Commit graph

218 commits

Author SHA1 Message Date
Patrick J Volkerding
abc3e67678 Sun May 12 19:10:12 UTC 2024
a/less-654-x86_64-1.txz:  Upgraded.
d/ninja-1.12.1-x86_64-1.txz:  Upgraded.
n/whois-5.5.23-x86_64-1.txz:  Upgraded.
  Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
  and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
  TLD servers.
extra/bittornado/bittornado-0.3.18-noarch-3.txz:  Removed.
  Obsolete and based on python2.
2024-05-12 21:28:58 +02:00
Patrick J Volkerding
1531b10f73 Tue Apr 23 22:24:03 UTC 2024
d/ruby-3.3.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Arbitrary memory address read vulnerability with Regex search.
  RCE vulnerability with .rdoc_options in RDoc.
  Buffer overread vulnerability in StringIO.
  For more information, see:
    https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
    https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
    https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
    https://www.cve.org/CVERecord?id=CVE-2024-27282
    https://www.cve.org/CVERecord?id=CVE-2024-27281
    https://www.cve.org/CVERecord?id=CVE-2024-27280
  (* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz:  Upgraded.
x/rendercheck-1.6-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz:  Upgraded.
2024-04-24 01:01:16 +02:00
Patrick J Volkerding
2cc32ba84e Mon Apr 15 22:28:37 UTC 2024
ap/linuxdoc-tools-0.9.83-x86_64-1.txz:  Upgraded.
  Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0.
  See the ChangeLog in source/ap/linuxdoc-tools for more details.
  Thanks to Stuart Winter.
ap/sqlite-3.45.3-x86_64-1.txz:  Upgraded.
l/Mako-1.3.3-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.5-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.23.0-x86_64-1.txz:  Upgraded.
x/libwacom-2.11.0-x86_64-1.txz:  Upgraded.
x/xcb-proto-1.17.0-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.2-x86_64-1.txz:  Upgraded.
xap/pan-0.158-x86_64-1.txz:  Upgraded.
  Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-)
2024-04-16 01:59:06 +02:00
Patrick J Volkerding
44183f6ba3 Fri Mar 29 20:39:11 UTC 2024
Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a
rebuild or upgrade to build against python-3.11.8. Looking at the python
readiness page, it seems like a lot of stuff we use is not certified for
python-3.12 yet (although to be fair, about half as much isn't certified for
python-3.11 either). But 3.11 seems to be the safer choice even though the
final bugfix update is scheduled for Monday. And, if we do decide to move
ahead to 3.12 later on, it'll be a lot easier than this update was.
Enjoy! :-)
a/aaa_libraries-15.1-x86_64-29.txz:  Rebuilt.
  Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0,
  libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0,
  libgthread-2.0.so.0.8000.0.
  Removed: libboost_*.so.1.83.0.
a/libblockdev-2.28-x86_64-3.txz:  Rebuilt.
a/libbytesize-2.8-x86_64-2.txz:  Rebuilt.
a/libpwquality-1.4.5-x86_64-2.txz:  Rebuilt.
a/mcelog-198-x86_64-1.txz:  Upgraded.
a/util-linux-2.40-x86_64-2.txz:  Rebuilt.
a/volume_key-0.3.12-x86_64-8.txz:  Rebuilt.
a/xz-5.6.1-x86_64-2.txz:  Rebuilt.
  Seems like a good idea to build this from a git pull rather than the signed
  release tarballs. :-)
  The liblzma in the previous packages were not found to be vulnerable by the
  detection script, but I'd rather not carry the bad m4 files in our sources.
  Here's a test script for anyone wanting to try it:
  if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then
    echo probably vulnerable
  else
    echo probably not vulnerable
  fi
ap/hplip-3.23.12-x86_64-3.txz:  Rebuilt.
ap/linuxdoc-tools-0.9.82-x86_64-5.txz:  Rebuilt.
ap/rpm-4.19.1.1-x86_64-2.txz:  Rebuilt.
ap/undervolt-20210815_e39aea1-x86_64-3.txz:  Rebuilt.
ap/vim-9.1.0225-x86_64-1.txz:  Upgraded.
d/Cython-3.0.9-x86_64-2.txz:  Rebuilt.
d/distcc-3.4-x86_64-5.txz:  Rebuilt.
d/gdb-14.2-x86_64-2.txz:  Rebuilt.
d/gyp-20210831_d6c5dd51-x86_64-3.txz:  Rebuilt.
d/llvm-18.1.2-x86_64-2.txz:  Rebuilt.
d/mercurial-6.7.1-x86_64-2.txz:  Rebuilt.
d/meson-1.4.0-x86_64-2.txz:  Rebuilt.
d/python-pip-24.0-x86_64-2.txz:  Rebuilt.
d/python-setuptools-69.2.0-x86_64-2.txz:  Rebuilt.
d/python3-3.11.8-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/scons-4.7.0-x86_64-2.txz:  Rebuilt.
kde/cantor-23.08.5-x86_64-4.txz:  Rebuilt.
kde/kapidox-5.115.0-x86_64-2.txz:  Rebuilt.
kde/kdev-python-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kig-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kmymoney-5.1.3-x86_64-4.txz:  Rebuilt.
kde/kopeninghours-23.08.5-x86_64-2.txz:  Rebuilt.
kde/krita-5.2.2-x86_64-6.txz:  Rebuilt.
l/M2Crypto-0.41.0-x86_64-2.txz:  Rebuilt.
l/Mako-1.3.2-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.15.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.10-x86_64-2.txz:  Rebuilt.
l/PyQt5_sip-12.13.0-x86_64-2.txz:  Rebuilt.
l/QScintilla-2.14.1-x86_64-3.txz:  Rebuilt.
l/avahi-20240306_709e60f-x86_64-2.txz:  Rebuilt.
l/brotli-1.1.0-x86_64-2.txz:  Rebuilt.
l/dbus-python-1.3.2-x86_64-2.txz:  Rebuilt.
l/gexiv2-0.14.2-x86_64-3.txz:  Rebuilt.
l/gi-docgen-2023.3-x86_64-2.txz:  Rebuilt.
l/glade-3.40.0-x86_64-2.txz:  Rebuilt.
l/gobject-introspection-1.80.0-x86_64-2.txz:  Rebuilt.
l/harfbuzz-8.4.0-x86_64-1.txz:  Upgraded.
l/lensfun-0.3.4-x86_64-2.txz:  Rebuilt.
l/libcaca-0.99.beta20-x86_64-2.txz:  Rebuilt.
l/libcap-ng-0.8.4-x86_64-2.txz:  Rebuilt.
l/libieee1284-0.2.11-x86_64-8.txz:  Rebuilt.
l/libimobiledevice-20231007_04c0233-x86_64-2.txz:  Rebuilt.
l/libnvme-1.8-x86_64-2.txz:  Rebuilt.
l/libplist-2.4.0-x86_64-2.txz:  Rebuilt.
l/libwebp-1.3.2-x86_64-3.txz:  Rebuilt.
