a/aaa_libraries-15.1-x86_64-6.txz: Rebuilt.
Upgraded: libcap.so.2.65, libglib-2.0.so.0.7200.3, libgmodule-2.0.so.0.7200.3,
libgobject-2.0.so.0.7200.3, libgthread-2.0.so.0.7200.3, libidn2.so.0.3.8.
Removed: libboost_*.so.1.78.0.
a/kernel-firmware-20220719_4421586-noarch-1.txz: Upgraded.
d/python-setuptools-63.2.0-x86_64-1.txz: Upgraded.
d/rust-1.62.1-x86_64-1.txz: Upgraded.
kde/kio-5.96.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
l/libcap-2.65-x86_64-1.txz: Upgraded.
l/netpbm-10.99.01-x86_64-1.txz: Upgraded.
l/pipewire-0.3.56-x86_64-1.txz: Upgraded.
l/qt5-5.15.5_20220705_ea4efc06-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/alpine-2.26-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/bind-9.18.5-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/curl-7.84.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/fetchmail-6.4.31-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/krb5-1.19.3-x86_64-2.txz: Rebuilt.
Since Samba still won't link against krb5-1.20, I think it's best to drop
back to this version until it does. Perhaps it would be better to just use
the internal Heimdal libraries instead, but I don't really know if that has
all the same functionality or not. Hints welcome if you'd like to drop them
in the "regression on -current with samba (new krb5)" thread.
Also, just to be 100% sure the krb5 revert doesn't cause any ABI issues,
we'll recompile everything that we've linked to krb5 while krb5-1.20 was
in -current.
Thanks to nobodino.
n/php-7.4.30-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/samba-4.16.3-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
xap/gnuplot-5.4.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.0.3/releasenotes/
extra/php80/php80-8.0.21-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
extra/php81/php81-8.1.8-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
a/hwdata-0.361-noarch-1.txz: Upgraded.
a/kernel-firmware-20220705_f5f02da-noarch-1.txz: Upgraded.
a/kmod-30-x86_64-1.txz: Upgraded.
a/mcelog-184-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1q-x86_64-1.txz: Upgraded.
ap/vim-9.0.0041-x86_64-1.txz: Upgraded.
d/llvm-14.0.6-x86_64-2.txz: Rebuilt.
Shared library .so-version bump.
We gave the DYLIB options a try and the resulting compilers are unable to
compile Firefox or Thunderbird, so we're back to using BUILD_SHARED_LIBS
(which works fine). I'm in no real hurry to revisit this, but I'll look at
any hints you might have for me if you post them on LQ.
d/meson-0.63.0-x86_64-1.txz: Upgraded.
d/rust-1.62.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_40-x86_64-1.txz: Upgraded.
l/isl-0.25-x86_64-1.txz: Upgraded.
l/libdmtx-0.7.7-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.30-x86_64-1.txz: Upgraded.
l/libmtp-1.1.20-x86_64-1.txz: Upgraded.
l/libvpx-1.12.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.53-x86_64-1.txz: Upgraded.
l/poppler-22.07.0-x86_64-1.txz: Upgraded.
l/spirv-llvm-translator-14.0.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-14.0.6-2.
n/openssl-1.1.1q-x86_64-1.txz: Upgraded.
This update fixes security issues:
Heap memory corruption with RSA private key operation.
AES OCB fails to encrypt some bytes.
For more information, see:
https://www.openssl.org/news/secadv/20220705.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2274https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
(* Security fix *)
n/wget2-2.0.1-x86_64-1.txz: Upgraded.
x/libva-2.15.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.15.0-x86_64-1.txz: Upgraded.
x/mesa-21.3.8-x86_64-3.txz: Rebuilt.
Recompiled against llvm-14.0.6-2.
xap/mozilla-firefox-102.0.1-x86_64-1.txz: Upgraded.
This update contains security fixes (possibly) and improvements.
At this time, the link below only says "We're still preparing the notes for
this release, and will post them here when they are ready. Please check back
later."
