Commit graph

1841 commits

Author SHA1 Message Date
Patrick J Volkerding
e1cb531b52 Thu Nov 7 21:46:13 UTC 2024
a/libblockdev-3.2.1-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-45.txz:  Rebuilt.
  /etc/default/geninitrd: Add AUTOGENERATE_INITRD variable for disabling
  automatically generating the initrd when the kernel package is upgraded.
  The hook to trigger this will be in the next kernel-generic package.
  setup.01.mkinitrd: skip generating an initrd if we're called from the
  kernel doinst.sh and AUTOGENERATE_INITRD=false.
  geninitrd: Look for an override script called /usr/local/sbin/geninitrd,
  not /usr/local/bin/geninitrd-custom. Thanks to GazL.
ap/mariadb-11.4.4-x86_64-2.txz:  Rebuilt.
  rc.mysqld: use mariadbd-safe, not mysqld_safe. Thanks to teoberi.
d/cmake-3.31.0-x86_64-1.txz:  Upgraded.
l/expat-2.6.4-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Fix crash within function XML_ResumeParser from a NULL pointer dereference
  by disallowing function XML_StopParser to (stop or) suspend an unstarted
  parser. A new error code XML_ERROR_NOT_STARTED was introduced to properly
  communicate this situation.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-50602
  (* Security fix *)
n/gpgme-1.24.0-x86_64-1.txz:  Upgraded.
  Added libqgpgmeqt6.
xap/ffmpegthumbnailer-2.2.3-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.4.2esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.2esr/releasenotes/
2024-11-07 23:42:38 +01:00
Patrick J Volkerding
ef37aabeeb Wed Nov 6 20:54:05 UTC 2024
a/mkinitrd-1.4.11-x86_64-44.txz:  Rebuilt.
  geninitrd: run /usr/local/bin/geninitrd-custom instead, if it exists.
  setup.01.mkinitrd: exit with an error if the GENERATOR doesn't exist.
ap/mariadb-11.4.4-x86_64-1.txz:  Upgraded.
  Upgraded to the latest stable long-term series.
  For release information, see:
    https://mariadb.com/kb/en/mariadb-11-4-4-release-notes/
  For upgrade information, see:
    https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-4/
n/curl-8.11.0-x86_64-1.txz:  Upgraded.
x/libXcursor-1.2.3-x86_64-1.txz:  Upgraded.
x/pixman-0.44.0-x86_64-1.txz:  Upgraded.
2024-11-06 22:47:31 +01:00
Patrick J Volkerding
fa0380bac3 Tue Nov 5 19:22:31 UTC 2024
Remember, remember, the fifth of November
a/hwdata-0.389-noarch-1.txz:  Upgraded.
a/lvm2-2.03.28-x86_64-1.txz:  Upgraded.
d/ruby-3.3.6-x86_64-1.txz:  Upgraded.
l/gegl-0.4.50-x86_64-1.txz:  Upgraded.
l/harfbuzz-10.1.0-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.8-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.4.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.1/releasenotes/
2024-11-05 21:17:13 +01:00
Patrick J Volkerding
f8dec74059 Mon Nov 4 19:08:43 UTC 2024
ap/mariadb-10.11.10-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://mariadb.com/kb/en/mariadb-10-11-10-release-notes/
n/netatalk-4.0.4-x86_64-1.txz:  Upgraded.
xap/audacious-4.4.2-x86_64-1.txz:  Upgraded.
xap/audacious-plugins-4.4.2-x86_64-1.txz:  Upgraded.
2024-11-04 20:29:54 +01:00
Patrick J Volkerding
c7f224cfbe Mon Nov 4 01:20:05 UTC 2024
l/boost-1.86.0-x86_64-4.txz:  Rebuilt.
  Added --with-icu. Thanks to Willy Sudiarto Raharjo.
2024-11-04 02:56:50 +01:00
Patrick J Volkerding
6658197b4c Mon Nov 4 00:20:46 UTC 2024
d/cargo-vendor-filterer-0.5.16-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-46.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/cantor-23.08.5-x86_64-12.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/kfilemetadata-5.116.0-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/kile-2.9.93-x86_64-39.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/kitinerary-23.08.5-x86_64-10.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/krita-5.2.6-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/labplot-2.11.1-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/okular-23.08.5-x86_64-10.txz:  Rebuilt.
  Recompiled against poppler-24.11.0.
kde/wcslib-8.4-x86_64-1.txz:  Upgraded.
l/poppler-24.11.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
2024-11-04 02:13:33 +01:00
Patrick J Volkerding
9fa1464708 Sat Nov 2 21:18:48 UTC 2024
a/mkinitrd-1.4.11-x86_64-43.txz:  Rebuilt.
  geninitrd: allow specifying the kernel to use with $1.
  This can now work with mkinitrd_command_generator.sh, or mkinitrd with a
  /etc/mkinitrd.conf config file, or with dracut.
a/pkgtools-15.1-noarch-17.txz:  Rebuilt.
  make-kernel-backup: make the comments accurate.
  Allow specifying the kernel to back up with $1.
ap/mpg123-1.32.9-x86_64-1.txz:  Upgraded.
l/python-flit-core-3.10.1-x86_64-1.txz:  Upgraded.
2024-11-02 22:59:07 +01:00
Patrick J Volkerding
c381b05d76 Sat Nov 2 04:27:03 UTC 2024
k/kernel-source-6.11.6-noarch-2.txz:  Rebuilt.
  When cleaning up, only remove non-executable ELF objects. Some binaries are
  needed for building out of tree modules. Thanks to Daedra.
l/SDL2-2.30.9-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.5-x86_64-1.txz:  Upgraded.
l/libvpx-1.15.0-x86_64-1.txz:  Upgraded.
l/qt5-5.15.15_20241031_933cb170-x86_64-1.txz:  Upgraded.
n/bluez-5.79-x86_64-1.txz:  Upgraded.