l/libxml2-2.12.6-x86_64-3.txz:  Rebuilt.
l/libxslt-1.1.39-x86_64-2.txz:  Rebuilt.
l/newt-0.52.24-x86_64-3.txz:  Rebuilt.
l/protobuf-26.1-x86_64-2.txz:  Rebuilt.
l/pycairo-1.26.0-x86_64-3.txz:  Rebuilt.
l/pycups-2.0.1-x86_64-7.txz:  Rebuilt.
l/pycurl-7.45.3-x86_64-2.txz:  Rebuilt.
l/pygobject3-3.48.1-x86_64-2.txz:  Rebuilt.
l/pyparsing-3.1.2-x86_64-2.txz:  Rebuilt.
l/python-Jinja2-3.1.3-x86_64-2.txz:  Rebuilt.
l/python-MarkupSafe-2.1.5-x86_64-2.txz:  Rebuilt.
l/python-PyYAML-6.0.1-x86_64-3.txz:  Rebuilt.
l/python-alabaster-0.7.16-x86_64-2.txz:  Rebuilt.
l/python-appdirs-1.4.4-x86_64-7.txz:  Rebuilt.
l/python-babel-2.14.0-x86_64-2.txz:  Rebuilt.
l/python-build-1.2.1-x86_64-2.txz:  Rebuilt.
l/python-calver-2022.6.26-x86_64-2.txz:  Rebuilt.
l/python-certifi-2024.2.2-x86_64-2.txz:  Rebuilt.
l/python-cffi-1.16.0-x86_64-2.txz:  Rebuilt.
l/python-chardet-5.2.0-x86_64-2.txz:  Rebuilt.
l/python-charset-normalizer-3.3.2-x86_64-2.txz:  Rebuilt.
l/python-distro-1.9.0-x86_64-2.txz:  Rebuilt.
l/python-dnspython-2.6.1-x86_64-2.txz:  Rebuilt.
l/python-docutils-0.20.1-x86_64-2.txz:  Rebuilt.
l/python-doxypypy-0.8.8.7-x86_64-2.txz:  Rebuilt.
l/python-doxyqml-0.5.3-x86_64-2.txz:  Rebuilt.
l/python-editables-0.5-x86_64-2.txz:  Rebuilt.
l/python-flit-core-3.9.0-x86_64-2.txz:  Rebuilt.
l/python-future-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-glad2-2.0.6-x86_64-2.txz:  Rebuilt.
l/python-hatchling-1.22.4-x86_64-2.txz:  Rebuilt.
l/python-html5lib-1.1-x86_64-2.txz:  Rebuilt.
l/python-idna-3.6-x86_64-2.txz:  Rebuilt.
l/python-imagesize-1.4.1-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-7.1.0-x86_64-2.txz:  Rebuilt.
l/python-installer-0.7.0-x86_64-2.txz:  Rebuilt.
l/python-lxml-5.1.1-x86_64-1.txz:  Upgraded.
l/python-markdown-3.6-x86_64-2.txz:  Rebuilt.
l/python-notify2-0.3.1-x86_64-11.txz:  Rebuilt.
l/python-packaging-24.0-x86_64-2.txz:  Rebuilt.
l/python-pathspec-0.12.1-x86_64-2.txz:  Rebuilt.
l/python-pbr-6.0.0-x86_64-2.txz:  Rebuilt.
l/python-pillow-10.2.0-x86_64-2.txz:  Rebuilt.
l/python-pluggy-1.4.0-x86_64-2.txz:  Rebuilt.
l/python-ply-3.11-x86_64-9.txz:  Rebuilt.
l/python-psutil-5.9.8-x86_64-2.txz:  Rebuilt.
l/python-pycparser-2.21-x86_64-2.txz:  Rebuilt.
l/python-pygments-2.17.2-x86_64-2.txz:  Rebuilt.
l/python-pyproject-hooks-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-pysol_cards-0.16.0-x86_64-2.txz:  Rebuilt.
l/python-pytz-2024.1-x86_64-2.txz:  Rebuilt.
l/python-random2-1.0.2-x86_64-2.txz:  Rebuilt.
l/python-requests-2.31.0-x86_64-2.txz:  Rebuilt.
l/python-sane-2.9.1-x86_64-6.txz:  Rebuilt.
l/python-setuptools_scm-8.0.4-x86_64-2.txz:  Rebuilt.
l/python-six-1.16.0-x86_64-4.txz:  Rebuilt.
l/python-smartypants-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-snowballstemmer-2.2.0-x86_64-2.txz:  Rebuilt.
l/python-sphinx-7.2.6-x86_64-2.txz:  Rebuilt.
l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz:  Rebuilt.
l/python-tomli-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-tomli-w-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-trove-classifiers-2024.3.25-x86_64-2.txz:  Rebuilt.
l/python-typing_extensions-4.10.0-x86_64-2.txz:  Rebuilt.
l/python-typogrify-2.0.7-x86_64-2.txz:  Rebuilt.
l/python-urllib3-2.2.1-x86_64-2.txz:  Rebuilt.
l/python-webencodings-0.5.1-x86_64-2.txz:  Rebuilt.
l/python-wheel-0.43.0-x86_64-2.txz:  Rebuilt.
l/python-zipp-3.18.1-x86_64-2.txz:  Rebuilt.
l/sip-6.8.3-x86_64-2.txz:  Rebuilt.
l/speech-dispatcher-0.11.5-x86_64-2.txz:  Rebuilt.
l/system-config-printer-1.5.18-x86_64-2.txz:  Rebuilt.
l/talloc-2.4.2-x86_64-2.txz:  Rebuilt.
l/tdb-1.4.10-x86_64-2.txz:  Rebuilt.
l/tevent-0.16.1-x86_64-2.txz:  Rebuilt.
n/epic5-2.1.12-x86_64-7.txz:  Rebuilt.
n/fetchmail-6.4.38-x86_64-2.txz:  Rebuilt.
n/getmail-6.18.14-x86_64-2.txz:  Rebuilt.
n/gpgme-1.23.2-x86_64-3.txz:  Rebuilt.
n/net-snmp-5.9.4-x86_64-2.txz:  Rebuilt.
n/nftables-1.0.9-x86_64-2.txz:  Rebuilt.
n/nmap-7.94-x86_64-2.txz:  Rebuilt.
n/nss-pam-ldapd-0.9.12-x86_64-4.txz:  Rebuilt.
n/obexftp-0.24.2-x86_64-12.txz:  Rebuilt.
n/pssh-2.3.5-x86_64-2.txz:  Rebuilt.
n/samba-4.20.0-x86_64-2.txz:  Rebuilt.
x/ibus-1.5.29-x86_64-3.txz:  Rebuilt.
x/ibus-anthy-1.5.16-x86_64-2.txz:  Rebuilt.
x/ibus-hangul-1.5.5-x86_64-2.txz:  Rebuilt.
x/ibus-libpinyin-1.15.7-x86_64-2.txz:  Rebuilt.
x/ibus-table-1.17.4-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-9.txz:  Rebuilt.
x/pyxdg-0.28-x86_64-2.txz:  Rebuilt.
x/xcb-proto-1.16.0-x86_64-3.txz:  Rebuilt.
xap/blueman-2.3.5-x86_64-2.txz:  Rebuilt.
xap/hexchat-2.16.2-x86_64-2.txz:  Rebuilt.
xap/vim-gvim-9.1.0225-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.6-x86_64-3.txz:  Rebuilt.
