Commit graph

790 commits

Author SHA1 Message Date
Patrick J Volkerding
e1cb531b52 Thu Nov 7 21:46:13 UTC 2024
a/libblockdev-3.2.1-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-45.txz:  Rebuilt.
  /etc/default/geninitrd: Add AUTOGENERATE_INITRD variable for disabling
  automatically generating the initrd when the kernel package is upgraded.
  The hook to trigger this will be in the next kernel-generic package.
  setup.01.mkinitrd: skip generating an initrd if we're called from the
  kernel doinst.sh and AUTOGENERATE_INITRD=false.
  geninitrd: Look for an override script called /usr/local/sbin/geninitrd,
  not /usr/local/bin/geninitrd-custom. Thanks to GazL.
ap/mariadb-11.4.4-x86_64-2.txz:  Rebuilt.
  rc.mysqld: use mariadbd-safe, not mysqld_safe. Thanks to teoberi.
d/cmake-3.31.0-x86_64-1.txz:  Upgraded.
l/expat-2.6.4-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Fix crash within function XML_ResumeParser from a NULL pointer dereference
  by disallowing function XML_StopParser to (stop or) suspend an unstarted
  parser. A new error code XML_ERROR_NOT_STARTED was introduced to properly
  communicate this situation.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-50602
  (* Security fix *)
n/gpgme-1.24.0-x86_64-1.txz:  Upgraded.
  Added libqgpgmeqt6.
xap/ffmpegthumbnailer-2.2.3-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.4.2esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.2esr/releasenotes/
2024-11-07 23:42:38 +01:00
Patrick J Volkerding
2e588b58d9 Fri Nov 1 21:13:31 UTC 2024
a/kernel-firmware-20241101_376de1f-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.6-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-42.txz:  Rebuilt.
  geninitrd: you can still point this at a kernel symlink, but by default it
  will make initrd-${KERNEL_VERSION}.img for the newest kernel it finds in
  the /boot directory.
a/pkgtools-15.1-noarch-16.txz:  Rebuilt.
  make-kernel-backup: don't make copies of any of the files, nor include an
  initrd in the package. The only added "files" will be two symlinks,
  vmlinuz-backup, and initrd-backup.img (if symlinks are enabled).
d/kernel-headers-6.11.6-x86-1.txz:  Upgraded.
d/valgrind-3.24.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.6-noarch-1.txz:  Upgraded.
l/fluidsynth-2.4.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.16.4-x86_64-1.txz:  Upgraded.
l/libzip-1.11.2-x86_64-1.txz:  Upgraded.
  Fix performance regression in zip_stat introduced in 1.11.
l/spirv-llvm-translator-19.1.1-x86_64-1.txz:  Upgraded.
n/uucp-1.07-x86_64-7.txz:  Rebuilt.
  Add some documentation. Thanks to jayjwa.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-11-01 23:16:00 +01:00
Patrick J Volkerding
32ccce4a53 Wed Oct 30 21:03:27 UTC 2024
ap/vim-9.1.0821-x86_64-1.txz:  Upgraded.
d/llvm-19.1.3-x86_64-1.txz:  Upgraded.
d/python-setuptools-75.3.0-x86_64-1.txz:  Upgraded.
l/PyQt5-5.15.11-x86_64-2.txz:  Rebuilt.
  Recompiled to drop the QtWebKit and QtWebKitWidgets bindings.
  Thanks to jloco.
l/libclc-19.1.3-x86_64-1.txz:  Upgraded.
l/libnl3-3.11.0-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-2.txz:  Rebuilt.
  Make sure liblz4.pc uses lib${LIBDIRSUFFIX}. Thanks to af7567.
l/mozjs128-128.4.0esr-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.21.1-x86_64-3.txz:  Rebuilt.
  Recompiled using --with-lua. Thanks to Luigi Trovato.
n/fetchmail-6.5.0-x86_64-1.txz:  Upgraded.
n/gnupg2-2.4.6-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.3-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.14-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
x/xorg-server-xephyr-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.14-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-24.1.4-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
xap/mozilla-firefox-128.4.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.4.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-56/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.4.0esr/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
    https://www.cve.org/CVERecord?id=CVE-2024-10458
    https://www.cve.org/CVERecord?id=CVE-2024-10459
    https://www.cve.org/CVERecord?id=CVE-2024-10460
    https://www.cve.org/CVERecord?id=CVE-2024-10461
    https://www.cve.org/CVERecord?id=CVE-2024-10462
    https://www.cve.org/CVERecord?id=CVE-2024-10463
    https://www.cve.org/CVERecord?id=CVE-2024-10464
    https://www.cve.org/CVERecord?id=CVE-2024-10465
    https://www.cve.org/CVERecord?id=CVE-2024-10466
    https://www.cve.org/CVERecord?id=CVE-2024-10467
  (* Security fix *)
xap/vim-gvim-9.1.0821-x86_64-1.txz:  Upgraded.
xap/xaos-4.3.3-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-2.txz:  Rebuilt.
  Rebuilt against xorg-server-21.1.14.
  This update fixes a security issue:
  By providing a modified bitmap, a heap-based buffer overflow may occur.
  This may lead to local privilege escalation if the server is run as root
  or remote code execution (e.g. x11 over ssh).
  This vulnerability was discovered by:
  Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    https://www.cve.org/CVERecord?id=CVE-2024-9632
  (* Security fix *)
2024-10-30 23:24:55 +01:00
Patrick J Volkerding
05b6a05e8f Mon Oct 28 21:22:48 UTC 2024
a/aaa_libraries-15.1-x86_64-34.txz:  Rebuilt.
  Upgraded: libcap.so.2.71, libelf-0.192.so, liblzma.so.5.6.3,
  libcares.so.2.19.1, libexpat.so.1.9.3, libglib-2.0.so.0.8200.2,
  libgmodule-2.0.so.0.8200.2, libgobject-2.0.so.0.8200.2,
  libgthread-2.0.so.0.8200.2, libisl.so.23.4.0, libjson-c.so.5.4.0,
  libpng16.so.16.44.0, libtiff.so.6.1.0, libtiffxx.so.6.1.0,
  libunistring.so.5.2.0.
  Removed: libboost_*.so.1.85.0.
  Added (temporarily): libicudata.so.74.2, libicui18n.so.74.2,
  libicuio.so.74.2, libicutest.so.74.2, libicutu.so.74.2,
  libicuuc.so.74.2.
a/mkinitrd-1.4.11-x86_64-41.txz:  Rebuilt.
  remove-orphaned-initrds: simplify matching - initrd-${FOO}.img is considered
  orphaned if there is no vmlinuz-${FOO} (the contents of $FOO are arbitrary).
a/pkgtools-15.1-noarch-15.txz:  Rebuilt.
  make-kernel-backup: if we are backing up vmlinuz-${FOO}, then also back up
  initrd-${FOO}.img if it exists. Don't try to match specific fields.
a/xfsprogs-6.11.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
ap/mpg123-1.32.8-x86_64-1.txz:  Upgraded.
ap/sqlite-3.46.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
d/mercurial-6.8.2-x86_64-1.txz:  Upgraded.
d/python-pip-24.3.1-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
kde/kdewebkit-5.116.0-x86_64-1.txz:  Removed.
  Mothing uses this. Obsolete.
kde/konsole-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
kde/plasma-workspace-5.27.11.1-x86_64-3.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/M2Crypto-0.42.0-x86_64-1.txz:  Removed.
  Nothing in Slackware has needed this since crda was removed, and very little
  elsewhere does. Thanks to lucabon.
l/babl-0.1.110-x86_64-1.txz:  Upgraded.
l/boost-1.86.0-x86_64-3.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/desktop-file-utils-0.28-x86_64-1.txz:  Upgraded.
l/gspell-1.14.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/harfbuzz-10.0.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/icu4c-76.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/libcap-2.71-x86_64-1.txz:  Upgraded.
l/libical-3.0.18-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/libqalculate-5.3.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/liburing-2.8-x86_64-1.txz:  Upgraded.
l/libvisio-0.1.8-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/mozjs128-128.3.1esr-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/nodejs-20.18.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/qt5-5.15.15_20241016_9f395e3b-x86_64-1.txz:  Upgraded.