2024-11-02 06:05:20 +01:00
Patrick J Volkerding
2e588b58d9 Fri Nov 1 21:13:31 UTC 2024
a/kernel-firmware-20241101_376de1f-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.6-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-42.txz:  Rebuilt.
  geninitrd: you can still point this at a kernel symlink, but by default it
  will make initrd-${KERNEL_VERSION}.img for the newest kernel it finds in
  the /boot directory.
a/pkgtools-15.1-noarch-16.txz:  Rebuilt.
  make-kernel-backup: don't make copies of any of the files, nor include an
  initrd in the package. The only added "files" will be two symlinks,
  vmlinuz-backup, and initrd-backup.img (if symlinks are enabled).
d/kernel-headers-6.11.6-x86-1.txz:  Upgraded.
d/valgrind-3.24.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.6-noarch-1.txz:  Upgraded.
l/fluidsynth-2.4.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.4-x86_64-1.txz:  Upgraded.
l/libzip-1.11.2-x86_64-1.txz:  Upgraded.
  Fix performance regression in zip_stat introduced in 1.11.
l/spirv-llvm-translator-19.1.1-x86_64-1.txz:  Upgraded.
n/uucp-1.07-x86_64-7.txz:  Rebuilt.
  Add some documentation. Thanks to jayjwa.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-11-01 23:16:00 +01:00
Patrick J Volkerding
a09de497f1 Thu Oct 31 18:41:02 UTC 2024
ap/nvme-cli-2.11-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.9-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.9-x86_64-1.txz:  Upgraded.
l/libnvme-1.11-x86_64-1.txz:  Upgraded.
l/python-flit-core-3.10.0-x86_64-1.txz:  Upgraded.
x/mesa-24.2.6-x86_64-1.txz:  Upgraded.
2024-10-31 20:02:11 +01:00
Patrick J Volkerding
32ccce4a53 Wed Oct 30 21:03:27 UTC 2024
ap/vim-9.1.0821-x86_64-1.txz:  Upgraded.
d/llvm-19.1.3-x86_64-1.txz:  Upgraded.
d/python-setuptools-75.3.0-x86_64-1.txz:  Upgraded.
l/PyQt5-5.15.11-x86_64-2.txz:  Rebuilt.
  Recompiled to drop the QtWebKit and QtWebKitWidgets bindings.
  Thanks to jloco.
l/libclc-19.1.3-x86_64-1.txz:  Upgraded.
l/libnl3-3.11.0-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-2.txz:  Rebuilt.
  Make sure liblz4.pc uses lib${LIBDIRSUFFIX}. Thanks to af7567.
l/mozjs128-128.4.0esr-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.21.1-x86_64-3.txz:  Rebuilt.
  Recompiled using --with-lua. Thanks to Luigi Trovato.
n/fetchmail-6.5.0-x86_64-1.txz:  Upgraded.
n/gnupg2-2.4.6-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.3-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.14-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
x/xorg-server-xephyr-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-24.1.4-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
xap/mozilla-firefox-128.4.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-56/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/vim-gvim-9.1.0821-x86_64-1.txz:  Upgraded.
xap/xaos-4.3.3-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-2.txz:  Rebuilt.
  Rebuilt against xorg-server-21.1.14.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
2024-10-30 23:24:55 +01:00
Patrick J Volkerding
05b6a05e8f Mon Oct 28 21:22:48 UTC 2024
a/aaa_libraries-15.1-x86_64-34.txz:  Rebuilt.
  Upgraded: libcap.so.2.71, libelf-0.192.so, liblzma.so.5.6.3,
  libcares.so.2.19.1, libexpat.so.1.9.3, libglib-2.0.so.0.8200.2,
  libgmodule-2.0.so.0.8200.2, libgobject-2.0.so.0.8200.2,
  libgthread-2.0.so.0.8200.2, libisl.so.23.4.0, libjson-c.so.5.4.0,
  libpng16.so.16.44.0, libtiff.so.6.1.0, libtiffxx.so.6.1.0,
  libunistring.so.5.2.0.
  Removed: libboost_*.so.1.85.0.
  Added (temporarily): libicudata.so.74.2, libicui18n.so.74.2,
  libicuio.so.74.2, libicutest.so.74.2, libicutu.so.74.2,
  libicuuc.so.74.2.
a/mkinitrd-1.4.11-x86_64-41.txz:  Rebuilt.
  remove-orphaned-initrds: simplify matching - initrd-${FOO}.img is considered
  orphaned if there is no vmlinuz-${FOO} (the contents of $FOO are arbitrary).
a/pkgtools-15.1-noarch-15.txz:  Rebuilt.
  make-kernel-backup: if we are backing up vmlinuz-${FOO}, then also back up
  initrd-${FOO}.img if it exists. Don't try to match specific fields.
a/xfsprogs-6.11.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
ap/mpg123-1.32.8-x86_64-1.txz:  Upgraded.
ap/sqlite-3.46.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
d/mercurial-6.8.2-x86_64-1.txz:  Upgraded.
d/python-pip-24.3.1-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
kde/kdewebkit-5.116.0-x86_64-1.txz:  Removed.
  Mothing uses this. Obsolete.
kde/konsole-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
kde/plasma-workspace-5.27.11.1-x86_64-3.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/M2Crypto-0.42.0-x86_64-1.txz:  Removed.
  Nothing in Slackware has needed this since crda was removed, and very little
  elsewhere does. Thanks to lucabon.
l/babl-0.1.110-x86_64-1.txz:  Upgraded.
l/boost-1.86.0-x86_64-3.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/desktop-file-utils-0.28-x86_64-1.txz:  Upgraded.
l/gspell-1.14.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/harfbuzz-10.0.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/icu4c-76.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/libcap-2.71-x86_64-1.txz:  Upgraded.
l/libical-3.0.18-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/libqalculate-5.3.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/liburing-2.8-x86_64-1.txz:  Upgraded.
l/libvisio-0.1.8-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/mozjs128-128.3.1esr-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/nodejs-20.18.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/qt5-5.15.15_20241016_9f395e3b-x86_64-1.txz:  Upgraded.
  Compiled against icu4c-76.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Removed.
  Nothing uses this except kdewebkit, and nothing uses that.
  Plus it is unmaintained, obsolete, and likely full of holes.
l/qt6-6.7.3_20240920_90e86aee-x86_64-4.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/vte-0.78.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/dovecot-2.3.21.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/netatalk-4.0.3-x86_64-1.txz:  Upgraded.
n/php-8.3.13-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/postfix-3.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/samba-4.21.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/tin-2.6.3-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
t/texlive-2024.240409-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/brltty/brltty-6.7-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/sendmail/sendmail-8.18.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/sendmail/sendmail-cf-8.18.1-noarch-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
2024-10-28 23:11:58 +01:00
Patrick J Volkerding
c20bd58353 Fri Oct 25 18:13:16 UTC 2024
a/mkinitrd-1.4.11-x86_64-40.txz:  Rebuilt.
  remove-orphaned-initrds: also remove dangling initrd symlinks.
l/glib2-2.82.2-x86_64-2.txz:  Rebuilt.
