Commit graph

146 commits

Author SHA1 Message Date
Patrick J Volkerding
11a87f4677 Sat Aug 3 02:52:33 UTC 2019
ap/tmux-2.9a-x86_64-2.txz:  Rebuilt.
  Recompiled against libevent-2.1.11.
d/mercurial-5.1-x86_64-1.txz:  Upgraded.
l/libevent-2.1.11-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-docutils-0.15.2-x86_64-1.txz:  Upgraded.
l/xapian-core-1.4.12-x86_64-1.txz:  Upgraded.
n/links-2.19-x86_64-2.txz:  Rebuilt.
  Recompiled against libevent-2.1.11.
n/netatalk-3.1.12-x86_64-2.txz:  Rebuilt.
  Recompiled against libevent-2.1.11.
n/ntp-4.2.8p13-x86_64-3.txz:  Rebuilt.
  Recompiled against libevent-2.1.11.
n/php-7.3.8-x86_64-1.txz:  Upgraded.
2019-08-03 08:59:46 +02:00
Patrick J Volkerding
b66064e5a1 Thu Aug 1 00:20:07 UTC 2019
ap/vim-8.1.1778-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_58-x86_64-1.txz:  Upgraded.
l/python-packaging-19.1-x86_64-1.txz:  Upgraded.
n/dhcpcd-8.0.2-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.1.1778-x86_64-1.txz:  Upgraded.
xfce/exo-0.12.7-x86_64-1.txz:  Upgraded.
2019-08-01 08:59:30 +02:00
Patrick J Volkerding
110278b262 Mon Jul 29 02:33:59 UTC 2019
a/kernel-generic-4.19.62-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.62-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.62-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.62-x86-1.txz:  Upgraded.
k/kernel-source-4.19.62-noarch-1.txz:  Upgraded.
n/s-nail-14.9.14-x86_64-1.txz:  Upgraded.
x/xf86-video-sis-0.11.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-07-29 08:59:45 +02:00
Patrick J Volkerding
1a1f1ce393 Fri Jul 26 21:37:31 UTC 2019
a/kernel-firmware-20190726_dff98c6-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.61-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.61-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.61-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.61-x86-1.txz:  Upgraded.
k/kernel-source-4.19.61-noarch-1.txz:  Upgraded.
l/babl-0.1.68-x86_64-1.txz:  Upgraded.
l/desktop-file-utils-0.24-x86_64-1.txz:  Upgraded.
l/zstd-1.4.2-x86_64-1.txz:  Upgraded.
n/ethtool-5.2-x86_64-1.txz:  Upgraded.
n/gnutls-3.6.9-x86_64-1.txz:  Upgraded.
x/xf86-video-s3-0.7.0-x86_64-1.txz:  Upgraded.
xap/gkrellm-2.3.11-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-07-27 08:59:46 +02:00
Patrick J Volkerding
8b5c0b991d Thu Jul 25 22:48:09 UTC 2019
l/SDL2-2.0.10-x86_64-1.txz:  Upgraded.
l/gmime-3.2.3-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/NetworkManager-1.18.2-x86_64-1.txz:  Upgraded.
n/dhcpcd-8.0.1-x86_64-1.txz:  Upgraded.
n/openldap-client-2.4.48-x86_64-1.txz:  Upgraded.
xap/pan-0.145-x86_64-2.txz:  Rebuilt.
  Recompiled against gmime-3.2.3.
2019-07-26 08:59:43 +02:00
Patrick J Volkerding
652e0a15cf Wed Jul 24 19:27:45 UTC 2019
d/python-pip-19.2.1-x86_64-1.txz:  Upgraded.
d/subversion-1.12.2-x86_64-1.txz:  Upgraded.
l/glib2-2.60.6-x86_64-1.txz:  Upgraded.
l/python-docutils-0.15-x86_64-1.txz:  Upgraded.
n/whois-5.5.0-x86_64-1.txz:  Upgraded.
x/glu-9.0.1-x86_64-1.txz:  Upgraded.
xfce/xfce4-terminal-0.8.8-x86_64-1.txz:  Upgraded.
2019-07-25 08:59:59 +02:00
Patrick J Volkerding
bcec1638cf Mon Jul 22 22:09:56 UTC 2019
a/aaa_terminfo-6.1_20190720-x86_64-1.txz:  Upgraded.
ap/squashfs-tools-20190721_95230e2-x86_64-1.txz:  Upgraded.
l/ncurses-6.1_20190720-x86_64-1.txz:  Upgraded.
l/netpbm-10.87.00-x86_64-1.txz:  Upgraded.
n/net-tools-20181103_0eebece-x86_64-1.txz:  Upgraded.
2019-07-23 08:59:47 +02:00
Patrick J Volkerding
3db41f6c76 Fri Jul 19 18:26:45 UTC 2019
a/aaa_elflibs-15.0-x86_64-9.txz:  Rebuilt.
  Upgraded: libbz2.so.1.0.8, libexpat.so.1.6.9, libglib-2.0.so.0.6000.5,
  libgmodule-2.0.so.0.6000.5, libgobject-2.0.so.0.6000.5,
  libgthread-2.0.so.0.6000.5, libidn2.so.0.3.6.
  Removed: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1,
  libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1.
  Added: libpcre2-8.so.0.8.0, libpsl.so.5.3.2. These are needed by wget which
  is used by slackpkg, so they should be in here. Thanks to OutSiderBR.
ap/lxc-2.0.11_fad08f383-x86_64-1.txz:  Upgraded.
  Updated from 2.0 git branch.
  Ported init script updates from sysvinit-scripts.
d/ccache-3.7.2-x86_64-1.txz:  Upgraded.
l/libsigc++-2.10.2-x86_64-1.txz:  Upgraded.
n/curl-7.65.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release:
  Fix a regression that caused the progress meter not to appear.
  For more information, see:
    https://curl.haxx.se/changes.html
n/iputils-20190709-x86_64-1.txz:  Upgraded.