  Compiled against icu4c-76.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Removed.
  Nothing uses this except kdewebkit, and nothing uses that.
  Plus it is unmaintained, obsolete, and likely full of holes.
l/qt6-6.7.3_20240920_90e86aee-x86_64-4.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
l/vte-0.78.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/dovecot-2.3.21.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/netatalk-4.0.3-x86_64-1.txz:  Upgraded.
n/php-8.3.13-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/postfix-3.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/samba-4.21.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
n/tin-2.6.3-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
t/texlive-2024.240409-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/brltty/brltty-6.7-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/sendmail/sendmail-8.18.1-x86_64-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
extra/sendmail/sendmail-cf-8.18.1-noarch-2.txz:  Rebuilt.
  Recompiled against icu4c-76.1.
2024-10-28 23:11:58 +01:00
Patrick J Volkerding
c20bd58353 Fri Oct 25 18:13:16 UTC 2024
a/mkinitrd-1.4.11-x86_64-40.txz:  Rebuilt.
  remove-orphaned-initrds: also remove dangling initrd symlinks.
l/glib2-2.82.2-x86_64-2.txz:  Rebuilt.
  Removed useless symlinks. Thanks to marav.
l/mozilla-nss-3.106-x86_64-1.txz:  Upgraded.
x/xterm-395-x86_64-1.txz:  Upgraded.
2024-10-26 17:35:55 +02:00
Patrick J Volkerding
8a32bfc76a Wed Oct 23 19:39:39 UTC 2024
a/openssl-solibs-3.4.0-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.6-x86_64-1.txz:  Upgraded.
l/protobuf-28.3-x86_64-1.txz:  Upgraded.
n/epic5-3.0.1-x86_64-1.txz:  Upgraded.
n/openssl-3.4.0-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.1-x86_64-1.txz:  Upgraded.
2024-10-23 21:59:08 +02:00
Patrick J Volkerding
4967f0e2be Tue Oct 22 23:55:03 UTC 2024
a/elilo-3.16-x86_64-18.txz:  Rebuilt.
  eliloconfig: if we don't find initrd-generic.img, try to fall back on
  /boot/initrd.gz. Thanks to rworkman.
a/kernel-firmware-20241022_e1d9577-noarch-1.txz:  Upgraded.
a/kernel-generic-6.11.5-x86_64-1.txz:  Upgraded.
a/less-668-x86_64-1.txz:  Upgraded.
a/openssl11-solibs-1.1.1zb-x86_64-1.txz:  Upgraded.
a/sysvinit-3.11-x86_64-1.txz:  Upgraded.
a/usbutils-018-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.11.5-x86-1.txz:  Upgraded.
d/parallel-20241022-noarch-1.txz:  Upgraded.
d/swig-4.3.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.11.5-noarch-1.txz:  Upgraded.
l/libvisio-0.1.8-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.21.16-x86_64-1.txz:  Upgraded.
n/openssl11-1.1.1zb-x86_64-1.txz:  Upgraded.
  Apply patch to fix a security issue:
  Harden BN_GF2m_poly2arr against misuse.
  This CVE was fixed by the 1.1.1zb release that is only available to
  subscribers to OpenSSL's premium extended support. The patch was prepared
  by backporting from the OpenSSL-3.0 repo. The reported version number has
  been updated so that vulnerability scanners calm down.
  Thanks to Ken Zalewski for the patch!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-9143
  (* Security fix *)
xap/gucharmap-16.0.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.3esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.3esr/releasenotes/
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-23 03:12:37 +02:00
Patrick J Volkerding
3cd2369178 Mon Oct 21 19:11:58 UTC 2024
d/meson-1.6.0-x86_64-1.txz:  Upgraded.
kde/okteta-0.26.18-x86_64-1.txz:  Upgraded.
l/gjs-1.82.1-x86_64-1.txz:  Upgraded.
l/gspell-1.14.0-x86_64-1.txz:  Added.
  Pan has switched to this instead of gtkspell3.
  Nothing else in Slackware uses gtkspell3 -- perhaps it should be removed?
l/vte-0.78.1-x86_64-1.txz:  Upgraded.
n/nghttp2-1.64.0-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.33-x86_64-1.txz:  Upgraded.
xap/pan-0.161-x86_64-1.txz:  Upgraded.
xfce/mousepad-0.6.3-x86_64-1.txz:  Upgraded.
2024-10-21 21:30:18 +02:00
Patrick J Volkerding
3adca20180 Mon Oct 14 21:21:47 UTC 2024
a/os-prober-1.83-x86_64-3.txz:  Rebuilt.
  Fix the generated path to elilo.efi. Thanks to yancek and chris.willing.
l/python-sphinx-8.1.3-x86_64-1.txz:  Upgraded.
l/qt6-6.7.3_20240920_90e86aee-x86_64-2.txz:  Rebuilt.
  [PATCH] ListView: fix countChanged not being emitted in certain cases.
n/samba-4.21.1-x86_64-1.txz:  Upgraded.
2024-10-15 00:05:20 +02:00
Patrick J Volkerding
3c395d7ba3 Sun Oct 13 19:49:05 UTC 2024
a/dracut-105-x86_64-1.txz:  Upgraded.
a/sysvinit-scripts-15.1-noarch-22.txz:  Rebuilt.
  rc.6: add a hash -r after unmounting local partitions in case any directories
  in the $PATH have gone away. Thanks to yars.
l/libarchive-3.7.7-x86_64-1.txz:  Upgraded.
  This update fixes bug and the following security issues:
  gzip: prevent a hang when processing a malformed gzip inside a gzip.
  tar: don't crash on truncated tar archives.
  tar: fix two leaks in tar header parsing.
  (* Security fix *)
l/python-sphinx-8.1.2-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.10.13-x86_64-1.txz:  Upgraded.
x/bdftopcf-1.1.2-x86_64-1.txz:  Upgraded.
x/fonttosfnt-1.2.4-x86_64-1.txz:  Upgraded.
x/xcmsdb-1.0.7-x86_64-1.txz:  Upgraded.
x/xf86-video-mach64-6.10.0-x86_64-1.txz:  Upgraded.
x/xf86-video-mga-2.1.0-x86_64-1.txz:  Upgraded.
x/xf86-video-r128-6.13.0-x86_64-1.txz:  Upgraded.
x/xkbprint-1.0.7-x86_64-1.txz:  Upgraded.
x/xmag-1.0.8-x86_64-1.txz:  Upgraded.
x/xtrans-1.5.1-noarch-1.txz:  Upgraded.
x/xwud-1.0.7-x86_64-1.txz:  Upgraded.
2024-10-13 22:32:01 +02:00
Patrick J Volkerding
6ffeb4181c Thu Oct 10 22:42:17 UTC 2024
a/hostname-3.24-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20241010_c410e4c-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.14-x86_64-1.txz:  Upgraded.
a/mkinitrd-1.4.11-x86_64-39.txz:  Rebuilt.
  Symlink /boot/remove-orphaned-initrds into /usr/sbin to get it in the $PATH.
a/pkgtools-15.1-noarch-14.txz:  Rebuilt.
  Renamed kernel-backup to make-kernel-backup.
  We'll leave it in /boot where it's more likely to be noticed, but also
  add a symlink in /usr/sbin so that it's in the $PATH.
  Support /etc/default/make-kernel-backup.
  Test to see if $KERNEL_FILE is actually a Linux kernel.
d/kernel-headers-6.10.14-x86-1.txz:  Upgraded.
k/kernel-source-6.10.14-noarch-1.txz:  Upgraded.
l/python-sphinx-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-3.0.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.34.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.3.1esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.3.1esr/releasenotes/
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.3-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.3-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.3-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-11 01:59:58 +02:00
Patrick J Volkerding
194d2d2fc5 Wed Oct 9 21:09:16 UTC 2024
a/dracut-104-x86_64-1.txz:  Upgraded.
d/cmake-3.30.5-x86_64-1.txz:  Upgraded.
d/subversion-1.14.4-x86_64-1.txz:  Upgraded.
l/mozjs128-128.3.1esr-x86_64-1.txz:  Upgraded.
l/openexr-3.3.1-x86_64-1.txz:  Upgraded.
l/python-charset-normalizer-3.4.0-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.11-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.5-x86_64-1.txz:  Upgraded.
x/libime-1.1.9-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.3.1esr-x86_64-1.txz:  Upgraded.