For more information, see:
https://www.mozilla.org/en-US/firefox/102.0.1/releasenotes/
(* Security fix *)
xap/vim-gvim-9.0.0041-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.60.0-x86_64-1.txz: Upgraded.
ap/inxi-3.3.13_1-noarch-1.txz: Upgraded.
d/parallel-20220222-noarch-1.txz: Upgraded.
d/patchelf-0.14.5-x86_64-1.txz: Upgraded.
d/rust-1.59.0-x86_64-1.txz: Upgraded.
n/cyrus-sasl-2.1.28-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
(* Security fix *)
n/nftables-1.0.2-x86_64-1.txz: Upgraded.
n/nghttp2-1.47.0-x86_64-1.txz: Upgraded.
n/openssh-8.9p1-x86_64-1.txz: Upgraded.
n/whois-5.5.12-x86_64-1.txz: Upgraded.
x/mesa-21.3.7-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-22.0.0-x86_64-1.txz: Upgraded.
xap/freerdp-2.6.0-x86_64-1.txz: Upgraded.
xap/gftp-2.9.1b-x86_64-1.txz: Upgraded.
extra/xv/xv-3.10a-x86_64-10.txz: Rebuilt.
Drop JasPer support until xv can be ported to the new JasPer library (or
preferably to openjpeg).
a/aaa_base-15.0-x86_64-3.txz: Rebuilt.
In initial email to root, use the new /var/lib/pkgtools/ paths to the files
for packages and scripts. Thanks to franzen.
a/btrfs-progs-5.16-x86_64-1.txz: Upgraded.
d/python3-3.9.10-x86_64-1.txz: Upgraded.
d/rust-1.58.0-x86_64-1.txz: Upgraded.
kde/digikam-7.5.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-2.txz: Rebuilt.
Applied patch:
[PATCH] Prevent kglobalaccel5 getting activated on non-Plasma systems.
Although this patch was later reverted, I'm on board with the need for it.
If it causes any problems, please let me know soon.
Thanks to Lockywolf.
kde/kid3-3.9.1-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.6.0-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-10.txz: Rebuilt.
Allow the init program to properly supervise sddm when entering runlevel 4.
Thanks to mumahendras3.
l/neon-0.32.2-x86_64-1.txz: Upgraded.
l/netpbm-10.97.02-x86_64-1.txz: Upgraded.
n/postfix-3.6.4-x86_64-1.txz: Upgraded.
x/mesa-21.3.4-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-2.txz: Rebuilt.
Use upstream app-defaults again. Thanks to OldHolborn.
a/dialog-1.3_20211214-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.8-x86_64-1.txz: Upgraded.
a/sysvinit-3.01-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.8-x86-1.txz: Upgraded.
d/patchelf-0.14.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.8-noarch-1.txz: Upgraded.
l/oniguruma-6.9.7.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.41-x86_64-1.txz: Upgraded.
x/libinput-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.13-x86_64-2.txz: Rebuilt.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
x/xorg-server-xephyr-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-21.1.4-x86_64-1.txz: Upgraded.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
xap/xsnow-3.4.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/lvm2-2.03.13-x86_64-1.txz: Upgraded.
Reverted to working version.
d/rust-1.56.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.39-x86_64-1.txz: Upgraded.
n/krb5-1.19.2-x86_64-2.txz: Rebuilt.
[PATCH] Fix KDC null deref on TGS inner body null server.
This fixes an issue where an authenticated attacker can cause a denial of
service in the KDC by sending a FAST TGS request with no server field.
Thanks to nobodino.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
(* Security fix *)
x/ibus-m17n-1.4.8-x86_64-1.txz: Upgraded.
x/libinput-1.19.2-x86_64-1.txz: Upgraded.
xap/freerdp-2.4.1-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Improper client input validation for gateway connections allows to overwrite
memory.
Improper region checks in all clients allow out of bound write to memory.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
(* Security fix *)
xap/gftp-2.7.1b-x86_64-1.txz: Upgraded.
extra/php8/php8-8.0.12-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
a/btrfs-progs-5.11.1-x86_64-1.txz: Upgraded.
a/dialog-1.3_20210324-x86_64-1.txz: Upgraded.
a/kernel-generic-5.10.26-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.26-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.26-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1k-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.26-x86-1.txz: Upgraded.
d/rust-1.51.0-x86_64-1.txz: Upgraded.
e/emacs-27.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.10.26-noarch-1.txz: Upgraded.
