a/glibc-zoneinfo-2020b-noarch-2.txz: Rebuilt.
Default to more bloated (but more compatible) "fat" format with zic.
This was the default prior to tzcode2020b.
ap/gphoto2-2.5.26-x86_64-1.txz: Upgraded.
l/freetype-2.10.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_34-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.26-x86_64-1.txz: Upgraded.
l/libmtp-1.1.18-x86_64-1.txz: Upgraded.
n/nmap-7.91-x86_64-1.txz: Upgraded.
n/stunnel-5.57-x86_64-1.txz: Upgraded.
a/libgudev-234-x86_64-1.txz: Upgraded.
ap/htop-3.0.2-x86_64-1.txz: Upgraded.
l/glib2-2.66.0-x86_64-2.txz: Rebuilt.
Build against system gtk-doc and don't bundle a newer version. You'll need
to reinstall the linuxdoc-tools package to restore the correct version of
gtk-doc. Thanks to chrisVV.
l/mozjs68-68.11.0esr-x86_64-2.txz: Removed.
l/mozjs78-78.2.0esr-x86_64-1.txz: Added.
This is needed by the new version of polkit.
l/polkit-0.118-x86_64-1.txz: Upgraded.
This requires the new mozjs78 package.
x/libva-2.9.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.9.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200824_74bd44f-noarch-1.txz: Upgraded.
ap/vim-8.2.1522-x86_64-1.txz: Upgraded.
l/libuv-1.39.0-x86_64-1.txz: Upgraded.
x/libX11-1.6.12-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.9-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.20.9-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.9-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.9-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-1.20.9-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.1522-x86_64-1.txz: Upgraded.
testing/packages/mozilla-thunderbird-78.2.0-x86_64-1.txz: Added.
https://www.mozilla.org/en-US/thunderbird/78.2.0/releasenotes/
I'm putting this into /testing first so that any problems with OpenPGP can
be reported before it goes into the main tree. Here's the current status
from the release notes and Thunderbird:OpenPGP wiki page:
Add-on support: As of version 78.0, Thunderbird only supports MailExtensions.
Your favorite add-ons may not have been updated for compatibility. At this
time, users of the Enigmail Add-on should not update to Thunderbird 78.
OpenPGP in Thunderbird 78.2.0 has reached feature complete state, but it's
still disabled by default, to allow more time for testing, correctness, and
localization. See the wiki for how to enable and help with testing. If you
use OpenPGP for non-critical purposes, then you are welcome to enable it
manually and help with testing. To enable it in Thunderbird 78.0, use the
config editor and change the value of preference mail.openpgp.enable to true,
then restart Thunderbird. If you are running 78.x and have the previous
Enigmail Add-on installed, then Enigmail will update to version 2.2.x, which
is a minimal release that helps you to migrate the keys and settings to
Thunderbird 78. If you haven't used Enigmail previously, you can enable
OpenPGP for an email account in account settings.
See the release notes for more complete information about testing and
reporting bugs.
ap/nano-5.2-x86_64-1.txz: Upgraded.
d/doxygen-1.8.20-x86_64-1.txz: Upgraded.
d/nasm-2.15.03-x86_64-1.txz: Upgraded.
Reverted to previous nasm since the new version has problems with some of
the assembly included in Firefox.
d/parallel-20200822-noarch-1.txz: Upgraded.
l/libcap-ng-0.7.11-x86_64-1.txz: Upgraded.
n/libgpg-error-1.39-x86_64-1.txz: Upgraded.
n/libqmi-1.26.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.2.0/releasenotes/
(* Security fix *)
xap/sane-1.0.31-x86_64-1.txz: Upgraded.
ap/hplip-3.20.6-x86_64-2.txz: Rebuilt.
Recompiled against net-snmp-5.9.
ap/pamixer-1.4-x86_64-6.txz: Rebuilt.
Recompiled against boost-1.74.0.
ap/sqlite-3.33.0-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-37.txz: Rebuilt.
Recompiled against boost-1.74.0.
l/akonadi-1.13.0-x86_64-16.txz: Rebuilt.
Recompiled against boost-1.74.0.
l/boost-1.74.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcroco-0.6.13-x86_64-1.txz: Removed.
n/getmail-6.02-x86_64-1.txz: Upgraded.
This is a new version that uses Python 3. The ChangeLog warns that it "loses
some backward compatibility"... please report any bugs.
n/net-snmp-5.9-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/ntp-4.2.8p15-x86_64-2.txz: Rebuilt.
Recompiled against net-snmp-5.9.
n/php-7.4.9-x86_64-2.txz: Rebuilt.
Recompiled against net-snmp-5.9.
xap/sane-1.0.30-x86_64-2.txz: Rebuilt.
Recompiled against net-snmp-5.9.
xap/ssr-0.4.2-x86_64-1.txz: Added.
a/cryptsetup-2.3.3-x86_64-2.txz: Rebuilt.
Recompiled against json-c-0.15_20200726.
l/imagemagick-7.0.10_25-x86_64-1.txz: Upgraded.
l/json-c-0.15_20200726-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/urwid-1.0.3-x86_64-5.txz: Removed.
This is an ancient version that was only used by wicd.
n/bind-9.16.5-x86_64-2.txz: Rebuilt.
Recompiled against json-c-0.15_20200726.
x/libmypaint-1.6.1-x86_64-2.txz: Rebuilt.
Recompiled against json-c-0.15_20200726.
xap/gimp-2.10.20-x86_64-2.txz: Rebuilt.
Recompiled against json-c-0.15_20200726.
extra/wicd/wicd-1.7.4-x86_64-3.txz: Removed.
This is unmaintained, possibly insecure, and doesn't work with Python
versions newer than 2.7.18. NetworkManager is a better choice these days.
a/kernel-generic-5.4.54-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.54-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.54-x86_64-1.txz: Upgraded.
ap/inxi-20200728_6ce9149b-noarch-1.txz: Added.
A system information script. Not as flashy as neofetch, but with more useful
output options. Thanks to drgibbon for the suggestion.
ap/nano-5.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.54-x86-1.txz: Upgraded.
d/vala-0.48.8-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.54-noarch-1.txz: Upgraded.
l/jasper-2.0.19-x86_64-1.txz: Upgraded.
x/hack-fonts-ttf-3.003-noarch-1.txz: Added.
Thanks to alienBOB.
x/noto-cjk-fonts-ttf-2.001-noarch-1.txz: Added.
Thanks to alienBOB.
x/noto-fonts-ttf-20171024-noarch-1.txz: Added.
Thanks to alienBOB.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/boost-1.73.0-x86_64-3.txz: Rebuilt.
Revert a change that broke building krita. Thanks to oneforall2.
l/libcap-2.41-x86_64-1.txz: Upgraded.
n/libqmi-1.26.2-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200721_2b823fc-noarch-1.txz: Upgraded.
d/python3-3.8.5-x86_64-1.txz: Upgraded.
d/re2c-2.0-x86_64-1.txz: Upgraded.
l/farstream-0.2.9-x86_64-1.txz: Added.
Needed by pidgin-2.14.1.
l/libnice-0.1.17-x86_64-1.txz: Added.
Needed by farstream-0.2.9.
n/iptraf-ng-1.2.1-x86_64-1.txz: Upgraded.
n/proftpd-1.3.7a-x86_64-1.txz: Upgraded.
xap/pidgin-2.14.1-x86_64-1.txz: Upgraded.
This update adds support for voice and video via Farstream.
a/kernel-firmware-20200629_1a0c0c2-noarch-1.txz: Upgraded.
ap/mariadb-10.5.4-x86_64-2.txz: Rebuilt.
rc.mysqld: stop the database by PID to avoid improperly stopping other
instances that were not started by this script. Thanks to denydias.
d/vala-0.48.7-x86_64-1.txz: Upgraded.
l/opusfile-0.12-x86_64-1.txz: Upgraded.
n/ca-certificates-20200630-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
x/libwacom-1.4.1-x86_64-1.txz: Upgraded.
a/haveged-1.9.13-x86_64-1.txz: Upgraded.
a/util-linux-2.35.2-x86_64-5.txz: Rebuilt.
Also fix chsh when linked with libreadline. Thanks to Karel Zak.
l/gtk+3-3.24.21-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.10.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.10.0/releasenotes/
(* Security fix *)
a/sysklogd-2.1.2-x86_64-1.txz: Upgraded.
Make sure to move the .new init script and config into place for this.
ap/undervolt-20200612_07d0c70-x86_64-1.txz: Added.
l/popt-1.18-x86_64-1.txz: Upgraded.
x/libglvnd-1.3.2-x86_64-1.txz: Upgraded.
x/libva-2.8.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.8.0-x86_64-1.txz: Upgraded.
ap/man-db-2.9.3-x86_64-1.txz: Upgraded.
ap/mariadb-10.4.13-x86_64-3.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
ap/squashfs-tools-4.4-x86_64-2.txz: Rebuilt.
Added lz4 support. Thanks to Heinz Wiesinger.
d/ccache-3.7.10-x86_64-1.txz: Upgraded.
d/parallel-20200622-noarch-1.txz: Upgraded.
d/subversion-1.14.0-x86_64-2.txz: Rebuilt.
Use the system lz4 library. Thanks to Heinz Wiesinger.
l/imagemagick-7.0.10_21-x86_64-1.txz: Upgraded.
l/libarchive-3.4.3-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
l/lz4-1.9.2-x86_64-1.txz: Added.
This is a new dependency for dovecot, libarchive, mariadb, rsync,
squashfs-tools, subversion, and zstd. Thanks to Heinz Wiesinger.
l/xxHash-0.7.3-x86_64-1.txz: Added.
This is a new dependency for rsync.
l/zstd-1.4.5-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
n/dovecot-2.3.10.1-x86_64-2.txz: Rebuilt.
Recompiled to pick up lz4 support. Thanks to Heinz Wiesinger.
n/libmbim-1.24.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.5.1-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p15-x86_64-1.txz: Upgraded.
This release fixes one vulnerability: Associations that use CMAC
authentication between ntpd from versions 4.2.8p11/4.3.97 and
4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
Eventually, ntpd will run out of memory and abort.
(* Security fix *)
n/rsync-3.2.1-x86_64-1.txz: Upgraded.
Please note that this update requires the new packages xxHash and lz4.
t/texlive-2020.200608-x86_64-1.txz: Upgraded.
Thanks to Johannes Schoepfer.
xap/blueman-2.1.3-x86_64-2.txz: Rebuilt.
As a matter of policy and since the rule already exists in
/usr/share/polkit-1/rules.d/, we should not install a rules file in /etc.
Note that since the file was installed as a .new, upgrading the package
will not remove it and it will need to be removed manually. It's harmless
if it remains, though.
Thanks to Robby Workman.
xap/network-manager-applet-1.18.0-x86_64-1.txz: Upgraded.
a/pam-1.4.0-x86_64-1.txz: Upgraded.
IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules.
None of our current configuration files in /etc/pam.d/ use either of those,
but if the configuration files on your machine do you'll need to comment out
or remove those lines, otherwise you may experience login failures.
a/shadow-4.8.1-x86_64-9.txz: Rebuilt.
/etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-'
to avoid spamming the logs about failures.
a/sysvinit-scripts-2.1-noarch-32.txz: Rebuilt.
rc.S: create /var/run/faillock directory for pam_faillock(8).
a/util-linux-2.35.2-x86_64-2.txz: Rebuilt.
/etc/pam.d/login: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
l/imagemagick-7.0.10_19-x86_64-1.txz: Upgraded.
l/libzip-1.7.1-x86_64-1.txz: Upgraded.
n/openssh-8.3p1-x86_64-2.txz: Rebuilt.
/etc/pam.d/sshd: change the example for locking an account for too many
failed login attempts to use pam_faillock instead of pam_tally2.
l/libarchive-3.4.3-x86_64-1.txz: Upgraded.
l/python-six-1.15.0-x86_64-1.txz: Upgraded.
l/zstd-1.4.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.8.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.8.1/releasenotes/
Greetings! After three months in /testing, the PAM merge into the main tree
is now complete. When updating, be sure to install the new pam, cracklib, and
libpwquality packages or you may find yourself locked out of your machine.
Otherwise, these changes should be completely transparent and you shouldn't
notice any obvious operational differences. Be careful if you make any changes
in /etc/pam.d/ - leaving an extra console logged in while testing PAM config
changes is a recommended standard procedure. Thanks again to Robby Workman,
Vincent Batts, Phantom X, and ivandi for help implementing this. It's not
done yet and there will be more fine-tuning of the config files, but now we
can move on to build some other updates. Enjoy!
a/cracklib-2.9.7-x86_64-1.txz: Added.
a/kernel-firmware-20200517_f8d32e4-noarch-1.txz: Upgraded.
a/libcgroup-0.41-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/libpwquality-1.4.2-x86_64-1.txz: Added.
a/lilo-24.2-x86_64-9.txz: Rebuilt.
