mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
15 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Patrick J Volkerding
|
b689ecb882 |
Fri Mar 31 18:01:09 UTC 2023
a/kernel-generic-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.22-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.22-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-32.txz: Rebuilt.
Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha.
d/cmake-3.26.2-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.22-x86-1.txz: Upgraded.
d/llvm-16.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Heinz Wiesinger for the assistance.
Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON
-DCLANG_LINK_CLANG_DYLIB=ON.
I think we'll get 16.0.1 next week if we need to make any adjustments.
d/ruby-3.2.2-x86_64-1.txz: Upgraded.
This update fixes security issues:
ReDoS vulnerability in URI.
ReDoS vulnerability in Time.
For more information, see:
https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
https://www.cve.org/CVERecord?id=CVE-2023-28755
https://www.cve.org/CVERecord?id=CVE-2023-28756
(* Security fix *)
k/kernel-source-6.1.22-noarch-1.txz: Upgraded.
kde/kdevelop-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0.
l/openexr-3.1.7-x86_64-1.txz: Upgraded.
l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
l/spirv-llvm-translator-16.0.0-x86_64-1.txz: Upgraded.
Compiled against llvm-16.0.0.
Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON.
n/pssh-2.3.5-x86_64-1.txz: Upgraded.
n/samba-4.18.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
An incomplete access check on dnsHostName allows authenticated but otherwise
unprivileged users to delete this attribute from any object in the directory.
The Samba AD DC administration tool, when operating against a remote LDAP
server, will by default send new or reset passwords over a signed-only
connection.
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential
attribute disclosure via LDAP filters was insufficient and an attacker may
be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
Installations with such secrets in their Samba AD should assume they have
been obtained and need replacing.
For more information, see:
https://www.samba.org/samba/security/CVE-2023-0225.html
https://www.samba.org/samba/security/CVE-2023-0922.html
https://www.samba.org/samba/security/CVE-2023-0614.html
https://www.cve.org/CVERecord?id=CVE-2023-0225
https://www.cve.org/CVERecord?id=CVE-2023-0922
https://www.cve.org/CVERecord?id=CVE-2023-0614
(* Security fix *)
x/mesa-23.0.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0.
xap/seamonkey-2.53.16-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.16
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.68.2-x86_64-2.txz: Rebuilt.
Use the bundled LLVM rather than the system LLVM.
This version of Rust actually does compile with llvm-16.0.0, but since it
bundles LLVM 15 let's let it use that for now.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
70654f4ef8 |
Tue Mar 28 19:36:46 UTC 2023
a/grub-2.06-x86_64-5.txz: Rebuilt. [PATCH] fs/ext2: Ignore checksum seed incompat feature. Fixes using ext4 with the default options in e2fsprogs-1.47.0. Thanks to USUARIONUEVO. a/shadow-4.13-x86_64-1.txz: Upgraded. ap/squashfs-tools-4.6.1-x86_64-1.txz: Upgraded. l/gsettings-desktop-schemas-44.0-x86_64-1.txz: Upgraded. l/gvfs-1.50.4-x86_64-1.txz: Upgraded. l/libcap-2.68-x86_64-1.txz: Upgraded. x/libva-utils-2.18.1-x86_64-1.txz: Upgraded. xfce/xfce4-screensaver-4.18.1-x86_64-1.txz: Upgraded. testing/packages/rust-1.68.2-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
2c5eed9d76 |
Thu Mar 23 20:36:39 UTC 2023
a/grep-3.10-x86_64-1.txz: Upgraded. d/cmake-3.26.1-x86_64-1.txz: Upgraded. d/parallel-20230322-noarch-1.txz: Upgraded. l/netpbm-11.01.03-x86_64-1.txz: Upgraded. testing/packages/rust-1.68.1-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
335ab38e49 |
Mon Mar 13 23:15:32 UTC 2023
a/kernel-firmware-20230313_c761dbe-noarch-1.txz: Upgraded. a/kernel-generic-6.1.19-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.19-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.19-x86_64-1.txz: Upgraded. a/mcelog-192-x86_64-1.txz: Upgraded. d/ccache-4.8-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.19-x86-1.txz: Upgraded. d/rust-1.67.1-x86_64-2.txz: Rebuilt. Moved here from /testing (not actually rebuilt). k/kernel-source-6.1.19-noarch-1.txz: Upgraded. l/imagemagick-7.1.1_3-x86_64-1.txz: Upgraded. n/vsftpd-3.0.5-x86_64-3.txz: Rebuilt. Patched to compile against openssl-3.0.8. Thanks to Stuart Winter. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/rust-1.68.0-x86_64-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. |
||
|
Patrick J Volkerding
|
a240312484 |
Wed Mar 8 20:26:54 UTC 2023
Hey folks, just some more updates on the road to an eventual beta. :-)
At this point nothing remains linked with openssl-1.1.1 except for python2 and
modules, and vsftpd. I think nobody cares about trying to force python2 to use
openssl3... it's EOL but still a zombie, unfortunately. I have seen some
patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2
and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible
with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2
already out for several revisions, 8.1 does not seem particularly valuable.
