Patrick J Volkerding
a66dad8c70
Wed Sep 4 23:37:27 UTC 2024
...
a/cryptsetup-2.7.5-x86_64-2.txz: Rebuilt.
rc.luks: skip LUKS volumes that have the noauto option in /etc/crypttab.
Thanks to z80.
a/hwdata-0.386-noarch-1.txz: Upgraded.
a/kernel-firmware-20240904_87cae27-noarch-1.txz: Upgraded.
a/kernel-generic-6.10.8-x86_64-1.txz: Upgraded.
a/kernel-huge-6.10.8-x86_64-1.txz: Upgraded.
a/kernel-modules-6.10.8-x86_64-1.txz: Upgraded.
a/xfsprogs-6.10.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.10.8-x86-1.txz: Upgraded.
d/scons-4.8.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.10.8-noarch-1.txz: Upgraded.
l/expat-2.6.3-x86_64-1.txz: Upgraded.
This update addresses security issues with impact ranging from denial of
service to potentially artitrary code execution.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-45490
https://www.cve.org/CVERecord?id=CVE-2024-45491
https://www.cve.org/CVERecord?id=CVE-2024-45492
(* Security fix *)
x/eglexternalplatform-1.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
2024-09-05 02:15:14 +02:00
Patrick J Volkerding
47e3f5d9c3
Wed Mar 13 19:46:48 UTC 2024
...
a/etc-15.1-x86_64-9.txz: Rebuilt.
Added proftpd user (97) and proftpd group (97).
Added nm-openvpn user (320) and nm-openvpn group (320).
Added openvpn user (443) and openvpn group (443).
Added overflowuid user (65534) and overflowgid group (65534).
Thanks to opty for encouraging us to think about nobody.
d/meson-1.4.0-x86_64-1.txz: Upgraded.
d/python-setuptools-69.2.0-x86_64-1.txz: Upgraded.
l/expat-2.6.2-x86_64-1.txz: Upgraded.
Prevent billion laughs attacks with isolated use of external parsers.
For more information, see:
1d50b80cf3https://www.cve.org/CVERecord?id=CVE-2024-28757
(* Security fix *)
l/pipewire-1.0.4-x86_64-1.txz: Upgraded.
l/python-zipp-3.18.0-x86_64-1.txz: Upgraded.
n/openvpn-2.6.9-x86_64-2.txz: Rebuilt.
Run as openvpn:openvpn. Thanks to rkelsen.
n/proftpd-1.3.8b-x86_64-2.txz: Rebuilt.
Run as proftpd:proftpd.
x/libva-2.21.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.21.0-x86_64-1.txz: Upgraded.
xap/NetworkManager-openvpn-1.10.2-x86_64-2.txz: Rebuilt.
Run as nm-openvpn:nm-openvpn. Thanks to Markus Wiesner.
2024-03-13 21:30:19 +01:00
Patrick J Volkerding
878ab72ee4
Fri Mar 1 22:13:28 UTC 2024
...
a/kernel-firmware-20240229_5cd471e-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.19-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.19-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.19-x86_64-1.txz: Upgraded.
d/Cython-3.0.8-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.19-x86-1.txz: Upgraded.
d/python-pip-24.0-x86_64-1.txz: Upgraded.
d/python-setuptools-69.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.19-noarch-1.txz: Upgraded.
kde/fcitx5-configtool-5.1.4-x86_64-1.txz: Upgraded.
For now, continuing to build this against qt5.
l/M2Crypto-0.41.0-x86_64-1.txz: Upgraded.
l/Mako-1.3.2-x86_64-1.txz: Upgraded.
l/dbus-python-1.3.2-x86_64-1.txz: Upgraded.
l/expat-2.6.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
l/glib-networking-2.78.1-x86_64-1.txz: Upgraded.
l/pycairo-1.26.0-x86_64-1.txz: Upgraded.
l/pycurl-7.45.3-x86_64-1.txz: Upgraded.
l/pygobject3-3.46.0-x86_64-1.txz: Upgraded.
l/pyparsing-3.1.1-x86_64-1.txz: Upgraded.
l/python-Jinja2-3.1.3-x86_64-1.txz: Upgraded.
l/python-MarkupSafe-2.1.5-x86_64-1.txz: Upgraded.
l/python-PyYAML-6.0.1-x86_64-1.txz: Upgraded.
l/python-alabaster-0.7.16-x86_64-1.txz: Upgraded.
l/python-babel-2.14.0-x86_64-1.txz: Upgraded.
l/python-build-1.0.3-x86_64-1.txz: Upgraded.
l/python-certifi-2024.2.2-x86_64-1.txz: Upgraded.
l/python-cffi-1.16.0-x86_64-1.txz: Upgraded.
l/python-chardet-5.2.0-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-3.3.2-x86_64-1.txz: Upgraded.
l/python-distro-1.9.0-x86_64-1.txz: Upgraded.
l/python-dnspython-2.6.1-x86_64-1.txz: Upgraded.
l/python-doxypypy-0.8.8.7-x86_64-1.txz: Upgraded.
l/python-doxyqml-0.5.3-x86_64-1.txz: Upgraded.
l/python-future-1.0.0-x86_64-1.txz: Upgraded.
l/python-glad2-2.0.5-x86_64-1.txz: Upgraded.