2024-03-29 22:36:12 +01:00
Patrick J Volkerding
b5abc7571b Tue Mar 26 22:24:59 UTC 2024
l/gjs-1.80.2-x86_64-1.txz:  Upgraded.
l/qt6-6.6.3_20240319_c2516323-x86_64-1.txz:  Upgraded.
2024-03-27 00:09:26 +01:00
Patrick J Volkerding
9433c582a0 Mon Mar 25 18:58:10 UTC 2024
a/shadow-4.15.1-x86_64-1.txz:  Upgraded.
  The main point of this release is to fix a bug that caused spurious error
  messages about unknown login.defs configuration options.
a/sysvinit-3.09-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.3.25-x86_64-1.txz:  Upgraded.
x/libX11-1.8.8-x86_64-1.txz:  Upgraded.
x/libXmu-1.2.0-x86_64-1.txz:  Upgraded.
x/lndir-1.0.5-x86_64-1.txz:  Upgraded.
x/xf86-video-savage-2.4.1-x86_64-1.txz:  Upgraded.
x/xman-1.2.0-x86_64-1.txz:  Upgraded.
x/xorg-docs-1.7.3-noarch-1.txz:  Upgraded.
2024-03-25 20:28:22 +01:00
Patrick J Volkerding
1e89414bae Sat Mar 23 19:34:02 UTC 2024
ap/vim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz:  Added.
  Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz:  Upgraded.
l/libdeflate-1.20-x86_64-1.txz:  Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz:  Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz:  Upgraded.
l/polkit-123-x86_64-2.txz:  Rebuilt.
  Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz:  Rebuilt.
  It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An attacker was able to inject an event handler into a privileged object
  that would allow arbitrary JavaScript execution in the parent process.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-16/
    https://www.cve.org/CVERecord?id=CVE-2024-29944
  (* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
2024-03-23 21:19:32 +01:00
Patrick J Volkerding
0cbf4c3859 Wed Mar 20 21:10:30 UTC 2024
a/libblockdev-2.28-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz:  Rebuilt.
  rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz:  Rebuilt.
  Drop python2 support.
ap/man-pages-6.7-noarch-1.txz:  Upgraded.
d/cmake-3.28.4-x86_64-1.txz:  Upgraded.
d/llvm-18.1.2-x86_64-1.txz:  Upgraded.
d/python2-2.7.18-x86_64-7.txz:  Rebuilt.
  Bundle the final python2 versions of pip and setuptools.
  Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz:  Upgraded.
  Point the /usr/bin/python symlink at python3.9.
  PEP 394 says we can do this, and in a world of ambigious shebangs, this
  is probably the best of the available options.
  This update also fixes security issues:
  bundled libexpat was updated to 2.6.0.
  zipfile is now protected from the "quoted-overlap" zipbomb.
  tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
  working around file system permission errors.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2024-0450
    https://www.cve.org/CVERecord?id=CVE-2023-6597
  (* Security fix *)
d/strace-6.8-x86_64-1.txz:  Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz:  Rebuilt.
  Fixed installed library name. Thanks to reddog83.
  Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz:  Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz:  Rebuilt.
  Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz:  Removed.
  Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz:  Added.
  We'll need this (along with pygtk and pygobject) until we get gimp3.
  Well, we could build gimp without python support, but I really don't think
  that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz:  Upgraded.
n/crda-4.15-x86_64-1.txz:  Removed.
  The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz:  Upgraded.
n/gpgme-1.23.2-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz:  Rebuilt.
  Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz:  Added.
  Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz:  Removed.
  Nothing uses it, and it was never updated for python3. Removed as obsolete.
2024-03-20 23:08:57 +01:00
Patrick J Volkerding
2b9bc64077 Mon Mar 4 20:41:42 UTC 2024
d/vala-0.56.15-x86_64-1.txz:  Upgraded.
e/emacspeak-59.0-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-37.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/cantor-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/kfilemetadata-5.115.0-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/kile-2.9.93-x86_64-31.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/kitinerary-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/krita-5.2.2-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
kde/okular-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.03.0.
l/poppler-24.03.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Enabled building libpoppler-qt6.
x/xev-1.2.6-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.1-x86_64-1.txz:  Upgraded.
x/xfontsel-1.1.1-x86_64-1.txz:  Upgraded.
x/xmessage-1.0.7-x86_64-1.txz:  Upgraded.
x/xmh-1.0.5-x86_64-1.txz:  Upgraded.
x/xpr-1.2.0-x86_64-1.txz:  Upgraded.
x/xrefresh-1.1.0-x86_64-1.txz:  Upgraded.
x/xsm-1.0.6-x86_64-1.txz:  Upgraded.
2024-03-04 22:36:33 +01:00
Patrick J Volkerding
eabd4b9fab Sun Mar 3 20:50:24 UTC 2024
d/gdb-14.2-x86_64-1.txz:  Upgraded.
l/python-PyYAML-6.0.1-x86_64-2.txz:  Rebuilt.
  Fixed build with Cython >= 3. Thanks to Stuart Winter.
l/qt6-6.6.2_20240210_15b7e743-x86_64-2.txz:  Rebuilt.
  Fixed the sdpscanner6 symlink by moving INSTALL_LIBEXECDIR to the expected
  location.
x/editres-1.0.9-x86_64-1.txz:  Upgraded.
x/encodings-1.1.0-noarch-1.txz:  Upgraded.
x/gccmakedep-1.0.4-noarch-1.txz:  Upgraded.
x/libXaw3d-1.6.6-x86_64-1.txz:  Upgraded.
x/libXcursor-1.2.2-x86_64-1.txz:  Upgraded.
x/libXdmcp-1.1.5-x86_64-1.txz:  Upgraded.
x/libfontenc-1.1.8-x86_64-1.txz:  Upgraded.
x/libxcb-1.16.1-x86_64-1.txz:  Upgraded.
x/listres-1.0.6-x86_64-1.txz:  Upgraded.
x/mkfontscale-1.2.3-x86_64-1.txz:  Upgraded.
x/xauth-1.1.3-x86_64-1.txz:  Upgraded.
x/xlsfonts-1.0.8-x86_64-1.txz:  Upgraded.
2024-03-03 22:35:28 +01:00
Patrick J Volkerding
0dcf6c9e37 Wed Feb 14 04:31:08 UTC 2024
l/exiv2-0.28.2-x86_64-1.txz:  Upgraded.