2019-07-20 08:59:50 +02:00
Patrick J Volkerding
612d5685be Thu Jul 18 20:46:19 UTC 2019
a/kernel-firmware-20190717_bf13a71-noarch-1.txz:  Upgraded.
ap/mpg123-1.25.11-x86_64-1.txz:  Upgraded.
l/gvfs-1.40.2-x86_64-2.txz:  Rebuilt.
  daemon/meson.build: define gvfs_rpath for libgvfsdaemon.so
  This fixes "libgvfscommon.so => not found" running ldd on libgvfsdaemon.so.
  Thanks to Robby Workman.
n/bind-9.14.4-x86_64-1.txz:  Upgraded.
x/libpciaccess-0.16-x86_64-1.txz:  Upgraded.
x/xinput-1.6.3-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-68.0.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.0.1esr/releasenotes/
extra/pure-alsa-system/mpg123-1.25.11-x86_64-1_alsa.txz:  Upgraded.
2019-07-19 08:59:48 +02:00
Patrick J Volkerding
a36b32349b Wed Jul 17 21:57:16 UTC 2019
ap/moc-2.5.2-x86_64-5.txz:  Rebuilt.
  Patched and recompiled against ffmpeg-4.1.4. Thanks to Heinz Wiesinger.
ap/vim-8.1.1710-x86_64-1.txz:  Upgraded.
d/cmake-3.15.0-x86_64-1.txz:  Upgraded.
e/emacs-26.2-x86_64-2.txz:  Rebuilt.
  Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
  bad signature from GNU ELPA for archive-contents.
  Thanks to Stefan Monnier and Eric Lindblad.
kde/k3b-2.0.3-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
kde/kfilemetadata-4.14.3-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
kde/nepomuk-core-4.14.3-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
l/alsa-plugins-1.1.9-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
l/ffmpeg-4.1.4-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/gegl-0.4.16-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
l/gst-plugins-libav-1.16.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
l/gvfs-1.40.2-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_54-x86_64-1.txz:  Upgraded.
l/libvisual-plugins-0.4.0-x86_64-4.txz:  Rebuilt.
  Patched to fix a segmentation fault while loading plugin file.
  Thanks to alienBOB.
l/libvpx-1.8.1-x86_64-1.txz:  Upgraded.
n/curl-7.65.2-x86_64-1.txz:  Upgraded.
xap/MPlayer-20190717-x86_64-1.txz:  Upgraded.
  Compiled against ffmpeg-4.1.4.
xap/audacious-plugins-3.10.1-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
xap/vim-gvim-8.1.1710-x86_64-1.txz:  Upgraded.
xap/xine-lib-1.2.9-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/MPlayer-20190717-x86_64-1_alsa.txz:  Upgraded.
  Compiled against ffmpeg-4.1.4.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-3_alsa.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/ffmpeg-4.1.4-x86_64-1_alsa.txz:  Upgraded.
  Shared library .so-version bump.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-5_alsa.txz:  Rebuilt.
  Recompiled against ffmpeg-4.1.4.
2019-07-18 08:59:47 +02:00
Patrick J Volkerding
b2bf157be9 Mon Jul 15 00:26:07 UTC 2019
a/bzip2-1.0.8-x86_64-1.txz:  Upgraded.
  Fixes security issues:
  bzip2recover: Fix use after free issue with outFile.
  Make sure nSelectors is not out of range.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
  (* Security fix *)
a/kernel-generic-4.19.59-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.59-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.59-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.59-x86-1.txz:  Upgraded.
k/kernel-source-4.19.59-noarch-1.txz:  Upgraded.
l/libwebp-1.0.3-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.7-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-07-15 08:59:48 +02:00
Patrick J Volkerding
424ebe6bb5 Fri Jul 12 18:52:15 UTC 2019
a/kernel-firmware-20190712_d52556e-noarch-1.txz:  Upgraded.
l/M2Crypto-0.35.2-x86_64-2.txz:  Rebuilt.
  Upgraded to typing-3.7.4.
l/pycurl-7.43.0.3-x86_64-1.txz:  Upgraded.
tcl/tclx-8.4.2-x86_64-1.txz:  Upgraded.
x/xauth-1.1-x86_64-1.txz:  Upgraded.
2019-07-13 08:59:47 +02:00
Patrick J Volkerding
d25041e8f5 Wed Jul 10 23:56:13 UTC 2019
a/glibc-zoneinfo-2019b-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.58-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.58-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.58-x86_64-1.txz:  Upgraded.
d/Cython-0.29.12-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.58-x86-1.txz:  Upgraded.
d/mercurial-5.0.2-x86_64-1.txz:  Upgraded.
d/python3-3.7.4-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.58-noarch-1.txz:  Upgraded.
l/glib2-2.60.5-x86_64-1.txz:  Upgraded.
n/gnupg2-2.2.17-x86_64-1.txz:  Upgraded.
n/iproute2-5.2.0-x86_64-1.txz:  Upgraded.
n/samba-4.10.6-x86_64-1.txz:  Upgraded.
x/libva-utils-2.5.0-x86_64-1.txz:  Upgraded.
x/mesa-19.1.2-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-68.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements. Some of the patched
  flaws are considered critical, and could be used to run attacker code and
  install software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
  (* Security fix *)
xap/mozilla-thunderbird-60.8.0-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/60.8.0/releasenotes/
xfce/garcon-0.6.3-x86_64-2.txz:  Rebuilt.
  Patched crash bug.
  Installed gtk-doc HTML docs.
  Thanks to Robby Workman.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/blueman-2.1.1-x86_64-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-07-11 08:59:45 +02:00
Patrick J Volkerding
db3b9f73c4 Wed Jul 3 21:02:58 UTC 2019
a/kernel-generic-4.19.57-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.57-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.57-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.57-x86-1.txz:  Upgraded.
k/kernel-source-4.19.57-noarch-1.txz:  Upgraded.
l/Mako-1.0.13-x86_64-1.txz:  Upgraded.
l/SDL2_image-2.0.5-x86_64-1.txz:  Upgraded.
n/postfix-3.4.6-x86_64-1.txz:  Upgraded.
xap/blueman-2.0.8-x86_64-2.txz:  Rebuilt.
