mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
204 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Patrick J Volkerding
|
6e6f0c6efb |
Thu Nov 28 00:18:02 UTC 2024
a/tcsh-6.24.14-x86_64-1.txz: Upgraded. ap/sudo-1.9.16p2-x86_64-1.txz: Upgraded. n/netatalk-4.0.7-x86_64-2.txz: Rebuilt. Fixed config file handling. Thanks to marav. n/openldap-2.6.9-x86_64-1.txz: Upgraded. t/texlive-2024.240409-x86_64-3.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/dejavu-fonts-ttf-2.37-noarch-7.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/font-bh-ttf-1.0.4-noarch-2.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/fontconfig-2.15.0-x86_64-1.txz: Upgraded. Thanks to Didier Spaier for the updated patches and meson build script! x/liberation-fonts-ttf-2.1.5-noarch-2.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/noto-cjk-fonts-ttf-2.001-noarch-4.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/ttf-indic-fonts-0.5.14-noarch-6.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/ttf-tlwg-0.7.3-noarch-2.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. x/wqy-zenhei-font-ttf-0.8.38_1-noarch-10.txz: Rebuilt. Move files from /etc/fonts/conf.avail to /usr/share/fontconfig/fonts.avail. xap/xlockmore-5.81-x86_64-1.txz: Upgraded. testing/packages/mesa-24.3.0-x86_64-1.txz: Added. |
||
|
Patrick J Volkerding
|
558ed88602 |
Fri Nov 22 22:08:18 UTC 2024
a/kernel-firmware-20241122_3ed524d-noarch-1.txz: Upgraded.
a/kernel-generic-6.12.1-x86_64-1.txz: Upgraded.
a/libblockdev-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
a/libbytesize-2.11-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
a/libpwquality-1.4.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
a/mkinitrd-1.4.11-x86_64-48.txz: Rebuilt.
remove-orphaned-initrds: fixed output path when removing dangling symlinks.
Thanks to Mechanikx.
a/nut-2.8.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
a/util-linux-2.40.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
a/volume_key-0.3.12-x86_64-9.txz: Rebuilt.
Recompiled against python3-3.12.7.
ap/hplip-3.24.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
ap/linuxdoc-tools-0.9.83-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
ap/rpm-4.20.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
ap/undervolt-0.4.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/Cython-3.0.11-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/cmake-3.31.1-x86_64-1.txz: Upgraded.
d/distcc-3.4-x86_64-6.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/gdb-15.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/gyp-20210831_d6c5dd51-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/kernel-headers-6.12.1-x86-1.txz: Upgraded.
d/libtool-2.5.4-x86_64-1.txz: Upgraded.
d/llvm-19.1.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/mercurial-6.9-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/meson-1.6.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/python-pip-24.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/python-setuptools-75.6.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/python3-3.12.7-x86_64-1.txz: Upgraded.
Python 3.12 has been aging for more than a year, so it's time to take it.
Shared library .so-version bump.
d/scons-4.8.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
d/slacktrack-2.24-x86_64-1.txz: Upgraded.
When touching the filesystem, use xargs -P $(nproc) for a nice speedup.
k/kernel-source-6.12.1-noarch-1.txz: Upgraded.
kde/cantor-23.08.5-x86_64-13.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/kapidox-5.116.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/kdev-python-23.08.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/kig-23.08.5-x86_64-6.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/kmymoney-5.1.3-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/kopeninghours-23.08.5-x86_64-6.txz: Rebuilt.
Recompiled against python3-3.12.7.
kde/krita-5.2.6-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/Mako-1.3.5-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/PyQt-builder-1.16.4-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/PyQt5-5.15.11-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/PyQt5_sip-12.15.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/QScintilla-2.14.1-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/avahi-20240306_709e60f-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/boost-1.86.0-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/brotli-1.1.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/dbus-python-1.3.2-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/gexiv2-0.14.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/gi-docgen-2024.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/glade-3.40.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/gobject-introspection-1.82.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/gtk4-4.16.6-x86_64-1.txz: Upgraded.
l/lensfun-0.3.4-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libcaca-0.99.beta20-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libcap-ng-0.8.5-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libmtp-1.1.22-x86_64-1.txz: Upgraded.
l/libnvme-1.11.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libplist-2.6.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libwebp-1.4.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libxml2-2.13.5-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/libxslt-1.1.42-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/mozilla-nss-3.107-x86_64-1.txz: Upgraded.
l/newt-0.52.24-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/protobuf-28.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/pycairo-1.27.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/pycups-2.0.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/pycurl-7.45.3-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/pygobject3-3.50.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/pyparsing-3.1.2-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-Jinja2-3.1.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-MarkupSafe-3.0.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-PyYAML-6.0.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-alabaster-1.0.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-appdirs-1.4.4-x86_64-8.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-babel-2.16.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-build-1.2.2.post1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-calver-2022.6.26-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-certifi-2024.8.30-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-cffi-1.17.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-chardet-5.2.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-charset-normalizer-3.4.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-distro-1.9.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-dnspython-2.7.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-docutils-0.21.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-doxypypy-0.8.8.7-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-doxyqml-0.5.3-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-editables-0.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-flit-core-3.10.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-future-1.0.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-glad2-2.0.8-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-hatch-vcs-0.4.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-hatchling-1.26.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-html5lib-1.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-idna-3.10-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-imagesize-1.4.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-importlib_metadata-8.5.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-installer-0.7.0-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-lxml-5.3.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-markdown-3.7-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-notify2-0.3.1-x86_64-12.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-packaging-24.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pathspec-0.12.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pbr-6.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pillow-11.0.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pluggy-1.5.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-ply-3.11-x86_64-10.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-psutil-6.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pycparser-2.22-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pygments-2.18.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pyproject-hooks-1.2.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-pysol_cards-0.18.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-random2-1.0.2-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-requests-2.32.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-sane-2.9.1-x86_64-7.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-setuptools_scm-8.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-six-1.16.0-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-smartypants-2.0.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-snowballstemmer-2.2.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-sphinx-8.1.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-sphinx_rtd_theme-3.0.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-tomli-w-1.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-trove-classifiers-2024.10.21.16-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-typogrify-2.0.7-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-urllib3-2.2.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-webencodings-0.5.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-wheel-0.45.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/python-zipp-3.21.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/sip-6.8.6-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/speech-dispatcher-0.11.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/system-config-printer-1.5.18-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/talloc-2.4.2-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/tdb-1.4.12-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
l/tevent-0.16.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/epic5-3.0.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/fetchmail-6.5.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/getmail-6.19.05-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/gpgme-1.24.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/iptraf-ng-1.2.2-x86_64-1.txz: Upgraded.
n/net-snmp-5.9.4-x86_64-6.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/nftables-1.1.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/nmap-7.95-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/nss-pam-ldapd-0.9.12-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/obexftp-0.24.2-x86_64-14.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/php-8.3.14-x86_64-1.txz: Upgraded.
This update fixes security issues:
LDAP: Fixed bug GHSA-g665-fm4p-vhff (OOB access in ldap_escape).
(CVE-2024-8932)
MySQLnd: Fixed bug GHSA-h35g-vwh6-m678 (Leak partial content of the heap
through heap buffer over-read). (CVE-2024-8929)
PDO DBLIB: Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the dblib
quoter causing OOB writes). (CVE-2024-11236)
PDO Firebird: Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the
firebird quoter causing OOB writes). (CVE-2024-11236)
Streams: Fixed bug GHSA-c5f2-jwm7-mmq2 (Configuring a proxy in a stream
context might allow for CRLF injection in URIs). (CVE-2024-11234)
Fixed bug GHSA-r977-prxv-hc43 (Single byte overread with
convert.quoted-printable-decode filter). (CVE-2024-11233)
For more information, see:
https://www.php.net/ChangeLog-8.php#8.3.14
https://www.cve.org/CVERecord?id=CVE-2024-8932
https://www.cve.org/CVERecord?id=CVE-2024-8929
https://www.cve.org/CVERecord?id=CVE-2024-11236
https://www.cve.org/CVERecord?id=CVE-2024-11234
https://www.cve.org/CVERecord?id=CVE-2024-11233
(* Security fix *)
n/pssh-2.3.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
n/samba-4.21.1-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/ibus-1.5.31-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/ibus-anthy-1.5.16-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/ibus-hangul-1.5.5-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/ibus-libpinyin-1.15.8-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/ibus-table-1.17.8-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/marisa-0.2.6-x86_64-12.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/pyxdg-0.28-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
x/xcb-proto-1.17.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
xap/blueman-2.4.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.12.7.
xap/hexchat-2.16.2-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.12.7.
extra/brltty/brltty-6.7-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.12.7.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
9951f6a1a8 |
Fri Nov 8 22:17:50 UTC 2024
a/kernel-firmware-20241108_ad74054-noarch-1.txz: Upgraded. a/kernel-generic-6.11.7-x86_64-1.txz: Upgraded. Unless disabled in /etc/default/geninitrd, automatically generate an initial ramdisk upon package installation or upgrade. a/mkinitrd-1.4.11-x86_64-46.txz: Rebuilt. geninitrd: also accept /opt/sbin/geninitrd as an override. Suggested by regdub. Since the installer sends different args to the setup scripts, we can't use $1 as the kernel file with setup.01.mkinitrd, so convert it into a variable in geninitrd instead (if needed). mkinitrd_command_generator.sh: pvdisplay will complain if there are any file descriptors besides stdin, stdout, and stderr, which will always be true when called from a package install script due to file locking. So send stderr from the two calls to pvdisplay to /dev/null. d/kernel-headers-6.11.7-x86-1.txz: Upgraded. k/kernel-source-6.11.7-noarch-1.txz: Upgraded. l/python-packaging-24.2-x86_64-1.txz: Upgraded. n/iptables-1.8.11-x86_64-1.txz: Upgraded. n/lftp-4.9.3-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.34-x86_64-1.txz: Upgraded. x/xbacklight-1.2.4-x86_64-1.txz: Upgraded. x/xf86-video-nouveau-1.0.18-x86_64-1.txz: Upgraded. x/xrandr-1.5.3-x86_64-1.txz: Upgraded. xfce/xfce4-weather-plugin-0.11.3-x86_64-1.txz: Upgraded. extra/xf86-video-fbdev/xf86-video-fbdev-0.5.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. |
||
|
Patrick J Volkerding
|
32ccce4a53 |
Wed Oct 30 21:03:27 UTC 2024
ap/vim-9.1.0821-x86_64-1.txz: Upgraded.
d/llvm-19.1.3-x86_64-1.txz: Upgraded.
d/python-setuptools-75.3.0-x86_64-1.txz: Upgraded.
l/PyQt5-5.15.11-x86_64-2.txz: Rebuilt.
Recompiled to drop the QtWebKit and QtWebKitWidgets bindings.
Thanks to jloco.
l/libclc-19.1.3-x86_64-1.txz: Upgraded.
l/libnl3-3.11.0-x86_64-1.txz: Upgraded.
l/lz4-1.10.0-x86_64-2.txz: Rebuilt.
Make sure liblz4.pc uses lib${LIBDIRSUFFIX}. Thanks to af7567.
l/mozjs128-128.4.0esr-x86_64-1.txz: Upgraded.
n/dovecot-2.3.21.1-x86_64-3.txz: Rebuilt.