l/python-idna-3.6-x86_64-1.txz: Upgraded.
l/python-imagesize-1.4.1-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-7.0.1-x86_64-1.txz: Upgraded.
l/python-lxml-5.1.0-x86_64-1.txz: Upgraded.
l/python-markdown-3.5.2-x86_64-1.txz: Upgraded.
l/python-packaging-23.2-x86_64-1.txz: Upgraded.
l/python-pbr-6.0.0-x86_64-1.txz: Upgraded.
l/python-pillow-10.2.0-x86_64-1.txz: Upgraded.
l/python-pysol_cards-0.16.0-x86_64-1.txz: Upgraded.
l/python-pytz-2024.1-x86_64-1.txz: Upgraded.
l/python-random2-1.0.2-x86_64-1.txz: Upgraded.
l/python-setuptools_scm-7.1.0-x86_64-1.txz: Upgraded.
l/python-tomli-2.0.1-x86_64-1.txz: Upgraded.
l/python-typing_extensions-4.10.0-x86_64-1.txz: Added.
This is a temporary addition, needed by python-setuptools_scm until we get
a newer version of both that and Python.
l/python-wheel-0.42.0-x86_64-1.txz: Upgraded.
l/python-zipp-3.17.0-x86_64-1.txz: Upgraded.
l/wavpack-5.7.0-x86_64-1.txz: Upgraded.
n/nghttp2-1.60.0-x86_64-1.txz: Upgraded.
tcl/tcl-8.6.14-x86_64-1.txz: Upgraded.
tcl/tk-8.6.14-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.8-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.4-x86_64-1.txz: Upgraded.
For now, continuing to build this against qt5.
x/fcitx5-gtk-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-kkc-5.1.2-x86_64-1.txz: Upgraded.
For now, continuing to build this against qt5.
x/fcitx5-qt-5.1.5-x86_64-1.txz: Upgraded.
This is compiled against both qt5 and qt6.
x/fcitx5-table-extra-5.1.4-x86_64-1.txz: Upgraded.
x/fcitx5-table-other-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-unikey-5.1.3-x86_64-1.txz: Upgraded.
For now, continuing to build this against qt5.
x/libime-1.1.6-x86_64-1.txz: Upgraded.
x/xcb-imdkit-1.0.7-x86_64-1.txz: Upgraded.
xfce/xfce4-clipman-plugin-1.6.6-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
2024-03-02 00:36:00 +01:00
Patrick J Volkerding
dc74348a7f
Wed Feb 7 20:07:29 UTC 2024
...
a/hwdata-0.379-noarch-1.txz: Upgraded.
ap/inxi-3.3.33_1-noarch-1.txz: Upgraded.
ap/rpm-4.19.1.1-x86_64-1.txz: Upgraded.
kde/kstars-3.6.9-x86_64-1.txz: Upgraded.
l/enchant-2.6.5-x86_64-1.txz: Upgraded.
Reverted to non-broken version.
l/expat-2.6.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fix quadratic runtime issues with big tokens that can cause
denial of service.
Fix billion laughs attacks for users compiling *without* XML_DTD
defined (which is not common).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52425
https://www.cve.org/CVERecord?id=CVE-2023-52426
(* Security fix *)
l/orc-0.4.37-x86_64-1.txz: Upgraded.
l/pipewire-1.0.3-x86_64-2.txz: Rebuilt.
Use wireplumber-0.4.17, as the newer version's support for elogind seems to
be broken, and this prevents bluetooth from connecting properly.
Thanks to mistfire and rizitis.
x/libwacom-2.10.0-x86_64-1.txz: Upgraded.
xap/hexchat-2.16.2-x86_64-1.txz: Upgraded.
extra/xv/xv-5.0.0-x86_64-1.txz: Upgraded.
2024-02-07 21:35:44 +01:00
Patrick J Volkerding
387b2bc525
Tue Oct 25 18:38:58 UTC 2022
...
ap/alsa-utils-1.2.8-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.8-x86_64-1.txz: Upgraded.
l/expat-2.5.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Fix heap use-after-free after overeager destruction of a shared DTD in
function XML_ExternalEntityParserCreate in out-of-memory situations.
Expected impact is denial of service or potentially arbitrary code
execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
(* Security fix *)
n/samba-4.17.2-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
There is a limited write heap buffer overflow in the GSSAPI unwrap_des()
and unwrap_des3() routines of Heimdal (included in Samba).
A malicious client can use a symlink to escape the exported directory.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-3437.html
https://www.samba.org/samba/security/CVE-2022-3592.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592
(* Security fix *)
2022-10-26 07:00:17 +02:00
Patrick J Volkerding
bae5a7d858
Tue Sep 20 22:50:28 UTC 2022
...
a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded.
a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded.
a/kernel-modules-5.19.10-x86_64-1.txz: Upgraded.
d/kernel-headers-5.19.10-x86-1.txz: Upgraded.
k/kernel-source-5.19.10-noarch-1.txz: Upgraded.
l/expat-2.4.9-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Heap use-after-free vulnerability in function doContent. Expected impact is
denial of service or potentially arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
l/libffi-3.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-105.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/105.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-40/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
(* Security fix *)
xap/mozilla-thunderbird-102.3.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.3.0/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
2022-09-21 07:00:16 +02:00