  Reverted to blueman-2.0.8 as I'm also seeing connection issues here with
  the newer version.
xap/xscreensaver-5.43-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/blueman-2.1-x86_64-1.txz:  Upgraded.
  This doesn't seem to be working properly. Any patches are welcome.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-07-04 08:59:47 +02:00
Patrick J Volkerding
ed5de188b1 Tue Jul 2 20:36:38 UTC 2019
d/python-setuptools-41.0.1-x86_64-2.txz:  Rebuilt.
l/freetype-2.10.1-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_51-x86_64-1.txz:  Upgraded.
n/php-7.3.7-x86_64-1.txz:  Upgraded.
2019-07-03 08:59:47 +02:00
Patrick J Volkerding
5c403a0983 Sat Jun 29 22:49:01 UTC 2019
a/hwdata-0.325-noarch-1.txz:  Upgraded.
ap/hplip-3.19.6-x86_64-1.txz:  Upgraded.
n/irssi-1.2.1-x86_64-1.txz:  Upgraded.
  This update fixes a security issue: Use after free when sending SASL login
  to the server found by ilbelkyr. May affect the stability of Irssi. SASL
  logins may fail, especially during (manual and automated) reconnect.
  For more information, see:
    https://irssi.org/2019/06/29/irssi-1.2.1-1.1.3-1.0.8-released/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045
  (* Security fix *)
xfce/Thunar-1.8.7-x86_64-1.txz:  Upgraded.
2019-06-30 08:59:47 +02:00
Patrick J Volkerding
d633088070 Fri Jun 28 18:44:41 UTC 2019
a/bzip2-1.0.7-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20190628_70e4394-noarch-1.txz:  Upgraded.
l/libssh-0.9.0-x86_64-1.txz:  Upgraded.
n/dhcpcd-7.2.3-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.4.1-x86_64-1.txz:  Upgraded.
2019-06-29 08:59:44 +02:00
Patrick J Volkerding
690121316c Thu Jun 27 19:07:20 UTC 2019
ap/vim-8.1.1601-x86_64-1.txz:  Upgraded.
  Built with --disable-canberra. Thanks to Markus Wiesner.
l/harfbuzz-2.5.3-x86_64-1.txz:  Upgraded.
n/nettle-3.5.1-x86_64-1.txz:  Upgraded.
n/nftables-0.9.1-x86_64-1.txz:  Upgraded.
t/texlive-2019.190626-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Thanks to Johannes Schoepfer.
xap/blueman-2.1-x86_64-1.txz:  Upgraded.
  Thanks to Robby Workman.
xap/vim-gvim-8.1.1601-x86_64-1.txz:  Upgraded.
2019-06-28 08:59:46 +02:00
Patrick J Volkerding
96e8885d22 Wed Jun 26 20:14:26 UTC 2019
l/giflib-5.2.1-x86_64-2.txz:  Rebuilt.
  Install obsolete utilities (if they were built).
  If you'd like to see them continued, let upstream know.
l/libarchive-3.4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
l/libzip-1.5.2-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
n/gnutls-3.6.8-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
n/nettle-3.5-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
x/xorg-server-1.20.5-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
x/xorg-server-xephyr-1.20.5-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
x/xorg-server-xnest-1.20.5-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
x/xorg-server-xvfb-1.20.5-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
extra/tigervnc/tigervnc-1.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against nettle-3.5.
2019-06-27 08:59:47 +02:00
Patrick J Volkerding
352adad5bf Mon Jun 24 18:47:52 UTC 2019
ap/mc-4.8.23-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_50-x86_64-1.txz:  Upgraded.
l/pygobject3-3.32.2-x86_64-1.txz:  Upgraded.
n/php-7.3.6-x86_64-1.txz:  Upgraded.
x/libinput-1.13.3-x86_64-1.txz:  Upgraded.
2019-06-25 08:59:47 +02:00
Patrick J Volkerding
02076d51ff Thu Jun 20 18:08:56 UTC 2019
l/cairo-1.17.2-x86_64-1.txz:  Upgraded.
l/expat-2.2.7-x86_64-1.txz:  Upgraded.
n/bind-9.14.3-x86_64-1.txz:  Upgraded.
  Fixed a race condition in dns_dispatch_getnext() that could cause an
  assertion failure if a significant number of incoming packets were rejected.
  For more information, see:
    https://kb.isc.org/docs/cve-2019-6471
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471
  (* Security fix *)
x/igt-gpu-tools-1.24-x86_64-1.txz:  Upgraded.
x/xorgproto-2019.1-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.57-x86_64-1.txz:  Upgraded.
2019-06-21 08:59:30 +02:00
Patrick J Volkerding
eae1dffeec Tue Jun 18 21:46:31 UTC 2019
a/kernel-firmware-20190618_acb56f2-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.52-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.52-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.52-x86_64-1.txz:  Upgraded.
ap/mariadb-10.3.16-x86_64-1.txz:  Upgraded.
ap/nano-4.3-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.52-x86-1.txz:  Upgraded.
d/llvm-8.0.0-x86_64-3.txz:  Rebuilt.
  Added lld-8.0.0. Thanks to TheRealGrogan.
d/meson-0.51.0-x86_64-1.txz:  Upgraded.
d/vala-0.44.5-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.52-noarch-1.txz:  Upgraded.
  This update fixes "SACK Panic", a remote denial-of-service issue.
  For more information, see:
    https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479
  (* Security fix *)
l/SDL2-2.0.9-x86_64-4.txz:  Rebuilt.
  Include libSDL2_test.a and libSDL2main.a. Thanks to dugan.
l/gtk+3-3.24.9-x86_64-1.txz:  Upgraded.
n/ca-certificates-20190617-noarch-1.txz:  Upgraded.
x/encodings-1.0.5-noarch-1.txz:  Upgraded.
x/libX11-1.6.8-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-60.7.1esr-x86_64-1.txz:  Upgraded.