  This update contains a critical security fix:
  Use-after-free in Animation timeline.
  "An attacker was able to achieve code execution in the content process by
  exploiting a use-after-free in Animation timelines. We have had reports of
  this vulnerability being exploited in the wild."
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-51/
    https://www.cve.org/CVERecord?id=CVE-2024-9680
  (* Security fix *)
2024-10-10 00:58:09 +02:00
Patrick J Volkerding
d61d08c9cb Tue Oct 8 18:39:18 UTC 2024
a/mkinitrd-1.4.11-x86_64-38.txz:  Rebuilt.
  /boot/remove-orphaned-initrds: this script will remove initrds found in /boot
  if there is no matching kernel version found. This can be run manually or
  added as a cron job to prevent unneeded initrds from filling up /boot.
a/pkgtools-15.1-noarch-13.txz:  Rebuilt.
  /boot/kernel-backup: with the huge kernel gone, this script seeks to fill the
  gap by offering an easy way to make a backup kernel that will be picked up
  by update-grub. It does this by creating entries in the pkgtools database
  that protect a kernel, modules, and optionally an initrd from being removed
  when the kernel-generic package is upgraded. See the script for details.
ap/rpm-4.20.0-x86_64-1.txz:  Upgraded.
d/git-2.47.0-x86_64-1.txz:  Upgraded.
l/python-MarkupSafe-3.0.1-x86_64-1.txz:  Upgraded.
l/python-tomli-w-1.1.0-x86_64-1.txz:  Upgraded.
n/cifs-utils-7.1-x86_64-1.txz:  Upgraded.
n/netatalk-4.0.1-x86_64-1.txz:  Upgraded.
2024-10-08 21:00:40 +02:00
Patrick J Volkerding
6ffaeb24f7 Mon Oct 7 22:37:51 UTC 2024
d/tree-sitter-0.24.2-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_39-x86_64-1.txz:  Upgraded.
l/libdeflate-1.22-x86_64-1.txz:  Upgraded.
l/libqalculate-5.3.0-x86_64-1.txz:  Upgraded.
l/python-build-1.2.2.post1-x86_64-1.txz:  Upgraded.
l/python-dnspython-2.7.0-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-3.0.0-x86_64-1.txz:  Upgraded.
n/wireless-regdb-2024.10.07-x86_64-1.txz:  Upgraded.
2024-10-08 01:02:23 +02:00
Patrick J Volkerding
ef66fc3e38 Sat Oct 5 19:17:05 UTC 2024
ap/tmux-3.5a-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.24.1-x86_64-1.txz:  Upgraded.
kde/qcoro-0.11.0-x86_64-1.txz:  Upgraded.
l/libwnck3-43.1-x86_64-1.txz:  Upgraded.
n/netatalk-4.0.0-x86_64-1.txz:  Upgraded.
n/nghttp3-1.6.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-05 22:02:45 +02:00
Patrick J Volkerding
13dd1912f4 Thu Oct 3 18:32:43 UTC 2024
a/hwdata-0.388-noarch-1.txz:  Upgraded.
a/lvm2-2.03.27-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.23.2-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.50.0-x86_64-1.txz:  Upgraded.
n/getmail-6.19.05-x86_64-1.txz:  Upgraded.
n/libnftnl-1.2.8-x86_64-1.txz:  Upgraded.
n/nftables-1.1.1-x86_64-1.txz:  Upgraded.
x/mesa-24.2.4-x86_64-1.txz:  Upgraded.
2024-10-03 21:04:59 +02:00
Patrick J Volkerding
1e755d579a Tue Oct 1 18:01:38 UTC 2024
Several ELF objects were found to have rpaths pointing into /tmp, a world
writable directory. This could have allowed a local attacker to launch denial
of service attacks or execute arbitrary code when the affected binaries are
run by placing crafted ELF objects in the /tmp rpath location. All rpaths with
an embedded /tmp path have been scrubbed from the binaries, and makepkg has
gained a lint feature to detect these so that they won't creep back in.
a/kernel-firmware-20241001_95bfe08-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.12-x86_64-1.txz:  Upgraded.
a/pkgtools-15.1-noarch-12.txz:  Rebuilt.
  makepkg: when looking for ELF objects with --remove-rpaths or
  --remove-tmp-rpaths, avoid false hits on files containing 'ELF' as part
  of the directory or filename.
  Also warn about /tmp rpaths after the package is built.
ap/cups-2.4.11-x86_64-1.txz:  Upgraded.
ap/cups-browsed-2.0.1-x86_64-2.txz:  Rebuilt.
  Mitigate security issue that could lead to a denial of service or
  the execution of arbitrary code.
  Rebuilt with --with-browseremoteprotocols=none to disable incoming
  connections, since this daemon has been shown to be insecure. If you
  actually use cups-browsed, be sure to install the new
  /etc/cups/cups-browsed.conf.new containing this line:
  BrowseRemoteProtocols none
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-47176
  (* Security fix *)
d/kernel-headers-6.10.12-x86-1.txz:  Upgraded.
d/llvm-18.1.8-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
d/luajit-2.1.1727621189-x86_64-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
k/kernel-source-6.10.12-noarch-1.txz:  Upgraded.
kde/kimageformats-5.116.0-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/kio-extras-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/krita-5.2.5-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
kde/libindi-2.1.0-x86_64-1.txz:  Upgraded.
l/cryfs-0.10.3-x86_64-13.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/espeak-ng-1.51.1-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/ffmpeg-7.1-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/gst-plugins-bad-free-1.24.8-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/imagemagick-7.1.1_38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/libgsf-1.14.53-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.5-x86_64-1.txz:  Upgraded.
l/libvncserver-0.9.14-x86_64-3.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/mozjs128-128.3.0esr-x86_64-1.txz:  Upgraded.
l/netpbm-11.08.00-x86_64-1.txz:  Upgraded.
l/opencv-4.10.0-x86_64-3.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
l/openexr-3.3.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-glad2-2.0.8-x86_64-1.txz:  Upgraded.
l/python-pyproject-hooks-1.2.0-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
l/woff2-20231106_0f4d304-x86_64-2.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
n/openobex-1.7.2-x86_64-6.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
x/marisa-0.2.6-x86_64-11.txz:  Rebuilt.
  Remove rpaths from binaries.
  (* Security fix *)
xap/gimp-2.10.38-x86_64-2.txz:  Rebuilt.
  Recompiled against openexr-3.3.0.
xap/mozilla-firefox-128.3.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-47
    https://www.cve.org/CVERecord?id=CVE-2024-9392
    https://www.cve.org/CVERecord?id=CVE-2024-9393
    https://www.cve.org/CVERecord?id=CVE-2024-9394
    https://www.cve.org/CVERecord?id=CVE-2024-8900
    https://www.cve.org/CVERecord?id=CVE-2024-9396
    https://www.cve.org/CVERecord?id=CVE-2024-9397
    https://www.cve.org/CVERecord?id=CVE-2024-9398
    https://www.cve.org/CVERecord?id=CVE-2024-9399
    https://www.cve.org/CVERecord?id=CVE-2024-9400
    https://www.cve.org/CVERecord?id=CVE-2024-9401
    https://www.cve.org/CVERecord?id=CVE-2024-9402
  (* Security fix *)
xap/xlockmore-5.80-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/kernel-generic-6.11.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.11.1-x86-1.txz:  Upgraded.
testing/packages/kernel-source-6.11.1-noarch-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-10-01 22:04:37 +02:00
Patrick J Volkerding
70006cfdf0 Thu Sep 26 18:28:55 UTC 2024
ap/ispell-3.4.06-x86_64-3.txz:  Rebuilt.
