d/python3-3.6.6-x86_64-1.txz: Upgraded.
l/libpcap-1.9.0-x86_64-1.txz: Upgraded.
l/pango-1.42.3-x86_64-1.txz: Upgraded.
x/libdrm-2.4.93-x86_64-1.txz: Upgraded.
xap/blueman-2.0.6-x86_64-1.txz: Upgraded.
This update fixes an issue where blueman-mechanism did not enforce the
polkit action 'org.blueman.network.setup' for which a polkit policy is
shipped. This meant that any user with access to the D-Bus system bus was
able to access the related API without authentication. The result was an
unspecified impact on the networking stack.
Thanks to Matthias Gerstner for discovering this issue.
(* Security fix *)
testing/packages/glibc-2.28-x86_64-1.txz: Added.
These packages are in /testing pending FTBFS analysis. They seem to work
fine here, but with a few header file deprecations and some other
possible API changes and incompatibilities (see the NEWS file), I expect
there will be some changes required to various packages. Feel free to
test them out though. Because of changes to the way glibc is built and
installed that started with the glibc-2.27 packages, you can upgrade to
these packages and also (if you wish) downgrade back to glibc-2.27 using
upgradepkg.
testing/packages/glibc-i18n-2.28-x86_64-1.txz: Added.
testing/packages/glibc-profile-2.28-x86_64-1.txz: Added.
testing/packages/glibc-solibs-2.28-x86_64-1.txz: Added.
ap/cups-filters-1.20.4-x86_64-2.txz: Rebuilt.
Recompiled against poppler-0.67.0.
kde/calligra-2.9.11-x86_64-23.txz: Rebuilt.
Recompiled against poppler-0.67.0.
l/ffmpeg-3.4.4-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.14.2-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.14.2-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.14.2-x86_64-1.txz: Upgraded.
l/gstreamer-1.14.2-x86_64-1.txz: Upgraded.
l/poppler-0.67.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/php-7.2.8-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
(* Security fix *)
t/texlive-2018.180630-x86_64-2.txz: Rebuilt.
Recompiled against poppler-0.67.0.
xap/MPlayer-20180720-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.1-x86_64-5.txz: Rebuilt.
Recompiled against poppler-0.67.0.
extra/pure-alsa-system/MPlayer-20180720-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.4-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/gst-plugins-good-1.14.2-x86_64-1_alsa.txz: Upgraded.
pasture/php-5.6.37-x86_64-1.txz: Upgraded.
Several security bugs have been fixed in this release, including:
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
heap-buffer-overflow (READ of size 48) while reading exif data
(* Security fix *)