  Removed useless symlinks. Thanks to marav.
l/mozilla-nss-3.106-x86_64-1.txz:  Upgraded.
x/xterm-395-x86_64-1.txz:  Upgraded.
2024-10-26 17:35:55 +02:00
Patrick J Volkerding
8a32bfc76a Wed Oct 23 19:39:39 UTC 2024
a/openssl-solibs-3.4.0-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.6-x86_64-1.txz:  Upgraded.
l/protobuf-28.3-x86_64-1.txz:  Upgraded.
n/epic5-3.0.1-x86_64-1.txz:  Upgraded.
n/openssl-3.4.0-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-1.txz:  Upgraded.
2024-10-23 21:59:08 +02:00
Patrick J Volkerding
4967f0e2be Tue Oct 22 23:55:03 UTC 2024
a/elilo-3.16-x86_64-18.txz:  Rebuilt.
  eliloconfig: if we don't find initrd-generic.img, try to fall back on
  /boot/initrd.gz. Thanks to rworkman.
a/kernel-firmware-20241022_e1d9577-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.5-x86_64-1.txz:  Upgraded.
a/less-668-x86_64-1.txz:  Upgraded.
a/openssl11-solibs-1.1.1zb-x86_64-1.txz:  Upgraded.
a/sysvinit-3.11-x86_64-1.txz:  Upgraded.
a/usbutils-018-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.11.5-x86-1.txz:  Upgraded.
d/parallel-20241022-noarch-1.txz:  Upgraded.
d/swig-4.3.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.5-noarch-1.txz:  Upgraded.
l/libvisio-0.1.8-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.21.16-x86_64-1.txz:  Upgraded.
n/openssl11-1.1.1zb-x86_64-1.txz:  Upgraded.
  Apply patch to fix a security issue:
  Harden BN_GF2m_poly2arr against misuse.
  This CVE was fixed by the 1.1.1zb release that is only available to
  subscribers to OpenSSL's premium extended support. The patch was prepared
  by backporting from the OpenSSL-3.0 repo. The reported version number has
  been updated so that vulnerability scanners calm down.
  Thanks to Ken Zalewski for the patch!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-9143
  (* Security fix *)
xap/gucharmap-16.0.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.3esr/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-23 03:12:37 +02:00
Patrick J Volkerding
3cd2369178 Mon Oct 21 19:11:58 UTC 2024
d/meson-1.6.0-x86_64-1.txz:  Upgraded.
kde/okteta-0.26.18-x86_64-1.txz:  Upgraded.
l/gjs-1.82.1-x86_64-1.txz:  Upgraded.
l/gspell-1.14.0-x86_64-1.txz:  Added.
  Pan has switched to this instead of gtkspell3.
  Nothing else in Slackware uses gtkspell3 -- perhaps it should be removed?
l/vte-0.78.1-x86_64-1.txz:  Upgraded.
n/nghttp2-1.64.0-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.33-x86_64-1.txz:  Upgraded.
xap/pan-0.161-x86_64-1.txz:  Upgraded.
xfce/mousepad-0.6.3-x86_64-1.txz:  Upgraded.
2024-10-21 21:30:18 +02:00
Patrick J Volkerding
34fc45cc56 Sat Oct 19 21:31:17 UTC 2024
a/xfsprogs-6.11.0-x86_64-1.txz:  Upgraded.
ap/itstool-2.0.7-x86_64-3.txz:  Rebuilt.
  [PATCH] Fix handling of untranslated nodes.
  Thanks to Willy Sudiarto Raharjo.
l/elfutils-0.192-x86_64-1.txz:  Upgraded.
l/libuv-1.49.2-x86_64-1.txz:  Upgraded.
xfce/elementary-xfce-0.20-noarch-1.txz:  Upgraded.
2024-10-20 00:05:48 +02:00
Patrick J Volkerding
767006b5b5 Fri Oct 18 22:51:09 UTC 2024
a/elilo-3.16-x86_64-17.txz:  Rebuilt.
  eliloconfig: adapt to new naming and lack of huge kernel. Thanks to gildbg.
ap/cups-browsed-2.1.0-x86_64-1.txz:  Upgraded.
  Removed support for legacy CUPS browsing and for LDAP
  Legacy CUPS browsing is not needed any more and, our implementation
  accepting any UDP packet on port 631, causes vulnerabilities, and
  our LDAP support is does not comly with RFC 7612 and is therefore
  limited. Fixes CVE-2024-47176 and CVE-2024-47850
  Default `BrowseRemoteProtocols` should not include `cups` protocol
  Works around CVE-2024-47176, the fix is the complete removal of
  legacy CUPS Browsing functionality.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
    https://www.cve.org/CVERecord?id=CVE-2024-47850
  (* Security fix *)
l/dav1d-1.5.0-x86_64-1.txz:  Upgraded.
l/gvfs-1.56.1-x86_64-1.txz:  Upgraded.
l/libcupsfilters-2.1.0-x86_64-1.txz:  Upgraded.
  `cfGetPrinterAttributes5()`: Validate response attributes before return
  The IPP print destination which we are querying can be corrupted or
  forged, so validate the response to strenghten security. Fixes
  CVE-2024-47076.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47076
  (* Security fix *)
l/libppd-2.1.0-x86_64-1.txz:  Upgraded.
  Prevent PPD generation based on invalid IPP response
  Overtaken from CUPS 2.x: Validate IPP attributes in PPD generator,
  refactor make-and-model code, PPDize preset and template names,
  quote PPD localized strings. Fixes CVE-2024-47175.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47175
  (* Security fix *)
l/python-MarkupSafe-3.0.2-x86_64-1.txz:  Upgraded.
l/python-psutil-6.1.0-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.8-x86_64-1.txz:  Upgraded.
2024-10-19 01:29:44 +02:00
Patrick J Volkerding
be920c06c2 Thu Oct 17 23:18:46 UTC 2024
a/kernel-firmware-20241017_8dbcf94-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.4-x86_64-1.txz:  Upgraded.
ap/usbmuxd-20240916_0b1b233-x86_64-1.txz:  Upgraded.