Enable the "compact" option by default.
liloconfig: correctly set the root partition.
a/pam-1.3.1-x86_64-1.txz: Added.
a/shadow-4.8.1-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
a/utempter-1.2.0-x86_64-1.txz: Upgraded.
a/util-linux-2.35.1-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
a/xfsprogs-5.6.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/at-3.2.1-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/cups-2.3.3-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/hplip-3.20.5-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/mariadb-10.4.13-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/screen-4.8.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/soma-3.3.0-noarch-1.txz: Upgraded.
Thanks to David Woodfall.
ap/sqlite-3.31.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
ap/sudo-1.9.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
ap/vim-8.2.0788-x86_64-1.txz: Upgraded.
d/bison-3.6.2-x86_64-1.txz: Upgraded.
d/meson-0.54.2-x86_64-1.txz: Upgraded.
d/python-setuptools-46.4.0-x86_64-1.txz: Upgraded.
d/vala-0.48.6-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-36.txz: Rebuilt.
Recompiled against icu4c-67.1.
kde/kde-workspace-4.11.22-x86_64-7.txz: Rebuilt.
Rebuilt to add PAM support.
l/ConsoleKit2-1.2.1-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/boost-1.73.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/gnome-keyring-3.36.0-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/harfbuzz-2.6.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/icu4c-67.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/imagemagick-7.0.10_13-x86_64-1.txz: Upgraded.
l/libcap-2.34-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
l/libical-3.0.8-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/libuv-1.38.0-x86_64-1.txz: Upgraded.
l/libvisio-0.1.7-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/polkit-0.116-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
l/qt-4.8.7-x86_64-16.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-5.13.2-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/raptor2-2.0.15-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-67.1.
l/system-config-printer-1.5.12-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
l/vte-0.60.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/cifs-utils-6.10-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/cyrus-sasl-2.1.27-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/dovecot-2.3.10.1-x86_64-1.txz: Upgraded.
Rebuilt to add PAM support.
Compiled against icu4c-67.1.
This update fixes several denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967
(* Security fix *)
n/mutt-1.14.1-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/netkit-rsh-0.17-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/nss-pam-ldapd-0.9.11-x86_64-1.txz: Added.
n/openssh-8.2p1-x86_64-3.txz: Rebuilt.
Rebuilt to add PAM support.
n/openvpn-2.4.9-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/pam-krb5-4.9-x86_64-1.txz: Added.
n/php-7.4.6-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/popa3d-1.0.3-x86_64-4.txz: Rebuilt.
Rebuilt to add PAM support.
n/postfix-3.5.2-x86_64-1.txz: Upgraded.
Compiled against icu4c-67.1.
n/ppp-2.4.8-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/proftpd-1.3.6c-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
n/samba-4.12.2-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
Recompiled against icu4c-67.1.
n/tin-2.4.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
n/vsftpd-3.0.3-x86_64-6.txz: Rebuilt.
Rebuilt to add PAM support.
t/texlive-2019.190626-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-67.1.
x/vulkan-sdk-1.2.135.0-x86_64-1.txz: Upgraded.
x/xdm-1.1.11-x86_64-10.txz: Rebuilt.
Rebuilt to add PAM support.
x/xisxwayland-1-x86_64-1.txz: Added.
xap/sane-1.0.30-x86_64-1.txz: Upgraded.
This update fixes several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864
(* Security fix *)
xap/vim-gvim-8.2.0788-x86_64-1.txz: Upgraded.
xap/xlockmore-5.63-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
xap/xscreensaver-5.44-x86_64-2.txz: Rebuilt.
Rebuilt to add PAM support.
extra/brltty/brltty-6.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-67.1.
extra/pure-alsa-system/qt5-5.13.2-x86_64-4_alsa.txz: Rebuilt.
Recompiled against icu4c-67.1.
isolinux/initrd.img: Rebuilt.
Added PAM libraries, security modules, and config files.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Added PAM libraries, security modules, and config files.
Hey folks, just a heads-up that PAM is about to be merged into the main tree.
We can't have it blocking other upgrades any longer. The config files could be
improved (adding support for pam_krb5 and pam_ldap, for example), but they'll
do for now. Have a good weekend, and enjoy these updates! :-)
a/aaa_elflibs-15.0-x86_64-23.txz: Rebuilt.
Upgraded: libcap.so.2.34, libelf-0.179.so, liblzma.so.5.2.5,
libglib-2.0.so.0.6400.2, libgmodule-2.0.so.0.6400.2,
libgobject-2.0.so.0.6400.2, libgthread-2.0.so.0.6400.2,
liblber-2.4.so.2.10.13, libldap-2.4.so.2.10.13, libpcre2-8.so.0.10.0.
Added temporarily in preparation for upgrading icu4c: libicudata.so.65.1,
libicui18n.so.65.1, libicuio.so.65.1, libicutest.so.65.1, libicutu.so.65.1,
libicuuc.so.65.1.
a/etc-15.0-x86_64-11.txz: Rebuilt.
/etc/passwd: Added ldap (UID 330).
/etc/group: Added ldap (GID 330).
a/kernel-generic-5.4.41-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.41-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.41-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-33.txz: Rebuilt.
setup.services: added support for rc.openldap and rc.openvpn.
ap/hplip-3.20.5-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.41-x86-1.txz: Upgraded.
d/python-setuptools-46.3.0-x86_64-1.txz: Upgraded.
d/python3-3.8.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.41-noarch-1.txz: Upgraded.
n/openldap-2.4.50-x86_64-1.txz: Added.
This is a complete OpenLDAP package with both client and server support.
Thanks to Giuseppe Di Terlizzi for help with the server parts.
n/openldap-client-2.4.50-x86_64-1.txz: Removed.
x/mesa-20.0.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/hplip-3.20.5-x86_64-1_pam.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/shadow-4.8.1-x86_64-6.txz: Rebuilt.
Include manpages for sulogin(8).
a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.
ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.
d/bison-3.6-x86_64-1.txz: Upgraded.
l/jansson-2.13.1-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.
Include manpages for sulogin(8).
Use this version of /bin/su.
testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.
Don't use this version of /bin/su.
d/python-2.7.17-x86_64-2.txz: Removed.
d/python2-2.7.18-x86_64-1.txz: Added.
OK, I know a few people got excited seeing python-2 removed in the previous
entry, but it's just being renamed to python2 for consistency with the
python3 package. It's DOA though, and is the final release of the already EOL
python 2 branch (a "commemorative" release as they say in the announcement).
l/M2Crypto-0.35.2-x86_64-3.txz: Rebuilt.
Added python3 modules. Thanks to sombragris and ponce.
l/harfbuzz-2.6.5-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_7-x86_64-1.txz: Upgraded.
l/libuv-1.37.0-x86_64-1.txz: Upgraded.
l/libyaml-0.2.4-x86_64-1.txz: Upgraded.
l/oniguruma-6.9.5-x86_64-1.txz: Upgraded.
x/pixman-0.40.0-x86_64-1.txz: Upgraded.
a/xfsprogs-5.6.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.18-x86_64-2.txz: Rebuilt.
Fixed the version number embedded in pkg-config files and elsewhere.
Thanks to davjohn for the bug report.
n/bind-9.16.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
DNS rebinding protection was ineffective when BIND 9 is configured as a
forwarding DNS server. Found and responsibly reported by Tobias Klein.
[GL #1574]
(* Security fix *)
d/bison-3.5.4-x86_64-1.txz: Upgraded.
kde/k3b-2.0.3-x86_64-7.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
l/gobject-introspection-1.64.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.10_4-x86_64-1.txz: Upgraded.
l/libdvdnav-6.1.0-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
Who bumps an .soname and only boosts the version number by 0.0.1?
Anyway, sorry to drop the ball a second time. I'll try to avoid this.
Thanks to gmgf for the bug report.
n/fetchmail-6.4.3-x86_64-1.txz: Upgraded.
tcl/tclx-8.4.4-x86_64-1.txz: Upgraded.
xap/MPlayer-20200103-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
xap/windowmaker-0.95.9-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.10-x86_64-2.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/MPlayer-20200103-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
extra/pure-alsa-system/xine-lib-1.2.10-x86_64-2_alsa.txz: Rebuilt.
Recompiled against libdvdread-6.1.1.
ap/lsof-4.93.2-x86_64-2.txz: Rebuilt.
Fixed the manpage. Thanks to kaott.
ap/sc-7.16-x86_64-7.txz: Rebuilt.
Brought back the classic SC. Thanks to dive.
d/Cython-0.29.16-x86_64-1.txz: Upgraded.
d/mercurial-5.3.2-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.17-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.7-x86_64-1.txz: Upgraded.
n/iproute2-5.6.0-x86_64-1.txz: Upgraded.
x/libdrm-2.4.101-x86_64-1.txz: Upgraded.
x/mesa-20.0.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.6.1esr-x86_64-1.txz: Upgraded.
This release contains critical security fixes and improvements.
"Under certain conditions, when running the nsDocShell destructor, a race
condition can cause a use-after-free. We are aware of targeted attacks in
the wild abusing this flaw."
"Under certain conditions, when handling a ReadableStream, a race condition
can cause a use-after-free. We are aware of targeted attacks in the wild
abusing this flaw."
For more information, see:
https://www.mozilla.org/en-US/firefox/68.6.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6819https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6820
(* Security fix *)
a/lvm2-2.03.09-x86_64-1.txz: Upgraded.
d/guile-3.0.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.64.1-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.16-x86_64-1.txz: Upgraded.
l/gvfs-1.44.1-x86_64-1.txz: Upgraded.
l/librsvg-2.48.1-x86_64-1.txz: Upgraded.
l/vte-0.60.1-x86_64-1.txz: Upgraded.
xap/audacious-4.0-x86_64-3.txz: Rebuilt.
Also support GTK+ interface, including a .desktop file for it.
xap/audacious-plugins-4.0-x86_64-3.txz: Rebuilt.
Rebuilt with --enable-gtk.
extra/pure-alsa-system/audacious-plugins-4.0-x86_64-3_alsa.txz: Rebuilt.
Rebuilt with --enable-gtk.
extra/pure-alsa-system/qt5-5.13.2-x86_64-3_alsa.txz: Added.
n/curl-7.69.1-x86_64-3.txz: Rebuilt.
Removed --with-ca-bundle=/usr/share/curl/ca-bundle.crt and
added --without-ca-bundle. Thanks to drgibbon and Willy Sudiarto Raharjo.
Don't bother with 5.4.26 folks, just wait for the next one. Trust me.
a/tcsh-6.22.02-x86_64-2.txz: Rebuilt.
Fixed merging history from multiple shells. Thanks to jmccue.
a/xz-5.2.5-x86_64-1.txz: Upgraded.
d/git-2.25.2-x86_64-1.txz: Upgraded.
l/glibmm-2.64.1-x86_64-1.txz: Upgraded.
n/bind-9.16.1-x86_64-1.txz: Upgraded.
n/dovecot-2.3.10-x86_64-2.txz: Rebuilt.
x/libinput-1.15.4-x86_64-1.txz: Upgraded.
x/mesa-20.0.2-x86_64-1.txz: Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-2_pam.txz: Rebuilt.
Recompiled using --with-pam. Thanks to HQuest.
a/cryptsetup-2.3.0-x86_64-2.txz: Rebuilt.
Include some additional documentation. Thanks to regdub.
a/sdparm-1.11-x86_64-1.txz: Upgraded.
ap/moc-2.5.2-x86_64-6.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/glib-networking-2.64.0-x86_64-1.txz: Upgraded.
l/glib2-2.64.0-x86_64-1.txz: Upgraded.
l/gvfs-1.44.0-x86_64-1.txz: Upgraded.
l/libnl-1.1.4-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tdb-1.4.3-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
l/tevent-0.10.2-x86_64-3.txz: Rebuilt.
Fixed docs permissions. Thanks to regdub.
n/bind-9.16.0-x86_64-3.txz: Rebuilt.
Applied upstream patch to fix a discrepancy in the quota code that can
result in a situation where the count is not properly decremented in
some cases.
n/dovecot-2.3.10-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.13-x86_64-2.txz: Rebuilt.
This needed a rebuild for ppp-2.4.8. Thanks to regdub.
x/libinput-1.15.3-x86_64-1.txz: Upgraded.
testing/packages/PAM/dovecot-2.3.10-x86_64-1_pam.txz: Upgraded.
a/sdparm-1.10-x86_64-3.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
a/udisks-1.0.5-x86_64-5.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
d/cmake-3.16.5-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-6.txz: Rebuilt.