  Get rid of hardcoded temporary path in munchlist.
l/boost-1.86.0-x86_64-2.txz:  Rebuilt.
  Get rid of hardcoded temporary paths in the cmake files.
  Since these paths point to a location that an unprivileged user could
  create and populate with files that could be picked up during a build,
  it's possible this bug could be used for malicious purposes.
  Thanks to jmacloue.
  (* Security fix *)
l/fribidi-1.0.16-x86_64-1.txz:  Upgraded.
n/php-8.3.12-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter
  Injection Vulnerability).
  CGI: Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is
  bypassable due to the environment variable collision).
  FPM: Fixed bug GHSA-865w-9rf3-2wh5 (Logs from children may be altered).
  SAPI: Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form
  data).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-8926
    https://www.cve.org/CVERecord?id=CVE-2024-8927
    https://www.cve.org/CVERecord?id=CVE-2024-9026
    https://www.cve.org/CVERecord?id=CVE-2024-8925
  (* Security fix *)
x/vulkan-sdk-1.3.290.0-x86_64-2.txz:  Rebuilt.
  Get rid of hardcoded temporary path in volkTargets.cmake.
  (* Security fix *)
2024-09-26 21:02:37 +02:00
Patrick J Volkerding
62dc7f31a9 Wed Sep 25 18:40:09 UTC 2024
d/libtool-2.5.3-x86_64-1.txz:  Upgraded.
l/harfbuzz-10.0.1-x86_64-1.txz:  Upgraded.
l/libuv-1.49.0-x86_64-1.txz:  Upgraded.
n/libnetfilter_conntrack-1.1.0-x86_64-1.txz:  Upgraded.
2024-09-25 20:58:18 +02:00
Patrick J Volkerding
3a7a083162 Fri Sep 20 19:25:40 UTC 2024
a/dracut-103-x86_64-2.txz:  Rebuilt.
  Include /etc/dracut.conf.d/elogind.conf to handle uaccess rules correctly.
  Thanks to LuckyCyborg.
l/cairo-1.18.2-x86_64-2.txz:  Rebuilt.
  [PATCH] cff: Don't fail if no local subs.
  Fixes printing PDFs with CUPS. Thanks to pee_bee and reddog83.
l/glib2-2.82.1-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.4-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.10-x86_64-2.txz:  Rebuilt.
  Rebuilt to pick up the new plugin directory for ppp-2.5.1.
n/bind-9.20.2-x86_64-1.txz:  Upgraded.
n/openssh-9.9p1-x86_64-1.txz:  Upgraded.
  Future deprecation notice: OpenSSH plans to remove support for the DSA
  signature algorithm in early 2025. For now, this package retains DSA
  support, but plan accordingly.
n/ppp-2.5.1-x86_64-1.txz:  Upgraded.
n/rp-pppoe-4.0-x86_64-1.txz:  Upgraded.
  Upstream has removed "ancient crufty scripts," so see HOW-TO-CONNECT in the
  documentation if you were using those to connect previously.
2024-09-20 21:58:37 +02:00
Patrick J Volkerding
a3b3d6e164 Mon Sep 16 19:58:49 UTC 2024
d/python-setuptools-75.1.0-x86_64-1.txz:  Upgraded.
d/strace-6.11-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-47.0-noarch-1.txz:  Upgraded.
l/gsettings-desktop-schemas-47.1-x86_64-1.txz:  Upgraded.
l/json-c-0.18_20240915-x86_64-1.txz:  Upgraded.
l/python-idna-3.10-x86_64-1.txz:  Upgraded.
n/iproute2-6.11.0-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.9-x86_64-1.txz:  Upgraded.
xap/gucharmap-16.0.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.1esr/releasenotes/
2024-09-16 23:01:19 +02:00
Patrick J Volkerding
1ef7f6df7b Fri Sep 13 01:32:33 UTC 2024
a/kernel-firmware-20240912_b9daf8c-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.10-x86_64-1.txz:  Upgraded.
  The kernel modules are now bundled into this package.
a/kernel-huge-6.10.9-x86_64-1.txz:  Removed.
  So long, we won't miss you.
  If you were actually using kernel-huge with one of the SCSI/SAS drivers that
  were built in, you'll need to use kernel-generic and an initrd that contains
  the needed drivers. Otherwise, just switch to kernel-generic. It'll be fine.
  If unsure, make an initrd with geninitrd and have your bootloader use it.
a/kernel-modules-6.10.9-x86_64-1.txz:  Removed.
  Kernel modules are now bundled with the kernel-generic package.
a/libblockdev-3.2.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.10.10-x86-1.txz:  Upgraded.
k/kernel-source-6.10.10-noarch-1.txz:  Upgraded.
l/librsvg-2.58.4-x86_64-1.txz:  Upgraded.
l/protobuf-28.1-x86_64-1.txz:  Upgraded.
l/pygobject3-3.50.0-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.9.12-x86_64-1.txz:  Upgraded.
n/nghttp3-1.5.0-x86_64-2.txz:  Rebuilt.
  Make sure the cmake files are installed to the correct location.
  Thanks to fulalas.
x/ibus-table-1.17.8-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-09-13 04:11:07 +02:00
Patrick J Volkerding
b6d2c7f5fa Wed Sep 11 17:47:14 UTC 2024
a/efibootmgr-18-x86_64-1.txz:  Upgraded.
a/grub-2.12-x86_64-16.txz:  Rebuilt.
  Long ago, we began giving all the scripts in /etc/grub.d/ the .new treatment
  to prevent local customizations from being overwritten with a package
  upgrade. But, this no longer appears to be a good idea, especially if we're
  ever going to offer the possibility to automate grub-install and grub-update.
  So, we are no longer going to preserve the contents of these files when the
  grub package is upgraded. We *will* however preserve the existing
  permissions, so you'll be able to turn off scripts that you don't want
  running, and you'll be able to make new scripts, or make edited and renamed
  copies of the scripts shipped in this package, so there's no real loss of
  functionality here.
  It looks like 40_custom is intended to be locally edited, so we make an
  exception and do not overwrite that one.
d/python-setuptools-74.1.2-x86_64-1.txz:  Upgraded.
kde/okteta-0.26.17-x86_64-1.txz:  Upgraded.
l/gobject-introspection-1.80.1-x86_64-2.txz:  Rebuilt.
  Fix running against python-setuptools-74.1.2:
  [PATCH] giscanner: remove dependency on distutils.msvccompiler.
l/python-importlib_metadata-8.5.0-x86_64-1.txz:  Upgraded.
n/curl-8.10.0-x86_64-1.txz:  Upgraded.
2024-09-11 20:35:16 +02:00
Patrick J Volkerding
ed2397335f Tue Sep 10 19:32:34 UTC 2024
l/Imath-3.1.12-x86_64-1.txz:  Upgraded.
l/gtkmm4-4.16.0-x86_64-1.txz:  Upgraded.
n/stunnel-5.73-x86_64-1.txz:  Upgraded.
2024-09-10 22:00:23 +02:00
Patrick J Volkerding
381482b7fe Mon Sep 9 17:27:00 UTC 2024
ap/stow-2.4.1-x86_64-1.txz:  Upgraded.
l/cairo-1.18.2-x86_64-1.txz:  Upgraded.
l/gc-8.2.8-x86_64-1.txz:  Upgraded.
n/bluez-5.78-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.8-x86_64-1.txz:  Upgraded.
  Bump bundled WolfSSL library to stable version 5.7.2, GitHub #1433.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1544
    https://www.cve.org/CVERecord?id=CVE-2024-5288
    https://www.cve.org/CVERecord?id=CVE-2024-5991
    https://www.cve.org/CVERecord?id=CVE-2024-5814
  (* Security fix *)
x/ibus-m17n-1.4.32-x86_64-1.txz:  Upgraded.
