Commit graph

13 commits

Author SHA1 Message Date
Patrick J Volkerding
03de904154 Wed Oct 16 19:11:30 UTC 2024
d/llvm-19.1.2-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/python-setuptools-75.2.0-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-45.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/cantor-23.08.5-x86_64-11.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kdevelop-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against llvm-19.1.2.
kde/kfilemetadata-5.116.0-x86_64-8.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kile-2.9.93-x86_64-38.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kitinerary-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/krita-5.2.6-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/labplot-2.11.1-x86_64-4.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/okular-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
l/libclc-19.1.2-x86_64-1.txz:  Upgraded.
  Compiled against llvm-19.1.2.
l/libssh2-1.11.1-x86_64-1.txz:  Upgraded.
  src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack."
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-48795
  (* Security fix *)
l/media-player-info-26-noarch-1.txz:  Upgraded.
l/poppler-24.10.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-pillow-11.0.0-x86_64-1.txz:  Upgraded.
l/qt5-5.15.15_20240903_363456a6-x86_64-2.txz:  Rebuilt.
  Patched and recompiled against llvm-19.1.2.
l/qt6-6.7.3_20240920_90e86aee-x86_64-3.txz:  Rebuilt.
  Patched and recompiled against llvm-19.1.2.
l/spirv-llvm-translator-19.1.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Compiled against llvm-19.1.2.
n/bind-9.20.3-x86_64-1.txz:  Upgraded.
n/c-ares-1.34.2-x86_64-1.txz:  Upgraded.
x/mesa-24.2.5-x86_64-1.txz:  Upgraded.
  Compiled against llvm-19.1.2.
x/xf86-input-evdev-2.11.0-x86_64-1.txz:  Upgraded.
x/xf86-input-libinput-1.5.0-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.7-x86_64-1.txz:  Upgraded.
extra/xv/xv-6.0.2-x86_64-1.txz:  Upgraded.
2024-10-16 22:20:25 +02:00
Patrick J Volkerding
1e755d579a Tue Oct 1 18:01:38 UTC 2024
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
a/kernel-firmware-20241001_95bfe08-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.12-x86_64-1.txz:  Upgraded.
a/pkgtools-15.1-noarch-12.txz:  Rebuilt.
  makepkg: when looking for ELF objects with --remove-rpaths or
  --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
  of the directory or filename.
  Also warn about /tmp rpaths after the package is built.
ap/cups-2.4.11-x86_64-1.txz:  Upgraded.
ap/cups-browsed-2.0.1-x86_64-2.txz:  Rebuilt.
  Mitigate security issue that could lead to a denial of service or
  the execution of arbitrary code.
  Rebuilt with --with-browseremoteprotocols=none to disable incoming
  connections, since this daemon has been shown to be insecure. If you
  actually use cups-browsed, be sure to install the new
  /etc/cups/cups-browsed.conf.new containing this line:
  BrowseRemoteProtocols none
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
  (* Security fix *)
d/kernel-headers-6.10.12-x86-1.txz:  Upgraded.
d/llvm-18.1.8-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
d/luajit-2.1.1727621189-x86_64-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
k/kernel-source-6.10.12-noarch-1.txz:  Upgraded.
kde/kimageformats-5.116.0-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/kio-extras-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/krita-5.2.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/libindi-2.1.0-x86_64-1.txz:  Upgraded.
l/cryfs-0.10.3-x86_64-13.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/espeak-ng-1.51.1-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/ffmpeg-7.1-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/gst-plugins-bad-free-1.24.8-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/imagemagick-7.1.1_38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/libgsf-1.14.53-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.5-x86_64-1.txz:  Upgraded.
l/libvncserver-0.9.14-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/mozjs128-128.3.0esr-x86_64-1.txz:  Upgraded.
l/netpbm-11.08.00-x86_64-1.txz:  Upgraded.
l/opencv-4.10.0-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/openexr-3.3.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-glad2-2.0.8-x86_64-1.txz:  Upgraded.