Recompiled using --with-lua. Thanks to Luigi Trovato.
n/fetchmail-6.5.0-x86_64-1.txz: Upgraded.
n/gnupg2-2.4.6-x86_64-1.txz: Upgraded.
x/xf86-input-wacom-1.2.3-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.14-x86_64-1.txz: Upgraded.
This update fixes a security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
x/xorg-server-xephyr-21.1.14-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.14-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.14-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-24.1.4-x86_64-1.txz: Upgraded.
This update fixes a security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
xap/mozilla-firefox-128.4.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-56/
https://www.cve.org/CVERecord?id=CVE-2024-10458
https://www.cve.org/CVERecord?id=CVE-2024-10459
https://www.cve.org/CVERecord?id=CVE-2024-10460
https://www.cve.org/CVERecord?id=CVE-2024-10461
https://www.cve.org/CVERecord?id=CVE-2024-10462
https://www.cve.org/CVERecord?id=CVE-2024-10463
https://www.cve.org/CVERecord?id=CVE-2024-10464
https://www.cve.org/CVERecord?id=CVE-2024-10465
https://www.cve.org/CVERecord?id=CVE-2024-10466
https://www.cve.org/CVERecord?id=CVE-2024-10467
(* Security fix *)
xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
https://www.cve.org/CVERecord?id=CVE-2024-10458
https://www.cve.org/CVERecord?id=CVE-2024-10459
https://www.cve.org/CVERecord?id=CVE-2024-10460
https://www.cve.org/CVERecord?id=CVE-2024-10461
https://www.cve.org/CVERecord?id=CVE-2024-10462
https://www.cve.org/CVERecord?id=CVE-2024-10463
https://www.cve.org/CVERecord?id=CVE-2024-10464
https://www.cve.org/CVERecord?id=CVE-2024-10465
https://www.cve.org/CVERecord?id=CVE-2024-10466
https://www.cve.org/CVERecord?id=CVE-2024-10467
(* Security fix *)
xap/vim-gvim-9.1.0821-x86_64-1.txz: Upgraded.
xap/xaos-4.3.3-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-2.txz: Rebuilt.
Rebuilt against xorg-server-21.1.14.
This update fixes a security issue:
By providing a modified bitmap, a heap-based buffer overflow may occur.
This may lead to local privilege escalation if the server is run as root
or remote code execution (e.g. x11 over ssh).
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-October/003545.html
https://www.cve.org/CVERecord?id=CVE-2024-9632
(* Security fix *)
|
||
|
Patrick J Volkerding
|
be920c06c2 |
Thu Oct 17 23:18:46 UTC 2024
a/kernel-firmware-20241017_8dbcf94-noarch-1.txz: Upgraded.
a/kernel-generic-6.11.4-x86_64-1.txz: Upgraded.
ap/usbmuxd-20240916_0b1b233-x86_64-1.txz: Upgraded.
Fix USB tethering to an iPhone. Thanks to skubik and marav.
d/autoconf-archive-2024.10.16-noarch-1.txz: Upgraded.
d/kernel-headers-6.11.4-x86-1.txz: Upgraded.
d/rust-1.82.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.11.4-noarch-1.txz: Upgraded.
l/glib2-2.82.2-x86_64-1.txz: Upgraded.
l/libunistring-1.3-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2024.10.16-x86_64-1.txz: Upgraded.
n/libtirpc-1.3.6-x86_64-1.txz: Upgraded.
x/xinit-1.4.2-x86_64-2.txz: Rebuilt.
startx: Ensure that xserverauthfile is created and given correct permissions
to avoid a startup error message. Thanks to Didier Spaier.
xap/mozilla-thunderbird-128.3.2esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.3.2esr/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
03de904154 |
Wed Oct 16 19:11:30 UTC 2024
d/llvm-19.1.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/python-setuptools-75.2.0-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-45.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/cantor-23.08.5-x86_64-11.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/kdevelop-23.08.5-x86_64-3.txz: Rebuilt.
Recompiled against llvm-19.1.2.
kde/kfilemetadata-5.116.0-x86_64-8.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/kile-2.9.93-x86_64-38.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/kitinerary-23.08.5-x86_64-9.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/krita-5.2.6-x86_64-2.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/labplot-2.11.1-x86_64-4.txz: Rebuilt.
Recompiled against poppler-24.10.0.
kde/okular-23.08.5-x86_64-9.txz: Rebuilt.
Recompiled against poppler-24.10.0.
l/libclc-19.1.2-x86_64-1.txz: Upgraded.
Compiled against llvm-19.1.2.
l/libssh2-1.11.1-x86_64-1.txz: Upgraded.
src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack."
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-48795
(* Security fix *)
l/media-player-info-26-noarch-1.txz: Upgraded.
l/poppler-24.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/python-pillow-11.0.0-x86_64-1.txz: Upgraded.
l/qt5-5.15.15_20240903_363456a6-x86_64-2.txz: Rebuilt.
Patched and recompiled against llvm-19.1.2.
l/qt6-6.7.3_20240920_90e86aee-x86_64-3.txz: Rebuilt.
Patched and recompiled against llvm-19.1.2.
l/spirv-llvm-translator-19.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Compiled against llvm-19.1.2.
n/bind-9.20.3-x86_64-1.txz: Upgraded.
n/c-ares-1.34.2-x86_64-1.txz: Upgraded.
x/mesa-24.2.5-x86_64-1.txz: Upgraded.
Compiled against llvm-19.1.2.
x/xf86-input-evdev-2.11.0-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-1.5.0-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.7-x86_64-1.txz: Upgraded.
extra/xv/xv-6.0.2-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
96d75d54bf |
Thu Sep 5 22:14:23 UTC 2024
ap/inxi-3.3.36_1-noarch-1.txz: Upgraded.
ap/nano-8.2-x86_64-1.txz: Upgraded.
d/luajit-2.1.1725453128-x86_64-1.txz: Upgraded.
d/rust-1.81.0-x86_64-1.txz: Upgraded.
l/netpbm-11.07.01-x86_64-1.txz: Upgraded.
l/python-cffi-1.17.1-x86_64-1.txz: Upgraded.
l/python-glad2-2.0.7-x86_64-1.txz: Upgraded.
l/wireplumber-0.5.6-x86_64-1.txz: Upgraded.
n/iputils-20240905-x86_64-1.txz: Upgraded.
x/igt-gpu-tools-1.29-x86_64-1.txz: Upgraded.
x/libXi-1.8.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-128.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.2.0esr/releasenotes/
(* Security fix *)
|
||
|
Patrick J Volkerding
|
a259c4df1e |
Wed Aug 21 18:08:47 UTC 2024
d/python-setuptools-73.0.1-x86_64-1.txz: Upgraded. d/rust-bindgen-0.70.1-x86_64-1.txz: Upgraded. n/ModemManager-1.22.0-x86_64-1.txz: Upgraded. n/dhcpcd-10.0.10-x86_64-1.txz: Upgraded. n/epic5-2.4-x86_64-1.txz: Upgraded. n/libqmi-1.34.0-x86_64-2.txz: Rebuilt. Build against libqrtr-glib with -Dqrtr=true. n/libqrtr-glib-1.2.2-x86_64-1.txz: Added. ModemManager-1.22.0 needs libqmi to be linked with this. x/xorg-server-21.1.13-x86_64-3.txz: Rebuilt. Patched changing a type from unsigned long to unsigned long long which fixes the black screen seen on 32-bit with the modesetting driver. Seems fine on 64-bit as well, so the patch is applied for all builds. The patch to default to modesetting for Intel graphics is restored (and the one for nouveau is kept as well). Thanks to Lenard Spencer for reporting that nouveau was also hitting this. Thanks to Petri Kaukasoina for the patch. x/xorg-server-xephyr-21.1.13-x86_64-3.txz: Rebuilt. x/xorg-server-xnest-21.1.13-x86_64-3.txz: Rebuilt. x/xorg-server-xvfb-21.1.13-x86_64-3.txz: Rebuilt. |
||
|
Patrick J Volkerding
|
5ec7ae04a2 |
Tue Aug 20 18:23:52 UTC 2024
a/libbytesize-2.11-x86_64-1.txz: Upgraded. d/python-setuptools-73.0.0-x86_64-1.txz: Upgraded. l/python-importlib_metadata-8.4.0-x86_64-1.txz: Upgraded. n/epic5-2.2-x86_64-1.txz: Upgraded. n/netatalk-3.2.7-x86_64-1.txz: Upgraded. x/xorg-server-21.1.13-x86_64-2.txz: Rebuilt. On 32-bit, using the modesetting driver with Intel graphics is resulting in a black screen (observed here with CoffeeLake-H GT2), so on 32-bit only let's stop applying the patch that was making xorg-server use modesetting by default. Thanks to LuckyCyborg and Petri Kaukasoina. Fix build with gcc-14.2. x/xorg-server-xephyr-21.1.13-x86_64-2.txz: Rebuilt. x/xorg-server-xnest-21.1.13-x86_64-2.txz: Rebuilt. x/xorg-server-xvfb-21.1.13-x86_64-2.txz: Rebuilt. xfce/xfce4-screenshooter-1.11.1-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
4147fdd758 |
Mon Jul 29 18:32:35 UTC 2024
a/sysklogd-2.6.1-x86_64-1.txz: Upgraded. d/python-pip-24.2-x86_64-1.txz: Upgraded. d/python-setuptools-72.1.0-x86_64-1.txz: Upgraded. n/links-2.30-x86_64-1.txz: Upgraded. x/libX11-1.8.10-x86_64-1.txz: Upgraded. x/xinput_calibrator-0.8.0-x86_64-1.txz: Added. |
||
|
Patrick J Volkerding
|
73b28184f0 |
Wed Jul 10 17:48:01 UTC 2024
a/grub-2.12-x86_64-11.txz: Rebuilt.
Build using --with-dejavufont=/usr/share/fonts/TTF/DejaVuSans.ttf so that
the starfield theme is included. Thanks to opty.
d/mercurial-6.8-x86_64-1.txz: Upgraded.
d/python-setuptools-70.3.0-x86_64-1.txz: Upgraded.
d/rinutils-0.10.3-x86_64-1.txz: Upgraded.
d/ruby-3.3.4-x86_64-1.txz: Upgraded.
l/glib2-2.80.4-x86_64-1.txz: Upgraded.
l/mozjs115-115.13.0esr-x86_64-1.txz: Upgraded.
l/nodejs-20.15.1-x86_64-1.txz: Upgraded.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-2.txz: Rebuilt.
[PATCH] Client: Ensure that guessed popup parent has a shell surface.
Thanks to ctrlaltca.
Add another patch to fix race conditions building with ninja.
n/bluez-5.77-x86_64-1.txz: Upgraded.
n/getmail-6.19.03-x86_64-1.txz: Upgraded.
x/xdm-1.1.16-x86_64-2.txz: Rebuilt.
Patched to fix an issue drawing/erasing text in the login dialog.