2024-09-09 19:59:46 +02:00
Patrick J Volkerding
96d75d54bf Thu Sep 5 22:14:23 UTC 2024
ap/inxi-3.3.36_1-noarch-1.txz:  Upgraded.
ap/nano-8.2-x86_64-1.txz:  Upgraded.
d/luajit-2.1.1725453128-x86_64-1.txz:  Upgraded.
d/rust-1.81.0-x86_64-1.txz:  Upgraded.
l/netpbm-11.07.01-x86_64-1.txz:  Upgraded.
l/python-cffi-1.17.1-x86_64-1.txz:  Upgraded.
l/python-glad2-2.0.7-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.6-x86_64-1.txz:  Upgraded.
n/iputils-20240905-x86_64-1.txz:  Upgraded.
x/igt-gpu-tools-1.29-x86_64-1.txz:  Upgraded.
x/libXi-1.8.2-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.2.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.2.0esr/releasenotes/
  (* Security fix *)
2024-09-06 01:14:21 +02:00
Patrick J Volkerding
7ff3810884 Tue Sep 3 21:07:09 UTC 2024
a/cryptsetup-2.7.5-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240903_7a7a88f-noarch-1.txz:  Upgraded.
a/openssl-solibs-3.3.2-x86_64-1.txz:  Upgraded.
ap/xfsdump-3.2.0-x86_64-1.txz:  Upgraded.
d/opencl-headers-2024.05.08-noarch-1.txz:  Upgraded.
d/ruby-3.3.5-x86_64-1.txz:  Upgraded.
l/mozjs115-115.15.0esr-x86_64-1.txz:  Upgraded.
n/openssl-3.3.2-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Fixed possible denial of service in X.509 name checks.
  Fixed possible buffer overread in SSL_select_next_proto().
  For more information, see:
    https://openssl-library.org/news/secadv/20240903.txt
    https://openssl-library.org/news/secadv/20240627.txt
    https://www.cve.org/CVERecord?id=CVE-2024-6119
    https://www.cve.org/CVERecord?id=CVE-2024-5535
  (* Security fix *)
n/samba-4.21.0-x86_64-1.txz:  Upgraded.
x/libevdev-1.13.3-x86_64-1.txz:  Upgraded.
x/xterm-394-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.2.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.2.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-40/
    https://www.cve.org/CVERecord?id=CVE-2024-8385
    https://www.cve.org/CVERecord?id=CVE-2024-8381
    https://www.cve.org/CVERecord?id=CVE-2024-8382
    https://www.cve.org/CVERecord?id=CVE-2024-8383
    https://www.cve.org/CVERecord?id=CVE-2024-8384
    https://www.cve.org/CVERecord?id=CVE-2024-8386
    https://www.cve.org/CVERecord?id=CVE-2024-8387
  (* Security fix *)
xap/seamonkey-2.53.19-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.19
  (* Security fix *)
2024-09-04 00:33:23 +02:00
Patrick J Volkerding
1bfff6350a Mon Sep 2 02:42:42 UTC 2024
l/SDL2-2.30.7-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.4-x86_64-1.txz:  Upgraded.
2024-09-02 05:03:47 +02:00
Patrick J Volkerding
c2316bf6f1 Sat Aug 31 18:26:20 UTC 2024
l/aom-3.10.0-x86_64-1.txz:  Upgraded.
l/libpcap-1.10.5-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Clean up sock_initaddress() and its callers to avoid double frees
  in some cases.
  Fix pcap_findalldevs_ex() not to crash if passed a file:// URL with a
  path to a directory that cannot be opened.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-7256
    https://www.cve.org/CVERecord?id=CVE-2024-8006
  (* Security fix *)
l/mozilla-nss-3.104-x86_64-1.txz:  Upgraded.
n/tcpdump-4.99.5-x86_64-1.txz:  Upgraded.
x/wayland-protocols-1.37-noarch-1.txz:  Upgraded.
2024-08-31 21:02:58 +02:00
Patrick J Volkerding
e1b9937c81 Fri Aug 30 17:52:19 UTC 2024
a/aaa_glibc-solibs-2.40-x86_64-5.txz:  Rebuilt.
a/kernel-firmware-20240828_335a1de-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.7-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.10.7-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.10.7-x86_64-1.txz:  Upgraded.
a/userspace-rcu-0.14.1-x86_64-1.txz:  Upgraded.
ap/man-db-2.13.0-x86_64-1.txz:  Upgraded.
ap/screen-5.0.0-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0702-x86_64-1.txz:  Upgraded.
d/cmake-3.30.3-x86_64-1.txz:  Upgraded.
d/gcc-14.2.0-x86_64-2.txz:  Rebuilt.
  Merge in parts of alienBOB's multilib build script, generalize the script
  to work with both --enable-multilib and --disable-multilib, and otherwise
  clean things up. Go ahead and build it multilib on 64-bit, because why not?
  It's worth the bit of bloat to no longer have this package need to be
  maintained separately and kept in sync. Thanks to alienBOB.
d/gcc-g++-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-14.2.0-x86_64-2.txz:  Rebuilt.
d/gcc-rust-14.2.0-x86_64-2.txz:  Rebuilt.
d/kernel-headers-6.10.7-x86-1.txz:  Upgraded.
d/python-setuptools-73.0.1-x86_64-1.txz:  Rebuilt.
  Reverted due to regression: breaks g-ir-scanner
k/kernel-source-6.10.7-noarch-1.txz:  Upgraded.
l/glibc-2.40-x86_64-5.txz:  Rebuilt.
  Enable multilib on 64-bit. Thanks to alienBOB.
  Note that Slackware 64-bit can now run a 32-bit "Hello World!" but there
  are no immediate plans to add additional multilib support by default.
  Maybe down the road when bare metal 32-bit support goes away.
l/glibc-i18n-2.40-x86_64-5.txz:  Rebuilt.
l/glibc-profile-2.40-x86_64-5.txz:  Rebuilt.
l/gtk4-4.15.6-x86_64-1.txz:  Upgraded.
l/libssh-0.11.1-x86_64-1.txz:  Upgraded.
l/protobuf-28.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-certifi-2024.8.30-x86_64-1.txz:  Upgraded.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-6.txz:  Rebuilt.
  Recompiled against protobuf-28.0.
n/ca-certificates-20240830-noarch-1.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
n/mosh-1.4.0-x86_64-4.txz:  Rebuilt.
  Recompiled against protobuf-28.0.
n/php-8.3.11-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.11
x/mesa-24.2.1-x86_64-1.txz:  Upgraded.
  Thanks to lucabon for the rust-bindgen patch.
xap/vim-gvim-9.1.0702-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-08-30 20:49:55 +02:00
Patrick J Volkerding
0f3e7091a6 Tue Aug 27 19:24:48 UTC 2024
a/upower-1.90.5-x86_64-1.txz:  Upgraded.
l/glibmm2-2.82.0-x86_64-1.txz:  Upgraded.
l/python-pbr-6.1.0-x86_64-1.txz:  Upgraded.
n/nghttp2-1.63.0-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.123-x86_64-1.txz:  Upgraded.
x/xclipboard-1.1.5-x86_64-1.txz:  Upgraded.
2024-08-27 21:59:36 +02:00
Patrick J Volkerding
f4bb237e34 Sun Aug 25 17:38:49 UTC 2024
d/luajit-2.1.1724512491-x86_64-1.txz:  Upgraded.
n/getmail-6.19.04-x86_64-1.txz:  Upgraded.
n/socat-1.8.0.1-x86_64-1.txz:  Upgraded.
x/wayland-1.23.1-x86_64-1.txz:  Upgraded.
2024-08-25 19:59:05 +02:00
Patrick J Volkerding
c77798fc41 Sat Aug 24 23:36:26 UTC 2024
a/lvm2-2.03.26-x86_64-1.txz:  Upgraded.
ap/mc-4.8.32-x86_64-1.txz:  Upgraded.
n/epic5-2.6-x86_64-1.txz:  Upgraded.
n/nghttp3-1.5.0-x86_64-1.txz:  Upgraded.
2024-08-25 01:59:25 +02:00
Patrick J Volkerding
5e9b585f22 Thu Aug 22 19:10:18 UTC 2024
ap/vim-9.1.0686-x86_64-1.txz:  Upgraded.