Recompiled against sg3_utils-1.45.
n/curl-7.69.0-x86_64-1.txz: Upgraded.
n/cyrus-sasl-2.1.27-x86_64-3.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
n/ntp-4.2.8p14-x86_64-1.txz: Upgraded.
n/ppp-2.4.8-x86_64-1.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-3_pam.txz: Rebuilt.
Added SQL support via MariaDB. Thanks to niksoggia.
testing/packages/PAM/ppp-2.4.8-x86_64-1_pam.txz: Upgraded.
This update fixes a security issue:
By sending an unsolicited EAP packet to a vulnerable ppp client or server,
an unauthenticated remote attacker could cause memory corruption in the
pppd process, which may allow for arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
(* Security fix *)
a/dialog-1.3_20200228-x86_64-1.txz: Upgraded.
l/Mako-1.1.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_27-x86_64-1.txz: Upgraded.
l/libcap-2.33-x86_64-1.txz: Upgraded.
n/bind-9.16.0-x86_64-2.txz: Rebuilt.
rc.bind: ensure /var/run/named exists before starting named. Thanks to MarcT.
rc.bind: when stopping named, only kill processes in the current namespace.
x/libevdev-1.9.0-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.20-noarch-1.txz: Upgraded.
xap/seamonkey-2.53.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.1
(* Security fix *)
testing/packages/PAM/libcap-2.33-x86_64-1_pam.txz: Upgraded.
a/gptfdisk-1.0.5-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200219_2277987-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.21-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.21-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-5.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-4.txz: Rebuilt.
ap/cdparanoia-III_10.2-x86_64-3.txz: Rebuilt.
Moved man page from /usr/man/jp/man1/ to /usr/man/ja/man1/. Thanks to Xsane.
Don't ship the static libraries.
d/kernel-headers-5.4.21-x86-1.txz: Upgraded.
k/kernel-source-5.4.21-noarch-1.txz: Upgraded.
SND_SOC n -> m
SPI n -> y
VFIO_PCI_VGA n -> y
+ADE7854_SPI m
+ADT7316_SPI m
+BMC150_ACCEL_SPI m
+BMG160_SPI m
+BMP280_SPI m
+FXAS21002C_SPI m
+HTS221_SPI m
+IIO_ST_ACCEL_SPI_3AXIS m
+IIO_ST_GYRO_SPI_3AXIS m
+IIO_ST_MAGN_SPI_3AXIS m
+IIO_ST_PRESS_SPI m
+IIO_ST_SENSORS_SPI m
+INPUT_AD714X_SPI m
+INPUT_ADXL34X_SPI m
+KXSD9_SPI m
+REGMAP_SPI m
+SND_COMPRESS_OFFLOAD m
+SND_DESIGNWARE_I2S m
+SND_DESIGNWARE_PCM y
+SND_DMAENGINE_PCM m
+SND_HDA_EXT_CORE m
+SND_I2S_HI6210_I2S m
+SND_PCM_ELD y
+SND_PCM_IEC958 y
+SND_SIMPLE_CARD m
+SND_SIMPLE_CARD_UTILS m
+SND_SOC_AC97_BUS y
+SND_SOC_AC97_CODEC m
+SND_SOC_ACPI m
+SND_SOC_ACPI_INTEL_MATCH m
+SND_SOC_ADAU1761 m
+SND_SOC_ADAU1761_I2C m
+SND_SOC_ADAU1761_SPI m
+SND_SOC_ADAU17X1 m
+SND_SOC_ADAU7002 m
+SND_SOC_ADAU_UTILS m
+SND_SOC_AMD_ACP m
+SND_SOC_AMD_ACP3x m
+SND_SOC_AMD_CZ_DA7219MX98357_MACH m
+SND_SOC_AMD_CZ_RT5645_MACH m
+SND_SOC_BD28623 m
+SND_SOC_COMPRESS y
+SND_SOC_CROS_EC_CODEC m
+SND_SOC_CS35L34 m
+SND_SOC_CS35L35 m
+SND_SOC_CS35L36 m
+SND_SOC_CS42L42 m
+SND_SOC_CS43130 m
+SND_SOC_CX2072X m
+SND_SOC_DA7213 m
+SND_SOC_DA7219 m
+SND_SOC_DMIC m
+SND_SOC_ES7134 m
+SND_SOC_ES7241 m
+SND_SOC_ES8316 m
+SND_SOC_ES8328 m
+SND_SOC_ES8328_I2C m
+SND_SOC_ES8328_SPI m
+SND_SOC_GENERIC_DMAENGINE_PCM y
+SND_SOC_HDAC_HDA m
+SND_SOC_HDAC_HDMI m
+SND_SOC_HDMI_CODEC m
+SND_SOC_I2C_AND_SPI m
+SND_SOC_INTEL_APL m
+SND_SOC_INTEL_BDW_RT5677_MACH m
+SND_SOC_INTEL_BROADWELL_MACH m
+SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_BXT_RT298_MACH m
+SND_SOC_INTEL_BYTCR_RT5640_MACH m
+SND_SOC_INTEL_BYTCR_RT5651_MACH m
+SND_SOC_INTEL_BYT_CHT_CX2072X_MACH m
+SND_SOC_INTEL_BYT_CHT_DA7213_MACH m
+SND_SOC_INTEL_BYT_CHT_ES8316_MACH m
+SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH m
+SND_SOC_INTEL_CFL m
+SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH m
+SND_SOC_INTEL_CHT_BSW_NAU8824_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5645_MACH m
+SND_SOC_INTEL_CHT_BSW_RT5672_MACH m
+SND_SOC_INTEL_CML_H m
+SND_SOC_INTEL_CML_LP m
+SND_SOC_INTEL_CNL m
+SND_SOC_INTEL_DA7219_MAX98357A_GENERIC m
+SND_SOC_INTEL_GLK m
+SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH m
+SND_SOC_INTEL_HASWELL m
+SND_SOC_INTEL_HASWELL_MACH m
+SND_SOC_INTEL_KBL m
+SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH m
+SND_SOC_INTEL_KBL_DA7219_MAX98927_MACH m
+SND_SOC_INTEL_KBL_RT5660_MACH m
+SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH m
+SND_SOC_INTEL_MACH y
+SND_SOC_INTEL_SKL m
+SND_SOC_INTEL_SKL_NAU88L25_MAX98357A_MACH m
+SND_SOC_INTEL_SKL_NAU88L25_SSM4567_MACH m
+SND_SOC_INTEL_SKL_RT286_MACH m
+SND_SOC_INTEL_SKYLAKE m
+SND_SOC_INTEL_SKYLAKE_COMMON m
+SND_SOC_INTEL_SKYLAKE_FAMILY m
+SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC y
+SND_SOC_INTEL_SKYLAKE_SSP_CLK m
+SND_SOC_INTEL_SST m
+SND_SOC_INTEL_SST_ACPI m
+SND_SOC_INTEL_SST_FIRMWARE m
+SND_SOC_INTEL_SST_TOPLEVEL y
+SND_SOC_MAX9759 m
+SND_SOC_MAX98088 m
+SND_SOC_MAX98090 m
+SND_SOC_MAX98357A m
+SND_SOC_MAX98373 m
+SND_SOC_MAX9867 m
+SND_SOC_MAX98927 m
+SND_SOC_NAU8540 m
+SND_SOC_NAU8824 m
+SND_SOC_NAU8825 m
+SND_SOC_PCM1789 m
+SND_SOC_PCM1789_I2C m
+SND_SOC_PCM186X m
+SND_SOC_PCM186X_I2C m
+SND_SOC_PCM186X_SPI m
+SND_SOC_PCM3060 m
+SND_SOC_PCM3060_I2C m
+SND_SOC_PCM3060_SPI m
+SND_SOC_RL6231 m
+SND_SOC_RL6347A m
+SND_SOC_RT286 m
+SND_SOC_RT298 m
+SND_SOC_RT5640 m
+SND_SOC_RT5645 m
+SND_SOC_RT5651 m
+SND_SOC_RT5660 m
+SND_SOC_RT5663 m
+SND_SOC_RT5670 m
+SND_SOC_RT5677 m
+SND_SOC_RT5677_SPI m
+SND_SOC_RT5682 m
+SND_SOC_SIGMADSP m
+SND_SOC_SIGMADSP_REGMAP m
+SND_SOC_SIMPLE_AMPLIFIER m
+SND_SOC_SOF m
+SND_SOC_SOF_ACPI m
+SND_SOC_SOF_APOLLOLAKE m
+SND_SOC_SOF_APOLLOLAKE_SUPPORT y
+SND_SOC_SOF_BAYTRAIL m
+SND_SOC_SOF_BAYTRAIL_SUPPORT y
+SND_SOC_SOF_CANNONLAKE m
+SND_SOC_SOF_CANNONLAKE_SUPPORT y
+SND_SOC_SOF_COFFEELAKE m
+SND_SOC_SOF_COFFEELAKE_SUPPORT y
+SND_SOC_SOF_COMETLAKE_H m
+SND_SOC_SOF_COMETLAKE_H_SUPPORT y
+SND_SOC_SOF_COMETLAKE_LP m
+SND_SOC_SOF_COMETLAKE_LP_SUPPORT y
+SND_SOC_SOF_ELKHARTLAKE m
+SND_SOC_SOF_ELKHARTLAKE_SUPPORT y
+SND_SOC_SOF_GEMINILAKE m
+SND_SOC_SOF_GEMINILAKE_SUPPORT y
+SND_SOC_SOF_HDA m
+SND_SOC_SOF_HDA_AUDIO_CODEC y
+SND_SOC_SOF_HDA_COMMON m
+SND_SOC_SOF_HDA_LINK y
+SND_SOC_SOF_HDA_LINK_BASELINE m
+SND_SOC_SOF_ICELAKE m
+SND_SOC_SOF_ICELAKE_SUPPORT y
+SND_SOC_SOF_INTEL_ACPI m
+SND_SOC_SOF_INTEL_ATOM_HIFI_EP m
+SND_SOC_SOF_INTEL_COMMON m
+SND_SOC_SOF_INTEL_HIFI_EP_IPC m
+SND_SOC_SOF_INTEL_PCI m
+SND_SOC_SOF_INTEL_TOPLEVEL y
+SND_SOC_SOF_MERRIFIELD m
+SND_SOC_SOF_MERRIFIELD_SUPPORT y
+SND_SOC_SOF_OPTIONS m
+SND_SOC_SOF_PCI m
+SND_SOC_SOF_PROBE_WORK_QUEUE y
+SND_SOC_SOF_TIGERLAKE m
+SND_SOC_SOF_TIGERLAKE_SUPPORT y
+SND_SOC_SOF_TOPLEVEL y
+SND_SOC_SOF_XTENSA m
+SND_SOC_SPDIF m
+SND_SOC_SSM4567 m
+SND_SOC_TAS6424 m
+SND_SOC_TDA7419 m
+SND_SOC_TLV320AIC32X4 m
+SND_SOC_TLV320AIC32X4_I2C m
+SND_SOC_TLV320AIC32X4_SPI m
+SND_SOC_TOPOLOGY y
+SND_SOC_TS3A227E m
+SND_SOC_TSCS42XX m
+SND_SOC_WM8524 m
+SND_SPI y
+SND_SST_ATOM_HIFI2_PLATFORM m
+SND_SST_ATOM_HIFI2_PLATFORM_ACPI m
+SND_SST_ATOM_HIFI2_PLATFORM_PCI m
+SND_SST_IPC m
+SND_SST_IPC_ACPI m
+SND_SST_IPC_PCI m
+SPI_MASTER y
+ST_UVIS25_SPI m
l/gegl-0.4.22-x86_64-1.txz: Upgraded.
l/glib2-2.62.5-x86_64-1.txz: Upgraded.
l/python-requests-2.23.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.22.8-x86_64-1.txz: Upgraded.
n/openssh-8.2p1-x86_64-2.txz: Rebuilt.
n/php-7.4.3-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Phar: Files added to tar with Phar::buildFromIterator have
all-access permissions.
Phar: heap-buffer-overflow in phar_extract_file.
Session: Null Pointer Dereference in PHP Session Upload Progress.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7063https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7061https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7062
(* Security fix *)
x/mesa-20.0.0-x86_64-1.txz: Upgraded.
Added Wayland platform support.
x/wayland-1.18.0-x86_64-1.txz: Added.
x/wayland-protocols-1.18-noarch-1.txz: Added.
x/xorg-server-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xephyr-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.7-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-1.20.7-x86_64-2.txz: Added.
xap/gimp-2.10.16-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/openssh-8.2p1-x86_64-2_pam.txz: Rebuilt.