  Fix USB tethering to an iPhone. Thanks to skubik and marav.
d/autoconf-archive-2024.10.16-noarch-1.txz:  Upgraded.
d/kernel-headers-6.11.4-x86-1.txz:  Upgraded.
d/rust-1.82.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.4-noarch-1.txz:  Upgraded.
l/glib2-2.82.2-x86_64-1.txz:  Upgraded.
l/libunistring-1.3-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.16-x86_64-1.txz:  Upgraded.
n/libtirpc-1.3.6-x86_64-1.txz:  Upgraded.
x/xinit-1.4.2-x86_64-2.txz:  Rebuilt.
  startx: Ensure that xserverauthfile is created and given correct permissions
  to avoid a startup error message. Thanks to Didier Spaier.
xap/mozilla-thunderbird-128.3.2esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.2esr/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-18 02:31:04 +02:00
Patrick J Volkerding
03de904154 Wed Oct 16 19:11:30 UTC 2024
d/llvm-19.1.2-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/python-setuptools-75.2.0-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-45.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/cantor-23.08.5-x86_64-11.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kdevelop-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against llvm-19.1.2.
kde/kfilemetadata-5.116.0-x86_64-8.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kile-2.9.93-x86_64-38.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/kitinerary-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/krita-5.2.6-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/labplot-2.11.1-x86_64-4.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
kde/okular-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.10.0.
l/libclc-19.1.2-x86_64-1.txz:  Upgraded.
  Compiled against llvm-19.1.2.
l/libssh2-1.11.1-x86_64-1.txz:  Upgraded.
  src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack."
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-48795
  (* Security fix *)
l/media-player-info-26-noarch-1.txz:  Upgraded.
l/poppler-24.10.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-pillow-11.0.0-x86_64-1.txz:  Upgraded.
l/qt5-5.15.15_20240903_363456a6-x86_64-2.txz:  Rebuilt.
  Patched and recompiled against llvm-19.1.2.
l/qt6-6.7.3_20240920_90e86aee-x86_64-3.txz:  Rebuilt.
  Patched and recompiled against llvm-19.1.2.
l/spirv-llvm-translator-19.1.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Compiled against llvm-19.1.2.
n/bind-9.20.3-x86_64-1.txz:  Upgraded.
n/c-ares-1.34.2-x86_64-1.txz:  Upgraded.
x/mesa-24.2.5-x86_64-1.txz:  Upgraded.
  Compiled against llvm-19.1.2.
x/xf86-input-evdev-2.11.0-x86_64-1.txz:  Upgraded.
x/xf86-input-libinput-1.5.0-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.7-x86_64-1.txz:  Upgraded.
extra/xv/xv-6.0.2-x86_64-1.txz:  Upgraded.
2024-10-16 22:20:25 +02:00
Patrick J Volkerding
3adca20180 Mon Oct 14 21:21:47 UTC 2024
a/os-prober-1.83-x86_64-3.txz:  Rebuilt.
  Fix the generated path to elilo.efi. Thanks to yancek and chris.willing.
l/python-sphinx-8.1.3-x86_64-1.txz:  Upgraded.
l/qt6-6.7.3_20240920_90e86aee-x86_64-2.txz:  Rebuilt.
  [PATCH] ListView: fix countChanged not being emitted in certain cases.
n/samba-4.21.1-x86_64-1.txz:  Upgraded.
2024-10-15 00:05:20 +02:00
Patrick J Volkerding
3c395d7ba3 Sun Oct 13 19:49:05 UTC 2024
a/dracut-105-x86_64-1.txz:  Upgraded.
a/sysvinit-scripts-15.1-noarch-22.txz:  Rebuilt.
  rc.6: add a hash -r after unmounting local partitions in case any directories
  in the $PATH have gone away. Thanks to yars.
l/libarchive-3.7.7-x86_64-1.txz:  Upgraded.
  This update fixes bug and the following security issues:
  gzip: prevent a hang when processing a malformed gzip inside a gzip.
  tar: don't crash on truncated tar archives.
  tar: fix two leaks in tar header parsing.
  (* Security fix *)
l/python-sphinx-8.1.2-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.13-x86_64-1.txz:  Upgraded.
x/bdftopcf-1.1.2-x86_64-1.txz:  Upgraded.
x/fonttosfnt-1.2.4-x86_64-1.txz:  Upgraded.
x/xcmsdb-1.0.7-x86_64-1.txz:  Upgraded.
x/xf86-video-mach64-6.10.0-x86_64-1.txz:  Upgraded.
x/xf86-video-mga-2.1.0-x86_64-1.txz:  Upgraded.
x/xf86-video-r128-6.13.0-x86_64-1.txz:  Upgraded.
x/xkbprint-1.0.7-x86_64-1.txz:  Upgraded.
x/xmag-1.0.8-x86_64-1.txz:  Upgraded.
x/xtrans-1.5.1-noarch-1.txz:  Upgraded.
x/xwud-1.0.7-x86_64-1.txz:  Upgraded.
2024-10-13 22:32:01 +02:00
Patrick J Volkerding
673e345487 Sat Oct 12 19:16:04 UTC 2024
a/hostname-3.25-x86_64-1.txz:  Upgraded.
d/ninja-1.12.1-x86_64-2.txz:  Rebuilt.
  Generate and include manual.html.
d/perl-5.40.0-x86_64-2.txz:  Rebuilt.
  Upgraded: DBI-1.645, IO-Socket-SSL-2.089, Template-Toolkit-3.102, URI-5.30.
  Added: Path-Tiny-0.146. (Needed by Moo, thanks to Andypoo)
kde/fcitx5-configtool-5.1.7-x86_64-1.txz:  Upgraded.
l/python-sphinx-8.1.1-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.12-x86_64-1.txz:  Upgraded.
l/qt6-6.7.3_20240920_90e86aee-x86_64-1.txz:  Upgraded.
x/wayland-protocols-1.38-noarch-1.txz:  Upgraded.
2024-10-12 22:05:21 +02:00
Patrick J Volkerding
9a84ce53a2 Fri Oct 11 02:11:18 UTC 2024
a/kernel-firmware-20241010_d553152-noarch-1.txz:  Upgraded.
  Hey folks, sorry about the missing firmware. I've made some changes to the
  build script to prevent any future occurrences.
isolinux/initrd.img:  Rebuilt.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-11 05:07:15 +02:00
Patrick J Volkerding
6ffeb4181c Thu Oct 10 22:42:17 UTC 2024
a/hostname-3.24-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20241010_c410e4c-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.14-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-39.txz:  Rebuilt.