If you make use of PHP you should be used to it being a moving target by now.
Enjoy, and let me know if anything isn't working right. Cheers!
a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt.
Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0,
libldap.so.2.0.200, libssh2.so.1.0.1.
a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/kmod-30-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added.
ap/cups-2.4.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/hplip-3.20.5-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/lxc-4.0.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cvs-1.11.23-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/git-2.39.2-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/perl-5.36.0-x86_64-5.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/python3-3.9.16-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/ruby-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/rust-1.66.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/scons-4.5.1-x86_64-1.txz: Upgraded.
kde/falkon-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/SDL2-2.26.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libarchive-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libevent-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libssh2-1.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/mlt-7.14.0-x86_64-1.txz: Upgraded.
l/neon-0.32.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/nodejs-19.7.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/opusfile-0.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pipewire-0.3.66-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pulseaudio-16.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pycurl-7.44.1-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qca-2.3.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
l/serf-1.3.9-x86_64-8.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/alpine-2.26-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/bind-9.18.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/curl-7.88.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/dovecot-2.3.20-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/epic5-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/httpd-2.4.56-x86_64-1.txz: Upgraded.
This update fixes two security issues:
HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.56
https://www.cve.org/CVERecord?id=CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-25690
(* Security fix *)
NOTE: This package is compiled against openssl-3.0.8.
n/irssi-1.4.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/krb5-1.20.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lftp-4.9.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/links-2.28-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/mutt-2.2.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/netatalk-3.1.14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/nmap-7.93-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openldap-2.6.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssh-9.2p1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssl-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/openssl11-1.1.1t-x86_64-1.txz: Added.
n/openvpn-2.6.0-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/php-8.2.3-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
n/pidentd-3.0.19-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/popa3d-1.0.3-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/postfix-3.7.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ppp-2.4.9-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/proftpd-1.3.8-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/rsync-3.2.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/s-nail-14.9.24-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/samba-4.18.0-x86_64-1.txz: Upgraded.
Build with the bundled Heimdal instead of the system MIT Kerberos.
Thanks again to rpenny.
n/slrn-1.0.3a-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/snownews-1.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/socat-1.7.4.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/stunnel-5.69-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wget-1.21.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/sane-1.0.32-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
y/bsd-games-2.17-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/php80/php80-8.0.28-x86_64-1.txz: Removed.
extra/php81/php81-8.1.16-x86_64-1.txz: Removed.
extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt.
testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
testing/packages/samba-4.17.5-x86_64-2.txz: Removed.
|
||
|
Patrick J Volkerding
|
88d937fb4e |
Wed Feb 15 03:05:40 UTC 2023
a/kernel-firmware-20230214_a253a37-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.12-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.12-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.12-x86-1.txz: Upgraded.
d/rust-1.66.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.12-noarch-1.txz: Upgraded.