/etc/pam.d/sshd: add commented out pam_tally2 example.
testing/packages/PAM/shadow-4.8.1-x86_64-5_pam.txz: Rebuilt.
/etc/pam.d/system-auth: add support for pam_group, remove pam_tally2.
Thanks to ivandi.
/etc/pam.d/*: Don't use tabs.
testing/packages/PAM/util-linux-2.35.1-x86_64-4_pam.txz: Rebuilt.
/etc/pam.d/login: add commented out pam_tally2 example.
/etc/pam.d/*: Don't use tabs.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/ksh93-20200131_e4fea8c5-x86_64-1.txz: Upgraded.
ap/zsh-5.8-x86_64-1.txz: Upgraded.
l/brotli-1.0.7-x86_64-1.txz: Added.
l/gmime-3.2.6-x86_64-1.txz: Upgraded.
l/hyphen-2.8.8-x86_64-1.txz: Added.
l/openal-soft-1.20.1-x86_64-1.txz: Upgraded.
Thanks to Skaendo and Willy Sudiarto Raharjo.
l/qt5-webkit-5.212.0_alpha3-x86_64-1.txz: Added.
Thanks to alienBOB.
l/woff2-20180531_a0d0ed7-x86_64-1.txz: Added.
n/bluez-5.53-x86_64-1.txz: Upgraded.
n/mutt-1.13.4-x86_64-1.txz: Upgraded.
n/samba-4.11.6-x86_64-3.txz: Rebuilt.
n/socat-1.7.3.4-x86_64-1.txz: Added.
n/whois-5.5.6-x86_64-1.txz: Upgraded.
testing/packages/PAM/samba-4.11.6-x86_64-3_pam.txz: Rebuilt.
Added patches to fix joining a DC when using krb5. Looks like the patches are
already upstreamed in the latest 4.12.0-rc. Thanks to camerabambai.
a/kernel-generic-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.20-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.20-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-3.txz: Rebuilt.
a/util-linux-2.35.1-x86_64-3.txz: Rebuilt.
d/kernel-headers-5.4.20-x86-1.txz: Upgraded.
k/kernel-source-5.4.20-noarch-1.txz: Upgraded.
l/ConsoleKit2-1.2.1-x86_64-2.txz: Rebuilt.
l/dconf-editor-3.34.4-x86_64-1.txz: Upgraded.
l/libxkbcommon-0.10.0-x86_64-1.txz: Added.
l/openal-soft-1.19.1-x86_64-1.txz: Added.
l/qt5-5.13.2-x86_64-1.txz: Added.
Thanks to alienBOB.
n/openssh-8.2p1-x86_64-1.txz: Upgraded.
Potentially incompatible changes:
* ssh(1), sshd(8): the removal of "ssh-rsa" from the accepted
CASignatureAlgorithms list.
* ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
from the default key exchange proposal for both the client and
server.
* ssh-keygen(1): the command-line options related to the generation
and screening of safe prime numbers used by the
diffie-hellman-group-exchange-* key exchange algorithms have
changed. Most options have been folded under the -O flag.
* sshd(8): the sshd listener process title visible to ps(1) has
changed to include information about the number of connections that
are currently attempting authentication and the limits configured
by MaxStartups.
x/mesa-19.3.4-x86_64-2.txz: Rebuilt.
Reverted "[PATCH] swr: Fix GCC 4.9 checks." which makes X fail to start with
an illegal instruction on some hardware.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-2_pam.txz: Rebuilt.
Rebuilt with --disable-libcgmanager to fix setting limits on PAM.
Thanks to gattocarlo.
testing/packages/PAM/openssh-8.2p1-x86_64-1_pam.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-3_pam.txz: Rebuilt.
Moved some of the /etc/pam.d/ file to the util-linux package where they
more properly belong.
testing/packages/PAM/util-linux-2.35.1-x86_64-3_pam.txz: Rebuilt.
Added some /etc/pam.d/ files previously in the shadow package.
Changed /etc/pam.d/{chfn,chsh} and made chfn/chsh setuid root to fix them.
Added /etc/pam.d/{runuser,runuser-l}.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded.
a/lvm2-2.03.08-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-2.txz: Rebuilt.
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz: Upgraded.
k/kernel-source-5.4.19-noarch-1.txz: Upgraded.
VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added.
testing/packages/binutils-2.34-x86_64-1.txz: Removed.
testing/packages/glibc-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/man-pages-5.05-noarch-2.txz: Rebuilt.
Clean up /usr/man directory moving miscellaneous documentation to
/usr/doc/man-pages-5.05. Thanks to Xsane.
d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
a/cryptsetup-2.3.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20200203_6d9f399-noarch-1.txz: Upgraded.
ap/xfsdump-3.1.9-x86_64-1.txz: Upgraded.
d/mercurial-5.3-x86_64-1.txz: Upgraded.
l/libzip-1.6.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.2-x86_64-3.txz: Rebuilt.
Added /etc/exports.d directory.
Removed the bogus sanity checks. Sure, we could try to "fix" them, but this
seems to be the path of least resistance.
n/postfix-3.4.9-x86_64-1.txz: Upgraded.
x/libinput-1.15.1-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.2.131.1-x86_64-1.txz: Upgraded.
xap/sane-1.0.29-x86_64-1.txz: Upgraded.
a/aaa_elflibs-15.0-x86_64-21.txz: Rebuilt.
Upgraded: libisl.so.22.0.1.
Added: libkeyutils.so.1.9.
a/kernel-generic-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.15-x86_64-1.txz: Upgraded.
a/pciutils-3.6.4-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-1.txz: Upgraded.
d/check-0.14.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.15-x86-1.txz: Upgraded.
d/make-4.2.1-x86_64-5.txz: Rebuilt.
Drop back to make-4.2.1 since make-4.3 is breaking a few builds. We'll
revisit it later after sources have caught up to it or regressions have
been patched upstream.
d/python-pip-20.0.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.15-noarch-1.txz: Upgraded.
l/imagemagick-7.0.9_18-x86_64-1.txz: Upgraded.
l/python-packaging-20.1-x86_64-1.txz: Upgraded.
n/php-7.4.2-x86_64-3.txz: Rebuilt.
php.ini: Added extension=gd and extension=zip. Thanks to avian.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20200122_1eb2408-noarch-1.txz: Upgraded.
a/pciutils-3.6.3-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-30.txz: Rebuilt.
removepkg: prevent upgradepkg noise when a directory turns into a symlink.
setup.vi-ex: don't make symlinks if the targets don't exist.
d/cmake-3.16.3-x86_64-1.txz: Upgraded.
d/distcc-3.3.3-x86_64-3.txz: Rebuilt.
Move symlink tree into /usr/lib/distcc/, and make a link in /usr/lib64/ if
needed. Seems like this is how everyone else sets it up. Thanks to hpfeil.
Recompiled against krb5-1.17.1 (--with-auth).
d/parallel-20200122-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.8-x86_64-1.txz: Upgraded.
n/bind-9.14.10-x86_64-1.txz: Upgraded.
This is a bugfix release:
With some libmaxminddb versions, named could erroneously match an IP address
not belonging to any subnet defined in a given GeoIP2 database to one of the
existing entries in that database. [GL #1552]
Fix line spacing in `rndc secroots`. Thanks to Tony Finch. [GL #2478]
Recompiled against krb5-1.17.1 (--with-gssapi).
n/dhcp-4.4.2-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.19-x86_64-1.txz: Upgraded.
n/php-7.4.2-x86_64-2.txz: Rebuilt.
Patched for c-client library API change. Thanks to ecd102.
Recompiled against krb5-1.17.1 (--with-kerberos).
a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
a/aaa_terminfo-6.1_20200118-x86_64-1.txz: Upgraded.
d/make-4.3-x86_64-1.txz: Upgraded.
d/python-setuptools-45.1.0-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20200118-x86_64-1.txz: Upgraded.
n/alpine-2.22-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.4.2esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.4.2/releasenotes/https://bugzilla.mozilla.org/show_bug.cgi?id=1602726
a/elvis-2.2_0-x86_64-5.txz: Rebuilt.
Don't make /usr/bin/{ex,vi} symlinks.
a/kernel-generic-5.4.11-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.11-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.11-x86_64-1.txz: Upgraded.
a/nvi-1.81.6-x86_64-1.txz: Added.
This is an implementation of the classic ex/vi text editor written by Keith
Bostic. Due to this having UTF8 support which elvis lacks, we'll have it
take over the ex/vi symlinks if they aren't already pointing to a different
choice. Note that the removal of vi/ex symlinks from the elvis and vim
packages might cause your ex/vi symlinks to point to this after all the ex/vi
packages have been upgraded. You can set them to your preferences using
pkgtool -> Setup -> vi-ex.
a/pkgtools-15.0-noarch-29.txz: Rebuilt.
Added an installer/pkgtool menu to select the default ex/vi editor.
ap/vim-8.2.0114-x86_64-1.txz: Upgraded.
Don't make /usr/bin/{ex,vi} symlinks.
d/kernel-headers-5.4.11-x86-1.txz: Upgraded.
d/python-setuptools-45.0.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.11-noarch-1.txz: Upgraded.
l/imagemagick-7.0.9_15-x86_64-1.txz: Upgraded.
n/ethtool-5.4-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0114-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/ccache-3.7.7-x86_64-1.txz: Upgraded.
l/libpsl-0.21.0-x86_64-2.txz: Rebuilt.
Patched for new gtk-doc. Thanks to Matteo Bernardini.
l/pyparsing-2.4.6-x86_64-1.txz: Upgraded.
l/python-packaging-20.0-x86_64-1.txz: Upgraded.
l/python-pygments-2.5.2-x86_64-1.txz: Added.
This is needed by gtk-doc.
n/iputils-20190709-x86_64-2.txz: Rebuilt.
Patched for new libcap. Thanks to Matteo Bernardini.
x/fonttosfnt-1.1.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.4.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.4.0/releasenotes/https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
a/dialog-1.3_20191210-x86_64-1.txz: Upgraded.
a/shadow-4.8-x86_64-2.txz: Rebuilt.
Don't ship /etc/environment.new since sudo is no longer complaining about it.
ap/lxc-2.0.11_fad08f383-x86_64-4.txz: Rebuilt.
Make sure all initial devices are properly created.
Fix accidental handling of rc.lxc as a modified-for-lxc init script.
Thanks to crts.
d/python-setuptools-44.0.0-x86_64-1.txz: Upgraded.
l/libedit-20191231_3.1-x86_64-1.txz: Upgraded.
l/python-pillow-7.0.0-x86_64-1.txz: Upgraded.
Happy 2020 to the Slackware community! :-)
a/aaa_terminfo-6.1_20191228-x86_64-1.txz: Upgraded.
a/smartmontools-7.1-x86_64-1.txz: Upgraded.
ap/sudo-1.8.30-x86_64-1.txz: Upgraded.
d/python-setuptools-43.0.0-x86_64-1.txz: Upgraded.
l/boost-1.72.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
Patched to fix missing boost/serialization/split_member.hpp include.
This fixes the lightspark build at SBo. Thanks to orbea.
l/ffmpeg-4.2.2-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20191228-x86_64-1.txz: Upgraded.
l/netpbm-10.89.00-x86_64-1.txz: Upgraded.
n/epic5-2.1.1-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
Thanks to Willy Sudiarto Raharjo for pointing this one out.
n/whois-5.5.4-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.130.0-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2.2-x86_64-1_alsa.txz: Upgraded.
a/kmod-26-x86_64-3.txz: Rebuilt.
This doesn't build with --enable-python and python3-3.8.1, so we'll
disable it for now. The python additions don't appear to be widely
packaged anyway.
a/util-linux-2.34-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/hplip-3.19.12-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/ksh93-20191228_5abcbd06-x86_64-1.txz: Upgraded.
ap/linuxdoc-tools-0.9.73-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/lxc-2.0.11_fad08f383-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
ap/rpm-4.15.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/Cython-0.29.14-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/clisp-2.50_20191103_c26de7873-x86_64-1.txz: Upgraded.
d/distcc-3.3.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/gdb-8.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/llvm-9.0.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/meson-0.52.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python-pip-19.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python-setuptools-42.0.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
d/python3-3.8.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
kde/pykde4-4.14.3-x86_64-10.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/Mako-1.1.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/PyQt-4.12.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/QScintilla-2.11.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/alsa-lib-1.2.1.2-x86_64-2.txz: Rebuilt.
Recompiled without --enable-mixer-pymods.
l/dbus-python-1.2.14-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/gexiv2-0.12.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/gobject-introspection-1.62.0-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libcaca-0.99.beta19-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libcap-ng-0.7.10-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libproxy-0.4.15-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libwebp-1.0.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/libwmf-0.2.8.4-x86_64-9.txz: Rebuilt.