Thanks to GazL.
x/xorg-server-xwayland-24.1.1-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-128.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/128.0esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-29/
https://www.cve.org/CVERecord?id=CVE-2024-6606
https://www.cve.org/CVERecord?id=CVE-2024-6607
https://www.cve.org/CVERecord?id=CVE-2024-6608
https://www.cve.org/CVERecord?id=CVE-2024-6609
https://www.cve.org/CVERecord?id=CVE-2024-6610
https://www.cve.org/CVERecord?id=CVE-2024-6600
https://www.cve.org/CVERecord?id=CVE-2024-6601
https://www.cve.org/CVERecord?id=CVE-2024-6602
https://www.cve.org/CVERecord?id=CVE-2024-6603
https://www.cve.org/CVERecord?id=CVE-2024-6611
https://www.cve.org/CVERecord?id=CVE-2024-6612
https://www.cve.org/CVERecord?id=CVE-2024-6613
https://www.cve.org/CVERecord?id=CVE-2024-6614
https://www.cve.org/CVERecord?id=CVE-2024-6604
https://www.cve.org/CVERecord?id=CVE-2024-6615
(* Security fix *)
|
||
|
Patrick J Volkerding
|
c903d3bfd7 |
Sun May 26 00:07:39 UTC 2024
a/kernel-firmware-20240519_ec8627e-noarch-1.txz: Upgraded. a/kernel-generic-6.9.2-x86_64-1.txz: Upgraded. a/kernel-huge-6.9.2-x86_64-1.txz: Upgraded. a/kernel-modules-6.9.2-x86_64-1.txz: Upgraded. d/kernel-headers-6.9.2-x86-1.txz: Upgraded. e/emacspeak-60.0-x86_64-2.txz: Rebuilt. Fixed dangling symlink. Thanks to marav. k/kernel-source-6.9.2-noarch-1.txz: Upgraded. kde/calligra-3.2.1-x86_64-40.txz: Rebuilt. Recompiled against gsl-2.8. kde/krita-5.2.2-x86_64-10.txz: Rebuilt. Recompiled against gsl-2.8. kde/kstars-3.7.0-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/libindi-2.0.7-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/stellarsolver-2.5-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. kde/step-23.08.5-x86_64-3.txz: Rebuilt. Recompiled against gsl-2.8. l/dav1d-1.4.2-x86_64-1.txz: Upgraded. l/glib2-2.80.2-x86_64-2.txz: Rebuilt. [PATCH 1/2] gmenuexporter: Fix a NULL pointer dereference on an error handling path. [PATCH 2/2] gactiongroupexporter: Fix memory problems on an error handling path. Thanks to Philip Withnall and Arleson. l/gsl-2.8-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/librsvg-2.58.1-x86_64-1.txz: Upgraded. l/pipewire-1.0.7-x86_64-1.txz: Upgraded. n/ntp-4.2.8p18-x86_64-1.txz: Upgraded. x/igt-gpu-tools-1.28-x86_64-3.txz: Rebuilt. Recompiled against gsl-2.8. xap/sane-1.3.1-x86_64-1.txz: Upgraded. xap/xlockmore-5.78-x86_64-1.txz: Upgraded. xap/xsnow-3.7.9-x86_64-2.txz: Rebuilt. Recompiled against gsl-2.8. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. |
||
|
Patrick J Volkerding
|
1531b10f73 |
Tue Apr 23 22:24:03 UTC 2024
d/ruby-3.3.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz: Upgraded.
x/rendercheck-1.6-x86_64-1.txz: Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
2cc32ba84e |
Mon Apr 15 22:28:37 UTC 2024
ap/linuxdoc-tools-0.9.83-x86_64-1.txz: Upgraded. Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0. See the ChangeLog in source/ap/linuxdoc-tools for more details. Thanks to Stuart Winter. ap/sqlite-3.45.3-x86_64-1.txz: Upgraded. l/Mako-1.3.3-x86_64-1.txz: Upgraded. l/pipewire-1.0.5-x86_64-1.txz: Upgraded. l/python-hatchling-1.23.0-x86_64-1.txz: Upgraded. x/libwacom-2.11.0-x86_64-1.txz: Upgraded. x/xcb-proto-1.17.0-x86_64-1.txz: Upgraded. x/xf86-input-wacom-1.2.2-x86_64-1.txz: Upgraded. xap/pan-0.158-x86_64-1.txz: Upgraded. Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-) |
||
|
Patrick J Volkerding
|
44183f6ba3 |
Fri Mar 29 20:39:11 UTC 2024
Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a
rebuild or upgrade to build against python-3.11.8. Looking at the python
readiness page, it seems like a lot of stuff we use is not certified for
python-3.12 yet (although to be fair, about half as much isn't certified for
python-3.11 either). But 3.11 seems to be the safer choice even though the
final bugfix update is scheduled for Monday. And, if we do decide to move
ahead to 3.12 later on, it'll be a lot easier than this update was.
Enjoy! :-)
a/aaa_libraries-15.1-x86_64-29.txz: Rebuilt.
Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0,
libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0,
libgthread-2.0.so.0.8000.0.
Removed: libboost_*.so.1.83.0.
a/libblockdev-2.28-x86_64-3.txz: Rebuilt.
a/libbytesize-2.8-x86_64-2.txz: Rebuilt.
a/libpwquality-1.4.5-x86_64-2.txz: Rebuilt.
a/mcelog-198-x86_64-1.txz: Upgraded.
a/util-linux-2.40-x86_64-2.txz: Rebuilt.
a/volume_key-0.3.12-x86_64-8.txz: Rebuilt.
a/xz-5.6.1-x86_64-2.txz: Rebuilt.
Seems like a good idea to build this from a git pull rather than the signed
release tarballs. :-)
The liblzma in the previous packages were not found to be vulnerable by the
detection script, but I'd rather not carry the bad m4 files in our sources.
Here's a test script for anyone wanting to try it:
if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then
echo probably vulnerable
else
echo probably not vulnerable
fi
ap/hplip-3.23.12-x86_64-3.txz: Rebuilt.
ap/linuxdoc-tools-0.9.82-x86_64-5.txz: Rebuilt.
ap/rpm-4.19.1.1-x86_64-2.txz: Rebuilt.
ap/undervolt-20210815_e39aea1-x86_64-3.txz: Rebuilt.
ap/vim-9.1.0225-x86_64-1.txz: Upgraded.
d/Cython-3.0.9-x86_64-2.txz: Rebuilt.
d/distcc-3.4-x86_64-5.txz: Rebuilt.
d/gdb-14.2-x86_64-2.txz: Rebuilt.
d/gyp-20210831_d6c5dd51-x86_64-3.txz: Rebuilt.
d/llvm-18.1.2-x86_64-2.txz: Rebuilt.
d/mercurial-6.7.1-x86_64-2.txz: Rebuilt.
d/meson-1.4.0-x86_64-2.txz: Rebuilt.
d/python-pip-24.0-x86_64-2.txz: Rebuilt.
d/python-setuptools-69.2.0-x86_64-2.txz: Rebuilt.
d/python3-3.11.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/scons-4.7.0-x86_64-2.txz: Rebuilt.
kde/cantor-23.08.5-x86_64-4.txz: Rebuilt.
kde/kapidox-5.115.0-x86_64-2.txz: Rebuilt.
kde/kdev-python-23.08.5-x86_64-2.txz: Rebuilt.
kde/kig-23.08.5-x86_64-2.txz: Rebuilt.
kde/kmymoney-5.1.3-x86_64-4.txz: Rebuilt.
kde/kopeninghours-23.08.5-x86_64-2.txz: Rebuilt.
kde/krita-5.2.2-x86_64-6.txz: Rebuilt.
l/M2Crypto-0.41.0-x86_64-2.txz: Rebuilt.
l/Mako-1.3.2-x86_64-2.txz: Rebuilt.
l/PyQt-builder-1.15.4-x86_64-2.txz: Rebuilt.
l/PyQt5-5.15.10-x86_64-2.txz: Rebuilt.
l/PyQt5_sip-12.13.0-x86_64-2.txz: Rebuilt.
l/QScintilla-2.14.1-x86_64-3.txz: Rebuilt.
l/avahi-20240306_709e60f-x86_64-2.txz: Rebuilt.
l/brotli-1.1.0-x86_64-2.txz: Rebuilt.
l/dbus-python-1.3.2-x86_64-2.txz: Rebuilt.
l/gexiv2-0.14.2-x86_64-3.txz: Rebuilt.
l/gi-docgen-2023.3-x86_64-2.txz: Rebuilt.
l/glade-3.40.0-x86_64-2.txz: Rebuilt.
l/gobject-introspection-1.80.0-x86_64-2.txz: Rebuilt.
l/harfbuzz-8.4.0-x86_64-1.txz: Upgraded.
l/lensfun-0.3.4-x86_64-2.txz: Rebuilt.
l/libcaca-0.99.beta20-x86_64-2.txz: Rebuilt.
l/libcap-ng-0.8.4-x86_64-2.txz: Rebuilt.
l/libieee1284-0.2.11-x86_64-8.txz: Rebuilt.
l/libimobiledevice-20231007_04c0233-x86_64-2.txz: Rebuilt.
l/libnvme-1.8-x86_64-2.txz: Rebuilt.
l/libplist-2.4.0-x86_64-2.txz: Rebuilt.
l/libwebp-1.3.2-x86_64-3.txz: Rebuilt.
l/libxml2-2.12.6-x86_64-3.txz: Rebuilt.
l/libxslt-1.1.39-x86_64-2.txz: Rebuilt.
l/newt-0.52.24-x86_64-3.txz: Rebuilt.
l/protobuf-26.1-x86_64-2.txz: Rebuilt.
l/pycairo-1.26.0-x86_64-3.txz: Rebuilt.
l/pycups-2.0.1-x86_64-7.txz: Rebuilt.
l/pycurl-7.45.3-x86_64-2.txz: Rebuilt.
l/pygobject3-3.48.1-x86_64-2.txz: Rebuilt.
l/pyparsing-3.1.2-x86_64-2.txz: Rebuilt.
l/python-Jinja2-3.1.3-x86_64-2.txz: Rebuilt.
l/python-MarkupSafe-2.1.5-x86_64-2.txz: Rebuilt.
l/python-PyYAML-6.0.1-x86_64-3.txz: Rebuilt.
l/python-alabaster-0.7.16-x86_64-2.txz: Rebuilt.
l/python-appdirs-1.4.4-x86_64-7.txz: Rebuilt.
l/python-babel-2.14.0-x86_64-2.txz: Rebuilt.
l/python-build-1.2.1-x86_64-2.txz: Rebuilt.
l/python-calver-2022.6.26-x86_64-2.txz: Rebuilt.
l/python-certifi-2024.2.2-x86_64-2.txz: Rebuilt.
l/python-cffi-1.16.0-x86_64-2.txz: Rebuilt.
l/python-chardet-5.2.0-x86_64-2.txz: Rebuilt.
l/python-charset-normalizer-3.3.2-x86_64-2.txz: Rebuilt.
l/python-distro-1.9.0-x86_64-2.txz: Rebuilt.
l/python-dnspython-2.6.1-x86_64-2.txz: Rebuilt.
l/python-docutils-0.20.1-x86_64-2.txz: Rebuilt.
l/python-doxypypy-0.8.8.7-x86_64-2.txz: Rebuilt.