  This release contains a security fix and improvements. The patched flaw is
  considered critical, and could be used to run attacker code and install
  software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-06-19 08:59:48 +02:00
Patrick J Volkerding
76e0d09efe Wed May 29 19:11:22 UTC 2019
a/e2fsprogs-1.45.2-x86_64-1.txz:  Upgraded.
d/Cython-0.29.9-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_47-x86_64-1.txz:  Upgraded.
n/iptables-1.8.3-x86_64-1.txz:  Upgraded.
n/libnftnl-1.1.3-x86_64-1.txz:  Upgraded.
n/php-7.2.19-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Uninitialized read in gdImageCreateFromXbm
  Out-of-bounds read in iconv.c:_php_iconv_mime_decode due to integer overflow
  heap-buffer-overflow on php_jpg_get16
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
  (* Security fix *)
x/xterm-346-x86_64-1.txz:  Upgraded.
xap/gnuplot-5.2.7-x86_64-1.txz:  Upgraded.
xap/network-manager-applet-1.8.22-x86_64-1.txz:  Upgraded.
2019-05-30 08:59:49 +02:00
Patrick J Volkerding
03f332c882 Tue May 28 19:03:49 UTC 2019
a/openssl-solibs-1.1.1c-x86_64-1.txz:  Upgraded.
l/libevent-2.1.10-x86_64-1.txz:  Upgraded.
n/gnupg2-2.2.16-x86_64-1.txz:  Upgraded.
n/gnutls-3.6.8-x86_64-1.txz:  Upgraded.
n/openssl-1.1.1c-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Prevent over long nonces in ChaCha20-Poly1305.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543
  (* Security fix *)
2019-05-29 08:59:47 +02:00
Patrick J Volkerding
fafc162864 Wed May 22 23:30:54 UTC 2019
a/kernel-generic-4.19.45-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.45-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.45-x86_64-1.txz:  Upgraded.
ap/texinfo-6.6-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
ap/vim-8.1.1365-x86_64-1.txz:  Upgraded.
  Compiled against perl-5.30.0.
d/bison-3.4.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.45-x86-1.txz:  Upgraded.
d/parallel-20190522-noarch-1.txz:  Upgraded.
d/perl-5.30.0-x86_64-1.txz:  Upgraded.
  Module upgraded: Net-SSLeay-1.88
d/strace-5.1-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.45-noarch-1.txz:  Upgraded.
kde/perlkde-4.14.3-x86_64-8.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
kde/perlqt-4.14.3-x86_64-9.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
l/glib2-2.60.3-x86_64-1.txz:  Upgraded.
n/curl-7.65.0-x86_64-1.txz:  Upgraded.
  This release fixes the following security issues:
  Integer overflows in curl_url_set
  tftp: use the current blksize for recvfrom()
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
  (* Security fix *)
n/epic5-2.1.1-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
n/irssi-1.2.0-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
n/net-snmp-5.8-x86_64-5.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
n/ntp-4.2.8p13-x86_64-2.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
n/samba-4.10.4-x86_64-1.txz:  Upgraded.
x/mesa-19.0.5-x86_64-1.txz:  Upgraded.
xap/hexchat-2.14.2-x86_64-4.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
xap/rxvt-unicode-9.22-x86_64-7.txz:  Rebuilt.
  Recompiled against perl-5.30.0.
xap/vim-gvim-8.1.1365-x86_64-1.txz:  Upgraded.
  Compiled against perl-5.30.0.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-05-23 08:59:47 +02:00
Patrick J Volkerding
3fbd9748a3 Sun May 19 01:10:53 UTC 2019
a/file-5.37-x86_64-1.txz:  Upgraded.
l/python-requests-2.22.0-x86_64-1.txz:  Upgraded.
n/iputils-20190515-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-60.7.0-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/60.7.0/releasenotes/
2019-05-19 08:59:47 +02:00
Patrick J Volkerding
38b94979d8 Fri May 17 05:06:06 UTC 2019
a/kernel-generic-4.19.44-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.44-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.44-x86_64-1.txz:  Upgraded.
ap/cups-filters-1.23.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.44-x86-1.txz:  Upgraded.
k/kernel-source-4.19.44-noarch-1.txz:  Upgraded.
l/libsoup-2.66.2-x86_64-1.txz:  Upgraded.
n/bind-9.14.2-x86_64-1.txz:  Upgraded.
n/stunnel-5.54-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-05-17 11:59:47 +02:00
Patrick J Volkerding
d42cbc1006 Thu May 16 04:55:49 UTC 2019
a/kernel-firmware-20190514_711d329-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz:  Upgraded.
ap/hplip-3.19.5-x86_64-1.txz:  Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz:  Upgraded.
  This update fixes denial-of-service security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
  (* Security fix *)
d/cmake-3.14.4-x86_64-1.txz:  Upgraded.
d/gcc-9.1.0-x86_64-5.txz:  Rebuilt.
  Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
  Scratch, and while it doesn't seem to fix the issue with kernel compiles
  failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz:  Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz:  Rebuilt.
  Applied patch: PR libstdc++/90397 fix std::variant friend declaration
  This fixes problems compiling programs that use std::variant with clang.
  Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz:  Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz:  Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz:  Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz:  Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz:  Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz:  Upgraded.
d/rust-1.34.2-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.43-noarch-1.txz:  Upgraded.
l/librsvg-2.44.14-x86_64-1.txz:  Upgraded.
n/samba-4.10.3-x86_64-1.txz:  Upgraded.
  This is a security release in order to address the following defect:
  The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
  did not first confirm that the checksum was keyed, allowing replacement of
  the requested target (client) principal.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
  (* Security fix *)
x/xterm-345-x86_64-1.txz:  Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Add bounds checking to protocol handling in order to fix many
  security problems when communicating with a malicious server.
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-05-16 17:59:33 +02:00
Patrick J Volkerding
d42614785a Mon May 13 22:53:13 UTC 2019
a/aaa_elflibs-15.0-x86_64-8.txz:  Rebuilt.