Correct the path for the GDK_PIXBUF_DIR.
Thanks to B. Watson and Robby Workman.
l/libxml2-2.9.10-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/newt-0.52.21-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycairo-1.18.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycups-1.9.74-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pycurl-7.43.0.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pygobject-2.28.7-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pygobject3-3.34.0-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/pyparsing-2.4.5-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-appdirs-1.4.3-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-certifi-2019.11.28-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-chardet-3.0.4-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-docutils-0.15.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-idna-2.8-x86_64-3.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-notify2-0.3.1-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-packaging-19.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-pillow-6.2.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-ply-3.11-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-requests-2.22.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-sane-2.8.3-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-six-1.13.0-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/python-urllib3-1.25.7-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/sip-4.19.20-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/system-config-printer-1.5.12-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/talloc-2.3.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/tdb-1.4.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/tevent-0.10.2-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/urwid-1.0.3-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
l/zstd-1.4.4-x86_64-2.txz: Rebuilt.
Fix libdir in libzstd.pc. Thanks to orbea.
n/gpgme-1.13.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/obexftp-0.24.2-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/pssh-2.3.1-x86_64-5.txz: Rebuilt.
Recompiled against python3-3.8.1.
n/s-nail-14.9.16-x86_64-1.txz: Upgraded.
n/samba-4.11.4-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
x/pyxdg-0.26-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
x/xcb-proto-1.13-x86_64-4.txz: Rebuilt.
Recompiled against python3-3.8.1.
xap/blueman-2.1.1-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
xap/hexchat-2.14.3-x86_64-2.txz: Rebuilt.
Recompiled against python3-3.8.1.
extra/pure-alsa-system/alsa-lib-1.2.1.2-x86_64-2_alsa.txz: Rebuilt.
Recompiled without --enable-mixer-pymods.
isolinux/initrd.img: Rebuilt.
SeTEFI: Patched to remove extra whitespace from lsblk output.
Thanks to Didier Spaier.
usb-and-pxe-installers/usbboot.img: Rebuilt.
SeTEFI: Patched to remove extra whitespace from lsblk output.
Thanks to Didier Spaier.
a/kernel-generic-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-huge-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-modules-5.4.6-x86_64-2.txz: Rebuilt.
ap/vim-8.2.0050-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.6-x86-2.txz: Rebuilt.
k/kernel-source-5.4.6-noarch-2.txz: Rebuilt.
Apparently MODULE_SIG was enabled by SECURITY_LOCKDOWN_LSM. We'll turn both
of those off to avoid needlessly tainting the kernel.
-LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY n
-LOCK_DOWN_KERNEL_FORCE_INTEGRITY n
-LOCK_DOWN_KERNEL_FORCE_NONE y
-MODULE_SIG_ALL n
-MODULE_SIG_FORCE n
-MODULE_SIG_FORMAT y
-MODULE_SIG_HASH "sha256"
-MODULE_SIG_KEY "certs/signing_key.pem"
-MODULE_SIG_SHA1 n
-MODULE_SIG_SHA224 n
-MODULE_SIG_SHA256 y
-MODULE_SIG_SHA384 n
-MODULE_SIG_SHA512 n
-SECURITY_LOCKDOWN_LSM_EARLY y
MODULE_SIG y -> n
SECURITY_LOCKDOWN_LSM y -> n
l/imagemagick-7.0.9_12-x86_64-1.txz: Upgraded.
l/libcap-2.29-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0050-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-5.4.6-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.6-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.6-x86_64-1.txz: Upgraded.
a/procps-ng-3.3.16-x86_64-2.txz: Rebuilt.
Patched to hardcode the pgrep command string buffer size to 4096 as was done
in the previous release. This avoids an allocation error when the stack size
is unlimited. Thanks to Jeroslaw Siebert.
a/xfsprogs-5.4.0-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.6-x86-1.txz: Upgraded.
k/kernel-source-5.4.6-noarch-1.txz: Upgraded.
l/QScintilla-2.11.4-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.4-x86_64-1.txz: Upgraded.
n/lftp-4.9.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_elflibs-15.0-x86_64-17.txz: Rebuilt.
Upgraded: libcap.so.2.28, libelf-0.178.so, libglib-2.0.so.0.6200.4,
libgmodule-2.0.so.0.6200.4, libgobject-2.0.so.0.6200.4,
libgthread-2.0.so.0.6200.4, libidn2.so.0.3.7, libpcre2-8.so.0.9.0,
libtdb.so.1.4.3.
Added: libffi.so.6.0.4, libffi.so.7.1.0.
a/file-5.38-x86_64-2.txz: Rebuilt.
Patched to fix ELF shared libraries misidentified as "statically linked."
a/kernel-firmware-20191220_6871bff-noarch-1.txz: Upgraded.
a/openssl10-solibs-1.0.2u-x86_64-1.txz: Upgraded.
(* Security fix *)
d/guile-2.2.6-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
d/llvm-9.0.1-x86_64-1.txz: Upgraded.
Compiled against libffi-3.3.
d/python-2.7.17-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
d/python3-3.7.6-x86_64-1.txz: Upgraded.
Compiled against libffi-3.3.
d/ruby-2.6.5-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/glib2-2.62.4-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/libffi-3.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libvpx-1.8.2-x86_64-1.txz: Upgraded.
l/pygobject-2.28.7-x86_64-4.txz: Rebuilt.
Recompiled against libffi-3.3.
l/pygobject3-3.34.0-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
l/sip-4.19.20-x86_64-1.txz: Upgraded.
n/cifs-utils-6.10-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.3-x86_64-1.txz: Upgraded.
n/openssl10-1.0.2u-x86_64-1.txz: Upgraded.
This update fixes a low severity security issue:
Fixed an an overflow bug in the x86_64 Montgomery squaring procedure used in
exponentiation with 512-bit moduli.
For more information, see:
https://www.openssl.org/news/secadv/20191206.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551
(* Security fix *)
n/p11-kit-0.23.18.1-x86_64-2.txz: Rebuilt.
Recompiled against libffi-3.3.
extra/tigervnc/tigervnc-1.10.1-x86_64-1.txz: Upgraded.
From tigervnc.org: "This is a security release to fix a number of issues
that were found by Kaspersky Lab. These issues affect both the client and
server and could theoretically allow a malicious peer to take control
over the software on the other side. No working exploit is known at this
time, and the issues require the peer to first be authenticated. We still
urge users to upgrade when possible."
(* Security fix *)
a/kernel-firmware-20191215_eefb5f7-noarch-1.txz: Upgraded.
a/mcelog-167-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-14.txz: Rebuilt.
Patched init to fix the case where -T and -C options are used with UUID=.
Thanks to davjohn and GazL.
ap/cups-filters-1.26.0-x86_64-1.txz: Upgraded.
d/re2c-1.3-x86_64-1.txz: Upgraded.
l/fuse3-3.9.0-x86_64-1.txz: Upgraded.
n/mutt-1.13.1-x86_64-1.txz: Upgraded.
ap/mariadb-10.4.11-x86_64-1.txz: Upgraded.
d/cmake-3.16.1-x86_64-1.txz: Upgraded.
d/git-2.24.1-x86_64-1.txz: Upgraded.
l/mozjs52-52.9.0esr-x86_64-2.txz: Removed.
This was used only by polkit-0.115.
l/mozjs60-60.9.0esr-x86_64-1.txz: Added.
This is needed for polkit-0.116.
l/polkit-0.116-x86_64-1.txz: Upgraded.
n/ModemManager-1.12.2-x86_64-1.txz: Upgraded.
xap/xine-ui-0.99.12-x86_64-1.txz: Upgraded.
l/dconf-0.34.0-x86_64-2.txz: Rebuilt.
Rebuilt using the sed replacements suggested by LFS. This fixes a
subsequent build of dconf-editor.
l/glib-networking-2.62.2-x86_64-1.txz: Upgraded.
n/samba-4.11.3-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD DC zone-named record Denial of Service in DNS management server.
DelegationNotAllowed was not enforced in protocol transition on Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
(* Security fix *)
x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded.
a/tcsh-6.22.02-x86_64-1.txz: Upgraded.
ap/vim-8.1.2391-x86_64-1.txz: Upgraded.
l/fuse3-3.8.0-x86_64-2.txz: Rebuilt.
rc.fuse3: Don't source /lib/lsb/init-functions unless it exists.
NOTE: FUSE seems to work fine without starting rc.fuse3, which it why it
isn't actually called from anywhere during system startup.
n/iw-5.4-x86_64-1.txz: Upgraded.
n/php-7.4.0-x86_64-2.txz: Rebuilt.
Rebuilt using --enable-gd=shared and --with-zip=shared.
Thanks to Matteo Bernardini.
xap/gv-3.7.4-x86_64-3.txz: Rebuilt.
Patched to fix save/print features when used with the latest ghostscript.
Added --enable-international build option.
Fixed broken whitespace in the bounding-box patch.
Thanks to Xsane.
xap/vim-gvim-8.1.2391-x86_64-1.txz: Upgraded.
a/hwdata-0.330-noarch-1.txz: Upgraded.
a/lvm2-2.03.07-x86_64-1.txz: Upgraded.
a/tcsh-6.22.01-x86_64-1.txz: Upgraded.
d/python-setuptools-42.0.2-x86_64-1.txz: Upgraded.
n/gnutls-3.6.11.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.2.8-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.3.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.3.0/releasenotes/
ap/xfsdump-3.1.8-x86_64-4.txz: Rebuilt.
Patched for new xfsprogs-5.3.0 API. Thanks to nobodino.
d/cmake-3.16.0-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.18-x86_64-1.txz: Upgraded.
gpg: Prepare against chosen-prefix SHA-1 collisions in key signatures.
This change removes all SHA-1 based key signature newer than 2019-01-19
from the web-of-trust. Note that this includes all key signatures
created with dsa1024 keys. The new option --allow-weak-key-signatures
can be used to override the new and safer behaviour.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855
(* Security fix *)
n/iproute2-5.4.0-x86_64-1.txz: Upgraded.
x/libepoxy-1.5.4-x86_64-1.txz: Upgraded.
l/system-config-printer-1.5.12-x86_64-1.txz: Upgraded.
n/sshfs-3.6.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.2/releasenotes/
a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218https://www.samba.org/samba/security/CVE-2019-14833.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833https://www.samba.org/samba/security/CVE-2019-14847.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/getty-ps-2.1.0b-x86_64-4.txz: Removed.
a/lha-114i-x86_64-2.txz: Removed.
Removed due to vague licensing terms.
a/lhasa-0.3.1-x86_64-1.txz: Added.
This is an extraction-only LHA utility with an OSI approved license.
a/shadow-4.7-x86_64-2.txz: Rebuilt.
Added /etc/environment.new to fix "sudo -i" noise.
ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2174-x86_64-1.txz: Upgraded.
l/netpbm-10.88.00-x86_64-1.txz: Upgraded.
n/ca-certificates-20191018-noarch-1.txz: Upgraded.
n/samba-4.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded.
xap/xfractint-20.04p13-x86_64-2.txz: Removed.
xap/xv-3.10a-x86_64-9.txz: Removed.
extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
Moved here from the A series due to commercial use restrictions.
extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded.
Moved here from the XAP series due to commercial use restrictions.
extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt.
Moved here from the XAP series due to non-commercial use shareware license.
ap/ghostscript-9.50-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-2.txz: Rebuilt.
Have the profile scripts just check for -x /etc/rc.d/rc.iceccd, since pgrep
with --ns $$ isn't working for non-root users. Thanks to Leopold E. Midha.
d/python-pip-19.3-x86_64-1.txz: Upgraded.
n/bluez-5.51-x86_64-2.txz: Rebuilt.
Fixed path to obexd in org.bluez.obex.service.
Thanks to Jean-Philippe Guillemin.
x/xf86-video-ati-19.1.0-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-26.txz: Rebuilt.
upgradepkg: add spaces to --dry-run package list. Thanks to Markus Wiesner.
l/aspell-0.60.8-x86_64-1.txz: Upgraded.
n/network-scripts-15.0-noarch-9.txz: Rebuilt.
rc.inet1: Fix typos and spacing.
rc.inet2: Start rc.firewall first. This had been later in the script due to
the now unsupported idea of having /usr on NFS. Thanks to abga.
rc.inet2: If present and executable, start the Kerberos init scripts.
rc.inet2: Remove obsolete rpc.pcnfsd/rpc.bwnfsd section from the end.
n/proftpd-1.3.6a-x86_64-1.txz: Upgraded.
xap/pan-0.146-x86_64-1.txz: Upgraded.
d/vala-0.46.3-x86_64-1.txz: Upgraded.
l/libsoup-2.68.2-x86_64-1.txz: Upgraded.
n/openssh-8.1p1-x86_64-1.txz: Upgraded.
ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
x/libXvMC-1.0.12-x86_64-3.txz: Rebuilt.
Reverted to the stock xvmc.pc since Mesa has been fixed to work with it.
x/libglvnd-1.2.0-x86_64-2.txz: Rebuilt.
x/mesa-19.2.1-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.24-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-24.txz: Rebuilt.
installpkg: support --no-overwrite option for upgradepkg's second install
pass. Don't use this option directly unless you have a good reason.
upgradepkg: call installpkg with --no-overwrite for the second install pass.
This cuts the drive writes for a package upgrade almost in half so we can
be kinder to SSDs.
ap/nano-4.5-x86_64-1.txz: Upgraded.
l/gmime-3.2.4-x86_64-1.txz: Upgraded.
l/gnu-efi-3.0.10-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.12-x86_64-1.txz: Upgraded.
testing/packages/rust-1.38.0-x86_64-2.txz: Rebuilt.
The package size here has been put on a tremendous diet.
Thanks to Andrew Clemons and Willy Sudiarto Raharjo for help with this.
Compile test results:
firefox-68.1.0esr: fail
firefox-69.0.2: pass
seamonkey-2.49.5: pass
thunderbird-68.1.1: fail
a/haveged-1.9.8-x86_64-1.txz: Upgraded.
ap/screen-4.7.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2108-x86_64-1.txz: Upgraded.
d/rust-1.37.0-x86_64-1.txz: Upgraded.
Reverting to rust-1.37.0 after verified reports that the newer Rust is
unable to compile Firefox or Thunderbird. There are some patches for this
appearing in the repos, but they are extensive changes that don't look like
they could be cherry-picked. Hey, at least this Rust version works and is
not bloated. :) Moving forward we'll be testing new versions of Rust to
make sure that they can compile the sources that we need Rust for before
merging them into the tree. Firefox has been verified to build here with
rust-1.37.0 and gcc/g++ from gcc-9.2.0 or clang/clang++ from llvm-9.0.0.
l/libcap-ng-0.7.10-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2108-x86_64-1.txz: Upgraded.
d/llvm-9.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to orbea for getting this working and cleaning up the build script.
d/vala-0.46.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_67-x86_64-1.txz: Upgraded.
Fixed --disable-opencl configure option. Thanks to Markus Wiesner for the
bug report and to upstream for the quick fix.
n/NetworkManager-1.20.4-x86_64-1.txz: Upgraded.
n/gnutls-3.6.10-x86_64-1.txz: Upgraded.
x/freeglut-3.2.1-x86_64-1.txz: Upgraded.
x/libglvnd-1.1.1-x86_64-2.txz: Upgraded.
Reverted to this version since I'm seeing some errors linking with Mesa
libraries with the newer one. Thanks to nobodino for the bug report.
x/mesa-19.2.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-9.0.0 and libglvnd-1.1.1.
x/xf86-video-vmware-13.3.0-x86_64-3.txz: Rebuilt.
Recompiled against llvm-9.0.0.
a/eudev-3.2.8-x86_64-2.txz: Rebuilt.
Blacklisted mlx_wdt in watchdog.conf. Thanks to Robby Workman.
l/libical-3.0.6-x86_64-1.txz: Upgraded.
n/rpcbind-1.2.5-x86_64-2.txz: Rebuilt.
Added patch from git master to fix a segfault.
Fixed application of the next patch.
Thanks to Robby Workman.
x/freeglut-3.2.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.7-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-13.txz: Rebuilt.
Add libargon2 and libgcc_s for cryptsetup LUKS2 support.
Add jfs (thanks to gus3 on LQ) and xfs (thanks to klipkyle on LQ) repair
tools to initrd if those filesystems are used.
Support PARTUUID in mkinitrd_command_generator.sh (thanks to luvr on LQ).
Fixes and enhancements to docs suggested on LQ.
Thanks to Robby Workman.
a/sysvinit-2.96-x86_64-1.txz: Upgraded.
ap/vim-8.1.2022-x86_64-1.txz: Upgraded.
d/bison-3.4.2-x86_64-1.txz: Upgraded.
d/ccache-3.7.4-x86_64-1.txz: Upgraded.
d/icecream-1.3-x86_64-1.txz: Upgraded.
d/meson-0.51.2-x86_64-2.txz: Rebuilt.
Fix meson configure crash. Thanks to orbea.
l/dbus-python-1.2.12-x86_64-1.txz: Upgraded.
l/pulseaudio-13.0-x86_64-1.txz: Upgraded.
l/python-certifi-2019.9.11-x86_64-1.txz: Upgraded.
x/libwacom-1.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2022-x86_64-1.txz: Upgraded.
a/etc-15.0-x86_64-10.txz: Rebuilt.
Fix "include /etc/ld.so.conf.d/*.conf" repeats in /etc/ld.so.conf.
l/imagemagick-6.9.10_64-x86_64-1.txz: Upgraded.
l/seamonkey-solibs-2.49.5-x86_64-1.txz: Removed.
This package was included years ago to support a few things that needed
nss/nspr, but we've since included that in the mozilla-nss package.
Nothing should be using this anymore.
xap/seamonkey-2.49.5-x86_64-2.txz: Rebuilt.
Added additional options to more closely match the official build:
--enable-rust --enable-js-shell --enable-elf-hack --enable-release
--enable-calendar
Thanks to ljb643 for the bug report.
Removed /usr/lib{,64}/seamonkey from /etc/ld.so.conf.
a/bash-5.0.011-x86_64-1.txz: Upgraded.
a/findutils-4.7.0-x86_64-1.txz: Upgraded.
ap/squashfs-tools-4.4-x86_64-1.txz: Upgraded.
n/irssi-1.2.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Use after free when receiving duplicate CAP found by Joseph Bisch.
For more information, see:
https://irssi.org/security/html/irssi_sa_2019_08https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15717
(* Security fix *)
x/libvdpau-1.3-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.66-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.66-x86_64-1.txz: Upgraded.
ap/amp-0.7.6-x86_64-3.txz: Rebuilt.
Patched to clean up the code for a modern compiler and to not use overly
aggressive optimizations that can lead to crashes. Thanks to Labinnah.
d/doxygen-1.8.16-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.66-x86-1.txz: Upgraded.
d/scons-3.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.66-noarch-1.txz: Upgraded.
n/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.9-x86_64-1.txz: Upgraded.
x/libinput-1.14.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/mcelog-164-x86_64-1.txz: Upgraded.
a/os-prober-1.77-x86_64-3.txz: Rebuilt.
Fix cleanup() function. Thanks to USUARIONUEVO.
l/ffmpeg-4.2-x86_64-1.txz: Upgraded.
n/iw-5.3-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/ffmpeg-4.2-x86_64-1_alsa.txz: Upgraded.
testing/packages/NetworkManager-1.20.0-x86_64-1.txz: Upgraded.
This finally drops libnm-glib. I'm curious to hear how this will affect
various NM plugins before merging it into the main tree. Please test and
report any problems.
a/aaa_elflibs-15.0-x86_64-10.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6000.6, libgmodule-2.0.so.0.6000.6,
libgobject-2.0.so.0.6000.6, libgthread-2.0.so.0.6000.6,
liblber-2.4.so.2.10.11, libldap-2.4.so.2.10.11.
Added: libargon2.so.1, libjson-c.so.4.0.0.
a/cryptsetup-2.1.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Robby Workman.
a/efibootmgr-20190528_d9eb7f1-x86_64-1.txz: Upgraded.
Even though efibootmgr-17 will compile against efivar from git, it's probably
best to take this from git as well to keep things closely synced.
a/efivar-20190618_272b216-x86_64-1.txz: Upgraded.
Switch to git to fix "efibootmgr -v" failing with a parse error.
a/elilo-3.16-x86_64-10.txz: Rebuilt.
eliloconfig: If /boot/initrd.gz exists, install the generic kernel and initrd.
Otherwise, install the huge kernel.
a/lvm2-2.03.05-x86_64-1.txz: Upgraded.
Back to lvm2-2.03.x (cryptsetup needs it). Hopefully there's been enough time
for most of the bugs to have been ironed out.
l/argon2-20190702-x86_64-3.txz: Rebuilt.
Fix shared library permissions.
l/aspell-0.60.7-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_57-x86_64-1.txz: Upgraded.
l/python-docutils-0.15.1-x86_64-1.txz: Upgraded.
n/ipset-7.3-x86_64-1.txz: Upgraded.
xap/geeqie-1.5-x86_64-1.txz: Upgraded.
xfce/garcon-0.6.4-x86_64-1.txz: Upgraded.
xfce/thunar-volman-0.9.4-x86_64-1.txz: Upgraded.
xfce/tumbler-0.2.6-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190717_bf13a71-noarch-1.txz: Upgraded.
ap/mpg123-1.25.11-x86_64-1.txz: Upgraded.
l/gvfs-1.40.2-x86_64-2.txz: Rebuilt.
daemon/meson.build: define gvfs_rpath for libgvfsdaemon.so
This fixes "libgvfscommon.so => not found" running ldd on libgvfsdaemon.so.
Thanks to Robby Workman.
n/bind-9.14.4-x86_64-1.txz: Upgraded.
x/libpciaccess-0.16-x86_64-1.txz: Upgraded.
x/xinput-1.6.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.0.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.0.1esr/releasenotes/
extra/pure-alsa-system/mpg123-1.25.11-x86_64-1_alsa.txz: Upgraded.
ap/moc-2.5.2-x86_64-5.txz: Rebuilt.
Patched and recompiled against ffmpeg-4.1.4. Thanks to Heinz Wiesinger.
ap/vim-8.1.1710-x86_64-1.txz: Upgraded.
d/cmake-3.15.0-x86_64-1.txz: Upgraded.
e/emacs-26.2-x86_64-2.txz: Rebuilt.
Patched package.el to obey buffer-file-coding-system (bug #35739), fixing
bad signature from GNU ELPA for archive-contents.
Thanks to Stefan Monnier and Eric Lindblad.
kde/k3b-2.0.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/kfilemetadata-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
kde/nepomuk-core-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/alsa-plugins-1.1.9-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/ffmpeg-4.1.4-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gegl-0.4.16-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gst-plugins-libav-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
l/gvfs-1.40.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_54-x86_64-1.txz: Upgraded.
l/libvisual-plugins-0.4.0-x86_64-4.txz: Rebuilt.
Patched to fix a segmentation fault while loading plugin file.
Thanks to alienBOB.
l/libvpx-1.8.1-x86_64-1.txz: Upgraded.
n/curl-7.65.2-x86_64-1.txz: Upgraded.
xap/MPlayer-20190717-x86_64-1.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
xap/audacious-plugins-3.10.1-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
xap/vim-gvim-8.1.1710-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.9-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/MPlayer-20190717-x86_64-1_alsa.txz: Upgraded.
Compiled against ffmpeg-4.1.4.
extra/pure-alsa-system/alsa-plugins-1.1.9-x86_64-2_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/audacious-plugins-3.10.1-x86_64-3_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
extra/pure-alsa-system/ffmpeg-4.1.4-x86_64-1_alsa.txz: Upgraded.
Shared library .so-version bump.
extra/pure-alsa-system/xine-lib-1.2.9-x86_64-5_alsa.txz: Rebuilt.
Recompiled against ffmpeg-4.1.4.
a/kernel-generic-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.57-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.57-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.57-x86-1.txz: Upgraded.
k/kernel-source-4.19.57-noarch-1.txz: Upgraded.
l/Mako-1.0.13-x86_64-1.txz: Upgraded.
l/SDL2_image-2.0.5-x86_64-1.txz: Upgraded.
n/postfix-3.4.6-x86_64-1.txz: Upgraded.
xap/blueman-2.0.8-x86_64-2.txz: Rebuilt.
Reverted to blueman-2.0.8 as I'm also seeing connection issues here with
the newer version.
xap/xscreensaver-5.43-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1-x86_64-1.txz: Upgraded.
This doesn't seem to be working properly. Any patches are welcome.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/gettext-0.20.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.46-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-6.txz: Rebuilt.
Patched to fix a format string error in the es locale that led to an
assertion failure when compiling the Linux kernel.
Thanks to USUARIONUEVO.
d/gcc-brig-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-6.txz: Rebuilt.
d/gettext-tools-0.20.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.46-x86-1.txz: Upgraded.
d/rust-1.35.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.46-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/file-5.37-x86_64-1.txz: Upgraded.
l/python-requests-2.22.0-x86_64-1.txz: Upgraded.
n/iputils-20190515-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.7.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.7.0/releasenotes/
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/tmux-2.9a-x86_64-1.txz: Upgraded.
n/dovecot-2.3.6-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Submission-login crashed with signal 11 due to null pointer access when
authentication was aborted by disconnecting.