l/python-doxyqml-0.5.3-x86_64-2.txz: Rebuilt.
l/python-editables-0.5-x86_64-2.txz: Rebuilt.
l/python-flit-core-3.9.0-x86_64-2.txz: Rebuilt.
l/python-future-1.0.0-x86_64-2.txz: Rebuilt.
l/python-glad2-2.0.6-x86_64-2.txz: Rebuilt.
l/python-hatchling-1.22.4-x86_64-2.txz: Rebuilt.
l/python-html5lib-1.1-x86_64-2.txz: Rebuilt.
l/python-idna-3.6-x86_64-2.txz: Rebuilt.
l/python-imagesize-1.4.1-x86_64-2.txz: Rebuilt.
l/python-importlib_metadata-7.1.0-x86_64-2.txz: Rebuilt.
l/python-installer-0.7.0-x86_64-2.txz: Rebuilt.
l/python-lxml-5.1.1-x86_64-1.txz: Upgraded.
l/python-markdown-3.6-x86_64-2.txz: Rebuilt.
l/python-notify2-0.3.1-x86_64-11.txz: Rebuilt.
l/python-packaging-24.0-x86_64-2.txz: Rebuilt.
l/python-pathspec-0.12.1-x86_64-2.txz: Rebuilt.
l/python-pbr-6.0.0-x86_64-2.txz: Rebuilt.
l/python-pillow-10.2.0-x86_64-2.txz: Rebuilt.
l/python-pluggy-1.4.0-x86_64-2.txz: Rebuilt.
l/python-ply-3.11-x86_64-9.txz: Rebuilt.
l/python-psutil-5.9.8-x86_64-2.txz: Rebuilt.
l/python-pycparser-2.21-x86_64-2.txz: Rebuilt.
l/python-pygments-2.17.2-x86_64-2.txz: Rebuilt.
l/python-pyproject-hooks-1.0.0-x86_64-2.txz: Rebuilt.
l/python-pysol_cards-0.16.0-x86_64-2.txz: Rebuilt.
l/python-pytz-2024.1-x86_64-2.txz: Rebuilt.
l/python-random2-1.0.2-x86_64-2.txz: Rebuilt.
l/python-requests-2.31.0-x86_64-2.txz: Rebuilt.
l/python-sane-2.9.1-x86_64-6.txz: Rebuilt.
l/python-setuptools_scm-8.0.4-x86_64-2.txz: Rebuilt.
l/python-six-1.16.0-x86_64-4.txz: Rebuilt.
l/python-smartypants-2.0.1-x86_64-2.txz: Rebuilt.
l/python-snowballstemmer-2.2.0-x86_64-2.txz: Rebuilt.
l/python-sphinx-7.2.6-x86_64-2.txz: Rebuilt.
l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz: Rebuilt.
l/python-tomli-2.0.1-x86_64-2.txz: Rebuilt.
l/python-tomli-w-1.0.0-x86_64-2.txz: Rebuilt.
l/python-trove-classifiers-2024.3.25-x86_64-2.txz: Rebuilt.
l/python-typing_extensions-4.10.0-x86_64-2.txz: Rebuilt.
l/python-typogrify-2.0.7-x86_64-2.txz: Rebuilt.
l/python-urllib3-2.2.1-x86_64-2.txz: Rebuilt.
l/python-webencodings-0.5.1-x86_64-2.txz: Rebuilt.
l/python-wheel-0.43.0-x86_64-2.txz: Rebuilt.
l/python-zipp-3.18.1-x86_64-2.txz: Rebuilt.
l/sip-6.8.3-x86_64-2.txz: Rebuilt.
l/speech-dispatcher-0.11.5-x86_64-2.txz: Rebuilt.
l/system-config-printer-1.5.18-x86_64-2.txz: Rebuilt.
l/talloc-2.4.2-x86_64-2.txz: Rebuilt.
l/tdb-1.4.10-x86_64-2.txz: Rebuilt.
l/tevent-0.16.1-x86_64-2.txz: Rebuilt.
n/epic5-2.1.12-x86_64-7.txz: Rebuilt.
n/fetchmail-6.4.38-x86_64-2.txz: Rebuilt.
n/getmail-6.18.14-x86_64-2.txz: Rebuilt.
n/gpgme-1.23.2-x86_64-3.txz: Rebuilt.
n/net-snmp-5.9.4-x86_64-2.txz: Rebuilt.
n/nftables-1.0.9-x86_64-2.txz: Rebuilt.
n/nmap-7.94-x86_64-2.txz: Rebuilt.
n/nss-pam-ldapd-0.9.12-x86_64-4.txz: Rebuilt.
n/obexftp-0.24.2-x86_64-12.txz: Rebuilt.
n/pssh-2.3.5-x86_64-2.txz: Rebuilt.
n/samba-4.20.0-x86_64-2.txz: Rebuilt.
x/ibus-1.5.29-x86_64-3.txz: Rebuilt.
x/ibus-anthy-1.5.16-x86_64-2.txz: Rebuilt.
x/ibus-hangul-1.5.5-x86_64-2.txz: Rebuilt.
x/ibus-libpinyin-1.15.7-x86_64-2.txz: Rebuilt.
x/ibus-table-1.17.4-x86_64-2.txz: Rebuilt.
x/marisa-0.2.6-x86_64-9.txz: Rebuilt.
x/pyxdg-0.28-x86_64-2.txz: Rebuilt.
x/xcb-proto-1.16.0-x86_64-3.txz: Rebuilt.
xap/blueman-2.3.5-x86_64-2.txz: Rebuilt.
xap/hexchat-2.16.2-x86_64-2.txz: Rebuilt.
xap/vim-gvim-9.1.0225-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.6-x86_64-3.txz: Rebuilt.
|
||
|
Patrick J Volkerding
|
1e89414bae |
Sat Mar 23 19:34:02 UTC 2024
ap/vim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz: Added.
Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz: Upgraded.
l/libdeflate-1.20-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz: Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-2.txz: Rebuilt.
Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz: Rebuilt.
It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-16/
https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
|
||
|
Patrick J Volkerding
|
0cbf4c3859 |
Wed Mar 20 21:10:30 UTC 2024
a/libblockdev-2.28-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz: Rebuilt.
rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz: Rebuilt.
Drop python2 support.
ap/man-pages-6.7-noarch-1.txz: Upgraded.
d/cmake-3.28.4-x86_64-1.txz: Upgraded.
d/llvm-18.1.2-x86_64-1.txz: Upgraded.
d/python2-2.7.18-x86_64-7.txz: Rebuilt.
Bundle the final python2 versions of pip and setuptools.
Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz: Upgraded.
Point the /usr/bin/python symlink at python3.9.
PEP 394 says we can do this, and in a world of ambigious shebangs, this
is probably the best of the available options.
This update also fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
https://www.cve.org/CVERecord?id=CVE-2023-52425
https://www.cve.org/CVERecord?id=CVE-2024-0450
https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
d/strace-6.8-x86_64-1.txz: Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz: Rebuilt.
Fixed installed library name. Thanks to reddog83.
Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz: Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz: Rebuilt.
Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz: Removed.
Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz: Added.
We'll need this (along with pygtk and pygobject) until we get gimp3.
Well, we could build gimp without python support, but I really don't think
that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz: Upgraded.
n/crda-4.15-x86_64-1.txz: Removed.
The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz: Upgraded.
n/gpgme-1.23.2-x86_64-2.txz: Rebuilt.
Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz: Rebuilt.
Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz: Added.
Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz: Removed.
Nothing uses it, and it was never updated for python3. Removed as obsolete.
|
||
|
Patrick J Volkerding
|
eabd4b9fab |
Sun Mar 3 20:50:24 UTC 2024
d/gdb-14.2-x86_64-1.txz: Upgraded. l/python-PyYAML-6.0.1-x86_64-2.txz: Rebuilt. Fixed build with Cython >= 3. Thanks to Stuart Winter. l/qt6-6.6.2_20240210_15b7e743-x86_64-2.txz: Rebuilt. Fixed the sdpscanner6 symlink by moving INSTALL_LIBEXECDIR to the expected location. x/editres-1.0.9-x86_64-1.txz: Upgraded. x/encodings-1.1.0-noarch-1.txz: Upgraded. x/gccmakedep-1.0.4-noarch-1.txz: Upgraded. x/libXaw3d-1.6.6-x86_64-1.txz: Upgraded. x/libXcursor-1.2.2-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.5-x86_64-1.txz: Upgraded. x/libfontenc-1.1.8-x86_64-1.txz: Upgraded. x/libxcb-1.16.1-x86_64-1.txz: Upgraded. x/listres-1.0.6-x86_64-1.txz: Upgraded. x/mkfontscale-1.2.3-x86_64-1.txz: Upgraded. x/xauth-1.1.3-x86_64-1.txz: Upgraded. x/xlsfonts-1.0.8-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
0dcf6c9e37 |
Wed Feb 14 04:31:08 UTC 2024
l/exiv2-0.28.2-x86_64-1.txz: Upgraded.
Fixes two low-severity security issues introduced in 0.28.x:
Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
Denial of service due to unbounded recursion in
QuickTimeVideo::multipleEntriesDecoder.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-24826
https://www.cve.org/CVERecord?id=CVE-2024-25112
(* Security fix *)
l/gnome-keyring-46.1-x86_64-1.txz: Upgraded.
n/dnsmasq-2.90-x86_64-1.txz: Upgraded.
Add limits on the resources used to do DNSSEC validation.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50868
(* Security fix *)
x/igt-gpu-tools-1.28-x86_64-2.txz: Rebuilt.
Recompiled against /procps-ng-4.0.4.
|
||
|
Patrick J Volkerding
|
362e0f90f1 |
Sun Feb 4 19:20:00 UTC 2024
ap/pamixer-1.6-x86_64-1.txz: Upgraded.
d/rust-bindgen-0.69.4-x86_64-1.txz: Upgraded.
l/cxxopts-3.1.1-x86_64-1.txz: Added.
Needed by pamixer-1.6.
l/gc-8.2.6-x86_64-1.txz: Upgraded.
l/libxml2-2.12.5-x86_64-1.txz: Upgraded.
Fix the following security issue:
xmlreader: Don't expand XIncludes when backtracking.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-25062
(* Security fix *)
x/bitmap-1.1.1-x86_64-1.txz: Upgraded.
x/xditview-1.0.7-x86_64-1.txz: Upgraded.
x/xkbcomp-1.4.7-x86_64-1.txz: Upgraded.
x/xkbutils-1.0.6-x86_64-1.txz: Upgraded.
x/xmore-1.0.4-x86_64-1.txz: Upgraded.
x/xprop-1.2.7-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
c705d52caf |
Sun Jan 21 20:50:08 UTC 2024
a/ed-1.20-x86_64-1.txz: Upgraded.
l/SDL2_ttf-2.22.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_27-x86_64-1.txz: Upgraded.
l/libproxy-0.5.3-x86_64-1.txz: Upgraded.
n/nghttp2-1.59.0-x86_64-1.txz: Upgraded.
x/xbiff-1.0.5-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz: Rebuilt.