  Build with --with-python3-stable-abi=no (which was the default until
  recently). This fixes segfaults when python3 is used from vim.
  Thanks to audriusk.
d/luajit-2.1.1724232689-x86_64-1.txz:  Upgraded.
d/parallel-20240822-noarch-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.7-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.7-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.7-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.7-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.7-x86_64-1.txz:  Upgraded.
l/nodejs-20.17.0-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.3-x86_64-1.txz:  Upgraded.
n/bind-9.18.29-x86_64-1.txz:  Upgraded.
n/nfs-utils-2.7.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-128.1.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.1.1esr/releasenotes/
xap/vim-gvim-9.1.0686-x86_64-1.txz:  Upgraded.
2024-08-22 22:16:26 +02:00
Patrick J Volkerding
a259c4df1e Wed Aug 21 18:08:47 UTC 2024
d/python-setuptools-73.0.1-x86_64-1.txz:  Upgraded.
d/rust-bindgen-0.70.1-x86_64-1.txz:  Upgraded.
n/ModemManager-1.22.0-x86_64-1.txz:  Upgraded.
n/dhcpcd-10.0.10-x86_64-1.txz:  Upgraded.
n/epic5-2.4-x86_64-1.txz:  Upgraded.
n/libqmi-1.34.0-x86_64-2.txz:  Rebuilt.
  Build against libqrtr-glib with -Dqrtr=true.
n/libqrtr-glib-1.2.2-x86_64-1.txz:  Added.
  ModemManager-1.22.0 needs libqmi to be linked with this.
x/xorg-server-21.1.13-x86_64-3.txz:  Rebuilt.
  Patched changing a type from unsigned long to unsigned long long which fixes
  the black screen seen on 32-bit with the modesetting driver. Seems fine on
  64-bit as well, so the patch is applied for all builds. The patch to default
  to modesetting for Intel graphics is restored (and the one for nouveau is kept
  as well).
  Thanks to Lenard Spencer for reporting that nouveau was also hitting this.
  Thanks to Petri Kaukasoina for the patch.
x/xorg-server-xephyr-21.1.13-x86_64-3.txz:  Rebuilt.
x/xorg-server-xnest-21.1.13-x86_64-3.txz:  Rebuilt.
x/xorg-server-xvfb-21.1.13-x86_64-3.txz:  Rebuilt.
2024-08-21 20:30:25 +02:00
Patrick J Volkerding
5ec7ae04a2 Tue Aug 20 18:23:52 UTC 2024
a/libbytesize-2.11-x86_64-1.txz:  Upgraded.
d/python-setuptools-73.0.0-x86_64-1.txz:  Upgraded.
l/python-importlib_metadata-8.4.0-x86_64-1.txz:  Upgraded.
n/epic5-2.2-x86_64-1.txz:  Upgraded.
n/netatalk-3.2.7-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.13-x86_64-2.txz:  Rebuilt.
  On 32-bit, using the modesetting driver with Intel graphics is resulting in
  a black screen (observed here with CoffeeLake-H GT2), so on 32-bit only let's
  stop applying the patch that was making xorg-server use modesetting by
  default. Thanks to LuckyCyborg and Petri Kaukasoina.
  Fix build with gcc-14.2.
x/xorg-server-xephyr-21.1.13-x86_64-2.txz:  Rebuilt.
x/xorg-server-xnest-21.1.13-x86_64-2.txz:  Rebuilt.
x/xorg-server-xvfb-21.1.13-x86_64-2.txz:  Rebuilt.
xfce/xfce4-screenshooter-1.11.1-x86_64-1.txz:  Upgraded.
2024-08-20 20:59:42 +02:00
Patrick J Volkerding
34db2b9001 Thu Aug 15 20:07:37 UTC 2024
a/aaa_libraries-15.1-x86_64-33.txz:  Rebuilt.
  Upgraded:  libcares.so.2.18.0, libtdb.so.1.4.12.
  Added (temporarily):  libboost_*.so.1.85.0.
a/btrfs-progs-6.10.1-x86_64-1.txz:  Upgraded.
ap/cups-browsed-2.0.1-x86_64-1.txz:  Upgraded.
ap/cups-filters-2.0.1-x86_64-1.txz:  Upgraded.
kde/kig-23.08.5-x86_64-5.txz:  Rebuilt.
  Recompiled against boost-1.86.0.
kde/kopeninghours-23.08.5-x86_64-5.txz:  Rebuilt.
  Recompiled against boost-1.86.0.
l/boost-1.86.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/cryfs-0.10.3-x86_64-12.txz:  Rebuilt.
  Recompiled against boost-1.86.0.
l/enchant-2.8.2-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.7.1-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.6-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.86.0.
x/libime-1.1.8-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.86.0.
2024-08-15 23:02:34 +02:00
Patrick J Volkerding
ad15c47313 Wed Aug 14 19:36:01 UTC 2024
a/kernel-generic-6.10.5-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.10.5-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.10.5-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.10.5-x86-1.txz:  Upgraded.
d/python-setuptools-72.2.0-x86_64-1.txz:  Upgraded.
k/kernel-source-6.10.5-noarch-1.txz:  Upgraded.
kde/okteta-0.26.16-x86_64-1.txz:  Upgraded.
n/dovecot-2.3.21.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  A large number of address headers in email resulted in excessive CPU usage.
  Abnormally large email headers are now truncated or discarded, with a limit
  of 10MB on a single header and 50MB for all the headers of all the parts of
  an email.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-23184
    https://www.cve.org/CVERecord?id=CVE-2024-23185
  (* Security fix *)
n/lynx-2.9.2-x86_64-1.txz:  Upgraded.
x/mesa-24.2.0-x86_64-1.txz:  Upgraded.
xfce/xfce4-notifyd-0.9.5-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.14.0-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-7.0.2.
  Thanks to Petri Kaukasoina.
extra/xv/xv-6.0.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-08-14 22:25:01 +02:00
Patrick J Volkerding
fcf512a278 Wed Aug 7 04:03:09 UTC 2024
a/bash-5.2.032-x86_64-2.txz:  Rebuilt.
  Patched a C compatibility error with GCC 14 in the configure.ac script that
  was causing the printf builtin to malfunction.
  Thanks to elMoco for the bug report.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-4.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
n/curl-8.9.1-x86_64-2.txz:  Rebuilt.
  This is a bugfix release.
  [PATCH] sigpipe: init the struct so that first apply ignores.
  Thanks to ponce.
n/samba-4.20.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-128.1.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/128.1.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-35/
    https://www.cve.org/CVERecord?id=CVE-2024-7518
    https://www.cve.org/CVERecord?id=CVE-2024-7519
    https://www.cve.org/CVERecord?id=CVE-2024-7520
    https://www.cve.org/CVERecord?id=CVE-2024-7521
    https://www.cve.org/CVERecord?id=CVE-2024-7522
    https://www.cve.org/CVERecord?id=CVE-2024-7524
    https://www.cve.org/CVERecord?id=CVE-2024-7525
    https://www.cve.org/CVERecord?id=CVE-2024-7526
    https://www.cve.org/CVERecord?id=CVE-2024-7527
    https://www.cve.org/CVERecord?id=CVE-2024-7528
    https://www.cve.org/CVERecord?id=CVE-2024-7529
    https://www.cve.org/CVERecord?id=CVE-2024-7531
  (* Security fix *)
xap/mozilla-thunderbird-128.1.0esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.1.0esr/releasenotes/
2024-08-07 07:22:03 +02:00
Patrick J Volkerding
054967ebe9 Mon Aug 5 21:58:24 UTC 2024
a/cracklib-2.10.2-x86_64-1.txz:  Upgraded.
ap/ksh93-1.0.10-x86_64-1.txz:  Upgraded.
ap/nvme-cli-2.10.2-x86_64-1.txz:  Upgraded.
d/Cython-3.0.11-x86_64-1.txz:  Upgraded.
d/binutils-2.43-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/cmake-3.30.2-x86_64-1.txz:  Upgraded.