Submission-login crashed when authentication was started over TLS secured
channel and invalid authentication message was sent.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11494https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11499
(* Security fix *)
n/php-7.2.18-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue
Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
(* Security fix *)
xfce/exo-0.12.5-x86_64-1.txz: Upgraded.
ap/vim-8.1.1239-x86_64-1.txz: Upgraded.
l/python-urllib3-1.25.2-x86_64-1.txz: Upgraded.
xap/easytag-2.4.3-x86_64-2.txz: Rebuilt.
Upgraded (again) to easytag-2.4.3.
Reverted the upstream commit that was corrupting ogg and opus files.
In a new configuration, don't add freedb.musicbrainz.org as an automatic
CDDB server. Musicbrainz shut down this service permanently on March 18
and easytag breaks/hangs if it attempts to contact it. If your account
has already run easytag previously, you should go to Edit -> Preferences ->
CDDB and blank out the hostname field containing "freedb.musicbrainz.org".
xap/vim-gvim-8.1.1239-x86_64-1.txz: Upgraded.
ap/nano-4.1-x86_64-1.txz: Upgraded.
l/giflib-5.1.9-x86_64-2.txz: Rebuilt.
Restore GifQuantizeBuffer and other deprecated functions to the shared
library. Thanks to Skaendo.
l/glib2-2.60.1-x86_64-1.txz: Upgraded.
l/orc-0.4.29-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded.
a/grub-2.02-x86_64-5.txz: Rebuilt.
Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded.
ap/itstool-2.0.6-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded.
l/libcroco-0.6.13-x86_64-1.txz: Upgraded.
l/libnotify-0.7.8-x86_64-1.txz: Upgraded.
n/cifs-utils-6.9-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt.
Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
World writable files in Samba AD DC private/ dir.
Save registry file outside share as unprivileged user.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
(* Security fix *)
x/libva-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
ap/ghostscript-9.27-x86_64-1.txz: Upgraded.
d/python-setuptools-40.9.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_37-x86_64-1.txz: Upgraded.
l/readline-8.0.000-x86_64-2.txz: Rebuilt.
Recompiled to link rlfe against the new libreadline. Thanks to Toutatis.
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
a/kernel-generic-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.32-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.32-x86_64-1.txz: Upgraded.
ap/hplip-3.19.3-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.32-x86-1.txz: Upgraded.
d/python3-3.7.3-x86_64-1.txz: Upgraded.
Fixed bugs and the following security issues:
bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
characters that decompose under IDNA encoding (NFKC-normalization) into
characters that affect how the URL is parsed.
bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The
cert parser did not handle CRL distribution points with empty DP or URI
correctly. A malicious or buggy certificate can result into segfault.
Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet
of Cisco.
bpo-35121: Don't send cookies of domain A without Domain attribute to
domain B when domain A is a suffix match of domain B while using a
cookiejar with http.cookiejar.DefaultCookiePolicy policy.
Patch by Karthikeyan Singaravelan.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
(* Security fix *)
d/scons-3.0.5-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.32-noarch-1.txz: Upgraded.
n/curl-7.64.1-x86_64-1.txz: Upgraded.
n/gnutls-3.6.7-x86_64-1.txz: Upgraded.
Fixes security issues:
libgnutls, gnutls tools: Every gnutls_free() will automatically set
the free'd pointer to NULL. This prevents possible use-after-free and
double free issues. Use-after-free will be turned into NULL dereference.
The counter-measure does not extend to applications using gnutls_free().
libgnutls: Fixed a memory corruption (double free) vulnerability in the
certificate verification API. Reported by Tavis Ormandy; addressed with
the change above. [GNUTLS-SA-2019-03-27, #694]
libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async
messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
libgnutls: enforce key usage limitations on certificates more actively.
Previously we would enforce it for TLS1.2 protocol, now we enforce it
even when TLS1.3 is negotiated, or on client certificates as well. When
an inappropriate for TLS1.3 certificate is seen on the credentials
structure GnuTLS will disable TLS1.3 support for that session (#690).
libgnutls: enforce the equality of the two signature parameters fields
in a certificate. We were already enforcing the signature algorithm,
but there was a bug in parameter checking code.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Saint Patrick was a gentleman
Who through strategy and stealth
Drove all the snakes from Ireland
Here's toasting to his health -
But not too many toastings
Lest you lose yourself, and then,
Forget the good Saint Patrick
And see all those snakes again.
a/eudev-3.2.7-x86_64-3.txz: Rebuilt.
Added tqmx86_wdt to watchdog.conf. Thanks to Robby Workman.
d/vala-0.44.1-x86_64-1.txz: Upgraded.
kde/ktorrent-4.3.1-x86_64-4.txz: Rebuilt.
Embed a copy of the GeoIP database since the download link no longer works.
l/glibmm-2.58.1-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.43-x86_64-1.txz: Upgraded.
x/imake-1.0.8-x86_64-1.txz: Upgraded.
x/libXdmcp-1.1.3-x86_64-1.txz: Upgraded.
x/libXext-1.3.4-x86_64-1.txz: Upgraded.
x/libXft-2.3.3-x86_64-1.txz: Upgraded.
x/libXmu-1.1.3-x86_64-1.txz: Upgraded.
x/libXrandr-1.5.2-x86_64-1.txz: Upgraded.
x/libXvMC-1.0.11-x86_64-1.txz: Upgraded.
x/libXxf86dga-1.1.5-x86_64-1.txz: Upgraded.
x/libxkbfile-1.1.0-x86_64-1.txz: Upgraded.
x/makedepend-1.0.6-x86_64-1.txz: Upgraded.
x/x11perf-1.6.1-x86_64-1.txz: Upgraded.
x/xf86-video-intel-20190301_6afed33b-x86_64-1.txz: Upgraded.
x/xf86-video-savage-20190128_8579718-x86_64-1.txz: Upgraded.
x/xf86-video-sis-20181217_22d3c79-x86_64-1.txz: Upgraded.
x/xtrans-1.4.0-noarch-1.txz: Upgraded.
ap/cgmanager-0.42-x86_64-1.txz: Upgraded.
d/cmake-3.14.0-x86_64-1.txz: Upgraded.
l/gexiv2-0.12.0-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.32.0-x86_64-2.txz: Rebuilt.
Don't override the system font defaults (especially with fonts that we don't
include). Thanks to Markus Wiesner.
l/libyaml-0.2.2-x86_64-1.txz: Upgraded.
l/libzip-1.5.2-x86_64-1.txz: Upgraded.
a/hwdata-0.321-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.27-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.27-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.27-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.27-x86-1.txz: Upgraded.
k/kernel-source-4.19.27-noarch-1.txz: Upgraded.
l/M2Crypto-0.32.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_32-x86_64-1.txz: Upgraded.
n/dovecot-2.3.5-x86_64-1.txz: Upgraded.
x/xdm-1.1.11-x86_64-9.txz: Rebuilt.
Reverted to xdm-1.1.11, as the new release after 7 years has some issues.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/mkinitrd-1.4.11-x86_64-12.txz: Rebuilt.
Updated to busybox-1.30.1.
mkinitrd: allow a colon-delimited list of kernel versions with -k
mkinitrd_command_generator.sh: allow a colon-delimited list of kernel
versions with -k
setup.01.mkinitrd: simplify script by using -k with a version list
ap/pamixer-1.4-x86_64-1.txz: Upgraded.
d/python-2.7.16-x86_64-1.txz: Upgraded.
Updated to the latest 2.7.x release, which fixes a few security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
(* Security fix *)
d/vala-0.42.6-x86_64-1.txz: Upgraded.
l/gegl-0.4.14-x86_64-1.txz: Upgraded.
l/libsecret-0.18.8-x86_64-1.txz: Upgraded.
l/xapian-core-1.4.11-x86_64-1.txz: Upgraded.
x/mkfontscale-1.2.0-x86_64-1.txz: Upgraded.
x/xditview-1.0.5-x86_64-1.txz: Upgraded.
x/xdm-1.1.12-x86_64-1.txz: Upgraded.
a/btrfs-progs-4.20.2-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1b-x86_64-1.txz: Upgraded.
ap/ddrescue-1.24-x86_64-1.txz: Upgraded.
ap/sqlite-3.27.2-x86_64-1.txz: Upgraded.
l/libssh-0.8.7-x86_64-1.txz: Upgraded.
l/talloc-2.1.16-x86_64-1.txz: Upgraded.
l/tdb-1.3.18-x86_64-1.txz: Upgraded.
l/tevent-0.9.39-x86_64-1.txz: Upgraded.
n/ca-certificates-20181210-noarch-2.txz: Rebuilt.
Use "c_rehash" rather than "openssl rehash" for compatibility with all
versions of OpenSSL.
n/epic5-2.1.1-x86_64-1.txz: Upgraded.
n/openssl-1.1.1b-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.4-x86_64-1.txz: Upgraded.
x/xorg-server-xephyr-1.20.4-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-1.20.4-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-1.20.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.5.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.5.2/releasenotes/
a/glibc-solibs-2.29-x86_64-3.txz: Rebuilt.
ap/texinfo-6.6-x86_64-1.txz: Upgraded.
l/elfutils-0.176-x86_64-1.txz: Upgraded.
l/glibc-2.29-x86_64-3.txz: Rebuilt.
l/glibc-i18n-2.29-x86_64-3.txz: Rebuilt.
Go back to using the glibc.locale.no-archive.diff patch rather than the new
built-in no-archive locale target. Avoiding hardlinks is not worth 700MB of
useless bloat. Thanks to baldzhang.
l/glibc-profile-2.29-x86_64-3.txz: Rebuilt.
l/librsvg-2.44.13-x86_64-1.txz: Upgraded.
x/xf86-video-chips-1.4.0-x86_64-1.txz: Upgraded.
x/xf86-video-tdfx-1.5.0-x86_64-1.txz: Upgraded.
a/hwdata-0.320-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.20-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.20-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.20-x86_64-1.txz: Upgraded.
a/mcelog-162-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.20-x86-1.txz: Upgraded.
d/opencl-headers-2.2-noarch-2.txz: Rebuilt.
Don't trigger "#pragma message" in cl_version.h when falling back on a
default version of OpenCL to target. Applications such as ffmpeg detect
this as an error and fail to compile.
k/kernel-source-4.19.20-noarch-1.txz: Upgraded.
l/ffmpeg-3.4.5-x86_64-2.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
Reenabled libsmbclient support.
l/gst-plugins-good-1.14.4-x86_64-2.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
l/libvpx-1.8.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/curl-7.64.0-x86_64-1.txz: Upgraded.
This release fixes the following security issues:
NTLM type-2 out-of-bounds buffer read.
NTLMv2 type-3 header stack buffer overflow.
SMTP end-of-response out-of-bounds read.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
(* Security fix *)
n/samba-4.9.4-x86_64-2.txz: Rebuilt.
Added time.h to libsmbclient.h to fix ffmpeg compatibility.
Thanks to USUARIONUEVO.
xap/xine-lib-1.2.9-x86_64-4.txz: Rebuilt.
Recompiled against libvpx-1.8.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/bison-3.3.2-x86_64-1.txz: Upgraded.
n/dovecot-2.3.4-x86_64-2.txz: Rebuilt.
Patched double free when used with MariaDB 10.3.x. Thanks to Thom1b.
x/xkeyboard-config-2.26-noarch-1.txz: Upgraded.
extra/bittorrent/bittorrent-4.4.0-noarch-4.txz: Removed.
a/glibc-solibs-2.29-x86_64-2.txz: Rebuilt.
d/opencl-headers-2.2-noarch-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
l/glibc-2.29-x86_64-2.txz: Rebuilt.
l/glibc-i18n-2.29-x86_64-2.txz: Rebuilt.
Reverted en_US.UTF8 date(1) format back to 24 hour. I'm pretty sure that
the majority of people here in this locale will agree.
l/glibc-profile-2.29-x86_64-2.txz: Rebuilt.
a/mkinitrd-1.4.11-x86_64-11.txz: Rebuilt.
setup.01.mkinitrd: revert to the previous command line for
mkinitrd_command_generator.sh (the new one fails when called from the
installer).
a/hwdata-0.319-noarch-1.txz: Upgraded.
d/doxygen-1.8.14-x86_64-3.txz: Upgraded.