  Symlink /boot/remove-orphaned-initrds into /usr/sbin to get it in the $PATH.
a/pkgtools-15.1-noarch-14.txz:  Rebuilt.
  Renamed kernel-backup to make-kernel-backup.
  We'll leave it in /boot where it's more likely to be noticed, but also
  add a symlink in /usr/sbin so that it's in the $PATH.
  Support /etc/default/make-kernel-backup.
  Test to see if $KERNEL_FILE is actually a Linux kernel.
d/kernel-headers-6.10.14-x86-1.txz:  Upgraded.
k/kernel-source-6.10.14-noarch-1.txz:  Upgraded.
l/python-sphinx-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-3.0.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.34.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.1esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.1esr/releasenotes/
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.3-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.3-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.3-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-11 01:59:58 +02:00
Patrick J Volkerding
194d2d2fc5 Wed Oct 9 21:09:16 UTC 2024
a/dracut-104-x86_64-1.txz:  Upgraded.
d/cmake-3.30.5-x86_64-1.txz:  Upgraded.
d/subversion-1.14.4-x86_64-1.txz:  Upgraded.
l/mozjs128-128.3.1esr-x86_64-1.txz:  Upgraded.
l/openexr-3.3.1-x86_64-1.txz:  Upgraded.
l/python-charset-normalizer-3.4.0-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.11-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.5-x86_64-1.txz:  Upgraded.
x/libime-1.1.9-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.3.1esr-x86_64-1.txz:  Upgraded.
  This update contains a critical security fix:
  Use-after-free in Animation timeline.
  "An attacker was able to achieve code execution in the content process by
  exploiting a use-after-free in Animation timelines. We have had reports of
  this vulnerability being exploited in the wild."
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-51/
    https://www.cve.org/CVERecord?id=CVE-2024-9680
  (* Security fix *)
2024-10-10 00:58:09 +02:00
Patrick J Volkerding
d61d08c9cb Tue Oct 8 18:39:18 UTC 2024
a/mkinitrd-1.4.11-x86_64-38.txz:  Rebuilt.
  /boot/remove-orphaned-initrds: this script will remove initrds found in /boot
  if there is no matching kernel version found. This can be run manually or
  added as a cron job to prevent unneeded initrds from filling up /boot.
a/pkgtools-15.1-noarch-13.txz:  Rebuilt.
  /boot/kernel-backup: with the huge kernel gone, this script seeks to fill the
  gap by offering an easy way to make a backup kernel that will be picked up
  by update-grub. It does this by creating entries in the pkgtools database
  that protect a kernel, modules, and optionally an initrd from being removed
  when the kernel-generic package is upgraded. See the script for details.
ap/rpm-4.20.0-x86_64-1.txz:  Upgraded.
d/git-2.47.0-x86_64-1.txz:  Upgraded.
l/python-MarkupSafe-3.0.1-x86_64-1.txz:  Upgraded.
l/python-tomli-w-1.1.0-x86_64-1.txz:  Upgraded.
n/cifs-utils-7.1-x86_64-1.txz:  Upgraded.
n/netatalk-4.0.1-x86_64-1.txz:  Upgraded.
2024-10-08 21:00:40 +02:00
Patrick J Volkerding
6ffaeb24f7 Mon Oct 7 22:37:51 UTC 2024
d/tree-sitter-0.24.2-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_39-x86_64-1.txz:  Upgraded.
l/libdeflate-1.22-x86_64-1.txz:  Upgraded.
l/libqalculate-5.3.0-x86_64-1.txz:  Upgraded.
l/python-build-1.2.2.post1-x86_64-1.txz:  Upgraded.
l/python-dnspython-2.7.0-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-3.0.0-x86_64-1.txz:  Upgraded.
n/wireless-regdb-2024.10.07-x86_64-1.txz:  Upgraded.
2024-10-08 01:02:23 +02:00
Patrick J Volkerding
23201e8a5a Sat Oct 5 21:24:49 UTC 2024
isolinux/initrd.img:  Rebuilt.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-06 00:04:43 +02:00
Patrick J Volkerding
ef66fc3e38 Sat Oct 5 19:17:05 UTC 2024
ap/tmux-3.5a-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.24.1-x86_64-1.txz:  Upgraded.
kde/qcoro-0.11.0-x86_64-1.txz:  Upgraded.
l/libwnck3-43.1-x86_64-1.txz:  Upgraded.
n/netatalk-4.0.0-x86_64-1.txz:  Upgraded.
n/nghttp3-1.6.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-05 22:02:45 +02:00
Patrick J Volkerding
1eecf47a49 Fri Oct 4 23:37:01 UTC 2024
a/bash-5.2.037-x86_64-2.txz:  Rebuilt.
  Set a default BASH_LOADABLES_PATH pointing to the bash loadables directory.
  Thanks to Lockywolf.
a/haveged-1.9.19-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20241004_919f79f-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.13-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-37.txz:  Rebuilt.
  Upgraded to busybox-1.37.0.
d/kernel-headers-6.10.13-x86-1.txz:  Upgraded.
k/kernel-source-6.10.13-noarch-1.txz:  Upgraded.
kde/krita-5.2.6-x86_64-1.txz:  Upgraded.
kde/kstars-3.7.3-x86_64-1.txz:  Upgraded.
kde/pulseaudio-qt-1.6.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.3-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.9-x86_64-1.txz:  Upgraded.
l/nodejs-20.18.0-x86_64-1.txz:  Upgraded.
n/dhcpcd-10.1.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.2-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.2-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.2-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-05 03:05:25 +02:00
Patrick J Volkerding
13dd1912f4 Thu Oct 3 18:32:43 UTC 2024
a/hwdata-0.388-noarch-1.txz:  Upgraded.
a/lvm2-2.03.27-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.23.2-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.50.0-x86_64-1.txz:  Upgraded.
n/getmail-6.19.05-x86_64-1.txz:  Upgraded.
n/libnftnl-1.2.8-x86_64-1.txz:  Upgraded.
n/nftables-1.1.1-x86_64-1.txz:  Upgraded.
x/mesa-24.2.4-x86_64-1.txz:  Upgraded.