l/python-pyproject-hooks-1.2.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/woff2-20231106_0f4d304-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
n/openobex-1.7.2-x86_64-6.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
x/marisa-0.2.6-x86_64-11.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
xap/gimp-2.10.38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
xap/mozilla-firefox-128.3.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-47
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-8900
    https://www.cve.org/CVERecord?id=CVE-2024-9396
    https://www.cve.org/CVERecord?id=CVE-2024-9397
    https://www.cve.org/CVERecord?id=CVE-2024-9398
    https://www.cve.org/CVERecord?id=CVE-2024-9399
    https://www.cve.org/CVERecord?id=CVE-2024-9400
    https://www.cve.org/CVERecord?id=CVE-2024-9401
    https://www.cve.org/CVERecord?id=CVE-2024-9402
  (* Security fix *)
xap/xlockmore-5.80-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.1-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.1-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-01 22:04:37 +02:00
Patrick J Volkerding
1bfff6350a Mon Sep 2 02:42:42 UTC 2024
l/SDL2-2.30.7-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-1.txz:  Upgraded.
2024-09-02 05:03:47 +02:00
Patrick J Volkerding
3e4363cb32 Tue Aug 13 20:33:27 UTC 2024
ap/moc-2.6_alpha3-x86_64-4.txz:  Rebuilt.
  The ffmpeg7 patch isn't 100% there, so rebuild without the ffmpeg plugin.
ap/sqlite-3.46.1-x86_64-1.txz:  Upgraded.
kde/digikam-8.4.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/ffmpegthumbs-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/k3b-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/kfilemetadata-5.116.0-x86_64-6.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
kde/kpipewire-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/alsa-plugins-1.2.12-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/ffmpeg-7.0.2-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Compiled against vulkan-sdk-1.3.290.0.
l/freetype-2.13.3-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/gst-plugins-bad-free-1.24.6-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/gst-plugins-libav-1.24.6-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/gtk4-4.14.4-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/libplacebo-7.349.0-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
l/mlt-7.24.0-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/opencv-4.10.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/pipewire-1.2.2-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
  Recompiled against vulkan-sdk-1.3.290.0.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
l/spirv-llvm-translator-18.1.3-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/fcitx5-gtk-5.1.3-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/ibus-1.5.30-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/mesa-24.1.5-x86_64-2.txz:  Rebuilt.
  Recompiled against vulkan-sdk-1.3.290.0.
x/vulkan-sdk-1.3.290.0-x86_64-1.txz:  Upgraded.
xap/MPlayer-20240812-x86_64-1.txz:  Upgraded.
  Recompiled against ffmpeg-7.0.2.
xap/audacious-plugins-4.4-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/ffmpegthumbnailer-2.2.2-x86_64-6.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/freerdp-2.11.7-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/mpv-0.38.0-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
  Recompiled against vulkan-sdk-1.3.290.0.
xap/ssr-0.4.4-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/xine-lib-1.2.13-x86_64-8.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
xap/xscreensaver-6.09-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
2024-08-13 23:09:21 +02:00
Patrick J Volkerding
58d830884f Thu Aug 1 23:47:15 UTC 2024
a/bash-5.2.032-x86_64-1.txz:  Upgraded.
d/mercurial-6.8.1-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.2-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.3-x86_64-1.txz:  Upgraded.
n/php-8.3.10-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.10
2024-08-02 02:30:06 +02:00
Patrick J Volkerding
c9ced48b11 Tue Jul 23 18:54:25 UTC 2024
Hey folks, we got a new glibc and are beginning the process of baking the new
default compile flags into the toolchain, the graphics stack, and whatever else
happens along. Enjoy! :-)
a/aaa_glibc-solibs-2.40-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-2.txz:  Rebuilt.
  Fix build against recent ext2fs.h. Thanks to shipujin.
a/xfsprogs-6.9.0-x86_64-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-3.txz:  Rebuilt.
ap/slackpkg-15.0.10-noarch-4.txz:  Rebuilt.