  Upgraded: libcap.so.2.27, libglib-2.0.so.0.6000.2,
  libgmodule-2.0.so.0.6000.2, libgobject-2.0.so.0.6000.2,
  libgthread-2.0.so.0.6000.2, libpng16.so.16.37.0, libstdc++.so.6.0.26.
a/e2fsprogs-1.45.1-x86_64-1.txz:  Upgraded.
ap/alsa-utils-1.1.9-x86_64-1.txz:  Upgraded.
ap/man-pages-5.01-noarch-1.txz:  Upgraded.
d/gdb-8.3-x86_64-1.txz:  Upgraded.
l/Mako-1.0.10-x86_64-1.txz:  Upgraded.
l/alsa-lib-1.1.9-x86_64-1.txz:  Upgraded.
l/alsa-plugins-1.1.9-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_45-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.44-x86_64-1.txz:  Upgraded.
l/utf8proc-2.4.0-x86_64-1.txz:  Upgraded.
n/iproute2-5.1.0-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.3.4-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/alsa-lib-1.1.9-x86_64-1_alsa.txz:  Upgraded.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-1_alsa.txz:  Upgraded.
2019-05-14 08:59:47 +02:00
Patrick J Volkerding
1968344c50 Tue May 7 00:11:33 UTC 2019
a/xfsprogs-5.0.0-x86_64-1.txz:  Upgraded.
d/gcc-9.1.0-x86_64-3.txz:  Rebuilt.
  Patched to fix an internal compiler error (PR90303).
  Thanks to orbea.
d/gcc-brig-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-g++-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-gdc-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-gnat-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-go-9.1.0-x86_64-3.txz:  Rebuilt.
d/gcc-objc-9.1.0-x86_64-3.txz:  Rebuilt.
n/postfix-3.4.5-x86_64-2.txz:  Rebuilt.
  Added some additional tools. Thanks to Markus Wiesner.
2019-05-07 08:59:46 +02:00
Patrick J Volkerding
d23d57452f Sat May 4 18:44:36 UTC 2019
a/kernel-generic-4.19.39-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.39-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.39-x86_64-1.txz:  Upgraded.
d/gcc-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-brig-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-9.1.0-x86_64-2.txz:  Added.
  This package contains the newly added D language support. The other GCC
  packages were rebuilt without any functional changes.
d/gcc-gfortran-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-9.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-9.1.0-x86_64-2.txz:  Rebuilt.
d/kernel-headers-4.19.39-x86-1.txz:  Upgraded.
k/kernel-source-4.19.39-noarch-1.txz:  Upgraded.
l/imagemagick-6.9.10_44-x86_64-1.txz:  Upgraded.
l/v4l-utils-1.16.6-x86_64-1.txz:  Upgraded.
n/dhcpcd-7.2.2-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.1.106.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-05-05 08:59:47 +02:00
Patrick J Volkerding
142b0e6d20 Wed May 1 19:49:49 UTC 2019
ap/tmux-2.9a-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.6-x86_64-1.txz:  Upgraded.
  This update fixes two security issues:
  Submission-login crashed with signal 11 due to null pointer access when
  authentication was aborted by disconnecting.
  Submission-login crashed when authentication was started over TLS secured
  channel and invalid authentication message was sent.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499
  (* Security fix *)
n/php-7.2.18-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue
  Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
  (* Security fix *)
xfce/exo-0.12.5-x86_64-1.txz:  Upgraded.
2019-05-02 08:59:46 +02:00
Patrick J Volkerding
bfbeefa9c9 Fri Apr 26 18:55:10 UTC 2019
ap/tmux-2.9-x86_64-1.txz:  Upgraded.
d/python-pip-19.1-x86_64-1.txz:  Upgraded.
d/rust-1.34.1-x86_64-1.txz:  Upgraded.
d/subversion-1.12.0-x86_64-1.txz:  Upgraded.
n/bind-9.14.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  The TCP client quota set using the tcp-clients option could be exceeded
  in some cases. This could lead to exhaustion of file descriptors.
  In certain configurations, named could crash with an assertion failure if
  nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN
  from the cache.
  For more information, see:
    https://kb.isc.org/docs/cve-2018-5743
    https://kb.isc.org/docs/cve-2019-6467
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467
  (* Security fix *)
n/dhcpcd-7.2.1-x86_64-1.txz:  Upgraded.
2019-04-27 08:59:45 +02:00
Patrick J Volkerding
c51a629483 Mon Apr 22 20:00:44 UTC 2019
a/aaa_terminfo-6.1_20190420-x86_64-1.txz:  Upgraded.
l/ncurses-6.1_20190420-x86_64-1.txz:  Upgraded.
n/wpa_supplicant-2.8-x86_64-1.txz:  Upgraded.
xap/xpdf-4.00-x86_64-4.txz:  Rebuilt.
  Recompiled with -DSYSTEM_XPDFRC="/etc/xpdfrc". Thanks to J_W.
2019-04-23 08:59:44 +02:00
Patrick J Volkerding
1c4f74fa29 Sun Apr 21 18:45:54 UTC 2019
a/bash-5.0.007-x86_64-1.txz:  Upgraded.
d/parallel-20190422-noarch-1.txz:  Upgraded.
n/NetworkManager-1.18.1-x86_64-1.txz:  Upgraded.
2019-04-22 08:59:43 +02:00
Patrick J Volkerding
e2bd8d2383 Thu Apr 18 21:13:58 UTC 2019
ap/ksh93-20190416_7d7bba3e-x86_64-1.txz:  Upgraded.
ap/sysstat-12.1.4-x86_64-1.txz:  Upgraded.
l/gvfs-1.40.1-x86_64-2.txz:  Rebuilt.
  Recompiled against libcdio-2.1.0.
l/icu4c-64.2-x86_64-1.txz:  Upgraded.
l/libcddb-1.3.2-x86_64-6.txz:  Rebuilt.