2024-10-03 21:04:59 +02:00
Patrick J Volkerding
648fc0c25c Wed Oct 2 20:08:38 UTC 2024
a/xz-5.6.3-x86_64-1.txz:  Upgraded.
d/gdb-15.2-x86_64-1.txz:  Upgraded.
d/luajit-2.1.1727870382-x86_64-1.txz:  Upgraded.
l/SDL2-2.30.8-x86_64-1.txz:  Upgraded.
l/cfitsio-4.5.0-x86_64-1.txz:  Upgraded.
x/xkeyboard-config-2.43-noarch-1.txz:  Upgraded.
x/xorg-server-xwayland-24.1.3-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-8900
    https://www.cve.org/CVERecord?id=CVE-2024-9396
    https://www.cve.org/CVERecord?id=CVE-2024-9397
    https://www.cve.org/CVERecord?id=CVE-2024-9398
    https://www.cve.org/CVERecord?id=CVE-2024-9399
    https://www.cve.org/CVERecord?id=CVE-2024-9400
    https://www.cve.org/CVERecord?id=CVE-2024-9401
    https://www.cve.org/CVERecord?id=CVE-2024-9402
  (* Security fix *)
2024-10-02 23:03:35 +02:00
Patrick J Volkerding
1e755d579a Tue Oct 1 18:01:38 UTC 2024
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
a/kernel-firmware-20241001_95bfe08-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.12-x86_64-1.txz:  Upgraded.
a/pkgtools-15.1-noarch-12.txz:  Rebuilt.
  makepkg: when looking for ELF objects with --remove-rpaths or
  --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
  of the directory or filename.
  Also warn about /tmp rpaths after the package is built.
ap/cups-2.4.11-x86_64-1.txz:  Upgraded.
ap/cups-browsed-2.0.1-x86_64-2.txz:  Rebuilt.
  Mitigate security issue that could lead to a denial of service or
  the execution of arbitrary code.
  Rebuilt with --with-browseremoteprotocols=none to disable incoming
  connections, since this daemon has been shown to be insecure. If you
  actually use cups-browsed, be sure to install the new
  /etc/cups/cups-browsed.conf.new containing this line:
  BrowseRemoteProtocols none
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
  (* Security fix *)
d/kernel-headers-6.10.12-x86-1.txz:  Upgraded.
d/llvm-18.1.8-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
d/luajit-2.1.1727621189-x86_64-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
k/kernel-source-6.10.12-noarch-1.txz:  Upgraded.
kde/kimageformats-5.116.0-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/kio-extras-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/krita-5.2.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/libindi-2.1.0-x86_64-1.txz:  Upgraded.
l/cryfs-0.10.3-x86_64-13.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/espeak-ng-1.51.1-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/ffmpeg-7.1-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/gst-plugins-bad-free-1.24.8-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/imagemagick-7.1.1_38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/libgsf-1.14.53-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.5-x86_64-1.txz:  Upgraded.
l/libvncserver-0.9.14-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/mozjs128-128.3.0esr-x86_64-1.txz:  Upgraded.
l/netpbm-11.08.00-x86_64-1.txz:  Upgraded.
l/opencv-4.10.0-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/openexr-3.3.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-glad2-2.0.8-x86_64-1.txz:  Upgraded.
l/python-pyproject-hooks-1.2.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/woff2-20231106_0f4d304-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
n/openobex-1.7.2-x86_64-6.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
x/marisa-0.2.6-x86_64-11.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
xap/gimp-2.10.38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
xap/mozilla-firefox-128.3.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-47
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-8900
    https://www.cve.org/CVERecord?id=CVE-2024-9396
    https://www.cve.org/CVERecord?id=CVE-2024-9397
    https://www.cve.org/CVERecord?id=CVE-2024-9398
    https://www.cve.org/CVERecord?id=CVE-2024-9399
    https://www.cve.org/CVERecord?id=CVE-2024-9400
    https://www.cve.org/CVERecord?id=CVE-2024-9401
    https://www.cve.org/CVERecord?id=CVE-2024-9402
  (* Security fix *)
xap/xlockmore-5.80-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.1-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.1-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-01 22:04:37 +02:00
Patrick J Volkerding
5d952c9da3 Fri Sep 27 21:10:23 UTC 2024
a/pkgtools-15.1-noarch-11.txz:  Rebuilt.
  makepkg: added options --remove-rpaths, --remove-tmp-rpaths.
  Thanks to Petri Kaukasoina for code examples.
ap/tmux-3.5-x86_64-1.txz:  Upgraded.
d/cmake-3.30.4-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.105-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.5-x86_64-1.txz:  Upgraded.
l/sof-firmware-2024.09-noarch-1.txz:  Upgraded.
xap/audacious-4.4.1-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4.1-x86_64-1.txz:  Upgraded.
2024-09-28 00:02:43 +02:00
Patrick J Volkerding
70006cfdf0 Thu Sep 26 18:28:55 UTC 2024
ap/ispell-3.4.06-x86_64-3.txz:  Rebuilt.
  Get rid of hardcoded temporary path in munchlist.
l/boost-1.86.0-x86_64-2.txz:  Rebuilt.
  Get rid of hardcoded temporary paths in the cmake files.
  Since these paths point to a location that an unprivileged user could
  create and populate with files that could be picked up during a build,
  it's possible this bug could be used for malicious purposes.
  Thanks to jmacloue.
  (* Security fix *)
l/fribidi-1.0.16-x86_64-1.txz:  Upgraded.
n/php-8.3.12-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter
  Injection Vulnerability).
  CGI: Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is
  bypassable due to the environment variable collision).
  FPM: Fixed bug GHSA-865w-9rf3-2wh5 (Logs from children may be altered).
  SAPI: Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form
  data).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-8926
    https://www.cve.org/CVERecord?id=CVE-2024-8927
    https://www.cve.org/CVERecord?id=CVE-2024-9026
    https://www.cve.org/CVERecord?id=CVE-2024-8925
  (* Security fix *)
x/vulkan-sdk-1.3.290.0-x86_64-2.txz:  Rebuilt.
  Get rid of hardcoded temporary path in volkTargets.cmake.
  (* Security fix *)
2024-09-26 21:02:37 +02:00
Patrick J Volkerding
62dc7f31a9 Wed Sep 25 18:40:09 UTC 2024
d/libtool-2.5.3-x86_64-1.txz:  Upgraded.
l/harfbuzz-10.0.1-x86_64-1.txz:  Upgraded.
l/libuv-1.49.0-x86_64-1.txz:  Upgraded.
n/libnetfilter_conntrack-1.1.0-x86_64-1.txz:  Upgraded.