Recompiled against xorg-server-21.1.11, including the latest patches for
several security issues. Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-6377
https://www.cve.org/CVERecord?id=CVE-2023-6478
https://www.cve.org/CVERecord?id=CVE-2023-6816
https://www.cve.org/CVERecord?id=CVE-2024-0229
https://www.cve.org/CVERecord?id=CVE-2024-0408
https://www.cve.org/CVERecord?id=CVE-2024-0409
https://www.cve.org/CVERecord?id=CVE-2024-21885
https://www.cve.org/CVERecord?id=CVE-2024-21886
https://www.cve.org/CVERecord?id=CVE-2024-21886
(* Security fix *)
|
||
|
Patrick J Volkerding
|
83bf1d11ee |
Fri Sep 29 19:45:18 UTC 2023
d/meson-1.2.2-x86_64-1.txz: Upgraded.
l/nodejs-20.8.0-x86_64-1.txz: Upgraded.
l/sof-firmware-2023.09-noarch-1.txz: Upgraded.
n/bluez-5.70-x86_64-1.txz: Upgraded.
n/php-8.2.11-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.11
x/mesa-23.2.1-x86_64-1.txz: Upgraded.
x/xman-1.1.6-x86_64-1.txz: Upgraded.
xfce/xfce4-clipman-plugin-1.6.5-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
94e7610642 |
Thu Jul 20 19:55:25 UTC 2023
d/re2c-3.1-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.22.5-x86_64-1.txz: Upgraded.
l/gstreamer-1.22.5-x86_64-1.txz: Upgraded.
l/libptytty-2.0-x86_64-1.txz: Added.
This is required by rxvt-unicode-9.31.
x/libpthread-stubs-0.5-x86_64-1.txz: Upgraded.
xap/rxvt-unicode-9.31-x86_64-1.txz: Upgraded.
Compiled against libptytty-2.0.
testing/packages/mozilla-thunderbird-115.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.0.1/releasenotes/
(* Security fix *)
|
||
|
Patrick J Volkerding
|
cf35a7e0c8 |
Sun Jun 4 19:16:13 UTC 2023
l/ocl-icd-2.3.2-x86_64-1.txz: Upgraded. n/libmilter-8.17.2-x86_64-1.txz: Upgraded. x/egl-wayland-1.1.12-x86_64-1.txz: Upgraded. x/libdmx-1.1.5-x86_64-1.txz: Upgraded. x/xrdb-1.2.2-x86_64-1.txz: Upgraded. x/xscope-1.4.4-x86_64-1.txz: Upgraded. x/xtrans-1.5.0-noarch-1.txz: Upgraded. x/xwd-1.0.9-x86_64-1.txz: Upgraded. extra/sendmail/sendmail-8.17.2-x86_64-1.txz: Upgraded. This is a bugfix release. extra/sendmail/sendmail-cf-8.17.2-noarch-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
d06ae62d99 |
Mon May 8 23:42:23 UTC 2023
a/less-633-x86_64-1.txz: Upgraded. ap/inxi-3.3.27_1-noarch-1.txz: Upgraded. d/rust-1.68.2-x86_64-2.txz: Upgraded. l/mlt-7.16.0-x86_64-1.txz: Upgraded. x/m17n-lib-1.8.1-x86_64-1.txz: Upgraded. x/xf86-video-dummy-0.4.1-x86_64-1.txz: Upgraded. testing/packages/rust-1.69.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
af89c2d6e8 |
Fri Apr 28 18:25:13 UTC 2023
kde/kalk-23.04.0-x86_64-1.txz: Removed. kde/ktextaddons-1.2.1-x86_64-1.txz: Upgraded. Revert to this version until a newer one works. kde/qcoro-0.9.0-x86_64-1.txz: Upgraded. l/iso-codes-4.15.0-noarch-1.txz: Upgraded. n/lynx-2.9.0dev.12-x86_64-1.txz: Upgraded. x/xdpyinfo-1.3.4-x86_64-1.txz: Upgraded. x/xinput-1.6.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
59f80800c2 |
Tue Apr 11 18:49:02 UTC 2023
a/mcelog-194-x86_64-1.txz: Upgraded.
a/tcsh-6.24.08-x86_64-1.txz: Upgraded.
d/meson-1.1.0-x86_64-1.txz: Upgraded.
d/rust-bindgen-0.65.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.10.0esr-x86_64-1.txz: Upgraded.
l/nodejs-19.9.0-x86_64-1.txz: Upgraded.
l/parted-3.6-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.0-x86_64-1.txz: Upgraded.
x/libXfixes-6.0.1-x86_64-1.txz: Upgraded.
x/libXt-1.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-neomagic-1.3.1-x86_64-1.txz: Added.
x/xf86-video-savage-2.4.0-x86_64-1.txz: Added.
x/xwininfo-1.1.6-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-112.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/112.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001
https://www.cve.org/CVERecord?id=CVE-2023-29531
https://www.cve.org/CVERecord?id=CVE-2023-29532
https://www.cve.org/CVERecord?id=CVE-2023-29533
https://www.cve.org/CVERecord?id=CVE-2023-29534
https://www.cve.org/CVERecord?id=CVE-2023-29535
https://www.cve.org/CVERecord?id=CVE-2023-29536
https://www.cve.org/CVERecord?id=CVE-2023-29537
https://www.cve.org/CVERecord?id=CVE-2023-29538
https://www.cve.org/CVERecord?id=CVE-2023-29539
https://www.cve.org/CVERecord?id=CVE-2023-29540
https://www.cve.org/CVERecord?id=CVE-2023-29541
https://www.cve.org/CVERecord?id=CVE-2023-29542
https://www.cve.org/CVERecord?id=CVE-2023-29543
https://www.cve.org/CVERecord?id=CVE-2023-29544
https://www.cve.org/CVERecord?id=CVE-2023-29545
https://www.cve.org/CVERecord?id=CVE-2023-29546
https://www.cve.org/CVERecord?id=CVE-2023-29547
https://www.cve.org/CVERecord?id=CVE-2023-29548
https://www.cve.org/CVERecord?id=CVE-2023-29549
https://www.cve.org/CVERecord?id=CVE-2023-29550
https://www.cve.org/CVERecord?id=CVE-2023-29551
(* Security fix *)
|
||
|
Patrick J Volkerding
|
9ed93909f8 |
Tue Apr 4 20:15:38 UTC 2023
a/mcelog-193-x86_64-1.txz: Upgraded. d/vala-0.56.6-x86_64-1.txz: Upgraded. kde/bluedevil-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-grub-5.27.4-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.27.4-x86_64-1.txz: Upgraded. kde/drkonqi-5.27.4-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.27.4-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.27.4-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.27.4-x86_64-1.txz: Upgraded. kde/kdecoration-5.27.4-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.27.4-x86_64-1.txz: Upgraded. kde/kgamma5-5.27.4-x86_64-1.txz: Upgraded. kde/khotkeys-5.27.4-x86_64-1.txz: Upgraded. kde/kinfocenter-5.27.4-x86_64-1.txz: Upgraded. kde/kmenuedit-5.27.4-x86_64-1.txz: Upgraded. kde/kpipewire-5.27.4-x86_64-1.txz: Upgraded. kde/kscreen-5.27.4-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.27.4-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.27.4-x86_64-1.txz: Upgraded. kde/ksystemstats-5.27.4-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.27.4-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.27.4-x86_64-1.txz: Upgraded. kde/kwin-5.27.4-x86_64-1.txz: Upgraded. kde/kwrited-5.27.4-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.27.4-x86_64-1.txz: Upgraded. kde/libkscreen-5.27.4-x86_64-1.txz: Upgraded. kde/libksysguard-5.27.4-x86_64-1.txz: Upgraded. kde/milou-5.27.4-x86_64-1.txz: Upgraded. kde/oxygen-5.27.4-x86_64-1.txz: Upgraded. kde/oxygen-sounds-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-browser-integration-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-disks-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-integration-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-nm-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-pa-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.27.4-x86_64-1.txz: Upgraded. kde/plasma-vault-5.27.4.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.27.4.1-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.27.4.1-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.27.4.1-x86_64-1.txz: Upgraded. kde/powerdevil-5.27.4.1-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.27.4-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.27.4.1-x86_64-1.txz: Upgraded. kde/systemsettings-5.27.4.1-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.27.4.1-x86_64-1.txz: Upgraded. n/daemon-0.8.2-x86_64-1.txz: Upgraded. x/wayland-1.22.0-x86_64-1.txz: Upgraded. x/xf86-input-libinput-1.3.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
c3f9dd63fd |
Tue Feb 28 21:33:32 UTC 2023
a/mkinitrd-1.4.11-x86_64-31.txz: Rebuilt.
Fix the check to ensure -R is added when the root partition is a partition of
a RAID device.
Thanks to perrin4869 and drumz.
ap/vim-9.0.1362-x86_64-1.txz: Upgraded.
kde/bluedevil-5.27.2-x86_64-1.txz: Upgraded.
kde/breeze-5.27.2-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.2-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.2-x86_64-1.txz: Upgraded.
kde/drkonqi-5.27.2-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.27.2-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.2-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.2-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.2-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.2-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.2-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.2-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.2-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.2-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.2-x86_64-1.txz: Upgraded.
kde/kscreen-5.27.2-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.2-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.2-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.2-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.2-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.2-x86_64-1.txz: Upgraded.
kde/kwin-5.27.2-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.2-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.2-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.2-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.2-x86_64-1.txz: Upgraded.
kde/milou-5.27.2-x86_64-1.txz: Upgraded.
kde/oxygen-5.27.2-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.2-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.2-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.2-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.2-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.2-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.2-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.2-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.2-x86_64-1.txz: Upgraded.
l/iso-codes-4.13.0-noarch-1.txz: Upgraded.
n/whois-5.5.16-x86_64-1.txz: Upgraded.
Add bash completion support, courtesy of Ville Skytta.
Updated the .tr TLD server.