  Prefer gpg1 again. Going with the modern gpg with more dependencies was
  a mistake in this case. (now we know why gnupg-1 is still around :-)
  Thanks to Petri Kaukasoina.
d/binutils-2.42-x86_64-3.txz:  Rebuilt.
d/cargo-vendor-filterer-0.5.14-x86_64-2.txz:  Rebuilt.
d/cbindgen-0.26.0-x86_64-2.txz:  Rebuilt.
d/ccache-4.10.2-x86_64-1.txz:  Upgraded.
d/cmake-3.30.1-x86_64-2.txz:  Rebuilt.
d/gcc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-14.1.0-x86_64-2.txz:  Rebuilt.
d/libgccjit-14.1.0-x86_64-2.txz:  Rebuilt.
d/libtool-2.4.7-x86_64-8.txz:  Rebuilt.
d/parallel-20240722-noarch-1.txz:  Upgraded.
d/pkg-config-0.29.2-x86_64-5.txz:  Rebuilt.
d/python-setuptools-71.1.0-x86_64-1.txz:  Upgraded.
d/ruby-3.3.4-x86_64-2.txz:  Rebuilt.
d/rust-bindgen-0.69.4-x86_64-2.txz:  Rebuilt.
d/strace-6.10-x86_64-1.txz:  Upgraded.
d/subversion-1.14.3-x86_64-3.txz:  Rebuilt.
e/emacs-29.4-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.16.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.11-x86_64-1.txz:  Upgraded.
l/PyQt5_sip-12.15.0-x86_64-2.txz:  Rebuilt.
l/argon2-20190702-x86_64-6.txz:  Rebuilt.
l/ffmpeg-6.1.1-x86_64-5.txz:  Rebuilt.
l/glibc-2.40-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
l/glibc-i18n-2.40-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.40-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.5-x86_64-2.txz:  Rebuilt.
l/libcdio-paranoia-10.2+2.0.2-x86_64-1.txz:  Upgraded.
l/libclc-18.1.8-x86_64-3.txz:  Rebuilt.
l/libproxy-0.5.8-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-1.txz:  Upgraded.
l/poppler-24.07.0-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-1.txz:  Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Rebuilt.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-3.txz:  Rebuilt.
l/sip-6.8.6-x86_64-2.txz:  Rebuilt.
l/spirv-llvm-translator-18.1.2-x86_64-2.txz:  Rebuilt.
l/v4l-utils-1.28.0-x86_64-1.txz:  Upgraded.
n/bind-9.18.28-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
n/fetchmail-6.4.39-x86_64-1.txz:  Upgraded.
n/obexftp-0.24.2-x86_64-13.txz:  Rebuilt.
n/pinentry-1.3.1-x86_64-2.txz:  Rebuilt.
n/wpa_supplicant-2.11-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.6-x86_64-3.txz:  Rebuilt.
x/ibus-m17n-1.4.30-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.122-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-10.txz:  Rebuilt.
x/mesa-24.1.4-x86_64-2.txz:  Rebuilt.
x/vulkan-sdk-1.3.275.0-x86_64-3.txz:  Rebuilt.
xap/audacious-4.4-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4-x86_64-2.txz:  Rebuilt.
xap/mozilla-thunderbird-128.0.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.0.1esr/releasenotes/
xap/xaos-4.3.2-x86_64-2.txz:  Rebuilt.
extra/emacs-regular-build/emacs-29.4-x86_64-2_regular.txz:  Rebuilt.
2024-07-23 22:50:05 +02:00
Patrick J Volkerding
04d707a7ba Mon Sep 25 19:19:27 UTC 2023
ap/man-db-2.12.0-x86_64-1.txz:  Upgraded.
ap/mpg123-1.32.1-x86_64-1.txz:  Upgraded.
d/llvm-17.0.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/lua-5.4.6-x86_64-4.txz:  Rebuilt.