  Recompiled against binutils-2.43.
d/oprofile-1.4.0-x86_64-14.txz:  Rebuilt.
kde/calligra-3.2.1-x86_64-43.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/cantor-23.08.5-x86_64-9.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kfilemetadata-5.116.0-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kile-2.9.93-x86_64-36.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kitinerary-23.08.5-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/krita-5.2.3-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/kstars-3.7.2-x86_64-1.txz:  Upgraded.
kde/labplot-2.11.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
kde/libindi-2.0.9-x86_64-1.txz:  Upgraded.
kde/okular-23.08.5-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-24.08.0.
l/SDL2-2.30.6-x86_64-1.txz:  Upgraded.
l/abseil-cpp-20240722.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/ffmpeg-6.1.2-x86_64-1.txz:  Upgraded.
  This is a temporary improvment. ;-)
l/fluidsynth-2.3.6-x86_64-1.txz:  Upgraded.
l/libdeflate-1.21-x86_64-1.txz:  Upgraded.
l/libnvme-1.10-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.103-x86_64-1.txz:  Upgraded.
l/mozjs115-115.14.0esr-x86_64-1.txz:  Upgraded.
l/poppler-24.08.0-x86_64-2.txz:  Rebuilt.
  Shared library .so-version bump.
l/protobuf-27.3-x86_64-2.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
l/python-wheel-0.44.0-x86_64-1.txz:  Upgraded.
l/readline-8.2.013-x86_64-1.txz:  Upgraded.
n/c-ares-1.33.0-x86_64-1.txz:  Upgraded.
n/mosh-1.4.0-x86_64-3.txz:  Rebuilt.
  Recompiled against abseil-cpp-20240722.0.
x/libFS-1.0.10-x86_64-1.txz:  Upgraded.
x/libXfont2-2.0.7-x86_64-1.txz:  Upgraded.
x/libXtst-1.2.5-x86_64-1.txz:  Upgraded.
x/x11perf-1.7.0-x86_64-1.txz:  Upgraded.
xap/pavucontrol-6.1-x86_64-1.txz:  Upgraded.
2024-08-06 01:03:55 +02:00
Patrick J Volkerding
0d4c554e22 Sun Aug 4 14:47:52 UTC 2024
a/kernel-firmware-20240802_29e0a01-noarch-1.txz:  Upgraded.
a/kernel-generic-6.10.3-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.10.3-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.10.3-x86_64-1.txz:  Upgraded.
d/gcc-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-g++-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-gdc-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-gfortran-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-gm2-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-gnat-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-go-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-objc-14.2.0-x86_64-1.txz:  Upgraded.
d/gcc-rust-14.2.0-x86_64-1.txz:  Added.
d/kernel-headers-6.10.3-x86-1.txz:  Upgraded.
d/libgccjit-14.2.0-x86_64-1.txz:  Upgraded.
d/libtool-2.4.7-x86_64-9.txz:  Rebuilt.
  Recompiled to update embedded GCC version number.
k/kernel-source-6.10.3-noarch-1.txz:  Upgraded.
n/samba-4.20.3-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-08-04 17:37:18 +02:00
Patrick J Volkerding
58d830884f Thu Aug 1 23:47:15 UTC 2024
a/bash-5.2.032-x86_64-1.txz:  Upgraded.
d/mercurial-6.8.1-x86_64-1.txz:  Upgraded.
l/pipewire-1.2.2-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-18.1.3-x86_64-1.txz:  Upgraded.
n/php-8.3.10-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.10
2024-08-02 02:30:06 +02:00
Patrick J Volkerding
4147fdd758 Mon Jul 29 18:32:35 UTC 2024
a/sysklogd-2.6.1-x86_64-1.txz:  Upgraded.
d/python-pip-24.2-x86_64-1.txz:  Upgraded.
d/python-setuptools-72.1.0-x86_64-1.txz:  Upgraded.
n/links-2.30-x86_64-1.txz:  Upgraded.
x/libX11-1.8.10-x86_64-1.txz:  Upgraded.
x/xinput_calibrator-0.8.0-x86_64-1.txz:  Added.
2024-07-29 20:58:51 +02:00
Patrick J Volkerding
0d071ad0ee Sun Jul 28 12:39:59 UTC 2024
d/meson-1.5.1-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_36-x86_64-1.txz:  Upgraded.
l/python-alabaster-1.0.0-x86_64-1.txz:  Upgraded.
n/wpa_supplicant-2.11-x86_64-2.txz:  Rebuilt.
  [PATCH] nl80211: add extra-ies only if allowed by driver.
  This fixes using broadcom-wl based adapters.
  Thanks to Stuart Winter.
x/OpenCC-1.1.8-x86_64-1.txz:  Upgraded.
x/xfs-1.2.2-x86_64-1.txz:  Upgraded.
2024-07-28 20:03:36 +02:00
Patrick J Volkerding
3dae50af06 Fri Jul 26 18:26:05 UTC 2024
a/cracklib-2.10.1-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240726_8bdce1c-noarch-1.txz:  Upgraded.
l/pangomm2-2.54.0-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.48.6-x86_64-1.txz:  Upgraded.
n/nmap-7.95-x86_64-2.txz:  Rebuilt.
  Make sure zenmap.desktop has an icon in /usr/share/pixmaps.
  Thanks to USUARIONUEVO.
n/rpcbind-1.2.7-x86_64-1.txz:  Upgraded.
x/ibus-libpinyin-1.15.8-x86_64-1.txz:  Upgraded.
x/ibus-m17n-1.4.31-x86_64-1.txz:  Upgraded.
xap/blueman-2.4.3-x86_64-1.txz:  Upgraded.
2024-07-26 21:06:15 +02:00
Patrick J Volkerding
b75837013c Thu Jul 25 02:39:18 UTC 2024
Well folks, we have some more interesting stuff in /testing now.
Our good friend LuckyCyborg posted a while back about our trials with
GRUB2, and that we were banging our heads against a wall for no reason
trying to bend GRUB2 with our 09_slackware_linux grub.d script instead
of changing our kernel/initrd naming scheme to vmlinux-6.10.1-generic
and initrd-6.10.1-generic.img. And, as is often the case, our friend is
exactly correct. Once we stopped trying to swim against the current, GRUB2
started behaving as it should.
The updates in /testing change the kernel naming scheme thusly, and modify
the geninitrd script in the mkinitrd package to also use this naming
scheme. And, of course, 09_slackware_linux is removed from GRUB2, and the
10_linux script is only lightly modified.
Because lilo and elilo work with the symlinks to the kernel and initrd,
they shouldn't care anout this change.
We've probably got 6.9.11 coming tomorrow. Unless I hear that I should stop
the presses on this change, it's likely that those kernels will be updated
using the new naming scheme and the mkinitrd and grub updates will be moved
into the main tree from /testing.
We'll stick with 6.9 in the main tree for now because I'm still encountering
suspend failure with the 6.10 kernel here.
Enjoy! :-)
a/kernel-firmware-20240723_b37d247-noarch-1.txz:  Upgraded.
ap/mpg123-1.32.6-x86_64-2.txz:  Rebuilt.
l/libxml2-2.13.3-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix XXE protection in downstream code.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-40896
  (* Security fix *)
l/mozilla-nss-3.102.1-x86_64-1.txz:  Upgraded.
l/nodejs-20.16.0-x86_64-1.txz:  Upgraded.
l/python-importlib_metadata-8.2.0-x86_64-1.txz:  Upgraded.
l/v4l-utils-1.28.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.32.3-x86_64-1.txz:  Upgraded.
n/curl-8.9.0-x86_64-1.txz:  Upgraded.
n/htdig-3.2.0b6-x86_64-10.txz:  Rebuilt.
  Patch XSS vulnerability. Thanks to jayjwa.
  Get this out of cgi-bin. Thanks to LuckyCyborg.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2007-6110
  (* Security fix *)
n/libtirpc-1.3.5-x86_64-1.txz:  Upgraded.
extra/fltk/fltk-1.3.9-x86_64-2.txz:  Rebuilt.
extra/tigervnc/tigervnc-1.13.1-x86_64-6.txz:  Rebuilt.