  Recompiled against libcdio-2.1.0.
l/libcdio-2.1.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/libcdio-paranoia-10.2+2.0.0-x86_64-2.txz:  Rebuilt.
  Recompiled against libcdio-2.1.0.
l/zstd-1.4.0-x86_64-1.txz:  Upgraded.
n/dhcpcd-7.2.0-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.5.2-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Trying to login with 8bit username containing invalid UTF8 input causes
  auth process to crash if auth policy is enabled. This could be used rather
  easily to cause a DoS. Similar crash also happens during mail delivery
  when using invalid UTF8 in From or Subject header when OX push
  notification driver is used.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10691
  (* Security fix *)
n/nghttp2-1.38.0-x86_64-1.txz:  Upgraded.
n/openssh-8.0p1-x86_64-1.txz:  Upgraded.
  This release contains a mitigation for a weakness in the scp(1) tool
  and protocol (CVE-2019-6111): when copying files from a remote system
  to a local directory, scp(1) did not verify that the filenames that
  the server sent matched those requested by the client. This could
  allow a hostile server to create or clobber unexpected local files
  with attacker-controlled content.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
  (* Security fix *)
xap/MPlayer-20190418-x86_64-1.txz:  Upgraded.
  Compiled against libcdio-2.1.0.
xap/audacious-plugins-3.10.1-x86_64-2.txz:  Rebuilt.
  Recompiled against libcdio-2.1.0.
extra/pure-alsa-system/MPlayer-20190418-x86_64-1_alsa.txz:  Upgraded.
  Compiled against libcdio-2.1.0.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against libcdio-2.1.0.
2019-04-19 08:59:44 +02:00
Patrick J Volkerding
07d5f96c9f Sat Apr 13 19:44:43 UTC 2019
l/imagemagick-6.9.10_40-x86_64-1.txz:  Upgraded.
l/opus-1.3.1-x86_64-1.txz:  Upgraded.
n/libqmi-1.22.4-x86_64-1.txz:  Upgraded.
2019-04-14 08:59:45 +02:00
Patrick J Volkerding
0be8c4f372 Fri Apr 12 22:13:09 UTC 2019
a/gawk-5.0.0-x86_64-1.txz:  Upgraded.
ap/pamixer-1.4-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.70.0.
ap/vim-8.1.1157-x86_64-1.txz:  Upgraded.
d/cmake-3.14.2-x86_64-1.txz:  Upgraded.
e/emacs-26.2-x86_64-1.txz:  Upgraded.
kde/calligra-2.9.11-x86_64-30.txz:  Rebuilt.
  Recompiled against boost-1.70.0.
l/akonadi-1.13.0-x86_64-12.txz:  Rebuilt.
  Recompiled against boost-1.70.0.
l/boost-1.70.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Note: Boost now provides its own BoostConfig.cmake config file, and it may
  not work with all existing code (here, calligra stumbled over it). At this
  point it's not clear if the included cmake config files are buggy, or if
  affected projects need to change something in order to use them, but there's
  an easy workaround to use cmake's FindBoost.cmake (as was used previously).
  Add this to the call to cmake from any affected project (if cmake fails with
  an error: "No suitable build variant has been found."):
  -DBoost_NO_BOOST_CMAKE=ON
n/libmbim-1.18.2-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.3.3-x86_64-3.txz:  Rebuilt.
  rc.nfsd: don't try to create the nfsv4recoverydir - the build script will
  determine the directory to use and include it in the package.
  rc.nfsd: drop 2.4 kernel support, and use better code for mounting the nfsd
  filesystem.
  Thanks to shasta.
x/libwacom-0.33-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.1.1157-x86_64-1.txz:  Upgraded.
2019-04-13 08:59:41 +02:00
Patrick J Volkerding
98da285765 Mon Apr 8 20:39:32 UTC 2019
a/glibc-zoneinfo-2019a-noarch-1.txz:  Upgraded.
a/grub-2.02-x86_64-5.txz:  Rebuilt.
  Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz:  Upgraded.
ap/itstool-2.0.6-x86_64-1.txz:  Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz:  Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz:  Upgraded.
l/libcroco-0.6.13-x86_64-1.txz:  Upgraded.
l/libnotify-0.7.8-x86_64-1.txz:  Upgraded.
n/cifs-utils-6.9-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz:  Rebuilt.
  Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz:  Upgraded.
  This is a security release in order to address the following defects:
  World writable files in Samba AD DC private/ dir.
  Save registry file outside share as unprivileged user.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
  (* Security fix *)
x/libva-2.4.1-x86_64-1.txz:  Upgraded.
x/pixman-0.38.2-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.10-x86_64-1.txz:  Upgraded.
2019-04-09 08:59:45 +02:00
Patrick J Volkerding
0b0cfa9571 Thu Apr 4 00:45:18 UTC 2019
a/aaa_elflibs-15.0-x86_64-7.txz:  Rebuilt.
  Added: libhistory.so.8.0, libreadline.so.8.0.
a/gawk-4.2.1-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
a/kernel-generic-4.19.33-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.33-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.33-x86_64-1.txz:  Upgraded.
a/util-linux-2.33.1-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
ap/bc-1.07.1-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
ap/gphoto2-2.5.20-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
ap/gutenprint-5.3.1-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
ap/mariadb-10.3.14-x86_64-1.txz:  Upgraded.
ap/xorriso-1.5.0-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/gdb-8.2.1-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/guile-2.2.4-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/kernel-headers-4.19.33-x86-1.txz:  Upgraded.
d/python-2.7.16-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/python3-3.7.3-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
d/ruby-2.6.2-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
k/kernel-source-4.19.33-noarch-1.txz:  Upgraded.
kde/analitza-4.14.3-x86_64-5.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/fluidsynth-1.1.11-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/gdbm-1.18.1-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/hunspell-1.6.2-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/mozjs52-52.9.0esr-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/parted-3.2-x86_64-5.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/pcre2-10.32-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/pilot-link-0.12.5-x86_64-14.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
l/readline-8.0.000-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/NetworkManager-1.16.0-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/bluez-5.50-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/gnupg-1.4.23-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/gnupg2-2.2.15-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/gnutls-3.6.7.1-x86_64-1.txz:  Upgraded.
n/lftp-4.8.4-x86_64-4.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/netkit-ftp-0.17-x86_64-5.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/nftables-0.9.0-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/php-7.2.17-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  rename() across the device may allow unwanted access during processing.