  Fixed prefix and $LIBDIRSUFFIX in lua.pc. Thanks to ArTourter.
d/parallel-20230922-noarch-1.txz:  Upgraded.
kde/kdevelop-23.08.1-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-17.0.1.
l/imagemagick-7.1.1_18-x86_64-1.txz:  Upgraded.
l/libclc-17.0.1-x86_64-1.txz:  Upgraded.
l/qt5-5.15.10_20230923_6e8e373e-x86_64-1.txz:  Upgraded.
  Compiled against llvm-17.0.1.
l/spirv-llvm-translator-17.0.0-x86_64-1.txz:  Upgraded.
  Compiled against llvm-17.0.1.
x/mesa-23.2.0_rc4-x86_64-1.txz:  Upgraded.
  Compiled against llvm-17.0.1.
2023-09-25 22:29:45 +02:00
Patrick J Volkerding
25dc9a625c Fri Apr 7 00:51:44 UTC 2023
a/kernel-firmware-20230406_86da2ac-noarch-1.txz:  Upgraded.
a/kernel-generic-6.1.23-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.23-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.23-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.23-x86-1.txz:  Upgraded.
d/llvm-16.0.1-x86_64-1.txz:  Upgraded.
k/kernel-source-6.1.23-noarch-1.txz:  Upgraded.
l/SDL2-2.26.5-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_6-x86_64-1.txz:  Upgraded.
l/isl-0.26-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-16.0.0-x86_64-2.txz:  Rebuilt.
  Looks like this is working now after some linking adjustments.
  Thanks very much to lucabon!
x/mesa-23.0.1-x86_64-3.txz:  Rebuilt.
x/xf86-input-wacom-1.2.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2023-04-07 03:45:57 +02:00
Patrick J Volkerding
b689ecb882 Fri Mar 31 18:01:09 UTC 2023
a/kernel-generic-6.1.22-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.22-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.22-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-32.txz:  Rebuilt.
  Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha.
d/cmake-3.26.2-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.22-x86-1.txz:  Upgraded.
d/llvm-16.0.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Thanks to Heinz Wiesinger for the assistance.
  Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON
  -DCLANG_LINK_CLANG_DYLIB=ON.
  I think we'll get 16.0.1 next week if we need to make any adjustments.
d/ruby-3.2.2-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  ReDoS vulnerability in URI.
  ReDoS vulnerability in Time.
  For more information, see:
    https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/
    https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/
    https://www.cve.org/CVERecord?id=CVE-2023-28755
    https://www.cve.org/CVERecord?id=CVE-2023-28756
  (* Security fix *)
k/kernel-source-6.1.22-noarch-1.txz:  Upgraded.
kde/kdevelop-22.12.3-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-16.0.0.
l/openexr-3.1.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz:  Upgraded.
  Compiled against llvm-16.0.0.
l/spirv-llvm-translator-16.0.0-x86_64-1.txz:  Upgraded.
  Compiled against llvm-16.0.0.
  Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON.
n/pssh-2.3.5-x86_64-1.txz:  Upgraded.
n/samba-4.18.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  An incomplete access check on dnsHostName allows authenticated but otherwise
  unprivileged users to delete this attribute from any object in the directory.
  The Samba AD DC administration tool, when operating against a remote LDAP
  server, will by default send new or reset passwords over a signed-only
  connection.
  The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential
  attribute disclosure via LDAP filters was insufficient and an attacker may
  be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
  Installations with such secrets in their Samba AD should assume they have
  been obtained and need replacing.
  For more information, see:
    https://www.samba.org/samba/security/CVE-2023-0225.html
    https://www.samba.org/samba/security/CVE-2023-0922.html
    https://www.samba.org/samba/security/CVE-2023-0614.html
    https://www.cve.org/CVERecord?id=CVE-2023-0225
    https://www.cve.org/CVERecord?id=CVE-2023-0922
    https://www.cve.org/CVERecord?id=CVE-2023-0614
  (* Security fix *)
x/mesa-23.0.1-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0.
xap/seamonkey-2.53.16-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.16
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/rust-1.68.2-x86_64-2.txz:  Rebuilt.
