ap/ghostscript-10.03.0-x86_64-1.txz: Upgraded.
This update addresses a security issue:
A vulnerability was identified in the way Ghostscript/GhostPDL called
tesseract for the OCR devices, which could allow arbitrary code execution.
Thanks to J_W for the heads-up.
(* Security fix *)
ap/lxc-4.0.12-x86_64-3.txz: Rebuilt.
lxc-slackware.in: include gnupg2 (not gnupg) for slackpkg.
ap/slackpkg-15.0.10-noarch-3.txz: Rebuilt.
core-functions.sh: use gpg2, not gpg.
d/Cython-3.0.9-x86_64-1.txz: Upgraded.
d/git-2.44.0-x86_64-2.txz: Rebuilt.
Include git-subtree. Thanks to gwhl.
d/llvm-18.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
kde/kdevelop-23.08.5-x86_64-2.txz: Rebuilt.
Recompiled against llvm-18.1.0.
l/openexr-3.2.3-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-7.0.2-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2024.3.3-x86_64-1.txz: Upgraded.
l/qt5-5.15.12_20240228_6609503f-x86_64-1.txz: Upgraded.
Compiled against llvm-18.1.0.
l/qt6-6.6.2_20240210_15b7e743-x86_64-3.txz: Rebuilt.
Recompiled against llvm-18.1.0.
l/spirv-llvm-translator-18.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/gnupg2-2.4.5-x86_64-1.txz: Upgraded.
n/libassuan-2.5.7-x86_64-1.txz: Upgraded.
n/postfix-3.9.0-x86_64-1.txz: Upgraded.
x/mesa-24.0.2-x86_64-2.txz: Rebuilt.
Recompiled against llvm-18.1.0 and spirv-llvm-translator-18.1.0.
isolinux/initrd.img: Rebuilt.
Fixed kernel version. Thanks to chrisVV.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Fixed kernel version. Thanks to chrisVV.
d/parallel-20240222-noarch-1.txz: Upgraded.
kde/krita-5.2.2-x86_64-4.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/accountsservice-23.13.9-x86_64-1.txz: Upgraded.
Thanks to reddog83.
l/libass-0.17.1-x86_64-2.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/libunibreak-6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/orc-0.4.38-x86_64-1.txz: Upgraded.
l/python-requests-2.31.0-x86_64-1.txz: Upgraded.
l/python-urllib3-2.2.1-x86_64-1.txz: Upgraded.
l/qt6-6.6.2_20240210_15b7e743-x86_64-1.txz: Added.
n/wpa_supplicant-2.10-x86_64-3.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
xap/gparted-1.6.0-x86_64-1.txz: Upgraded.