  Fixes two low-severity security issues introduced in 0.28.x:
  Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
  Denial of service due to unbounded recursion in
  QuickTimeVideo::multipleEntriesDecoder.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-24826
    https://www.cve.org/CVERecord?id=CVE-2024-25112
  (* Security fix *)
l/gnome-keyring-46.1-x86_64-1.txz:  Upgraded.
n/dnsmasq-2.90-x86_64-1.txz:  Upgraded.
  Add limits on the resources used to do DNSSEC validation.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50868
  (* Security fix *)
x/igt-gpu-tools-1.28-x86_64-2.txz:  Rebuilt.
  Recompiled against /procps-ng-4.0.4.
2024-02-14 05:59:05 +01:00
Patrick J Volkerding
b1547e7faa Tue Feb 6 21:45:37 UTC 2024
a/kernel-firmware-20240203_b4b04a5-noarch-1.txz:  Upgraded.
ap/inxi-3.3.32_1-noarch-1.txz:  Upgraded.
d/ccache-4.9.1-x86_64-1.txz:  Upgraded.
d/cmake-3.28.3-x86_64-1.txz:  Upgraded.
l/jasper-4.2.0-x86_64-1.txz:  Upgraded.
x/libpciaccess-0.18-x86_64-1.txz:  Upgraded.
x/xdg-utils-1.2.1-noarch-1.txz:  Upgraded.
xfce/garcon-4.18.2-x86_64-1.txz:  Upgraded.
xfce/libxfce4ui-4.18.5-x86_64-1.txz:  Upgraded.
xfce/libxfce4util-4.18.2-x86_64-1.txz:  Upgraded.
2024-02-06 23:44:07 +01:00
Patrick J Volkerding
362e0f90f1 Sun Feb 4 19:20:00 UTC 2024
ap/pamixer-1.6-x86_64-1.txz:  Upgraded.
d/rust-bindgen-0.69.4-x86_64-1.txz:  Upgraded.
l/cxxopts-3.1.1-x86_64-1.txz:  Added.
  Needed by pamixer-1.6.
l/gc-8.2.6-x86_64-1.txz:  Upgraded.
l/libxml2-2.12.5-x86_64-1.txz:  Upgraded.
  Fix the following security issue:
  xmlreader: Don't expand XIncludes when backtracking.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-25062
  (* Security fix *)
x/bitmap-1.1.1-x86_64-1.txz:  Upgraded.
x/xditview-1.0.7-x86_64-1.txz:  Upgraded.
x/xkbcomp-1.4.7-x86_64-1.txz:  Upgraded.
x/xkbutils-1.0.6-x86_64-1.txz:  Upgraded.
x/xmore-1.0.4-x86_64-1.txz:  Upgraded.
x/xprop-1.2.7-x86_64-1.txz:  Upgraded.
2024-02-04 20:59:45 +01:00
Patrick J Volkerding
c705d52caf Sun Jan 21 20:50:08 UTC 2024
a/ed-1.20-x86_64-1.txz:  Upgraded.
l/SDL2_ttf-2.22.0-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_27-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.3-x86_64-1.txz:  Upgraded.
n/nghttp2-1.59.0-x86_64-1.txz:  Upgraded.
x/xbiff-1.0.5-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz:  Rebuilt.
  Recompiled against xorg-server-21.1.11, including the latest patches for
  several security issues. Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-6377
    https://www.cve.org/CVERecord?id=CVE-2023-6478
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-21886
  (* Security fix *)
2024-01-21 22:29:32 +01:00
Patrick J Volkerding
c238904d3e Thu Jan 4 20:54:16 UTC 2024
a/dcron-4.5-x86_64-14.txz:  Rebuilt.
  Add /etc/default/run-parts. Thanks to lostintime.
kde/fcitx5-configtool-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.6-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.4-x86_64-1.txz:  Upgraded.
x/pixman-0.43.0-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.6-x86_64-1.txz:  Upgraded.
2024-01-04 22:41:03 +01:00
Patrick J Volkerding
183c67ecca Wed Nov 15 22:01:26 UTC 2023
a/btrfs-progs-6.6.2-x86_64-1.txz:  Upgraded.
d/cmake-3.27.8-x86_64-1.txz:  Upgraded.
l/netpbm-11.04.04-x86_64-1.txz:  Upgraded.
l/woff2-20231106_0f4d304-x86_64-1.txz:  Upgraded.
  Include the binary utilities. Thanks to TJ09.
n/bind-9.18.20-x86_64-1.txz:  Upgraded.
n/c-ares-1.22.0-x86_64-1.txz:  Upgraded.
n/libgcrypt-1.10.3-x86_64-1.txz:  Upgraded.
n/p11-kit-0.25.3-x86_64-1.txz:  Upgraded.
x/xf86-video-ati-22.0.0-x86_64-1.txz:  Upgraded.
x/xf86-video-intel-20230201_b74b67f0-x86_64-1.txz:  Upgraded.
x/xf86-video-nouveau-20231005_827f1e2-x86_64-1.txz:  Upgraded.
x/xf86-video-r128-6.12.1-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-115.4.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.4.3/releasenotes/
2023-11-15 23:57:15 +01:00
Patrick J Volkerding
83bf1d11ee Fri Sep 29 19:45:18 UTC 2023
d/meson-1.2.2-x86_64-1.txz:  Upgraded.
l/nodejs-20.8.0-x86_64-1.txz:  Upgraded.
l/sof-firmware-2023.09-noarch-1.txz:  Upgraded.
n/bluez-5.70-x86_64-1.txz:  Upgraded.
n/php-8.2.11-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.2.11
x/mesa-23.2.1-x86_64-1.txz:  Upgraded.
x/xman-1.1.6-x86_64-1.txz:  Upgraded.
xfce/xfce4-clipman-plugin-1.6.5-x86_64-1.txz:  Upgraded.
2023-09-29 22:31:51 +02:00
Patrick J Volkerding
94e7610642 Thu Jul 20 19:55:25 UTC 2023
d/re2c-3.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.22.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.22.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.22.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.22.5-x86_64-1.txz:  Upgraded.
l/gstreamer-1.22.5-x86_64-1.txz:  Upgraded.
l/libptytty-2.0-x86_64-1.txz:  Added.
  This is required by rxvt-unicode-9.31.
x/libpthread-stubs-0.5-x86_64-1.txz:  Upgraded.
xap/rxvt-unicode-9.31-x86_64-1.txz:  Upgraded.
  Compiled against libptytty-2.0.
testing/packages/mozilla-thunderbird-115.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.0.1/releasenotes/
  (* Security fix *)
2023-07-20 22:31:39 +02:00
Patrick J Volkerding
e4cf5f582a Tue Jun 6 20:26:59 UTC 2023
a/kernel-firmware-20230531_fc90c59-noarch-1.txz:  Upgraded.
a/kernel-generic-6.1.32-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.32-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.32-x86_64-1.txz:  Upgraded.
d/gcc-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-13.1.0-x86_64-2.txz:  Added.
d/gcc-gnat-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-13.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-13.1.0-x86_64-2.txz:  Rebuilt.
d/kernel-headers-6.1.32-x86-1.txz:  Upgraded.
d/libtool-2.4.7-x86_64-5.txz:  Rebuilt.