  Use the bundled LLVM rather than the system LLVM.
  This version of Rust actually does compile with llvm-16.0.0, but since it
  bundles LLVM 15 let's let it use that for now.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2023-03-31 21:43:36 +02:00
Patrick J Volkerding
8b5d6f2b2a Tue Jul 5 20:33:18 UTC 2022
a/hwdata-0.361-noarch-1.txz:  Upgraded.
a/kernel-firmware-20220705_f5f02da-noarch-1.txz:  Upgraded.
a/kmod-30-x86_64-1.txz:  Upgraded.
a/mcelog-184-x86_64-1.txz:  Upgraded.
a/openssl-solibs-1.1.1q-x86_64-1.txz:  Upgraded.
ap/vim-9.0.0041-x86_64-1.txz:  Upgraded.
d/llvm-14.0.6-x86_64-2.txz:  Rebuilt.
  Shared library .so-version bump.
  We gave the DYLIB options a try and the resulting compilers are unable to
  compile Firefox or Thunderbird, so we're back to using BUILD_SHARED_LIBS
  (which works fine). I'm in no real hurry to revisit this, but I'll look at
  any hints you might have for me if you post them on LQ.
d/meson-0.63.0-x86_64-1.txz:  Upgraded.
d/rust-1.62.0-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.0_40-x86_64-1.txz:  Upgraded.
l/isl-0.25-x86_64-1.txz:  Upgraded.
l/libdmtx-0.7.7-x86_64-1.txz:  Upgraded.
l/libgphoto2-2.5.30-x86_64-1.txz:  Upgraded.
l/libmtp-1.1.20-x86_64-1.txz:  Upgraded.
l/libvpx-1.12.0-x86_64-1.txz:  Upgraded.
l/pipewire-0.3.53-x86_64-1.txz:  Upgraded.
l/poppler-22.07.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-14.0.0-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-14.0.6-2.
n/openssl-1.1.1q-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap memory corruption with RSA private key operation.
  AES OCB fails to encrypt some bytes.
  For more information, see:
    https://www.openssl.org/news/secadv/20220705.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2274
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
  (* Security fix *)
n/wget2-2.0.1-x86_64-1.txz:  Upgraded.
x/libva-2.15.0-x86_64-1.txz:  Upgraded.
x/libva-utils-2.15.0-x86_64-1.txz:  Upgraded.
x/mesa-21.3.8-x86_64-3.txz:  Rebuilt.
  Recompiled against llvm-14.0.6-2.
xap/mozilla-firefox-102.0.1-x86_64-1.txz:  Upgraded.
  This update contains security fixes (possibly) and improvements.
  At this time, the link below only says "We're still preparing the notes for
  this release, and will post them here when they are ready. Please check back
  later."
  For more information, see:
    https://www.mozilla.org/en-US/firefox/102.0.1/releasenotes/
  (* Security fix *)
xap/vim-gvim-9.0.0041-x86_64-1.txz:  Upgraded.
extra/rust-for-mozilla/rust-1.60.0-x86_64-1.txz:  Upgraded.
2022-07-06 09:00:14 +02:00
Patrick J Volkerding
284b384359 Sat Oct 16 18:12:37 UTC 2021
ap/pamixer-1.5-x86_64-1.txz:  Upgraded.
l/librsvg-2.52.2-x86_64-1.txz:  Upgraded.
l/liburing-2.1-x86_64-2.txz:  Rebuilt.
  Don't package the examples.
l/spirv-llvm-translator-13.0.0-x86_64-1.txz:  Upgraded.
2021-10-17 09:03:54 +02:00
Patrick J Volkerding
aadd8167b6 Fri Oct 15 20:47:13 UTC 2021
ap/htop-3.1.1-x86_64-1.txz:  Upgraded.
d/automake-1.16.2-noarch-4.txz:  Rebuilt.