2024-09-25 20:58:18 +02:00
Patrick J Volkerding
f2ee5ebc09 Tue Sep 24 18:42:58 UTC 2024
a/bash-5.2.037-x86_64-1.txz:  Upgraded.
a/dracut-103-x86_64-3.txz:  Rebuilt.
  Don't search for systemd services. Thanks to LuckyCyborg.
d/git-2.46.2-x86_64-1.txz:  Upgraded.
kde/krita-5.2.5-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.2-x86_64-1.txz:  Upgraded.
l/harfbuzz-10.0.0-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.10-x86_64-1.txz:  Upgraded.
xap/mpv-0.39.0-x86_64-1.txz:  Upgraded.
2024-09-24 21:36:52 +02:00
Patrick J Volkerding
23ef992213 Mon Sep 23 20:01:35 UTC 2024
d/parallel-20240922-noarch-1.txz:  Upgraded.
l/libarchive-3.7.6-x86_64-1.txz:  Upgraded.
  This release fixes a tar regression introduced in libarchive 3.7.5.
xap/geeqie-2.5-x86_64-2.txz:  Rebuilt.
  -Dgq_helpdir and -Dgq_htmldir should be relative to the prefix (/usr).
  Thanks to mickski56.
2024-09-23 22:28:56 +02:00
Patrick J Volkerding
bd636593ca Sat Sep 21 19:10:51 UTC 2024
d/meson-1.5.2-x86_64-1.txz:  Upgraded.
l/python-sphinx-8.0.2-x86_64-2.txz:  Rebuilt.
  Upgraded extension modules: sphinxcontrib_applehelp-2.0,
  sphinxcontrib_devhelp-2.0.0, sphinxcontrib_htmlhelp-2.1.0,
  sphinxcontrib_qthelp-2.0.0, sphinxcontrib_serializinghtml-2.0.0.
  Thanks to USUARIONUEVO.
xap/geeqie-2.5-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.3esr/releasenotes/
2024-09-21 21:29:14 +02:00
Patrick J Volkerding
3a7a083162 Fri Sep 20 19:25:40 UTC 2024
a/dracut-103-x86_64-2.txz:  Rebuilt.
  Include /etc/dracut.conf.d/elogind.conf to handle uaccess rules correctly.
  Thanks to LuckyCyborg.
l/cairo-1.18.2-x86_64-2.txz:  Rebuilt.
  [PATCH] cff: Don't fail if no local subs.
  Fixes printing PDFs with CUPS. Thanks to pee_bee and reddog83.
l/glib2-2.82.1-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.4-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.10-x86_64-2.txz:  Rebuilt.
  Rebuilt to pick up the new plugin directory for ppp-2.5.1.
n/bind-9.20.2-x86_64-1.txz:  Upgraded.
n/openssh-9.9p1-x86_64-1.txz:  Upgraded.
  Future deprecation notice: OpenSSH plans to remove support for the DSA
  signature algorithm in early 2025. For now, this package retains DSA
  support, but plan accordingly.
n/ppp-2.5.1-x86_64-1.txz:  Upgraded.
n/rp-pppoe-4.0-x86_64-1.txz:  Upgraded.
  Upstream has removed "ancient crufty scripts," so see HOW-TO-CONNECT in the
  documentation if you were using those to connect previously.
2024-09-20 21:58:37 +02:00
Patrick J Volkerding
da18c48c6c Thu Sep 19 19:16:36 UTC 2024
ap/ghostscript-10.04.0-x86_64-1.txz:  Upgraded.
  This release fixes security issues:
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-46951
    https://www.cve.org/CVERecord?id=CVE-2024-46952
    https://www.cve.org/CVERecord?id=CVE-2024-46953
    https://www.cve.org/CVERecord?id=CVE-2024-46954
    https://www.cve.org/CVERecord?id=CVE-2024-46955
    https://www.cve.org/CVERecord?id=CVE-2024-46956
  (* Security fix *)
ap/man-db-2.13.0-x86_64-2.txz:  Rebuilt.
  /etc/cron.daily/man-db: add -c to the options since it's nearly two orders
  of magnitude faster than it used to be, and that bypasses some assumptions
  (possibly invalid) about what to skip when updating an existing database.
  Thanks to B Watson and Didier Spaier.
l/LibRaw-0.21.3-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.8-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.8-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.8-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.8-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.8-x86_64-1.txz:  Upgraded.
l/libxml2-2.13.4-x86_64-1.txz:  Upgraded.
l/libzip-1.11.1-x86_64-1.txz:  Upgraded.
l/protobuf-28.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.2esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.2esr/releasenotes/
2024-09-19 22:04:38 +02:00
Patrick J Volkerding
c163a6350b Wed Sep 18 21:23:19 UTC 2024
a/btrfs-progs-6.11-x86_64-1.txz:  Upgraded.
a/dracut-103-x86_64-1.txz:  Added.
  This is Red Hat's tool to generate an initramfs (aka initrd). Around here,
  we try not to suffer from Not Invented Here Syndrome (some might say the
  less we invent, the better ;-). It never hurts to have additional options,
  and it even looks like our old friend David Cantrell is on the AUTHORS list.
  I've had good luck here with:
    dracut --hostonly --force /boot/initrd-6.10.11-generic.img
  Thanks to Didier Spaier for convincing me to try it out.
a/gawk-5.3.1-x86_64-1.txz:  Upgraded.
a/kernel-generic-6.10.11-x86_64-1.txz:  Upgraded.
a/upower-1.90.6-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.10.11-x86-1.txz:  Upgraded.
k/kernel-source-6.10.11-noarch-1.txz:  Upgraded.
l/libtiff-4.7.0-x86_64-1.txz:  Upgraded.
n/curl-8.10.1-x86_64-1.txz:  Upgraded.
x/mesa-24.2.3-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-09-19 00:41:24 +02:00
Patrick J Volkerding
40f1ab9f2a Tue Sep 17 23:29:04 UTC 2024
a/sysklogd-2.6.2-x86_64-1.txz:  Upgraded.
ap/lxc-6.0.2-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0736-x86_64-1.txz:  Upgraded.
l/gjs-1.82.0-x86_64-1.txz:  Upgraded.