  Not sure why 1.14.0 isn't compiling, but we'll rebuild this for now.
testing/packages/grub-2.12-x86_64-12.txz:  Upgraded.
  Remove 09_slackware_linux.
  10_linux: don't rename Slackware ;-)
  This should configure the renamed kernel/initrd perfectly.
  Perhaps 10_linux should no longer accept initrd.gz as a valid name?
  For now it is accepted to avoid disrupting existing workflows.
testing/packages/kernel-generic-6.10.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-headers-6.10.1-x86-1.txz:  Upgraded.
testing/packages/kernel-huge-6.10.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-modules-6.10.1-x86_64-1.txz:  Upgraded.
testing/packages/kernel-source-6.10.1-noarch-1.txz:  Upgraded.
testing/packages/mkinitrd-1.4.11-x86_64-35.txz:  Upgraded.
  geninitrd: create initrd with initrd-version-name.img filename.
  Make compat symlinks by default.
  Always add LVM (I've seen it mistakenly skipped... if we can get to the
  bottom of that then we'll stop always adding it)
  Add /etc/default/geninitrd for configuration.
2024-07-25 06:11:40 +02:00
Patrick J Volkerding
c9ced48b11 Tue Jul 23 18:54:25 UTC 2024
Hey folks, we got a new glibc and are beginning the process of baking the new
default compile flags into the toolchain, the graphics stack, and whatever else
happens along. Enjoy! :-)
a/aaa_glibc-solibs-2.40-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-2.txz:  Rebuilt.
  Fix build against recent ext2fs.h. Thanks to shipujin.
a/xfsprogs-6.9.0-x86_64-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-3.txz:  Rebuilt.
ap/slackpkg-15.0.10-noarch-4.txz:  Rebuilt.
  Prefer gpg1 again. Going with the modern gpg with more dependencies was
  a mistake in this case. (now we know why gnupg-1 is still around :-)
  Thanks to Petri Kaukasoina.
d/binutils-2.42-x86_64-3.txz:  Rebuilt.
d/cargo-vendor-filterer-0.5.14-x86_64-2.txz:  Rebuilt.
d/cbindgen-0.26.0-x86_64-2.txz:  Rebuilt.
d/ccache-4.10.2-x86_64-1.txz:  Upgraded.
d/cmake-3.30.1-x86_64-2.txz:  Rebuilt.
d/gcc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-14.1.0-x86_64-2.txz:  Rebuilt.
d/libgccjit-14.1.0-x86_64-2.txz:  Rebuilt.
d/libtool-2.4.7-x86_64-8.txz:  Rebuilt.
d/parallel-20240722-noarch-1.txz:  Upgraded.
d/pkg-config-0.29.2-x86_64-5.txz:  Rebuilt.
d/python-setuptools-71.1.0-x86_64-1.txz:  Upgraded.
d/ruby-3.3.4-x86_64-2.txz:  Rebuilt.
d/rust-bindgen-0.69.4-x86_64-2.txz:  Rebuilt.
d/strace-6.10-x86_64-1.txz:  Upgraded.
d/subversion-1.14.3-x86_64-3.txz:  Rebuilt.
e/emacs-29.4-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.16.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.11-x86_64-1.txz:  Upgraded.
l/PyQt5_sip-12.15.0-x86_64-2.txz:  Rebuilt.
l/argon2-20190702-x86_64-6.txz:  Rebuilt.
l/ffmpeg-6.1.1-x86_64-5.txz:  Rebuilt.
l/glibc-2.40-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
l/glibc-i18n-2.40-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.40-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.5-x86_64-2.txz:  Rebuilt.
l/libcdio-paranoia-10.2+2.0.2-x86_64-1.txz:  Upgraded.
l/libclc-18.1.8-x86_64-3.txz:  Rebuilt.
l/libproxy-0.5.8-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-1.txz:  Upgraded.
l/poppler-24.07.0-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-1.txz:  Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Rebuilt.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-3.txz:  Rebuilt.
l/sip-6.8.6-x86_64-2.txz:  Rebuilt.
l/spirv-llvm-translator-18.1.2-x86_64-2.txz:  Rebuilt.
l/v4l-utils-1.28.0-x86_64-1.txz:  Upgraded.
n/bind-9.18.28-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
n/fetchmail-6.4.39-x86_64-1.txz:  Upgraded.
n/obexftp-0.24.2-x86_64-13.txz:  Rebuilt.
n/pinentry-1.3.1-x86_64-2.txz:  Rebuilt.
n/wpa_supplicant-2.11-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.6-x86_64-3.txz:  Rebuilt.
x/ibus-m17n-1.4.30-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.122-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-10.txz:  Rebuilt.
x/mesa-24.1.4-x86_64-2.txz:  Rebuilt.
x/vulkan-sdk-1.3.275.0-x86_64-3.txz:  Rebuilt.
xap/audacious-4.4-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4-x86_64-2.txz:  Rebuilt.
xap/mozilla-thunderbird-128.0.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.0.1esr/releasenotes/
xap/xaos-4.3.2-x86_64-2.txz:  Rebuilt.
extra/emacs-regular-build/emacs-29.4-x86_64-2_regular.txz:  Rebuilt.
2024-07-23 22:50:05 +02:00
Patrick J Volkerding
748f32bae5 Thu Jul 18 20:01:18 UTC 2024
a/kernel-firmware-20240718_058deb9-noarch-1.txz:  Upgraded.
a/kernel-generic-6.9.10-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.9.10-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.9.10-x86_64-1.txz:  Upgraded.
d/cmake-3.30.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.9.10-x86-1.txz:  Upgraded.
d/python-setuptools-71.0.3-x86_64-1.txz:  Upgraded.
k/kernel-source-6.9.10-noarch-1.txz:  Upgraded.
kde/labplot-2.11.1-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.6-x86_64-1.txz:  Upgraded.
l/sof-firmware-2024.06-noarch-1.txz:  Upgraded.
n/httpd-2.4.62-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  The first CVE is for Windows, but the second one is an additional fix for
  the source code disclosure regression when using AddType.
  Users are recommended to upgrade to version 2.4.62 which fixes this issue.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.62
    https://www.cve.org/CVERecord?id=CVE-2024-40898
    https://www.cve.org/CVERecord?id=CVE-2024-40725
  (* Security fix *)
n/openvpn-2.6.12-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-07-18 22:52:07 +02:00
Patrick J Volkerding
5df6155d42 Wed Jul 17 19:29:24 UTC 2024
a/openssl11-solibs-1.1.1za-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0595-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.5-x86_64-1.txz:  Upgraded.
n/iproute2-6.10.0-x86_64-1.txz:  Upgraded.
n/nftables-1.1.0-x86_64-1.txz:  Upgraded.
n/openssl11-1.1.1za-x86_64-1.txz:  Upgraded.
  Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
  were only available to subscribers to OpenSSL's premium extended support.
  These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
  The reported version number has been updated so that vulnerability scanners
  calm down. All of these issues were considered to be of low severity.
  We probably won't keep 1.1.1 in -current for long anyway, but might as well
  patch it first. :-)
  Thanks to Ken Zalewski for the patches!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-5678
    https://www.cve.org/CVERecord?id=CVE-2024-0727
    https://www.cve.org/CVERecord?id=CVE-2024-2511
    https://www.cve.org/CVERecord?id=CVE-2024-4741
    https://www.cve.org/CVERecord?id=CVE-2024-5535
  (* Security fix *)
x/mesa-24.1.4-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0595-x86_64-1.txz:  Upgraded.
2024-07-17 22:04:22 +02:00
Patrick J Volkerding
92fb81711e Tue Jul 16 22:48:42 UTC 2024
n/curl-8.8.0-x86_64-3.txz:  Rebuilt.
  Recompiled using --with-openssl-quic to enable HTTP3.
  This is (unsurprisingly) considered experimental, but should be fine.
  Thanks to marav.
2024-07-17 01:28:48 +02:00