Removed support for -metu NIC handles.
x/encodings-1.0.7-noarch-1.txz: Upgraded.
x/font-adobe-100dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-adobe-75dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-adobe-utopia-100dpi-1.0.5-noarch-1.txz: Upgraded.
x/font-adobe-utopia-75dpi-1.0.5-noarch-1.txz: Upgraded.
x/font-adobe-utopia-type1-1.0.5-noarch-1.txz: Upgraded.
x/font-alias-1.0.5-noarch-1.txz: Upgraded.
x/font-arabic-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-100dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-75dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-lucidatypewriter-100dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-lucidatypewriter-75dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-ttf-1.0.4-noarch-1.txz: Upgraded.
x/font-bh-type1-1.0.4-noarch-1.txz: Upgraded.
x/font-bitstream-100dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bitstream-75dpi-1.0.4-noarch-1.txz: Upgraded.
x/font-bitstream-type1-1.0.4-noarch-1.txz: Upgraded.
x/font-cronyx-cyrillic-1.0.4-noarch-1.txz: Upgraded.
x/font-cursor-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-daewoo-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-dec-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-ibm-type1-1.0.4-noarch-1.txz: Upgraded.
x/font-isas-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-jis-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-micro-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-misc-cyrillic-1.0.4-noarch-1.txz: Upgraded.
x/font-misc-ethiopic-1.0.5-noarch-1.txz: Upgraded.
x/font-misc-meltho-1.0.4-noarch-1.txz: Upgraded.
x/font-misc-misc-1.1.3-noarch-1.txz: Upgraded.
x/font-mutt-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-schumacher-misc-1.1.3-noarch-1.txz: Upgraded.
x/font-screen-cyrillic-1.0.5-noarch-1.txz: Upgraded.
x/font-sony-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-sun-misc-1.0.4-noarch-1.txz: Upgraded.
x/font-winitzki-cyrillic-1.0.4-noarch-1.txz: Upgraded.
x/font-xfree86-type1-1.0.5-noarch-1.txz: Upgraded.
xap/mozilla-firefox-110.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/110.0.1/releasenotes/
xap/vim-gvim-9.0.1362-x86_64-1.txz: Upgraded.
xfce/xfce4-notifyd-0.8.2-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
b2b4f6942b |
Thu Feb 23 20:47:06 UTC 2023
ap/sqlite-3.41.0-x86_64-1.txz: Upgraded. d/parallel-20230222-noarch-1.txz: Upgraded. kde/kidletime-5.103.0-x86_64-2.txz: Rebuilt. [PATCH] wayland: Guard wayland object destructors. Thanks to marav. l/glib2-2.74.6-x86_64-1.txz: Upgraded. l/nodejs-19.7.0-x86_64-1.txz: Upgraded. l/v4l-utils-1.24.0-x86_64-1.txz: Upgraded. n/NetworkManager-1.42.2-x86_64-1.txz: Upgraded. x/font-util-1.4.0-x86_64-1.txz: Upgraded. x/mesa-22.3.6-x86_64-1.txz: Upgraded. x/xbitmaps-1.1.3-x86_64-1.txz: Upgraded. x/xcursor-themes-1.0.7-noarch-1.txz: Upgraded. x/xf86-video-amdgpu-23.0.0-x86_64-1.txz: Upgraded. x/xorg-cf-files-1.0.8-x86_64-1.txz: Upgraded. xap/gimp-2.10.34-x86_64-1.txz: Upgraded. xap/gparted-1.5.0-x86_64-1.txz: Upgraded. xfce/thunar-4.18.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
a38ab2e72c |
Thu Feb 16 22:07:06 UTC 2023
ap/vim-9.0.1314-x86_64-1.txz: Upgraded.
l/pipewire-0.3.66-x86_64-1.txz: Upgraded.
n/bind-9.18.12-x86_64-1.txz: Upgraded.
x/xf86-video-s3virge-1.11.1-x86_64-1.txz: Added.
x/xf86-video-trident-1.4.0-x86_64-1.txz: Added.
x/xterm-379-x86_64-1.txz: Upgraded.
xap/freerdp-2.10.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
https://www.cve.org/CVERecord?id=CVE-2023-0616
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25746
(* Security fix *)
xap/vim-gvim-9.0.1314-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
52ac228489 |
Mon Feb 13 20:03:36 UTC 2023
ap/man-pages-6.03-noarch-1.txz: Upgraded. l/atkmm-2.28.3-x86_64-1.txz: Upgraded. l/cairomm-1.14.4-x86_64-1.txz: Upgraded. l/glibmm-2.66.5-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_62-x86_64-1.txz: Upgraded. n/nghttp2-1.52.0-x86_64-1.txz: Upgraded. x/util-macros-1.20.0-noarch-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
dfd380d502 |
Sun Feb 5 20:39:36 UTC 2023
ap/htop-3.2.2-x86_64-1.txz: Upgraded. l/fuse3-3.13.1-x86_64-1.txz: Upgraded. l/pangomm-2.46.3-x86_64-1.txz: Upgraded. l/tevent-0.14.1-x86_64-1.txz: Upgraded. n/dnsmasq-2.89-x86_64-1.txz: Upgraded. x/libX11-1.8.4-x86_64-1.txz: Upgraded. x/xkeyboard-config-2.38-noarch-1.txz: Upgraded. x/xvidtune-1.0.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
36e934ce2f |
Sun Jan 29 19:01:47 UTC 2023
l/imagemagick-7.1.0_59-x86_64-1.txz: Upgraded. n/c-ares-1.19.0-x86_64-1.txz: Upgraded. n/fetchmail-6.4.36-x86_64-1.txz: Upgraded. x/beforelight-1.0.6-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
14094b8867 |
Thu Jan 19 21:07:32 UTC 2023
a/pkgtools-15.1-noarch-4.txz: Rebuilt. makepkg: also let xz decide how many threads to use on ARM platforms aarch64 and riscv64. Thanks to Stuart Winter. installpkg: fix reversed test for if a --threads option was given. It appears that it's been wrong for years but since xz didn't support threaded decompression yet it wasn't noticed. a/xz-5.4.1-x86_64-2.txz: Rebuilt. Reduce default verbosity from V_WARNING to V_ERROR to avoid sending non-fatal memory usage information to stderr. kde/plasma-wayland-protocols-1.10.0-x86_64-1.txz: Upgraded. l/exiv2-0.27.6-x86_64-1.txz: Upgraded. l/tdb-1.4.8-x86_64-1.txz: Upgraded. x/igt-gpu-tools-1.27.1-x86_64-1.txz: Upgraded. x/libX11-1.8.3-x86_64-2.txz: Rebuilt. [PATCH] Fix a9e845 and 797755 Allow X*IfEvent() to reenter libX11 Thanks to marav. |
||
|
Patrick J Volkerding
|
9cc1c3b360 |
Wed Jan 18 06:11:54 UTC 2023
ap/diffutils-3.9-x86_64-1.txz: Upgraded.
ap/lsof-4.97.0-x86_64-1.txz: Upgraded.
ap/mpg123-1.31.2-x86_64-1.txz: Upgraded.
d/binutils-2.40-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/git-2.39.1-x86_64-1.txz: Upgraded.
d/oprofile-1.4.0-x86_64-11.txz: Rebuilt.
Recompiled against binutils-2.40.
n/httpd-2.4.55-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issues:
mod_proxy allows a backend to trigger HTTP response splitting.
mod_proxy_ajp possible request smuggling.
mod_dav out of bounds read, or write of zero byte.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.55
https://www.cve.org/CVERecord?id=CVE-2022-37436
https://www.cve.org/CVERecord?id=CVE-2022-36760
https://www.cve.org/CVERecord?id=CVE-2006-20001
(* Security fix *)
x/ibus-libpinyin-1.15.0-x86_64-1.txz: Upgraded.
Compiled against libpinyin-2.8.1.
x/igt-gpu-tools-1.27-x86_64-1.txz: Upgraded.
x/libXpm-3.5.15-x86_64-1.txz: Upgraded.
This update fixes security issues:
Infinite loop on unclosed comments.
Runaway loop with width of 0 and enormous height.
Compression commands depend on $PATH.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-46285
https://www.cve.org/CVERecord?id=CVE-2022-44617
https://www.cve.org/CVERecord?id=CVE-2022-4883
(* Security fix *)
x/libinput-1.22.1-x86_64-1.txz: Upgraded.
x/libpinyin-2.8.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
xap/mozilla-firefox-109.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
Thanks to marav for the build help.
For more information, see:
https://www.mozilla.org/en-US/firefox/109.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/
https://www.cve.org/CVERecord?id=CVE-2023-23597
https://www.cve.org/CVERecord?id=CVE-2023-23598
https://www.cve.org/CVERecord?id=CVE-2023-23599
https://www.cve.org/CVERecord?id=CVE-2023-23600
https://www.cve.org/CVERecord?id=CVE-2023-23601
https://www.cve.org/CVERecord?id=CVE-2023-23602
https://www.cve.org/CVERecord?id=CVE-2023-23603
https://www.cve.org/CVERecord?id=CVE-2023-23604
https://www.cve.org/CVERecord?id=CVE-2023-23605
https://www.cve.org/CVERecord?id=CVE-2023-23606
(* Security fix *)
|
||
|
Patrick J Volkerding
|
a1d6f79ce8 |
Tue Dec 20 20:40:18 UTC 2022
d/p2c-2.02-x86_64-1.txz: Upgraded.
kde/dolphin-22.12.0-x86_64-2.txz: Rebuilt.
[PATCH] Revert "portalize drag urls"
Thanks to marav.
l/gst-plugins-bad-free-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.20.5-x86_64-1.txz: Upgraded.
l/gstreamer-1.20.5-x86_64-1.txz: Upgraded.
l/libqalculate-4.5.0-x86_64-1.txz: Upgraded.
l/libvncserver-0.9.14-x86_64-1.txz: Upgraded.
l/sdl-1.2.15-x86_64-14.txz: Rebuilt.
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)
n/gnupg2-2.2.41-x86_64-1.txz: Upgraded.
n/libksba-1.6.3-x86_64-1.txz: Upgraded.
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
x/libSM-1.2.4-x86_64-1.txz: Upgraded.
x/xcb-util-0.4.1-x86_64-1.txz: Upgraded.
x/xdriinfo-1.0.7-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
fc0ff5a5d7 |
Wed Dec 14 21:19:34 UTC 2022
a/bash-5.2.015-x86_64-1.txz: Upgraded.
a/tcsh-6.24.06-x86_64-1.txz: Upgraded.
ap/inxi-3.3.24_1-noarch-1.txz: Upgraded.
ap/nano-7.1-x86_64-1.txz: Upgraded.
d/git-2.39.0-x86_64-1.txz: Upgraded.
d/rust-1.65.0-x86_64-1.txz: Upgraded.
d/strace-6.1-x86_64-1.txz: Upgraded.
kde/krita-5.1.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_54-x86_64-1.txz: Upgraded.
l/nodejs-19.3.0-x86_64-1.txz: Upgraded.
l/pcre2-10.42-x86_64-1.txz: Upgraded.
n/iproute2-6.1.0-x86_64-1.txz: Upgraded.
x/makedepend-1.0.8-x86_64-1.txz: Upgraded.
x/xhost-1.0.9-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.5-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
x/xorg-server-xephyr-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-22.1.6-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
xap/mozilla-thunderbird-102.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
https://www.cve.org/CVERecord?id=CVE-2022-46880
https://www.cve.org/CVERecord?id=CVE-2022-46872
https://www.cve.org/CVERecord?id=CVE-2022-46881
https://www.cve.org/CVERecord?id=CVE-2022-46874
https://www.cve.org/CVERecord?id=CVE-2022-46875
https://www.cve.org/CVERecord?id=CVE-2022-46882
https://www.cve.org/CVERecord?id=CVE-2022-46878
(* Security fix *)
xap/xscreensaver-6.06-x86_64-1.txz: Upgraded.
testing/packages/mozilla-firefox-108.0-x86_64-1.txz: Upgraded.
Starting this out in /testing for now, since I've been trying for 2 days to
get it to compile on 32-bit with no luck. It ends up failing with a bunch of
errors like this:
ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync
Any help getting this to build on 32-bit would be greatly appreciated.