  Recompiled to update embedded GCC version number.
k/kernel-source-6.1.32-noarch-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-30.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/cantor-23.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/kfilemetadata-5.106.0-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/kile-2.9.93-x86_64-25.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/kitinerary-23.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/krita-5.1.5-x86_64-10.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
kde/okteta-0.26.11-x86_64-1.txz:  Upgraded.
kde/okular-23.04.1-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-23.06.0.
l/enchant-2.5.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.10.4-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.90-x86_64-1.txz:  Upgraded.
l/openexr-3.1.8-x86_64-1.txz:  Upgraded.
l/poppler-23.06.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/qtkeychain-0.14.1-x86_64-1.txz:  Upgraded.
n/krb5-1.21-x86_64-1.txz:  Upgraded.
n/ntp-4.2.8p17-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
n/postfix-3.8.1-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.1.2-x86_64-1.txz:  Upgraded.
x/xorgproto-2023.1-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-114.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/114.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2023-20/
    https://www.cve.org/CVERecord?id=CVE-2023-34414
    https://www.cve.org/CVERecord?id=CVE-2023-34415
    https://www.cve.org/CVERecord?id=CVE-2023-34416
    https://www.cve.org/CVERecord?id=CVE-2023-34417
  (* Security fix *)
xfce/xfce4-panel-profiles-1.0.14-x86_64-1.txz:  Upgraded.
extra/sendmail/sendmail-8.17.2-x86_64-2.txz:  Rebuilt.
  Recompiled without -DUSE_EAI or ICU libraries as this experimental option
  is still leading to regressions.
extra/sendmail/sendmail-cf-8.17.2-noarch-2.txz:  Rebuilt.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2023-06-07 00:59:33 +02:00
Patrick J Volkerding
cf35a7e0c8 Sun Jun 4 19:16:13 UTC 2023
l/ocl-icd-2.3.2-x86_64-1.txz:  Upgraded.
n/libmilter-8.17.2-x86_64-1.txz:  Upgraded.
x/egl-wayland-1.1.12-x86_64-1.txz:  Upgraded.
x/libdmx-1.1.5-x86_64-1.txz:  Upgraded.
x/xrdb-1.2.2-x86_64-1.txz:  Upgraded.
x/xscope-1.4.4-x86_64-1.txz:  Upgraded.
x/xtrans-1.5.0-noarch-1.txz:  Upgraded.
x/xwd-1.0.9-x86_64-1.txz:  Upgraded.
extra/sendmail/sendmail-8.17.2-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
extra/sendmail/sendmail-cf-8.17.2-noarch-1.txz:  Upgraded.
2023-06-04 22:33:53 +02:00
Patrick J Volkerding
d06ae62d99 Mon May 8 23:42:23 UTC 2023
a/less-633-x86_64-1.txz:  Upgraded.
ap/inxi-3.3.27_1-noarch-1.txz:  Upgraded.
d/rust-1.68.2-x86_64-2.txz:  Upgraded.
l/mlt-7.16.0-x86_64-1.txz:  Upgraded.
x/m17n-lib-1.8.1-x86_64-1.txz:  Upgraded.
x/xf86-video-dummy-0.4.1-x86_64-1.txz:  Upgraded.
testing/packages/rust-1.69.0-x86_64-1.txz:  Upgraded.
2023-05-09 02:37:30 +02:00
Patrick J Volkerding
af89c2d6e8 Fri Apr 28 18:25:13 UTC 2023
kde/kalk-23.04.0-x86_64-1.txz:  Removed.
kde/ktextaddons-1.2.1-x86_64-1.txz:  Upgraded.
  Revert to this version until a newer one works.
kde/qcoro-0.9.0-x86_64-1.txz:  Upgraded.
l/iso-codes-4.15.0-noarch-1.txz:  Upgraded.
n/lynx-2.9.0dev.12-x86_64-1.txz:  Upgraded.
x/xdpyinfo-1.3.4-x86_64-1.txz:  Upgraded.
x/xinput-1.6.4-x86_64-1.txz:  Upgraded.
2023-04-28 21:32:39 +02:00
Patrick J Volkerding
59f80800c2 Tue Apr 11 18:49:02 UTC 2023
a/mcelog-194-x86_64-1.txz:  Upgraded.
a/tcsh-6.24.08-x86_64-1.txz:  Upgraded.
d/meson-1.1.0-x86_64-1.txz:  Upgraded.
d/rust-bindgen-0.65.0-x86_64-1.txz:  Upgraded.
l/mozjs102-102.10.0esr-x86_64-1.txz:  Upgraded.
l/nodejs-19.9.0-x86_64-1.txz:  Upgraded.
l/parted-3.6-x86_64-1.txz:  Upgraded.
x/ibus-table-1.17.0-x86_64-1.txz:  Upgraded.
x/libXfixes-6.0.1-x86_64-1.txz:  Upgraded.
x/libXt-1.3.0-x86_64-1.txz:  Upgraded.
x/xf86-video-neomagic-1.3.1-x86_64-1.txz:  Added.
x/xf86-video-savage-2.4.0-x86_64-1.txz:  Added.
x/xwininfo-1.1.6-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-112.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/112.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-13/#MFSA-TMP-2023-0001
    https://www.cve.org/CVERecord?id=CVE-2023-29531
    https://www.cve.org/CVERecord?id=CVE-2023-29532
    https://www.cve.org/CVERecord?id=CVE-2023-29533
    https://www.cve.org/CVERecord?id=CVE-2023-29534
    https://www.cve.org/CVERecord?id=CVE-2023-29535
    https://www.cve.org/CVERecord?id=CVE-2023-29536
    https://www.cve.org/CVERecord?id=CVE-2023-29537
    https://www.cve.org/CVERecord?id=CVE-2023-29538
    https://www.cve.org/CVERecord?id=CVE-2023-29539
    https://www.cve.org/CVERecord?id=CVE-2023-29540
    https://www.cve.org/CVERecord?id=CVE-2023-29541
    https://www.cve.org/CVERecord?id=CVE-2023-29542
    https://www.cve.org/CVERecord?id=CVE-2023-29543
    https://www.cve.org/CVERecord?id=CVE-2023-29544
    https://www.cve.org/CVERecord?id=CVE-2023-29545
    https://www.cve.org/CVERecord?id=CVE-2023-29546
    https://www.cve.org/CVERecord?id=CVE-2023-29547
    https://www.cve.org/CVERecord?id=CVE-2023-29548
    https://www.cve.org/CVERecord?id=CVE-2023-29549
    https://www.cve.org/CVERecord?id=CVE-2023-29550
    https://www.cve.org/CVERecord?id=CVE-2023-29551
  (* Security fix *)
2023-04-11 21:38:02 +02:00
Patrick J Volkerding
25dc9a625c Fri Apr 7 00:51:44 UTC 2023
a/kernel-firmware-20230406_86da2ac-noarch-1.txz:  Upgraded.
a/kernel-generic-6.1.23-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.1.23-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.1.23-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.1.23-x86-1.txz:  Upgraded.
d/llvm-16.0.1-x86_64-1.txz:  Upgraded.
k/kernel-source-6.1.23-noarch-1.txz:  Upgraded.
l/SDL2-2.26.5-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_6-x86_64-1.txz:  Upgraded.
l/isl-0.26-x86_64-1.txz:  Upgraded.
l/spirv-llvm-translator-16.0.0-x86_64-2.txz:  Rebuilt.