kde/bluedevil-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.27.0-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.27.0-x86_64-1.txz: Upgraded.
kde/drkonqi-5.27.0-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.27.0-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.27.0-x86_64-1.txz: Upgraded.
kde/kdecoration-5.27.0-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.27.0-x86_64-1.txz: Upgraded.
kde/kgamma5-5.27.0-x86_64-1.txz: Upgraded.
kde/khotkeys-5.27.0-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.27.0-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.27.0-x86_64-1.txz: Upgraded.
kde/kpipewire-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.27.0-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.27.0-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.27.0-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.27.0-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/kwin-5.27.0-x86_64-1.txz: Upgraded.
kde/kwrited-5.27.0-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.27.0-x86_64-1.txz: Upgraded.
kde/libkscreen-5.27.0-x86_64-1.txz: Upgraded.
kde/libksysguard-5.27.0-x86_64-1.txz: Upgraded.
kde/milou-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-5.27.0-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.0-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.27.0-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.27.0-x86_64-1.txz: Upgraded.
kde/powerdevil-5.27.0-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.27.0-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.27.0-x86_64-1.txz: Upgraded.
kde/systemsettings-5.27.0-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.27.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.8.0esr-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-3.txz: Rebuilt.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
xap/mozilla-firefox-110.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
https://www.cve.org/CVERecord?id=CVE-2023-25728
https://www.cve.org/CVERecord?id=CVE-2023-25730
https://www.cve.org/CVERecord?id=CVE-2023-25743
https://www.cve.org/CVERecord?id=CVE-2023-0767
https://www.cve.org/CVERecord?id=CVE-2023-25735
https://www.cve.org/CVERecord?id=CVE-2023-25737
https://www.cve.org/CVERecord?id=CVE-2023-25738
https://www.cve.org/CVERecord?id=CVE-2023-25739
https://www.cve.org/CVERecord?id=CVE-2023-25729
https://www.cve.org/CVERecord?id=CVE-2023-25732
https://www.cve.org/CVERecord?id=CVE-2023-25734
https://www.cve.org/CVERecord?id=CVE-2023-25740
https://www.cve.org/CVERecord?id=CVE-2023-25731
https://www.cve.org/CVERecord?id=CVE-2023-25733
https://www.cve.org/CVERecord?id=CVE-2023-25736
https://www.cve.org/CVERecord?id=CVE-2023-25741
https://www.cve.org/CVERecord?id=CVE-2023-25742
https://www.cve.org/CVERecord?id=CVE-2023-25744
https://www.cve.org/CVERecord?id=CVE-2023-25745
(* Security fix *)
extra/php80/php80-8.0.28-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
extra/php81/php81-8.1.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
Core: Password_verify() always return true with some hash.
Core: 1-byte array overrun in common path resolve code.
SAPI: DOS vulnerability when parsing multipart request body.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-0567
https://www.cve.org/CVERecord?id=CVE-2023-0568
https://www.cve.org/CVERecord?id=CVE-2023-0662
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.67.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
|
||
|
Patrick J Volkerding
|
e96d8dad37 |
Wed Jan 11 19:31:20 UTC 2023
d/patchelf-0.17.2-x86_64-1.txz: Upgraded. kde/kdevelop-pg-qt-2.2.2-x86_64-1.txz: Upgraded. n/NetworkManager-1.40.10-x86_64-1.txz: Upgraded. xfce/xfce4-panel-4.18.1-x86_64-1.txz: Upgraded. testing/packages/rust-1.66.1-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
4f53dfead2 |
Mon Dec 19 21:18:22 UTC 2022
a/logrotate-3.21.0-x86_64-1.txz: Upgraded. kde/gwenview-22.12.0-x86_64-2.txz: Rebuilt. Recompiled against cfitsio-4.2.0. kde/kstars-3.6.2-x86_64-2.txz: Rebuilt. Recompiled against cfitsio-4.2.0. l/cfitsio-4.2.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/gsettings-desktop-schemas-43.0-x86_64-1.txz: Upgraded. l/gtk4-4.8.2-x86_64-1.txz: Upgraded. x/xorg-server-21.1.6-x86_64-1.txz: Upgraded. This release fixes an invalid event type mask in XTestSwapFakeInput which was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix for CVE-2022-46340. x/xorg-server-xephyr-21.1.6-x86_64-1.txz: Upgraded. x/xorg-server-xnest-21.1.6-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-21.1.6-x86_64-1.txz: Upgraded. x/xorg-server-xwayland-22.1.7-x86_64-1.txz: Upgraded. This release fixes an invalid event type mask in XTestSwapFakeInput which was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix for CVE-2022-46340. testing/packages/rust-1.66.0-x86_64-1.txz: Added. |
||
|
Patrick J Volkerding
|
fc0ff5a5d7 |
Wed Dec 14 21:19:34 UTC 2022
a/bash-5.2.015-x86_64-1.txz: Upgraded.