  Compiled against mozjs128-128.2.0esr.
l/mozjs115-115.15.0esr-x86_64-1.txz:  Removed.
l/mozjs128-128.2.0esr-x86_64-1.txz:  Added.
tcl/tcl-8.6.15-x86_64-1.txz:  Upgraded.
tcl/tk-8.6.15-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0736-x86_64-1.txz:  Upgraded.
2024-09-18 02:05:31 +02:00
Patrick J Volkerding
a3b3d6e164 Mon Sep 16 19:58:49 UTC 2024
d/python-setuptools-75.1.0-x86_64-1.txz:  Upgraded.
d/strace-6.11-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-47.0-noarch-1.txz:  Upgraded.
l/gsettings-desktop-schemas-47.1-x86_64-1.txz:  Upgraded.
l/json-c-0.18_20240915-x86_64-1.txz:  Upgraded.
l/python-idna-3.10-x86_64-1.txz:  Upgraded.
n/iproute2-6.11.0-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.9-x86_64-1.txz:  Upgraded.
xap/gucharmap-16.0.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.1esr/releasenotes/
2024-09-16 23:01:19 +02:00
Patrick J Volkerding
83f17a22c6 Sun Sep 15 20:07:28 UTC 2024
a/kernel-firmware-20240913_6c88d9b-noarch-1.txz:  Upgraded.
a/os-prober-1.83-x86_64-2.txz:  Rebuilt.
  I have seen the reports that os-prober can take an excessive amount of time,
  but haven't had it take more than a minute and a half here on my most
  populated (and fairly slow) machine. But I've found and applied a patch that
  might help... let's see if this speeds things up on affected machines.
d/git-2.46.1-x86_64-1.txz:  Upgraded.
d/python-setuptools-75.0.0-x86_64-1.txz:  Upgraded.
l/at-spi2-core-2.54.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-47-x86_64-1.txz:  Upgraded.
l/libjpeg-turbo-3.0.4-x86_64-1.txz:  Upgraded.
l/python-pysol_cards-0.18.0-x86_64-1.txz:  Upgraded.
l/vte-0.78.0-x86_64-1.txz:  Upgraded.
testing/packages/kernel-generic-6.11.0-x86_64-1.txz:  Added.
testing/packages/kernel-headers-6.11.0-x86-1.txz:  Added.
testing/packages/kernel-source-6.11.0-noarch-1.txz:  Added.
2024-09-15 22:37:28 +02:00
Patrick J Volkerding
06728159b3 Sat Sep 14 18:15:34 UTC 2024
a/mkinitrd-1.4.11-x86_64-36.txz:  Rebuilt.
  setup.01.mkinitrd (aka geninitrd): Set GENINITRD_SILENT to anything to
  generate the initrd silently.
l/iso-codes-4.17.0-noarch-1.txz:  Upgraded.
l/libarchive-3.7.5-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  fix multiple vulnerabilities identified by SAST (#2251, #2256)
  cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258)
  lzop: prevent integer overflow (#2174)
  rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696)
  rar4: fix CVE-2024-26256 (#2269)
  rar4: fix OOB in delta and audio filter (#2148, #2149)
  rar4: fix out of boundary access with large files (#2179)
  rar4: add boundary checks to rgb filter (#2210)
  rar4: fix OOB access with unicode filenames (#2203)
  rar5: clear 'data ready' cache on window buffer reallocs (#2265)
  rpm: calculate huge header sizes correctly (#2158)
  unzip: unify EOF handling (#2175)
  util: fix out of boundary access in mktemp functions (#2160)
  uu: stop processing if lines are too long (#2168)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-20696
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)
l/python-hatch-vcs-0.4.0-x86_64-1.txz:  Added.
  This is needed to build urllib3-2.2.3.
l/python-idna-3.9-x86_64-1.txz:  Upgraded.
l/python-urllib3-2.2.3-x86_64-1.txz:  Upgraded.
n/bind-9.20.1-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.79-x86_64-1.txz:  Upgraded.
2024-09-14 20:58:45 +02:00
Patrick J Volkerding
f4acbc3fdb Fri Sep 13 21:12:03 UTC 2024
l/orc-0.4.40-x86_64-2.txz:  Rebuilt.
  Removed extra wrong LIBDIRSUFFIX="". Thanks to ponce.
2024-09-13 23:28:40 +02:00
Patrick J Volkerding
d0f56a1b42 Fri Sep 13 18:37:35 UTC 2024
l/gobject-introspection-1.82.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.56.0-x86_64-1.txz:  Upgraded.
l/libpng-1.6.44-x86_64-1.txz:  Upgraded.
l/mlt-7.28.0-x86_64-1.txz:  Upgraded.
l/orc-0.4.40-x86_64-1.txz:  Upgraded.
l/python-zipp-3.20.2-x86_64-1.txz:  Upgraded.
l/unicode-ucd-16.0.0-noarch-1.txz:  Upgraded.
xap/gucharmap-16.0.0-x86_64-1.txz:  Upgraded.
2024-09-13 21:00:36 +02:00
Patrick J Volkerding
1ef7f6df7b Fri Sep 13 01:32:33 UTC 2024
a/kernel-firmware-20240912_b9daf8c-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.10-x86_64-1.txz:  Upgraded.
  The kernel modules are now bundled into this package.
a/kernel-huge-6.10.9-x86_64-1.txz:  Removed.
  So long, we won't miss you.
  If you were actually using kernel-huge with one of the SCSI/SAS drivers that
  were built in, you'll need to use kernel-generic and an initrd that contains
  the needed drivers. Otherwise, just switch to kernel-generic. It'll be fine.
  If unsure, make an initrd with geninitrd and have your bootloader use it.
a/kernel-modules-6.10.9-x86_64-1.txz:  Removed.
  Kernel modules are now bundled with the kernel-generic package.
a/libblockdev-3.2.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.10.10-x86-1.txz:  Upgraded.
k/kernel-source-6.10.10-noarch-1.txz:  Upgraded.
l/librsvg-2.58.4-x86_64-1.txz:  Upgraded.
l/protobuf-28.1-x86_64-1.txz:  Upgraded.
l/pygobject3-3.50.0-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.9.12-x86_64-1.txz:  Upgraded.
n/nghttp3-1.5.0-x86_64-2.txz:  Rebuilt.
  Make sure the cmake files are installed to the correct location.
  Thanks to fulalas.
x/ibus-table-1.17.8-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-09-13 04:11:07 +02:00