  Looks like this is working now after some linking adjustments.
  Thanks very much to lucabon!
x/mesa-23.0.1-x86_64-3.txz:  Rebuilt.
x/xf86-input-wacom-1.2.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2023-04-07 03:45:57 +02:00
Patrick J Volkerding
9ed93909f8 Tue Apr 4 20:15:38 UTC 2023
a/mcelog-193-x86_64-1.txz:  Upgraded.
d/vala-0.56.6-x86_64-1.txz:  Upgraded.
kde/bluedevil-5.27.4-x86_64-1.txz:  Upgraded.
kde/breeze-5.27.4-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.27.4-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.27.4-x86_64-1.txz:  Upgraded.
kde/drkonqi-5.27.4-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.27.4-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.27.4-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.27.4-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.27.4-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.27.4-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.27.4-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.27.4-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.27.4-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.27.4-x86_64-1.txz:  Upgraded.
kde/kpipewire-5.27.4-x86_64-1.txz:  Upgraded.
kde/kscreen-5.27.4-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.27.4-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.27.4-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.27.4-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.27.4-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.27.4-x86_64-1.txz:  Upgraded.
kde/kwin-5.27.4-x86_64-1.txz:  Upgraded.
kde/kwrited-5.27.4-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.27.4-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.27.4-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.27.4-x86_64-1.txz:  Upgraded.
kde/milou-5.27.4-x86_64-1.txz:  Upgraded.
kde/oxygen-5.27.4-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.27.4-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.27.4-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.27.4.1-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.27.4.1-x86_64-1.txz:  Upgraded.
n/daemon-0.8.2-x86_64-1.txz:  Upgraded.
x/wayland-1.22.0-x86_64-1.txz:  Upgraded.
x/xf86-input-libinput-1.3.0-x86_64-1.txz:  Upgraded.
2023-04-04 23:35:46 +02:00
Patrick J Volkerding
c3f9dd63fd Tue Feb 28 21:33:32 UTC 2023
a/mkinitrd-1.4.11-x86_64-31.txz:  Rebuilt.
  Fix the check to ensure -R is added when the root partition is a partition of
  a RAID device.
  Thanks to perrin4869 and drumz.
ap/vim-9.0.1362-x86_64-1.txz:  Upgraded.
kde/bluedevil-5.27.2-x86_64-1.txz:  Upgraded.
kde/breeze-5.27.2-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.27.2-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.27.2-x86_64-1.txz:  Upgraded.
kde/drkonqi-5.27.2-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.27.2-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.27.2-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.27.2-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.27.2-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.27.2-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.27.2-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.27.2-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.27.2-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.27.2-x86_64-1.txz:  Upgraded.
kde/kpipewire-5.27.2-x86_64-1.txz:  Upgraded.
kde/kscreen-5.27.2-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.27.2-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.27.2-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.27.2-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.27.2-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.27.2-x86_64-1.txz:  Upgraded.
kde/kwin-5.27.2-x86_64-1.txz:  Upgraded.
kde/kwrited-5.27.2-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.27.2-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.27.2-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.27.2-x86_64-1.txz:  Upgraded.
kde/milou-5.27.2-x86_64-1.txz:  Upgraded.
kde/oxygen-5.27.2-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.27.2-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.27.2-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.27.2-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.27.2-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.27.2-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.27.2-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.27.2-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.27.2-x86_64-1.txz:  Upgraded.
l/iso-codes-4.13.0-noarch-1.txz:  Upgraded.
n/whois-5.5.16-x86_64-1.txz:  Upgraded.
  Add bash completion support, courtesy of Ville Skytta.
  Updated the .tr TLD server.
  Removed support for -metu NIC handles.
x/encodings-1.0.7-noarch-1.txz:  Upgraded.
x/font-adobe-100dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-adobe-75dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-adobe-utopia-100dpi-1.0.5-noarch-1.txz:  Upgraded.
x/font-adobe-utopia-75dpi-1.0.5-noarch-1.txz:  Upgraded.
x/font-adobe-utopia-type1-1.0.5-noarch-1.txz:  Upgraded.
x/font-alias-1.0.5-noarch-1.txz:  Upgraded.
x/font-arabic-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-100dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-75dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-lucidatypewriter-100dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-lucidatypewriter-75dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-ttf-1.0.4-noarch-1.txz:  Upgraded.
x/font-bh-type1-1.0.4-noarch-1.txz:  Upgraded.
x/font-bitstream-100dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bitstream-75dpi-1.0.4-noarch-1.txz:  Upgraded.
x/font-bitstream-type1-1.0.4-noarch-1.txz:  Upgraded.
x/font-cronyx-cyrillic-1.0.4-noarch-1.txz:  Upgraded.
x/font-cursor-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-daewoo-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-dec-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-ibm-type1-1.0.4-noarch-1.txz:  Upgraded.
x/font-isas-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-jis-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-micro-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-misc-cyrillic-1.0.4-noarch-1.txz:  Upgraded.
x/font-misc-ethiopic-1.0.5-noarch-1.txz:  Upgraded.
x/font-misc-meltho-1.0.4-noarch-1.txz:  Upgraded.
x/font-misc-misc-1.1.3-noarch-1.txz:  Upgraded.
x/font-mutt-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-schumacher-misc-1.1.3-noarch-1.txz:  Upgraded.
x/font-screen-cyrillic-1.0.5-noarch-1.txz:  Upgraded.
x/font-sony-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-sun-misc-1.0.4-noarch-1.txz:  Upgraded.
x/font-winitzki-cyrillic-1.0.4-noarch-1.txz:  Upgraded.
x/font-xfree86-type1-1.0.5-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-110.0.1-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/110.0.1/releasenotes/
xap/vim-gvim-9.0.1362-x86_64-1.txz:  Upgraded.
xfce/xfce4-notifyd-0.8.2-x86_64-1.txz:  Upgraded.
2023-02-28 23:45:27 +01:00
Patrick J Volkerding
b2b4f6942b Thu Feb 23 20:47:06 UTC 2023
ap/sqlite-3.41.0-x86_64-1.txz:  Upgraded.
d/parallel-20230222-noarch-1.txz:  Upgraded.
kde/kidletime-5.103.0-x86_64-2.txz:  Rebuilt.
  [PATCH] wayland: Guard wayland object destructors.