a/tcsh-6.24.06-x86_64-1.txz: Upgraded.
ap/inxi-3.3.24_1-noarch-1.txz: Upgraded.
ap/nano-7.1-x86_64-1.txz: Upgraded.
d/git-2.39.0-x86_64-1.txz: Upgraded.
d/rust-1.65.0-x86_64-1.txz: Upgraded.
d/strace-6.1-x86_64-1.txz: Upgraded.
kde/krita-5.1.4-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_54-x86_64-1.txz: Upgraded.
l/nodejs-19.3.0-x86_64-1.txz: Upgraded.
l/pcre2-10.42-x86_64-1.txz: Upgraded.
n/iproute2-6.1.0-x86_64-1.txz: Upgraded.
x/makedepend-1.0.8-x86_64-1.txz: Upgraded.
x/xhost-1.0.9-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.5-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
x/xorg-server-xephyr-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.5-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-22.1.6-x86_64-1.txz: Upgraded.
This release fixes 6 recently reported security vulnerabilities in
various extensions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2022-December/003302.html
https://www.cve.org/CVERecord?id=CVE-2022-46340
https://www.cve.org/CVERecord?id=CVE-2022-46341
https://www.cve.org/CVERecord?id=CVE-2022-46342
https://www.cve.org/CVERecord?id=CVE-2022-46343
https://www.cve.org/CVERecord?id=CVE-2022-46344
https://www.cve.org/CVERecord?id=CVE-2022-4283
(* Security fix *)
xap/mozilla-thunderbird-102.6.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
https://www.cve.org/CVERecord?id=CVE-2022-46880
https://www.cve.org/CVERecord?id=CVE-2022-46872
https://www.cve.org/CVERecord?id=CVE-2022-46881
https://www.cve.org/CVERecord?id=CVE-2022-46874
https://www.cve.org/CVERecord?id=CVE-2022-46875
https://www.cve.org/CVERecord?id=CVE-2022-46882
https://www.cve.org/CVERecord?id=CVE-2022-46878
(* Security fix *)
xap/xscreensaver-6.06-x86_64-1.txz: Upgraded.
testing/packages/mozilla-firefox-108.0-x86_64-1.txz: Upgraded.
Starting this out in /testing for now, since I've been trying for 2 days to
get it to compile on 32-bit with no luck. It ends up failing with a bunch of
errors like this:
ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync
Any help getting this to build on 32-bit would be greatly appreciated.