  The GNU toolchain is making it increasingly impossible to use our usual
  "${ARCH}-slackware-linux" host, erroring out with a host mismatch on at
  least GTK+2. So, we'll drop back to this version of automake for now,
  with a fix applied for detecting Python 3.10. More than likely we'll be
  changing the host to "${ARCH}-slackware-linux-gnu" to satisfy upstream,
  but that will have to wait for the next devel cycle.
d/llvm-13.0.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/rust-1.55.0-x86_64-2.txz:  Rebuilt.
  Recompiled against llvm-13.0.0.
kde/kdevelop-5.6.2-x86_64-6.txz:  Rebuilt.
  Recompiled against llvm-13.0.0.
kde/plasma-workspace-5.23.0-x86_64-2.txz:  Rebuilt.
  Applied upstream patch:
  [PATCH] sddm-theme: fix missing password field on "Other" page.
  Thanks to USUARIONUEVO and LuckyCyborg.
l/libclc-13.0.0-x86_64-1.txz:  Upgraded.
  Recompiled against llvm-13.0.0.
l/python-pillow-8.4.0-x86_64-1.txz:  Upgraded.
l/qt5-5.15.3_20211013_5c7c3af5-x86_64-1.txz:  Upgraded.
  Upgraded to latest git (might as well) and compiled against llvm-13.0.0.
l/spirv-llvm-translator-20210920_098034ea-x86_64-1.txz:  Upgraded.
  Recompiled against llvm-13.0.0.
x/mesa-21.2.4-x86_64-1.txz:  Upgraded.
  Compiled against llvm-13.0.0.
xap/pidgin-2.14.8-x86_64-1.txz:  Upgraded.
2021-10-16 09:04:20 +02:00
Patrick J Volkerding
a4778c719f Wed Jun 16 01:06:18 UTC 2021
a/grub-2.06-x86_64-2.txz:  Rebuilt.
  Don't use the -O2 compiler optimization as it causes an immediate reboot.
  Thanks to kaott.
ap/nano-5.8-x86_64-1.txz:  Upgraded.
d/opencl-headers-2021.04.29-noarch-1.txz:  Upgraded.
  Thanks to Heinz Wiesinger.
kde/bluedevil-5.22.1-x86_64-1.txz:  Upgraded.
kde/breeze-5.22.1-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.22.1-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.22.1-x86_64-1.txz:  Upgraded.
kde/drkonqi-5.22.1-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.22.1-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.22.1-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.22.1-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.22.1-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.22.1-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.22.1-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.22.1-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.22.1-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.22.1-x86_64-1.txz:  Upgraded.
kde/kscreen-5.22.1-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.22.1-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.22.1-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.22.1-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.22.1-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.22.1-x86_64-1.txz:  Upgraded.
kde/kwayland-server-5.22.1-x86_64-1.txz:  Upgraded.
kde/kwin-5.22.1-x86_64-1.txz:  Upgraded.
kde/kwrited-5.22.1-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.22.1-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.22.1-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.22.1-x86_64-1.txz:  Upgraded.
kde/milou-5.22.1-x86_64-1.txz:  Upgraded.
kde/oxygen-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.22.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.22.1-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.22.1-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.22.1-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.22.1-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.22.1-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.22.1-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.22.1-x86_64-1.txz:  Upgraded.
l/M2Crypto-0.38.0-x86_64-1.txz:  Upgraded.
l/libclc-12.0.0-x86_64-1.txz:  Upgraded.
  Thanks to Heinz Wiesinger.
l/spirv-llvm-translator-12.0.0-x86_64-1.txz:  Added.
  Needed by libclc. Thanks to Heinz Wiesinger.
n/getmail-6.17-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.5.4-x86_64-1.txz:  Upgraded.
n/proftpd-1.3.7b-x86_64-1.txz:  Upgraded.
x/fonttosfnt-1.2.2-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.2.176.1-x86_64-1.txz:  Upgraded.
  Thanks to Heinz Wiesinger.
xap/mozilla-firefox-89.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/89.0.1/releasenotes/
  (* Security fix *)
2021-06-16 08:59:50 +02:00