  Thanks to marav.
l/glib2-2.74.6-x86_64-1.txz:  Upgraded.
l/nodejs-19.7.0-x86_64-1.txz:  Upgraded.
l/v4l-utils-1.24.0-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.42.2-x86_64-1.txz:  Upgraded.
x/font-util-1.4.0-x86_64-1.txz:  Upgraded.
x/mesa-22.3.6-x86_64-1.txz:  Upgraded.
x/xbitmaps-1.1.3-x86_64-1.txz:  Upgraded.
x/xcursor-themes-1.0.7-noarch-1.txz:  Upgraded.
x/xf86-video-amdgpu-23.0.0-x86_64-1.txz:  Upgraded.
x/xorg-cf-files-1.0.8-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.34-x86_64-1.txz:  Upgraded.
xap/gparted-1.5.0-x86_64-1.txz:  Upgraded.
xfce/thunar-4.18.4-x86_64-1.txz:  Upgraded.
2023-02-23 22:38:18 +01:00
Patrick J Volkerding
a38ab2e72c Thu Feb 16 22:07:06 UTC 2023
ap/vim-9.0.1314-x86_64-1.txz:  Upgraded.
l/pipewire-0.3.66-x86_64-1.txz:  Upgraded.
n/bind-9.18.12-x86_64-1.txz:  Upgraded.
x/xf86-video-s3virge-1.11.1-x86_64-1.txz:  Added.
x/xf86-video-trident-1.4.0-x86_64-1.txz:  Added.
x/xterm-379-x86_64-1.txz:  Upgraded.
xap/freerdp-2.10.0-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-102.8.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
    https://www.cve.org/CVERecord?id=CVE-2023-0616
    https://www.cve.org/CVERecord?id=CVE-2023-25728
    https://www.cve.org/CVERecord?id=CVE-2023-25730
    https://www.cve.org/CVERecord?id=CVE-2023-0767
    https://www.cve.org/CVERecord?id=CVE-2023-25735
    https://www.cve.org/CVERecord?id=CVE-2023-25737
    https://www.cve.org/CVERecord?id=CVE-2023-25738
    https://www.cve.org/CVERecord?id=CVE-2023-25739
    https://www.cve.org/CVERecord?id=CVE-2023-25729
    https://www.cve.org/CVERecord?id=CVE-2023-25732
    https://www.cve.org/CVERecord?id=CVE-2023-25734
    https://www.cve.org/CVERecord?id=CVE-2023-25742
    https://www.cve.org/CVERecord?id=CVE-2023-25746
  (* Security fix *)
xap/vim-gvim-9.0.1314-x86_64-1.txz:  Upgraded.
2023-02-16 23:37:25 +01:00
Patrick J Volkerding
52ac228489 Mon Feb 13 20:03:36 UTC 2023
ap/man-pages-6.03-noarch-1.txz:  Upgraded.
l/atkmm-2.28.3-x86_64-1.txz:  Upgraded.
l/cairomm-1.14.4-x86_64-1.txz:  Upgraded.
l/glibmm-2.66.5-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.0_62-x86_64-1.txz:  Upgraded.
n/nghttp2-1.52.0-x86_64-1.txz:  Upgraded.
x/util-macros-1.20.0-noarch-1.txz:  Upgraded.
2023-02-13 21:32:54 +01:00
Patrick J Volkerding
dfd380d502 Sun Feb 5 20:39:36 UTC 2023
ap/htop-3.2.2-x86_64-1.txz:  Upgraded.
l/fuse3-3.13.1-x86_64-1.txz:  Upgraded.
l/pangomm-2.46.3-x86_64-1.txz:  Upgraded.
l/tevent-0.14.1-x86_64-1.txz:  Upgraded.
n/dnsmasq-2.89-x86_64-1.txz:  Upgraded.
x/libX11-1.8.4-x86_64-1.txz:  Upgraded.
x/xkeyboard-config-2.38-noarch-1.txz:  Upgraded.
x/xvidtune-1.0.4-x86_64-1.txz:  Upgraded.
2023-02-05 22:33:59 +01:00
Patrick J Volkerding
36e934ce2f Sun Jan 29 19:01:47 UTC 2023
l/imagemagick-7.1.0_59-x86_64-1.txz:  Upgraded.
n/c-ares-1.19.0-x86_64-1.txz:  Upgraded.
n/fetchmail-6.4.36-x86_64-1.txz:  Upgraded.
x/beforelight-1.0.6-x86_64-1.txz:  Upgraded.
2023-01-29 20:32:43 +01:00
Patrick J Volkerding
de5210c726 Fri Jan 27 20:08:12 UTC 2023
n/samba-4.17.5-x86_64-1.txz:  Upgraded.
  BUG 15240: CVE-2022-38023 [SECURITY] Samba should refuse RC4 (aka md5)
  based SChannel on NETLOGON (additional changes).
  For more information, see:
    https://www.samba.org/samba/security/CVE-2022-38023.html
    https://www.cve.org/CVERecord?id=CVE-2022-38023
  (* Security fix *)
x/mesa-22.3.4-x86_64-1.txz:  Upgraded.
x/xf86-video-vmware-13.4.0-x86_64-1.txz:  Upgraded.
2023-01-27 21:32:41 +01:00
Patrick J Volkerding
14094b8867 Thu Jan 19 21:07:32 UTC 2023
a/pkgtools-15.1-noarch-4.txz:  Rebuilt.
  makepkg: also let xz decide how many threads to use on ARM platforms aarch64
  and riscv64. Thanks to Stuart Winter.
  installpkg: fix reversed test for if a --threads option was given. It appears
  that it's been wrong for years but since xz didn't support threaded
  decompression yet it wasn't noticed.
a/xz-5.4.1-x86_64-2.txz:  Rebuilt.
  Reduce default verbosity from V_WARNING to V_ERROR to avoid sending non-fatal
  memory usage information to stderr.
kde/plasma-wayland-protocols-1.10.0-x86_64-1.txz:  Upgraded.
l/exiv2-0.27.6-x86_64-1.txz:  Upgraded.
l/tdb-1.4.8-x86_64-1.txz:  Upgraded.
x/igt-gpu-tools-1.27.1-x86_64-1.txz:  Upgraded.
x/libX11-1.8.3-x86_64-2.txz:  Rebuilt.
  [PATCH] Fix a9e845 and 797755 Allow X*IfEvent() to reenter libX11
  Thanks to marav.
2023-01-19 22:32:40 +01:00
Patrick J Volkerding
9cc1c3b360 Wed Jan 18 06:11:54 UTC 2023
ap/diffutils-3.9-x86_64-1.txz:  Upgraded.
ap/lsof-4.97.0-x86_64-1.txz:  Upgraded.
ap/mpg123-1.31.2-x86_64-1.txz:  Upgraded.
d/binutils-2.40-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/git-2.39.1-x86_64-1.txz:  Upgraded.
d/oprofile-1.4.0-x86_64-11.txz:  Rebuilt.
  Recompiled against binutils-2.40.
n/httpd-2.4.55-x86_64-1.txz:  Upgraded.