I've tried most of ponce's bag of tricks already. :-)
|
||
|
Patrick J Volkerding
|
7354944bf0 |
Mon Nov 21 20:23:13 UTC 2022
a/libpwquality-1.4.5-x86_64-1.txz: Upgraded. a/pciutils-3.9.0-x86_64-1.txz: Upgraded. ap/qpdf-11.2.0-x86_64-1.txz: Upgraded. d/mercurial-6.3.1-x86_64-1.txz: Upgraded. kde/krusader-2.8.0-x86_64-1.txz: Upgraded. l/libpng-1.6.39-x86_64-1.txz: Upgraded. l/mlt-7.12.0-x86_64-1.txz: Upgraded. x/fcitx5-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-anthy-5.0.13-x86_64-1.txz: Upgraded. x/fcitx5-chinese-addons-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-gtk-5.0.20-x86_64-1.txz: Upgraded. x/fcitx5-kkc-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-m17n-5.0.11-x86_64-1.txz: Upgraded. x/fcitx5-qt-5.0.16-x86_64-1.txz: Upgraded. x/fcitx5-table-extra-5.0.12-x86_64-1.txz: Upgraded. x/fcitx5-unikey-5.0.12-x86_64-1.txz: Upgraded. x/libXdmcp-1.1.4-x86_64-1.txz: Upgraded. x/libXpm-3.5.14-x86_64-1.txz: Upgraded. x/libXrandr-1.5.3-x86_64-1.txz: Upgraded. x/libime-1.0.15-x86_64-1.txz: Upgraded. x/libinput-1.22.0-x86_64-1.txz: Upgraded. x/xcb-imdkit-1.0.4-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
7925f7cd17 |
Tue Nov 15 01:28:38 UTC 2022
a/xz-5.2.8-x86_64-1.txz: Upgraded. d/mercurial-6.3.0-x86_64-1.txz: Upgraded. d/rust-1.64.0-x86_64-1.txz: Upgraded. kde/attica-5.100.0-x86_64-1.txz: Upgraded. kde/baloo-5.100.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.100.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.100.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.100.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-5.100.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.100.0-x86_64-1.txz: Upgraded. kde/kapidox-5.100.0-x86_64-1.txz: Upgraded. kde/karchive-5.100.0-x86_64-1.txz: Upgraded. kde/kauth-5.100.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.100.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.100.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.100.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.100.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.100.0-x86_64-1.txz: Upgraded. kde/kconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.100.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kcrash-5.100.0-x86_64-1.txz: Upgraded. kde/kdav-5.100.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.100.0-x86_64-1.txz: Upgraded. kde/kded-5.100.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.100.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.100.0-x86_64-1.txz: Upgraded. kde/kdesu-5.100.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.100.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.100.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.100.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.100.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.100.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.100.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kholidays-5.100.0-x86_64-1.txz: Upgraded. kde/khtml-5.100.0-x86_64-1.txz: Upgraded. kde/ki18n-5.100.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.100.0-x86_64-1.txz: Upgraded. kde/kidletime-5.100.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.100.0-x86_64-1.txz: Upgraded. kde/kinit-5.100.0-x86_64-1.txz: Upgraded. kde/kio-5.100.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.100.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.100.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.100.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kjs-5.100.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.100.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.100.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.100.0-x86_64-1.txz: Upgraded. kde/knotifications-5.100.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.100.0-x86_64-1.txz: Upgraded. kde/kpackage-5.100.0-x86_64-1.txz: Upgraded. kde/kparts-5.100.0-x86_64-1.txz: Upgraded. kde/kpeople-5.100.0-x86_64-1.txz: Upgraded. kde/kplotting-5.100.0-x86_64-1.txz: Upgraded. kde/kpty-5.100.