Reverted (for now) to avoid segfault in doxygen-1.8.15.
l/libwpg-0.3.3-x86_64-1.txz: Upgraded.
l/libxml2-2.9.9-x86_64-1.txz: Upgraded.
l/libxslt-1.1.33-x86_64-1.txz: Upgraded.
l/python-pillow-5.4.0-x86_64-1.txz: Upgraded.
x/xterm-342-x86_64-1.txz: Upgraded.
testing/packages/wpa_supplicant-2.7-x86_64-3.txz: Rebuilt.
Apply TLSv1 patch from Debian and make some config changes to fix
WPA2-Enterprise. Once we have some testing results on this we'll consider
moving it back into the main tree. Thanks to gablek.
a/coreutils-8.30-x86_64-4.txz: Rebuilt.
Added xterm-new to DIR_COLORS.
a/ed-1.15-x86_64-1.txz: Upgraded.
a/smartmontools-7.0-x86_64-1.txz: Upgraded.
a/sysvinit-2.93-x86_64-1.txz: Upgraded.
ap/diffutils-3.7-x86_64-1.txz: Upgraded.
ap/mc-4.8.22-x86_64-1.txz: Upgraded.
l/gexiv2-0.10.10-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.22-x86_64-1.txz: Upgraded.
l/libwpd-0.10.3-x86_64-1.txz: Upgraded.
x/xterm-341-x86_64-3.txz: Rebuilt.
Append new app-defaults for XTerm rather than replacing the upstream file.
Use 'xterm' rather than 'xterm-new' for termName to avoid surprises, but
leave the other choice commented out.
Install XTerm as XTerm.new to avoid wiping out a locally modified file.
Still not sure we'll be able to stick with this as a default due to Terminus
possibly not being available on a remote X server. Sure looks nice though.
Thanks to GazL.
a/gzip-1.10-x86_64-1.txz: Upgraded.
a/lvm2-2.03.02-x86_64-1.txz: Upgraded.
a/os-prober-1.77-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-24.txz: Rebuilt.
rc.6: Don't umount /dev/shm or tmpfs mounts under /run as it causes long
warnings/timeouts at shutdown/reboot on systems using LVM.
Don't use --ignorelockingfailure when deactivating LVM.
l/gc-8.0.2-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_21-x86_64-1.txz: Upgraded.
l/libclc-20181127_1ecb16d-x86_64-1.txz: Upgraded.
l/librsvg-2.44.11-x86_64-1.txz: Upgraded.
l/zstd-1.3.8-x86_64-1.txz: Upgraded.
xap/blueman-2.0.7-x86_64-1.txz: Upgraded.
xap/xscreensaver-5.42-x86_64-1.txz: Upgraded.
xfce/xfce4-taskmanager-1.2.2-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.13-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.13-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.13-x86_64-1.txz: Upgraded.
d/doxygen-1.8.15-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.13-x86-1.txz: Upgraded.
k/kernel-source-4.19.13-noarch-1.txz: Upgraded.
FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER y -> n
l/libsecret-0.18.7-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.6-x86_64-6.txz: Upgraded.
It seems we're not the only ones with broken WPA2-Enterprise support
with wpa_supplicant-2.7, so we'll fix it the same way as everyone else -
by reverting to wpa_supplicant-2.6 for now.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/wpa_supplicant-2.7-x86_64-2.txz: Upgraded.
Applied a patch from Gentoo to allow building CONFIG_IEEE80211X=y without
the experimental CONFIG_FILS=y option.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/btrfs-progs-v4.19.1-x86_64-1.txz: Upgraded.
a/dbus-1.12.12-x86_64-1.txz: Upgraded.
ap/cups-2.2.10-x86_64-1.txz: Upgraded.
ap/cups-filters-1.21.5-x86_64-1.txz: Upgraded.
ap/hplip-3.18.12-x86_64-1.txz: Upgraded.
d/mercurial-4.8.1-x86_64-1.txz: Upgraded.
d/rust-1.31.0-x86_64-1.txz: Upgraded.
l/libpng-1.6.36-x86_64-1.txz: Upgraded.
l/python-idna-2.8-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p12-x86_64-5.txz: Rebuilt.
Fixed logrotate file. Thanks to allend and rworkman.
n/php-7.2.13-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.13
(* Security fix *)
n/wpa_supplicant-2.7-x86_64-1.txz: Upgraded.
x/mesa-18.3.0-x86_64-1.txz: Upgraded.
x/xf86-video-i740-1.4.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.3.3-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.3/releasenotes/
xfce/thunar-volman-0.9.1-x86_64-1.txz: Upgraded.
ap/texinfo-6.5-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
ap/vim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
d/perl-5.28.1-x86_64-1.txz: Upgraded.
Upgraded DBD-mysql-4.049, DBI-1.642, abd IO-Socket-SSL-2.060.
Added Devel-CheckLib-1.13 (needed by DBD-mysql-4.049).
kde/perlkde-4.14.3-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
kde/perlqt-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/epic5-2.0.1-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/irssi-1.1.1-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/net-snmp-5.8-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
n/ntp-4.2.8p12-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/hexchat-2.14.2-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/mozilla-thunderbird-60.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.2/releasenotes/
xap/rxvt-unicode-9.22-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.28.1.
xap/vim-gvim-8.1.0552-x86_64-1.txz: Upgraded.
Compiled against perl-5.28.1.
xfce/xfce4-systemload-plugin-1.2.2-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.3-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.3-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1a-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-21.txz: Rebuilt.
rc.S: Don't run rc.fuse - udev takes care of the FUSE module and filesystem.
rc.S: Support replacing the /etc/mtab file with a symlink to /proc/mounts.
rc.6: Show more information when unmounting filesystems at shutdown.
ap/ghostscript-9.26-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.11-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://mariadb.com/kb/en/library/mariadb-10311-release-notes/https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3282
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2016-9843
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3174
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3143
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3156
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3251
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3185
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3277
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3162
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3173
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3200
https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2018-3284
(* Security fix *)
d/cmake-3.13.0-x86_64-1.txz: Upgraded.
d/git-2.19.2-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.63-x86-1.txz: Upgraded.
d/kernel-headers-4.19.3-x86-1.txz: Upgraded.
d/vala-0.42.3-x86_64-1.txz: Added.
k/kernel-source-4.19.3-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-3.30.0-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.30.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.30.0-x86_64-1.txz: Upgraded.
l/atk-2.30.0-x86_64-1.txz: Upgraded.
l/atkmm-2.28.0-x86_64-1.txz: Upgraded.
l/dconf-0.28.0-x86_64-1.txz: Upgraded.
dconf and dconf-editor require Vala; the alternative would be to try to
stick with the old versions forever, and we don't want to do that.
l/dconf-editor-3.30.2-x86_64-1.txz: Upgraded.
l/gcr-3.28.0-x86_64-3.txz: Rebuilt.
Recompiled to add Vala bindings.
l/gdk-pixbuf2-2.38.0-x86_64-1.txz: Upgraded.
l/gexiv2-0.10.9-x86_64-1.txz: Upgraded.
l/glib-networking-2.58.0-x86_64-1.txz: Upgraded.
l/glib2-2.58.1-x86_64-1.txz: Upgraded.
l/glibmm-2.58.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.58.0-x86_64-1.txz: Upgraded.
l/gtk+3-3.24.1-x86_64-1.txz: Upgraded.
l/gtkmm3-3.24.0-x86_64-1.txz: Upgraded.
l/gvfs-1.38.1-x86_64-1.txz: Upgraded.
l/libcap-2.26-x86_64-1.txz: Upgraded.
l/libpsl-0.20.1-x86_64-1.txz: Added.
Required by libsoup.
l/libsoup-2.64.2-x86_64-1.txz: Upgraded.
l/pangomm-2.42.0-x86_64-1.txz: Upgraded.
l/pygobject3-3.30.2-x86_64-1.txz: Upgraded.
l/vte-0.54.2-x86_64-1.txz: Upgraded.
n/openssl-1.1.1a-x86_64-1.txz: Upgraded.
This update fixes timing side channel attacks on DSA and ECDSA signature
generation that could allow an attacker to recover the private key.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735
(* Security fix *)
x/pixman-0.36.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-0.8.7.4-x86_64-2.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/js185-1.0.0-x86_64-2.txz: Removed.
l/libwebp-1.0.1-x86_64-1.txz: Upgraded.
l/mozjs52-52.9.0esr-x86_64-1.txz: Added.
Required by the new version of polkit.
l/polkit-0.115-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
a/acpid-2.0.31-x86_64-1.txz: Upgraded.
a/shadow-4.6-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.28.1-x86_64-1.txz: Upgraded.
l/libkarma-0.1.2-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-60.3.1-x86_64-1.txz: Upgraded.
This is a bugfix release. For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.3.1/releasenotes/
a/aaa_terminfo-6.1_20181110-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.2-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.2-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.2-x86_64-1.txz: Upgraded.
ap/vim-8.1.0526-x86_64-1.txz: Upgraded.
Don't package .desktop files for the base vim package.
Move the terminal-based vim.desktop (menu clutter) into the docs directory.
d/kernel-headers-4.19.2-x86-1.txz: Upgraded.
k/kernel-source-4.19.2-noarch-1.txz: Upgraded.
l/librsvg-2.44.9-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20181110-x86_64-1.txz: Upgraded.
The new kernel fixes the artifact on the virtual console, so the original
linux terminal definition has been restored.
xap/vim-gvim-8.1.0526-x86_64-1.txz: Upgraded.
Let vim install its own icon and gvim.desktop files. Thanks to drumz.
Don't include the terminal-based vim.desktop file.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/quota-4.04-x86_64-2.txz: Rebuilt.
Fixed high CPU usage. Thanks to allend.
ap/nano-3.2-x86_64-1.txz: Upgraded.
x/libXcm-0.5.4-x86_64-1.txz: Upgraded.
x/xcm-0.5.4-x86_64-1.txz: Upgraded.
a/efibootmgr-16-x86_64-2.txz: Rebuilt.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/efivar-35-x86_64-1.txz: Upgraded.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/hwdata-0.317-noarch-1.txz: Upgraded.
a/lvm2-2.03.01-x86_64-1.txz: Upgraded.
a/quota-4.04-x86_64-1.txz: Upgraded.
ap/cups-2.2.9-x86_64-1.txz: Upgraded.
ap/sysstat-12.0.2-x86_64-1.txz: Upgraded.
d/cscope-15.9-x86_64-1.txz: Upgraded.
d/distcc-3.3.2-x86_64-1.txz: Upgraded.
d/nasm-2.14-x86_64-1.txz: Upgraded.
d/oprofile-1.3.0-x86_64-1.txz: Upgraded.
d/rust-1.30.1-x86_64-1.txz: Upgraded.
l/elfutils-0.174-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.10-x86_64-1.txz: Upgraded.
n/samba-4.9.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.8-x86_64-1.txz: Upgraded.
a/btrfs-progs-v4.19-x86_64-1.txz: Upgraded.
a/haveged-1.9.4-x86_64-2.txz: Rebuilt.
rc.haveged: eliminate startup noise.
a/kernel-generic-4.19.1-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.1-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.1-x86_64-1.txz: Upgraded.
d/cmake-3.12.4-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.1-x86-1.txz: Upgraded.
k/kernel-source-4.19.1-noarch-1.txz: Upgraded.
Temporarily build in speakup drivers until the modular ones are fixed.
Thanks to Didier Spaier.
SPEAKUP m -> y
SPEAKUP_SYNTH_ACNTPC m -> y
SPEAKUP_SYNTH_ACNTSA m -> y
SPEAKUP_SYNTH_APOLLO m -> y
SPEAKUP_SYNTH_AUDPTR m -> y
SPEAKUP_SYNTH_BNS m -> y
SPEAKUP_SYNTH_DECEXT m -> y
SPEAKUP_SYNTH_DECTLK m -> y
SPEAKUP_SYNTH_DTLK m -> y
SPEAKUP_SYNTH_DUMMY m -> y
SPEAKUP_SYNTH_KEYPC m -> y
SPEAKUP_SYNTH_LTLK m -> y
SPEAKUP_SYNTH_SOFT m -> y
SPEAKUP_SYNTH_SPKOUT m -> y
SPEAKUP_SYNTH_TXPRT m -> y
l/alsa-lib-1.1.7-x86_64-2.txz: Rebuilt.
Fixed PCM interval. Thanks to aaditya.
l/xapian-core-1.4.9-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
kde/kde-runtime-4.14.3-x86_64-8.txz: Rebuilt.
Applied upstream patch to fix info and man page display.
Thanks to igadoter and lougavulin.
l/gegl-0.4.12-x86_64-1.txz: Upgraded.
n/bind-9.12.3-x86_64-1.txz: Upgraded.
x/mesa-18.2.4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/kde-runtime-4.14.3-x86_64-8_alsa.txz: Rebuilt.
Applied upstream patch to fix info and man page display.
Thanks to igadoter and lougavulin.