a/hwdata-0.381-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded.
d/cmake-3.29.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.25-x86-1.txz: Upgraded.
d/llvm-18.1.3-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.25-noarch-1.txz: Upgraded.
kde/kstars-3.7.0-x86_64-1.txz: Upgraded.
l/enchant-2.6.9-x86_64-1.txz: Upgraded.
l/libclc-18.1.3-x86_64-1.txz: Upgraded.
l/sof-firmware-2024.03-noarch-1.txz: Upgraded.
n/gnutls-3.8.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.59-x86_64-1.txz: Upgraded.
This update fixes security issues:
HTTP/2 DoS by memory exhaustion on endless continuation frames.
HTTP Response Splitting in multiple modules.
HTTP response splitting.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.59https://www.cve.org/CVERecord?id=CVE-2024-27316https://www.cve.org/CVERecord?id=CVE-2024-24795https://www.cve.org/CVERecord?id=CVE-2023-38709
(* Security fix *)
n/nghttp2-1.61.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
frames even after a stream is reset to keep HPACK context in sync. This
causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
this vulnerability by limiting the number of CONTINUATION frames it can
accept after a HEADERS frame.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57qhttps://www.kb.cert.org/vuls/id/421644https://www.cve.org/CVERecord?id=CVE-2024-28182
(* Security fix *)
x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/sdparm-1.12-x86_64-2.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
a/sysvinit-scripts-15.0-noarch-6.txz: Rebuilt.
rc.{6,S,M}: merged changes for compatibility with LXC containers.
a/udisks-1.0.5-x86_64-10.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
ap/lxc-4.0.11-x86_64-1.txz: Upgraded.
Requires libseccomp-2.5.3.
No more local versions of rc.{6,S,M,inet1}: the regular versions work now.
l/elfutils-0.186-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-11.txz: Rebuilt.
Recompiled against sg3_utils-1.47.
l/libseccomp-2.5.3-x86_64-1.txz: Added.
This is needed by lxc-4.0.11. Thanks to Willy Sudiarto Raharjo.
l/sg3_utils-1.47-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/network-scripts-15.0-noarch-17.txz: Rebuilt.
Merged changes in rc.inet1 to make it compatible with LXC containers.
Patched netconfig to ensure the proper permissions on rc.networkmanager
when NetworkManager is not chosen.
x/ibus-1.5.25-x86_64-4.txz: Rebuilt.
[PATCH] client/gtk2/ibusimcontext: Fix wrong cursor location in gtk3 apps.
Thanks to Lockywolf.