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.100.0-x86_64-1.txz: Upgraded. kde/kross-5.100.0-x86_64-1.txz: Upgraded. kde/krunner-5.100.0-x86_64-1.txz: Upgraded. kde/kservice-5.100.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.100.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.100.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.100.0-x86_64-1.txz: Upgraded. kde/kwallet-5.100.0-x86_64-1.txz: Upgraded. kde/kwayland-5.100.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.100.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.100.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.100.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.100.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.100.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.100.0-x86_64-1.txz: Upgraded. kde/prison-5.100.0-x86_64-1.txz: Upgraded. kde/purpose-5.100.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.100.0-x86_64-1.txz: Upgraded. kde/solid-5.100.0-x86_64-1.txz: Upgraded. kde/sonnet-5.100.0-x86_64-1.txz: Upgraded. kde/syndication-5.100.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.100.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.100.0-x86_64-1.txz: Upgraded. l/babl-0.1.98-x86_64-1.txz: Upgraded. l/gegl-0.4.40-x86_64-1.txz: Upgraded. l/grantlee-5.3.1-x86_64-1.txz: Upgraded. l/nodejs-19.1.0-x86_64-1.txz: Upgraded. n/libqmi-1.32.2-x86_64-1.txz: Upgraded. n/mutt-2.2.9-x86_64-1.txz: Upgraded. n/nghttp2-1.51.0-x86_64-1.txz: Upgraded. x/xcompmgr-1.1.9-x86_64-1.txz: Upgraded. x/xkbevd-1.1.5-x86_64-1.txz: Upgraded. x/xkill-1.0.6-x86_64-1.txz: Upgraded. x/xlogo-1.0.6-x86_64-1.txz: Upgraded. x/xlsatoms-1.1.4-x86_64-1.txz: Upgraded. x/xlsclients-1.1.5-x86_64-1.txz: Upgraded. testing/packages/rust-1.65.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
a510225d2f |
Thu Sep 22 19:50:20 UTC 2022
a/quota-4.09-x86_64-1.txz: Upgraded. d/parallel-20220922-noarch-1.txz: Upgraded. l/jemalloc-5.3.0-x86_64-2.txz: Rebuilt. Fixed version numbers in jemalloc.h. Thanks to Markus Wiesner. n/ca-certificates-20220922-noarch-1.txz: Upgraded. This update provides the latest CA certificates to check for the authenticity of SSL connections. testing/packages/rust-1.64.0-x86_64-1.txz: Added. We've found ourselves in a situation where Thunderbird requires the Rust compiler in /extra, and Firefox requires the one in the main tree (and can't use this one until Firefox 107 sometime in November), so we'll just park this here until we can use it. |
||
|
Patrick J Volkerding
|
7ee27456e2 |
Tue Nov 19 06:15:35 UTC 2019
d/rust-1.39.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
cdea680437 |
Fri Nov 8 23:23:40 UTC 2019
a/hostname-3.23-x86_64-1.txz: Upgraded. a/kernel-firmware-20191108_f1100dd-noarch-1.txz: Upgraded. ap/mariadb-10.4.10-x86_64-1.txz: Upgraded. kde/kdelibs-4.14.38-x86_64-5.txz: Rebuilt. Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. kde/kdepim-4.14.10-x86_64-5.txz: Rebuilt. Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. kde/kdepimlibs-4.14.10-x86_64-9.txz: Rebuilt. Remove hardcoded TLSv1 allowing TLSv1.1 and TLSv1.2. Thanks to PJ Beers. l/adwaita-icon-theme-3.34.3-noarch-1.txz: Upgraded. testing/packages/rust-1.39.0-x86_64-1.txz: Upgraded. |
||
|
Patrick J Volkerding
|
daaabd8ee2 |
Fri Oct 4 21:35:49 UTC 2019
a/pkgtools-15.0-noarch-24.txz: Rebuilt. installpkg: support --no-overwrite option for upgradepkg's second install pass. Don't use this option directly unless you have a good reason. upgradepkg: call installpkg with --no-overwrite for the second install pass. This cuts the drive writes for a package upgrade almost in half so we can be kinder to SSDs. ap/nano-4.5-x86_64-1.txz: Upgraded. l/gmime-3.2.4-x86_64-1.txz: Upgraded. l/gnu-efi-3.0.10-x86_64-1.txz: Upgraded. l/gtk+3-3.24.12-x86_64-1.txz: Upgraded. testing/packages/rust-1.38.0-x86_64-2.txz: Rebuilt. The package size here has been put on a tremendous diet. Thanks to Andrew Clemons and Willy Sudiarto Raharjo for help with this. Compile test results: firefox-68.1.0esr: fail firefox-69.0.2: pass seamonkey-2.49.5: pass thunderbird-68.1.1: fail |