  (* Security fix *)
n/samba-4.10.1-x86_64-1.txz:  Upgraded.
  Compiled against readline-8.0.000.
n/tftp-hpa-5.2-x86_64-5.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
n/wpa_supplicant-2.7-x86_64-4.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
xap/fvwm-2.6.8-x86_64-2.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
xap/gftp-2.0.19-x86_64-8.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
xap/gnuchess-6.2.5-x86_64-4.txz:  Rebuilt.
xap/xine-ui-0.99.10-x86_64-3.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz:  Rebuilt.
  Recompiled against readline-8.0.000.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-04-04 08:59:45 +02:00
Patrick J Volkerding
caa5f28b83 Tue Apr 2 20:30:22 UTC 2019
a/hwdata-0.322-noarch-1.txz:  Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz:  Upgraded.
a/shadow-4.6-x86_64-2.txz:  Rebuilt.
  adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz:  Rebuilt.
  Fixes security issues:
  A specially crafted PostScript file could have access to the file system
  outside of the constrains imposed by -dSAFER.
  Transient procedures can allow access to system operators, leading to
  remote code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
  (* Security fix *)
d/vala-0.44.2-x86_64-1.txz:  Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz:  Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz:  Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz:  Upgraded.
n/wget-1.20.2-x86_64-1.txz:  Upgraded.
  Fixed an unspecified buffer overflow vulnerability.
  (* Security fix *)
2019-04-03 08:59:45 +02:00
Patrick J Volkerding
df86158dc5 Sun Mar 31 18:51:16 UTC 2019
a/quota-4.05-x86_64-1.txz:  Upgraded.
d/cmake-3.14.1-x86_64-1.txz:  Upgraded.
d/patchelf-0.10-x86_64-1.txz:  Upgraded.
l/harfbuzz-2.4.0-x86_64-1.txz:  Upgraded.
l/utf8proc-2.3.0-x86_64-1.txz:  Upgraded.
n/httpd-2.4.39-x86_64-1.txz:  Upgraded.
n/iputils-20190324-x86_64-1.txz:  Upgraded.
n/postfix-3.4.5-x86_64-1.txz:  Upgraded.
2019-04-01 08:59:43 +02:00
Patrick J Volkerding
7aa0551f5b Fri Mar 29 18:24:36 UTC 2019
a/aaa_elflibs-15.0-x86_64-6.txz:  Rebuilt.
  Upgraded: libelf-0.176.so, libpcre.so.1.2.11, libglib-2.0.so.0.6000.0,
  libgmodule-2.0.so.0.6000.0, libgobject-2.0.so.0.6000.0,
  libgthread-2.0.so.0.6000.0, libtdb.so.1.4.0.
  Temporarily added: libicudata.so.63.1, libicui18n.so.63.1, libicuio.so.63.1,
  libicutest.so.63.1, libicutu.so.63.1, libicuuc.so.63.1.
a/xfsprogs-4.20.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
ap/sqlite-3.27.2-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
kde/calligra-2.9.11-x86_64-29.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
kde/kdepimlibs-4.14.10-x86_64-7.txz:  Rebuilt.
  Recompiled to pull in new gpgme++ header files.
l/boost-1.69.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/ffmpeg-3.4.6-x86_64-1.txz:  Upgraded.
l/giflib-5.1.9-x86_64-1.txz:  Upgraded.
l/harfbuzz-2.3.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/icu4c-64.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/libical-3.0.4-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/libvisio-0.1.6-x86_64-6.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/qt-4.8.7-x86_64-12.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/raptor2-2.0.15-x86_64-7.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
l/v4l-utils-1.16.5-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.5.1-x86_64-1.txz:  Upgraded.
  Missing input buffer size validation leads into arbitrary buffer overflow
  when reading fts or pop3 uidl header from Dovecot index. Exploiting this
  requires direct write access to the index files.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7524
  (* Security fix *)
  Compiled against icu4c-64.1.
n/gpgme-1.13.0-x86_64-1.txz:  Upgraded.
n/php-7.2.16-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
n/postfix-3.4.4-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
n/tin-2.4.3-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
n/whois-5.4.2-x86_64-1.txz:  Upgraded.
t/texlive-2018.180822-x86_64-5.txz:  Rebuilt.
  Recompiled against icu4c-64.1.
x/libinput-1.13.0-x86_64-1.txz:  Upgraded.
x/mesa-19.0.1-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.1.101.0-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/ffmpeg-3.4.6-x86_64-1_alsa.txz:  Upgraded.
2019-03-30 08:59:44 +01:00
Patrick J Volkerding
df07d8b7cd Wed Mar 27 20:37:56 UTC 2019
a/kernel-generic-4.19.32-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.32-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.32-x86_64-1.txz:  Upgraded.
ap/hplip-3.19.3-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.32-x86-1.txz:  Upgraded.
d/python3-3.7.3-x86_64-1.txz:  Upgraded.
  Fixed bugs and the following security issues:
  bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
  characters that decompose under IDNA encoding (NFKC-normalization) into
  characters that affect how the URL is parsed.
  bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The
  cert parser did not handle CRL distribution points with empty DP or URI
  correctly. A malicious or buggy certificate can result into segfault.
  Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet
  of Cisco.
  bpo-35121: Don't send cookies of domain A without Domain attribute to
  domain B when domain A is a suffix match of domain B while using a
  cookiejar with http.cookiejar.DefaultCookiePolicy policy.