I've tried most of ponce's bag of tricks already. :-)
|
||
|
Patrick J Volkerding
|
ac5857bb77 |
Sat Dec 10 19:28:02 UTC 2022
kde/attica-5.101.0-x86_64-1.txz: Upgraded. kde/baloo-5.101.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.101.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.101.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.101.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.101.0-x86_64-1.txz: Upgraded. kde/kactivities-5.101.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.101.0-x86_64-1.txz: Upgraded. kde/kapidox-5.101.0-x86_64-1.txz: Upgraded. kde/karchive-5.101.0-x86_64-1.txz: Upgraded. kde/kauth-5.101.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.101.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.101.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.101.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.101.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.101.0-x86_64-1.txz: Upgraded. kde/kconfig-5.101.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.101.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kcrash-5.101.0-x86_64-1.txz: Upgraded. kde/kdav-5.101.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.101.0-x86_64-1.txz: Upgraded. kde/kded-5.101.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.101.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.101.0-x86_64-1.txz: Upgraded. kde/kdesu-5.101.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.101.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.101.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.101.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.101.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.101.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.101.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kholidays-5.101.0-x86_64-1.txz: Upgraded. kde/khtml-5.101.0-x86_64-1.txz: Upgraded. kde/ki18n-5.101.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.101.0-x86_64-1.txz: Upgraded. kde/kidletime-5.101.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.101.0-x86_64-1.txz: Upgraded. kde/kinit-5.101.0-x86_64-1.txz: Upgraded. kde/kio-5.101.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.101.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.101.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.101.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kjs-5.101.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.101.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.101.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.101.0-x86_64-1.txz: Upgraded. kde/knotifications-5.101.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.101.0-x86_64-1.txz: Upgraded. kde/kpackage-5.101.0-x86_64-1.txz: Upgraded. kde/kparts-5.101.0-x86_64-1.txz: Upgraded. kde/kpeople-5.101.0-x86_64-1.txz: Upgraded. kde/kplotting-5.101.0-x86_64-1.txz: Upgraded. kde/kpty-5.101.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.101.0-x86_64-1.txz: Upgraded. kde/kross-5.101.0-x86_64-1.txz: Upgraded. kde/krunner-5.101.0-x86_64-1.txz: Upgraded. kde/kservice-5.101.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.101.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.101.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.101.0-x86_64-1.txz: Upgraded. kde/kwallet-5.101.0-x86_64-1.txz: Upgraded. kde/kwayland-5.101.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.101.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.101.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.101.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.101.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.101.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.101.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.101.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.101.0-x86_64-1.txz: Upgraded. kde/prison-5.101.0-x86_64-1.txz: Upgraded. kde/purpose-5.101.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.101.0-x86_64-1.txz: Upgraded. kde/solid-5.101.0-x86_64-1.txz: Upgraded. kde/sonnet-5.101.0-x86_64-1.txz: Upgraded. kde/syndication-5.101.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.101.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.101.0-x86_64-1.txz: Upgraded. x/xf86-video-vesa-2.6.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
b98f1614c2 |
Wed Dec 7 18:48:07 UTC 2022
d/cargo-vendor-filterer-0.5.7-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
d/cbindgen-0.24.3-x86_64-1.txz: Added.
d/python3-3.9.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
gh-98739: Updated bundled libexpat to 2.5.0 to fix CVE-2022-43680
(heap use-after-free).
gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio
related name resolution functions no longer involves a quadratic algorithm
to fix CVE-2022-45061. This prevents a potential CPU denial of service if an
out-of-spec excessive length hostname involving bidirectional characters were
decoded. Some protocols such as urllib http 3xx redirects potentially allow
for an attacker to supply such a name.
gh-100001: python -m http.server no longer allows terminal control characters
sent within a garbage request to be printed to the stderr server log.
gh-87604: Avoid publishing list of active per-interpreter audit hooks via the
gc module.
gh-97514: On Linux the multiprocessing module returns to using filesystem
backed unix domain sockets for communication with the forkserver process
instead of the Linux abstract socket namespace. Only code that chooses to use
the "forkserver" start method is affected. This prevents Linux CVE-2022-42919
(potential privilege escalation) as abstract sockets have no permissions and
could allow any user on the system in the same network namespace (often the
whole system) to inject code into the multiprocessing forkserver process.
Filesystem based socket permissions restrict this to the forkserver process
user as was the default in Python 3.8 and earlier.
gh-98517: Port XKCP's fix for the buffer overflows in SHA-3 to fix
CVE-2022-37454.
gh-68966: The deprecated mailcap module now refuses to inject unsafe text
(filenames, MIME types, parameters) into shell commands to address
CVE-2015-20107. Instead of using such text, it will warn and act as if a
match was not found (or for test commands, as if the test failed).
For more information, see:
https://pythoninsider.blogspot.com/2022/12/python-3111-3109-3916-3816-3716-and.html
https://www.cve.org/CVERecord?id=CVE-2022-43680
https://www.cve.org/CVERecord?id=CVE-2022-45061
https://www.cve.org/CVERecord?id=CVE-2022-42919
https://www.cve.org/CVERecord?id=CVE-2022-37454
https://www.cve.org/CVERecord?id=CVE-2015-20107
(* Security fix *)
d/rust-bindgen-0.63.0-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
l/pcre2-10.41-x86_64-1.txz: Upgraded.
n/proftpd-1.3.8-x86_64-1.txz: Upgraded.
x/mesa-22.3.0-x86_64-1.txz: Upgraded.
Compiled with Rusticl support. Thanks to Heinz Wiesinger.
x/xdm-1.1.14-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
6229c1ff54 |
Mon Dec 5 02:40:12 UTC 2022
x/OpenCC-1.1.5-x86_64-1.txz: Upgraded. x/libXScrnSaver-1.2.4-x86_64-1.txz: Upgraded. x/libXcomposite-0.4.6-x86_64-1.txz: Upgraded. x/libXdamage-1.1.6-x86_64-1.txz: Upgraded. x/libXres-1.2.2-x86_64-1.txz: Upgraded. x/libXv-1.0.12-x86_64-1.txz: Upgraded. x/libXxf86dga-1.1.6-x86_64-1.txz: Upgraded. x/lndir-1.0.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
2d4b9b1926 |
Sat Dec 3 21:07:32 UTC 2022
a/tcsh-6.24.04-x86_64-1.txz: Upgraded. ap/texinfo-7.0.1-x86_64-1.txz: Upgraded. l/vte-0.70.2-x86_64-1.txz: Upgraded. x/transset-1.0.3-x86_64-1.txz: Upgraded. x/xcursorgen-1.0.8-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
7354944bf0 |
Mon Nov 21 20:23:13 UTC 2022
a/libpwquality-1.4.5-x86_64-1.txz: Upgraded. a/pciutils-3.9.0-x86_64-1.txz: Upgraded. ap/qpdf-11.2.0-x86_64-1.txz: Upgraded. d/mercurial-6.3.1-x86_64-1.txz: Upgraded. kde/krusader-2.8.0-x86_64-1.txz: Upgraded. l/libpng-1.6.39-x86_64-1.txz: Upgraded. l/mlt-7.12.0-x86_64-1.txz: Upgraded. x/fcitx5-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-anthy-5.0.13-x86_64-1.txz: Upgraded. x/fcitx5-chinese-addons-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-gtk-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-kkc-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-m17n-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-table-extra-5.0.12-x86_64-1.txz: Upgraded. x/fcitx5-unikey-5.0.12-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.4-x86_64-1.txz: Upgraded. x/libXpm-3.5.14-x86_64-1.txz: Upgraded. x/libXrandr-1.5.3-x86_64-1.txz: Upgraded. x/libime-1.0.15-x86_64-1.txz: Upgraded. x/libinput-1.22.0-x86_64-1.txz: Upgraded. x/xcb-imdkit-1.0.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
7925f7cd17 |
Tue Nov 15 01:28:38 UTC 2022
a/xz-5.2.8-x86_64-1.txz: Upgraded. d/mercurial-6.3.0-x86_64-1.txz: Upgraded. d/rust-1.64.0-x86_64-1.txz: Upgraded. kde/attica-5.100.0-x86_64-1.txz: Upgraded. kde/baloo-5.100.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.100.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.100.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.100.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.100.0-x86_64-1.txz: Upgraded. kde/kapidox-5.100.0-x86_64-1.txz: Upgraded. kde/karchive-5.100.0-x86_64-1.txz: Upgraded. kde/kauth-5.100.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.100.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.100.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.100.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.100.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.100.0-x86_64-1.txz: Upgraded. kde/kconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.100.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kcrash-5.100.0-x86_64-1.txz: Upgraded. kde/kdav-5.100.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.100.0-x86_64-1.txz: Upgraded. kde/kded-5.100.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.100.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.100.0-x86_64-1.txz: Upgraded. kde/kdesu-5.100.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.100.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.100.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.100.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.100.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.100.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.100.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kholidays-5.100.0-x86_64-1.txz: Upgraded. kde/khtml-5.100.0-x86_64-1.txz: Upgraded. kde/ki18n-5.100.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.100.0-x86_64-1.txz: Upgraded. kde/kidletime-5.100.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.100.0-x86_64-1.txz: Upgraded. kde/kinit-5.100.0-x86_64-1.txz: Upgraded. kde/kio-5.100.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.100.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.100.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.100.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kjs-5.100.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.100.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.100.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.100.0-x86_64-1.txz: Upgraded. kde/knotifications-5.100.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kpackage-5.100.0-x86_64-1.txz: Upgraded. kde/kparts-5.100.0-x86_64-1.txz: Upgraded. kde/kpeople-5.100.0-x86_64-1.txz: Upgraded. kde/kplotting-5.100.0-x86_64-1.txz: Upgraded. kde/kpty-5.100.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.100.0-x86_64-1.txz: Upgraded. kde/kross-5.100.0-x86_64-1.txz: Upgraded. kde/krunner-5.100.0-x86_64-1.txz: Upgraded. kde/kservice-5.100.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.100.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.100.0-x86_64-1.txz: Upgraded. kde/kwallet-5.100.0-x86_64-1.txz: Upgraded. kde/kwayland-5.100.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.100.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.100.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.100.0-x86_64-1.txz: Upgraded. kde/prison-5.100.0-x86_64-1.txz: Upgraded. kde/purpose-5.100.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.100.0-x86_64-1.txz: Upgraded. kde/solid-5.100.0-x86_64-1.txz: Upgraded. kde/sonnet-5.100.0-x86_64-1.txz: Upgraded. kde/syndication-5.100.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.100.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.100.0-x86_64-1.txz: Upgraded. l/babl-0.1.98-x86_64-1.txz: Upgraded. l/gegl-0.4.40-x86_64-1.txz: Upgraded. l/grantlee-5.3.1-x86_64-1.txz: Upgraded. l/nodejs-19.1.0-x86_64-1.txz: Upgraded. n/libqmi-1.32.2-x86_64-1.txz: Upgraded. n/mutt-2.2.9-x86_64-1.txz: Upgraded. n/nghttp2-1.51.0-x86_64-1.txz: Upgraded. x/xcompmgr-1.1.9-x86_64-1.txz: Upgraded. x/xkbevd-1.1.5-x86_64-1.txz: Upgraded. x/xkill-1.0.6-x86_64-1.txz: Upgraded. x/xlogo-1.0.6-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.4-x86_64-1.txz: Upgraded. x/xlsclients-1.1.5-x86_64-1.txz: Upgraded. testing/packages/rust-1.65.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
f866235e9a |
Mon Oct 31 23:31:36 UTC 2022
a/ntfs-3g-2022.10.3-x86_64-1.txz: Upgraded.
ap/mpg123-1.31.0-x86_64-1.txz: Upgraded.
ap/vim-9.0.0814-x86_64-1.txz: Upgraded.