-ADI_AXI_ADC m
AD9467 m -> n
FONT_TER16x32 n -> y
n/openssl-1.1.1k-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fixed a problem with verifying a certificate chain when using the
X509_V_FLAG_X509_STRICT flag.
Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449
(* Security fix *)
n/samba-4.14.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
Heap corruption via crafted DN strings.
Out of bounds read in AD DC LDAP server.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277
(* Security fix *)
x/mesa-21.0.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-5.11.x/kernel-generic-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-headers-5.11.10-x86-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-huge-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-modules-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-source-5.11.10-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20210315_3568f96-noarch-1.txz: Upgraded.
ap/sudo-1.9.6-x86_64-1.txz: Upgraded.
d/cmake-3.19.7-x86_64-1.txz: Upgraded.
d/python-setuptools-54.1.2-x86_64-1.txz: Upgraded.
d/rust-1.50.0-x86_64-1.txz: Upgraded.
l/libcap-2.49-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.4-x86_64-1.txz: Upgraded.
l/qt5-5.15.2-x86_64-6.txz: Rebuilt.
Rebuilt with -proprietary-codecs and -webengine-proprietary-codecs. When
combined with -webengine-ffmpeg (use system ffmpeg), this doesn't actually
build any proprietary codecs, but allows them to be used if they happen to
be built into the system ffmpeg. Thanks to alienBOB.
xap/mozilla-firefox-86.0.1-x86_64-1.txz: Upgraded.
When we first moved Slackware to the Firefox ESR channel, the motivation
was to keep Firefox secure while delaying a requirement for Rust at build
time. Of course, eventually that ESR version reached EOL and we had to
introduce Rust into Slackware 14.2 in order to continue providing updates.
Eventually that also ran into roadblocks as Firefox required first newer
C/C++ compilers, and then finally a newer libstdc++. To continue, we'd
have had to bump GCC to a much newer version, making other maintenance
difficult or impossible. At this point, the latest Firefox has no additional
dependencies beyond those of the ESR version, and it's unlikely that it
will be any more difficult to keep it maintained. I think we all want the
Slackware 15.0 release to be as good as possible, and most users will be
better served if we resume following the latest desktop releases.
Thanks to LuckyCyborg who can always be counted on to give me a friendly
kick in the rear end. :-) Thanks also to ponce for the updated gkrust patch.
d/rust-1.49.0-x86_64-1.txz: Upgraded.
Until we can figure out why audio crashes if we compile Firefox using
rust-1.50.0, it's probably better to stick with this version.
xap/mozilla-firefox-78.8.0esr-x86_64-3.txz: Rebuilt.
Recompiled with rust-1.49.0 to prevent crashing on any tab with audio.
xap/mozilla-firefox-78.7.1esr-x86_64-1.txz: Upgraded.
It looks like rebuilding Firefox with Rust 1.50.0 causes it to crash on
HTML5 streams, so let's drop back to this build. 78.8.0 is coming soon
and hopefully it'll fix this.
d/rust-1.47.0-x86_64-2.txz: Rebuilt.
Switch back to Rust 1.47.0 now that patches are available to fix Firefox
and Thunderbird.
xap/mozilla-thunderbird-78.4.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.4.1/releasenotes/
d/rust-1.46.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-11.0.0.
Dropped back to the previous version of Rust, since the Mozilla things
evidently aren't ready for the latest one.
n/ca-certificates-20201016-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
n/ethtool-5.9-x86_64-1.txz: Upgraded.
n/iproute2-5.9.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.3.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.3.3/releasenotes/
ap/nano-5.2-x86_64-1.txz: Upgraded.
d/doxygen-1.8.20-x86_64-1.txz: Upgraded.
d/nasm-2.15.03-x86_64-1.txz: Upgraded.
