Commit graph

3 commits

Author SHA1 Message Date
Patrick J Volkerding
69753b9a1d Tue Nov 7 19:57:12 UTC 2023
ap/sudo-1.9.15-x86_64-1.txz:  Upgraded.
  The sudoers plugin has been modified to make it more resilient to ROWHAMMER
  attacks on authentication and policy matching.
  The sudoers plugin now constructs the user time stamp file path name using
  the user-ID instead of the user name. This avoids a potential problem with
  user names that contain a path separator ('/') being interpreted as part of
  the path name.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-42465
    https://www.cve.org/CVERecord?id=CVE-2023-42456
  (* Security fix *)
ap/vim-9.0.2092-x86_64-1.txz:  Upgraded.
l/libuv-1.47.0-x86_64-1.txz:  Upgraded.
l/xapian-core-1.4.24-x86_64-1.txz:  Upgraded.
n/bind-9.18.19-x86_64-2.txz:  Rebuilt.
  Don't go automatically chowning files in /var/named, since some users may
  have special requirements. But in case anyone finds that behavior useful,
  you may set NAMED_CHOWN=YES in /etc/default/named to turn it back on.
  Unless anyone has a good objection to it, this change is considered pending
  for the next BIND upgrades in -stable.
  Thanks to Mig21.
xap/vim-gvim-9.0.2092-x86_64-1.txz:  Upgraded.
2023-11-07 21:28:19 +01:00
Patrick J Volkerding
33d703602d Sat Sep 25 01:05:55 UTC 2021
a/coreutils-9.0-x86_64-1.txz:  Upgraded.
  Thanks to GazL for pointing out where I needed to be looking in the code to
  stick with the traditional (for us, anyway) ls quoting style.
n/ca-certificates-20210924-noarch-1.txz:  Upgraded.
  Removed DST_Root_CA_X3.crt.
n/cifs-utils-6.14-x86_64-1.txz:  Upgraded.
2021-09-25 08:59:58 +02:00
Patrick J Volkerding
9a67067c0e Thu Sep 16 02:52:54 UTC 2021
a/etc-15.0-x86_64-17.txz:  Rebuilt.
  Added named:named (53:53) user and group.
a/kernel-firmware-20210915_198ac65-noarch-1.txz:  Upgraded.
a/kernel-generic-5.14.4-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.14.4-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.14.4-x86_64-1.txz:  Upgraded.
ap/sudo-1.9.8-x86_64-1.txz:  Upgraded.
d/kernel-headers-5.14.4-x86-1.txz:  Upgraded.
k/kernel-source-5.14.4-noarch-1.txz:  Upgraded.
kde/breeze-icons-5.85.0-noarch-2.txz:  Rebuilt.
  Patched with upstream commit to allow using this icon theme with Xfce.
l/fluidsynth-2.2.3-x86_64-1.txz:  Upgraded.
l/python-charset-normalizer-2.0.5-x86_64-1.txz:  Upgraded.
l/qca-2.3.4-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.32.10-x86_64-3.txz:  Rebuilt.
  Switch to dhcp=internal to avoid problems swimming upstream.
  For those looking for a fix to continue using dhcpcd, a PRIVSEP build
  variable was added to the SlackBuild, and you may produce a fully
  NetworkManager compatible dhcpcd package with this command:
  PRIVSEP=no ./dhcpcd.SlackBuild
  Privilege separation remains the dhcpcd package default as we don't want
  to weaken security for those using rc.inet1 along with dhcpcd.
  Some additional comments about this were added to 00-dhcp-client.conf
  mentioning this and the workaround of killing dhcpcd manually when
  resuming with the stock dhcpcd package.
n/bind-9.16.21-x86_64-1.txz:  Upgraded.
  Fixed call to rndc-confgen in the install script.
  Make /etc/rndc.key owned by named:named.
  Run named as named:named by default (configurable in /etc/default/named).
  rc.bind: chown /run/named and /var/named to configured user:group.
  Thanks to Ressy for prompting this cleanup. :)
n/curl-7.79.0-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  clear the leftovers pointer when sending succeeds.
  do not ignore --ssl-reqd.
  reject STARTTLS server response pipelining.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
  (* Security fix *)
n/links-2.24-x86_64-1.txz:  Upgraded.
n/wireguard-tools-1.0.20210914-x86_64-1.txz:  Upgraded.
x/libinput-1.19.0-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.28-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2021-09-16 09:04:01 +02:00