A vulnerability was found in vim and classified as problematic. Affected by
this issue is the function qf_update_buffer of the file quickfix.c of the
component autocmd Handler. The manipulation leads to use after free. The
attack may be launched remotely. Upgrading to version 9.0.0805 is able to
address this issue.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3705
(* Security fix *)
d/ccache-4.7.2-x86_64-1.txz: Upgraded.
d/make-4.4-x86_64-1.txz: Upgraded.
d/patchelf-0.16.1-x86_64-1.txz: Upgraded.
d/strace-6.0-x86_64-1.txz: Upgraded.
kde/kwin-5.26.2.1-x86_64-2.txz: Rebuilt.
[PATCH] x11window: revert more from 3a28c02f.
Thanks to Heinz Wiesinger.
[PATCH] x11: Don't force QT_NO_GLIB=1.
[PATCH] x11: Don't force QT_QPA_PLATFORM=xcb.
Thanks to marav.
l/libedit-20221030_3.1-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-5.0.0-x86_64-1.txz: Upgraded.
l/taglib-1.13-x86_64-1.txz: Upgraded.
l/utf8proc-2.8.0-x86_64-1.txz: Upgraded.
n/openvpn-2.5.8-x86_64-1.txz: Upgraded.
n/socat-1.7.4.4-x86_64-1.txz: Upgraded.
x/libXext-1.3.5-x86_64-1.txz: Upgraded.
x/libXinerama-1.1.5-x86_64-1.txz: Upgraded.
x/makedepend-1.0.7-x86_64-1.txz: Upgraded.
x/rgb-1.1.0-x86_64-1.txz: Upgraded.
x/sessreg-1.1.3-x86_64-1.txz: Upgraded.
x/x11perf-1.6.2-x86_64-1.txz: Upgraded.
x/xsetroot-1.1.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-106.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/106.0.3/releasenotes/
xap/mozilla-thunderbird-102.4.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
xap/vim-gvim-9.0.0814-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.25-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630
https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
extra/php81/php81-8.1.12-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630
https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
|
||
|
Patrick J Volkerding
|
af2cb09097 |
Sat Oct 22 18:40:34 UTC 2022
d/parallel-20221022-noarch-1.txz: Upgraded. l/gc-8.2.2-x86_64-1.txz: Upgraded. x/libXrender-0.9.11-x86_64-1.txz: Upgraded. x/xfsinfo-1.0.7-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
6df8986241 |
Wed Oct 19 20:06:33 UTC 2022
a/aaa_libraries-15.1-x86_64-11.txz: Rebuilt.
Upgraded: libcap.so.2.66, liblzma.so.5.2.7, libpopt.so.0.0.2,
libexpat.so.1.8.9, libglib-2.0.so.0.7200.4, libgmodule-2.0.so.0.7200.4,
libgobject-2.0.so.0.7200.4, libgthread-2.0.so.0.7200.4, libhistory.so.8.2,
libreadline.so.8.2.
Added: libunistring.so.2.1.0, libunistring.so.5.0.0.
Removed: libffi.so.7.1.0.
a/gettext-0.21.1-x86_64-2.txz: Rebuilt.
ap/lsof-4.96.4-x86_64-1.txz: Upgraded.
ap/man-pages-6.01-noarch-1.txz: Upgraded.
d/clisp-2.50_20220927_acb1266ee-x86_64-1.txz: Upgraded.
Compiled against libunistring-1.1.
d/gettext-tools-0.21.1-x86_64-2.txz: Rebuilt.
Recompiled against libunistring-1.1.
d/guile-3.0.8-x86_64-3.txz: Rebuilt.
Recompiled against libunistring-1.1.
kde/kguiaddons-5.99.0-x86_64-2.txz: Rebuilt.
[PATCH] systemclipboard: Don't signal data source cancellation.
Thanks to marav.
l/libidn2-2.3.3-x86_64-2.txz: Rebuilt.
l/libpsl-0.21.1-x86_64-5.txz: Rebuilt.
Recompiled against libunistring-1.1.
l/libunistring-1.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/bind-9.18.8-x86_64-1.txz: Upgraded.
n/gnutls-3.7.8-x86_64-2.txz: Rebuilt.
Recompiled against libunistring-1.1.
n/samba-4.17.1-x86_64-1.txz: Upgraded.
This update fixes the following security issue:
Bad password count not incremented atomically.
For more information, see:
https://bugzilla.samba.org/show_bug.cgi?id=14611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20251
(* Security fix *)
n/wget-1.21.3-x86_64-2.txz: Rebuilt.
Recompiled against libunistring-1.1.
x/imake-1.0.9-x86_64-1.txz: Upgraded.
x/xcb-util-errors-1.0.1-x86_64-1.txz: Upgraded.
x/xcb-util-image-0.4.1-x86_64-1.txz: Upgraded.
x/xcb-util-keysyms-0.4.1-x86_64-1.txz: Upgraded.
x/xcb-util-renderutil-0.3.10-x86_64-1.txz: Upgraded.
x/xcb-util-wm-0.4.2-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
f342454223 |
Tue Oct 18 20:29:54 UTC 2022
ap/vim-9.0.0790-x86_64-1.txz: Upgraded.
d/ccache-4.7-x86_64-1.txz: Upgraded.
d/git-2.38.1-x86_64-1.txz: Upgraded.
This release fixes two security issues:
* CVE-2022-39253:
When relying on the `--local` clone optimization, Git dereferences
symbolic links in the source repository before creating hardlinks
(or copies) of the dereferenced link in the destination repository.
This can lead to surprising behavior where arbitrary files are
present in a repository's `$GIT_DIR` when cloning from a malicious
repository.
Git will no longer dereference symbolic links via the `--local`
clone mechanism, and will instead refuse to clone repositories that
have symbolic links present in the `$GIT_DIR/objects` directory.
Additionally, the value of `protocol.file.allow` is changed to be
"user" by default.
* CVE-2022-39260:
An overly-long command string given to `git shell` can result in
overflow in `split_cmdline()`, leading to arbitrary heap writes and
remote code execution when `git shell` is exposed and the directory
`$HOME/git-shell-commands` exists.
`git shell` is taught to refuse interactive commands that are
longer than 4MiB in size. `split_cmdline()` is hardened to reject
inputs larger than 2GiB.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
(* Security fix *)
kde/bluedevil-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.26.1-x86_64-1.txz: Upgraded.
kde/drkonqi-5.26.1-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.26.1-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.26.1-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.26.1-x86_64-1.txz: Upgraded.
kde/kdecoration-5.26.1-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.26.1-x86_64-1.txz: Upgraded.
kde/kgamma5-5.26.1-x86_64-1.txz: Upgraded.
kde/khotkeys-5.26.1-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.26.1-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.26.1-x86_64-1.txz: Upgraded.
kde/kpipewire-5.26.1-x86_64-1.txz: Upgraded.
kde/kscreen-5.26.1-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.26.1-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.26.1-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.26.1-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.26.1-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/kwin-5.26.1-x86_64-1.txz: Upgraded.
kde/kwrited-5.26.1-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.26.1-x86_64-1.txz: Upgraded.
kde/libkscreen-5.26.1-x86_64-1.txz: Upgraded.
kde/libksysguard-5.26.1-x86_64-1.txz: Upgraded.
kde/milou-5.26.1-x86_64-1.txz: Upgraded.
kde/oxygen-5.26.1-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.26.1-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.26.1-x86_64-1.txz: Upgraded.
kde/powerdevil-5.26.1-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.26.1-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.26.1-x86_64-1.txz: Upgraded.
kde/systemsettings-5.26.1-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.26.1-x86_64-1.txz: Upgraded.
l/libical-3.0.16-x86_64-1.txz: Upgraded.
l/nodejs-19.0.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.40.2-x86_64-1.txz: Upgraded.
n/whois-5.5.14-x86_64-1.txz: Upgraded.
x/libXmu-1.1.4-x86_64-1.txz: Upgraded.
x/libXpresent-1.0.1-x86_64-1.txz: Upgraded.
x/libpciaccess-0.17-x86_64-1.txz: Upgraded.
x/libxkbfile-1.1.1-x86_64-1.txz: Upgraded.
x/libxshmfence-1.3.1-x86_64-1.txz: Upgraded.
x/pixman-0.42.0-x86_64-1.txz: Upgraded.
x/xcb-util-cursor-0.1.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-106.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/106.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-44/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932
(* Security fix *)
xap/vim-gvim-9.0.0790-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
717971ecd6 |
Mon Oct 17 19:31:45 UTC 2022
l/libqalculate-4.4.0-x86_64-1.txz: Upgraded.
l/netpbm-11.00.01-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.4-x86_64-2.txz: Rebuilt.
xkb: proof GetCountedString against request length attacks.
xkb: fix some possible memleaks in XkbGetKbdByName.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
(* Security fix *)
x/xorg-server-xephyr-21.1.4-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-21.1.4-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-21.1.4-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-22.1.3-x86_64-2.txz: Rebuilt.
xkb: proof GetCountedString against request length attacks.
xkb: fix some possible memleaks in XkbGetKbdByName.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
(* Security fix *)
xap/blueman-2.3.4-x86_64-1.txz: Upgraded.
|
||
|
Patrick J Volkerding
|
8640934374 |
Sat Oct 15 20:28:34 UTC 2022
a/kernel-firmware-20221013_49fccf6-noarch-1.txz: Upgraded.
a/kernel-generic-5.19.16-x86_64-1.txz: Upgraded.
a/kernel-huge-5.19.16-x86_64-1.txz: Upgraded.
a/kernel-modules-5.19.16-x86_64-1.txz: Upgraded.
ap/man-db-2.11.0-x86_64-1.txz: Upgraded.
ap/man-pages-6.00-noarch-1.txz: Upgraded.
d/kernel-headers-5.19.16-x86-1.txz: Upgraded.
k/kernel-source-5.19.16-noarch-1.txz: Upgraded.
l/libedit-20221009_3.1-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.84-x86_64-1.txz: Upgraded.
l/nodejs-18.11.0-x86_64-1.txz: Upgraded.
l/zlib-1.2.13-x86_64-1.txz: Upgraded.
Fixed a bug when getting a gzip header extra field with inflateGetHeader().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434
(* Security fix *)
n/fetchmail-6.4.34-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.40-x86_64-1.txz: Upgraded.
x/bdftopcf-1.1.1-x86_64-1.txz: Upgraded.
x/libwacom-2.5.0-x86_64-1.txz: Upgraded.
x/smproxy-1.0.7-x86_64-1.txz: Upgraded.
x/viewres-1.0.7-x86_64-1.txz: Upgraded.
x/xditview-1.0.6-x86_64-1.txz: Upgraded.
x/xf86-input-vmmouse-13.2.0-x86_64-1.txz: Added.
x/xgc-1.0.6-x86_64-1.txz: Upgraded.
x/xkbprint-1.0.6-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|