  Patch by Karthikeyan Singaravelan.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
  (* Security fix *)
d/scons-3.0.5-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.32-noarch-1.txz:  Upgraded.
n/curl-7.64.1-x86_64-1.txz:  Upgraded.
n/gnutls-3.6.7-x86_64-1.txz:  Upgraded.
  Fixes security issues:
  libgnutls, gnutls tools: Every gnutls_free() will automatically set
  the free'd pointer to NULL. This prevents possible use-after-free and
  double free issues. Use-after-free will be turned into NULL dereference.
  The counter-measure does not extend to applications using gnutls_free().
  libgnutls: Fixed a memory corruption (double free) vulnerability in the
  certificate verification API. Reported by Tavis Ormandy; addressed with
  the change above. [GNUTLS-SA-2019-03-27, #694]
  libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
  messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
  libgnutls: enforce key usage limitations on certificates more actively.
  Previously we would enforce it for TLS1.2 protocol, now we enforce it
  even when TLS1.3 is negotiated, or on client certificates as well. When
  an inappropriate for TLS1.3 certificate is seen on the credentials
  structure GnuTLS will disable TLS1.3 support for that session (#690).
  libgnutls: enforce the equality of the two signature parameters fields
  in a certificate. We were already enforcing the signature algorithm,
  but there was a bug in parameter checking code.
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-03-28 08:59:45 +01:00
Patrick J Volkerding
d6b713db54 Sun Mar 24 03:53:12 UTC 2019
a/kernel-generic-4.19.31-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.31-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.31-x86_64-1.txz:  Upgraded.
ap/cups-2.2.11-x86_64-1.txz:  Upgraded.
ap/sysstat-12.1.3-x86_64-1.txz:  Upgraded.
d/help2man-1.47.10-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.31-x86-1.txz:  Upgraded.
k/kernel-source-4.19.31-noarch-1.txz:  Upgraded.
n/samba-4.10.0-x86_64-2.txz:  Rebuilt.
  Recompile dropping python2 support, since talloc no longer supports it.
  Thanks to ponce.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-03-24 08:59:45 +01:00
Patrick J Volkerding
67b2ffd2d6 Fri Mar 22 20:41:23 UTC 2019
d/parallel-20190322-noarch-1.txz:  Upgraded.
n/bind-9.14.0-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-60.6.1esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements. The patched flaws
  are considered critical, and could be used to run attacker code and install
  software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9810i
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9813
  (* Security fix *)
2019-03-23 08:59:46 +01:00
Patrick J Volkerding
277ffd7057 Tue Mar 19 20:06:28 UTC 2019
a/bash-5.0.003-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20190314_7bc2464-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.30-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.30-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.30-x86_64-1.txz:  Upgraded.
d/help2man-1.47.9-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.30-x86-1.txz:  Upgraded.
d/strace-5.0-x86_64-1.txz:  Upgraded.
k/kernel-source-4.19.30-noarch-1.txz:  Upgraded.
n/gnupg2-2.2.14-x86_64-1.txz:  Upgraded.
n/libgpg-error-1.36-x86_64-1.txz:  Upgraded.
n/samba-4.10.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-03-20 08:59:45 +01:00
Patrick J Volkerding
218698dcbc Thu Mar 14 03:41:42 UTC 2019
a/kernel-firmware-20190313_efd2c1c-noarch-1.txz:  Upgraded.
a/kernel-generic-4.19.29-x86_64-1.txz:  Upgraded.
a/kernel-huge-4.19.29-x86_64-1.txz:  Upgraded.
a/kernel-modules-4.19.29-x86_64-1.txz:  Upgraded.
d/kernel-headers-4.19.29-x86-1.txz:  Upgraded.
k/kernel-source-4.19.29-noarch-1.txz:  Upgraded.
n/crda-3.18-x86_64-9.txz:  Rebuilt.
  Upgraded to wireless-regdb-2019.03.01.
n/ethtool-5.0-x86_64-1.txz:  Upgraded.
x/mesa-19.0.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2019-03-14 08:59:41 +01:00
Patrick J Volkerding
73b3d9a124 Tue Mar 12 20:03:46 UTC 2019
a/kernel-firmware-20190312_b0d9583-noarch-1.txz:  Upgraded.
l/at-spi2-atk-2.32.0-x86_64-1.txz:  Upgraded.
l/at-spi2-core-2.32.0-x86_64-1.txz:  Upgraded.
l/atk-2.32.0-x86_64-1.txz:  Upgraded.
l/dconf-0.32.0-x86_64-1.txz:  Upgraded.
l/dconf-editor-3.32.0-x86_64-1.txz:  Upgraded.
l/glib-networking-2.60.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz:  Upgraded.
l/gvfs-1.40.0-x86_64-1.txz:  Upgraded.
l/libsoup-2.66.0-x86_64-1.txz:  Upgraded.
l/vte-0.56.0-x86_64-1.txz:  Upgraded.
n/mobile-broadband-provider-info-20190116-x86_64-1.txz:  Upgraded.
n/samba-4.9.5-x86_64-1.txz:  Upgraded.
x/liberation-fonts-ttf-2.00.5-noarch-1.txz:  Upgraded.
xap/gucharmap-12.0.0-x86_64-1.txz:  Upgraded.
2019-03-13 08:59:42 +01:00
Patrick J Volkerding
de75b378d6 Mon Mar 11 19:03:50 UTC 2019
a/coreutils-8.31-x86_64-1.txz:  Upgraded.
d/meson-0.50.0-x86_64-1.txz:  Upgraded.
l/giflib-5.1.7-x86_64-1.txz:  Upgraded.
l/python-certifi-2019.3.9-x86_64-1.txz:  Upgraded.
n/postfix-3.4.3-x86_64-1.txz:  Upgraded.
x/libFS-1.0.8-x86_64-1.txz:  Upgraded.
x/libXcomposite-0.4.5-x86_64-1.txz:  Upgraded.
x/libXcursor-1.2.0-x86_64-1.txz:  Upgraded.
x/libXdamage-1.1.5-x86_64-1.txz:  Upgraded.
2019-03-12 08:59:45 +01:00