Reverted to previous nasm since the new version has problems with some of
the assembly included in Firefox.
d/parallel-20200822-noarch-1.txz: Upgraded.
l/libcap-ng-0.7.11-x86_64-1.txz: Upgraded.
n/libgpg-error-1.39-x86_64-1.txz: Upgraded.
n/libqmi-1.26.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.2.0/releasenotes/
(* Security fix *)
xap/sane-1.0.31-x86_64-1.txz: Upgraded.
a/kernel-generic-5.4.47-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.47-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.47-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-2.1-noarch-33.txz: Rebuilt.
rc.M: add support for elogind. Thanks to alienBOB.
a/util-linux-2.35.2-x86_64-3.txz: Rebuilt.
/etc/pam.d/login: support pam_elogind.so. Thanks to alienBOB.
ap/sqlite-3.32.3-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.47-x86-1.txz: Upgraded.
d/rust-1.44.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.47-noarch-1.txz: Upgraded.
n/bind-9.16.4-x86_64-1.txz: Upgraded.
This update fixes two security issues:
It was possible to trigger an INSIST when determining whether a record would
fit into a TCP message buffer.
It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with
a particular zone content and query patterns.
For more information, see:
https://kb.isc.org/docs/cve-2020-8618https://kb.isc.org/docs/cve-2020-8619https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/shadow-4.8.1-x86_64-6.txz: Rebuilt.
Include manpages for sulogin(8).
a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.
ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.
d/bison-3.6-x86_64-1.txz: Upgraded.
l/jansson-2.13.1-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.
Include manpages for sulogin(8).
Use this version of /bin/su.
testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.
Don't use this version of /bin/su.
a/haveged-1.9.8-x86_64-1.txz: Upgraded.
ap/screen-4.7.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2108-x86_64-1.txz: Upgraded.
d/rust-1.37.0-x86_64-1.txz: Upgraded.
Reverting to rust-1.37.0 after verified reports that the newer Rust is
unable to compile Firefox or Thunderbird. There are some patches for this
appearing in the repos, but they are extensive changes that don't look like
they could be cherry-picked. Hey, at least this Rust version works and is
not bloated. :) Moving forward we'll be testing new versions of Rust to
make sure that they can compile the sources that we need Rust for before
merging them into the tree. Firefox has been verified to build here with
rust-1.37.0 and gcc/g++ from gcc-9.2.0 or clang/clang++ from llvm-9.0.0.
l/libcap-ng-0.7.10-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2108-x86_64-1.txz: Upgraded.
a/f2fs-tools-1.13.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
ap/rpm-4.15.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.38.0-x86_64-1.txz: Upgraded.
It seems that rust-1.38.0 builds fewer shared objects causing the package
size to bloat to almost double. I held this back overnight to compile some
modified builds to see if the old build behavior could be restored but
didn't have any luck, so I'll put this out as-is for now. Any help debloating
this package would be appreciated. Note that it also had to be bootstrapped
from the official binaries using LOCAL_BOOTSTRAP=NO. That's not all that
unusual for Rust, but perhaps that's another problem...
l/fribidi-1.0.7-x86_64-1.txz: Upgraded.
l/fuse3-3.7.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.1-x86_64-1.txz: Upgraded.
a/gettext-0.20.1-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.46-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.46-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-6.txz: Rebuilt.
Patched to fix a format string error in the es locale that led to an
assertion failure when compiling the Linux kernel.
Thanks to USUARIONUEVO.
d/gcc-brig-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gdc-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-6.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-6.txz: Rebuilt.
d/gettext-tools-0.20.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.46-x86-1.txz: Upgraded.
d/rust-1.35.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.46-noarch-1.txz: Upgraded.
l/python-urllib3-1.25.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/tmux-2.9-x86_64-1.txz: Upgraded.
d/python-pip-19.1-x86_64-1.txz: Upgraded.
d/rust-1.34.1-x86_64-1.txz: Upgraded.
d/subversion-1.12.0-x86_64-1.txz: Upgraded.
n/bind-9.14.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
The TCP client quota set using the tcp-clients option could be exceeded
in some cases. This could lead to exhaustion of file descriptors.
In certain configurations, named could crash with an assertion failure if
nxdomain-redirect was in use and a redirected query resulted in an NXDOMAIN
from the cache.
For more information, see:
https://kb.isc.org/docs/cve-2018-5743https://kb.isc.org/docs/cve-2019-6467https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467
(* Security fix *)
n/dhcpcd-7.2.1-x86_64-1.txz: Upgraded.