  This update fixes bugs and the following security issues:
  mod_proxy allows a backend to trigger HTTP response splitting.
  mod_proxy_ajp possible request smuggling.
  mod_dav out of bounds read, or write of zero byte.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.55
    https://www.cve.org/CVERecord?id=CVE-2022-37436
    https://www.cve.org/CVERecord?id=CVE-2022-36760
    https://www.cve.org/CVERecord?id=CVE-2006-20001
  (* Security fix *)
x/ibus-libpinyin-1.15.0-x86_64-1.txz:  Upgraded.
  Compiled against libpinyin-2.8.1.
x/igt-gpu-tools-1.27-x86_64-1.txz:  Upgraded.
x/libXpm-3.5.15-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Infinite loop on unclosed comments.
  Runaway loop with width of 0 and enormous height.
  Compression commands depend on $PATH.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-46285
    https://www.cve.org/CVERecord?id=CVE-2022-44617
    https://www.cve.org/CVERecord?id=CVE-2022-4883
  (* Security fix *)
x/libinput-1.22.1-x86_64-1.txz:  Upgraded.
x/libpinyin-2.8.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
xap/mozilla-firefox-109.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  Thanks to marav for the build help.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/109.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/
    https://www.cve.org/CVERecord?id=CVE-2023-23597
    https://www.cve.org/CVERecord?id=CVE-2023-23598
    https://www.cve.org/CVERecord?id=CVE-2023-23599
    https://www.cve.org/CVERecord?id=CVE-2023-23600
    https://www.cve.org/CVERecord?id=CVE-2023-23601
    https://www.cve.org/CVERecord?id=CVE-2023-23602
    https://www.cve.org/CVERecord?id=CVE-2023-23603
    https://www.cve.org/CVERecord?id=CVE-2023-23604
    https://www.cve.org/CVERecord?id=CVE-2023-23605
    https://www.cve.org/CVERecord?id=CVE-2023-23606
  (* Security fix *)
2023-01-18 08:41:55 +01:00
Patrick J Volkerding
a1d6f79ce8 Tue Dec 20 20:40:18 UTC 2022
d/p2c-2.02-x86_64-1.txz:  Upgraded.
kde/dolphin-22.12.0-x86_64-2.txz:  Rebuilt.
  [PATCH] Revert "portalize drag urls"
  Thanks to marav.
l/gst-plugins-bad-free-1.20.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.20.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.20.5-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.20.5-x86_64-1.txz:  Upgraded.
l/gstreamer-1.20.5-x86_64-1.txz:  Upgraded.
l/libqalculate-4.5.0-x86_64-1.txz:  Upgraded.
l/libvncserver-0.9.14-x86_64-1.txz:  Upgraded.
l/sdl-1.2.15-x86_64-14.txz:  Rebuilt.
  This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
  By crafting a malicious .BMP file, an attacker can cause the application
  using this library to crash, denial of service, or code execution.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2021-33657
  (* Security fix *)
n/gnupg2-2.2.41-x86_64-1.txz:  Upgraded.
n/libksba-1.6.3-x86_64-1.txz:  Upgraded.
  Fix another integer overflow in the CRL's signature parser.
  (* Security fix *)
x/libSM-1.2.4-x86_64-1.txz:  Upgraded.
x/xcb-util-0.4.1-x86_64-1.txz:  Upgraded.
x/xdriinfo-1.0.7-x86_64-1.txz:  Upgraded.
2022-12-20 22:34:22 +01:00
Patrick J Volkerding
4f53dfead2 Mon Dec 19 21:18:22 UTC 2022
a/logrotate-3.21.0-x86_64-1.txz:  Upgraded.
kde/gwenview-22.12.0-x86_64-2.txz:  Rebuilt.
  Recompiled against cfitsio-4.2.0.
kde/kstars-3.6.2-x86_64-2.txz:  Rebuilt.
  Recompiled against cfitsio-4.2.0.
l/cfitsio-4.2.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/gsettings-desktop-schemas-43.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.8.2-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.6-x86_64-1.txz:  Upgraded.
  This release fixes an invalid event type mask in XTestSwapFakeInput which
  was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
  for CVE-2022-46340.
x/xorg-server-xephyr-21.1.6-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.6-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.6-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-22.1.7-x86_64-1.txz:  Upgraded.
  This release fixes an invalid event type mask in XTestSwapFakeInput which
  was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
  for CVE-2022-46340.
testing/packages/rust-1.66.0-x86_64-1.txz:  Added.
2022-12-19 23:42:51 +01:00
Patrick J Volkerding
fc0ff5a5d7 Wed Dec 14 21:19:34 UTC 2022
a/bash-5.2.015-x86_64-1.txz:  Upgraded.
a/tcsh-6.24.06-x86_64-1.txz:  Upgraded.
ap/inxi-3.3.24_1-noarch-1.txz:  Upgraded.
ap/nano-7.1-x86_64-1.txz:  Upgraded.
d/git-2.39.0-x86_64-1.txz:  Upgraded.
d/rust-1.65.0-x86_64-1.txz:  Upgraded.
d/strace-6.1-x86_64-1.txz:  Upgraded.
kde/krita-5.1.4-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.0_54-x86_64-1.txz:  Upgraded.
l/nodejs-19.3.0-x86_64-1.txz:  Upgraded.
l/pcre2-10.42-x86_64-1.txz:  Upgraded.
n/iproute2-6.1.0-x86_64-1.txz:  Upgraded.
x/makedepend-1.0.8-x86_64-1.txz:  Upgraded.
x/xhost-1.0.9-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.5-x86_64-1.txz:  Upgraded.
  This release fixes 6 recently reported security vulnerabilities in
  various extensions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2022-December/003302.html
    https://www.cve.org/CVERecord?id=CVE-2022-46340
    https://www.cve.org/CVERecord?id=CVE-2022-46341
    https://www.cve.org/CVERecord?id=CVE-2022-46342
    https://www.cve.org/CVERecord?id=CVE-2022-46343
    https://www.cve.org/CVERecord?id=CVE-2022-46344
    https://www.cve.org/CVERecord?id=CVE-2022-4283
  (* Security fix *)
x/xorg-server-xephyr-21.1.5-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.5-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.5-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-22.1.6-x86_64-1.txz:  Upgraded.
  This release fixes 6 recently reported security vulnerabilities in
  various extensions.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2022-December/003302.html
    https://www.cve.org/CVERecord?id=CVE-2022-46340
    https://www.cve.org/CVERecord?id=CVE-2022-46341
    https://www.cve.org/CVERecord?id=CVE-2022-46342
    https://www.cve.org/CVERecord?id=CVE-2022-46343
    https://www.cve.org/CVERecord?id=CVE-2022-46344
    https://www.cve.org/CVERecord?id=CVE-2022-4283
  (* Security fix *)
xap/mozilla-thunderbird-102.6.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
    https://www.cve.org/CVERecord?id=CVE-2022-46880
    https://www.cve.org/CVERecord?id=CVE-2022-46872
    https://www.cve.org/CVERecord?id=CVE-2022-46881
    https://www.cve.org/CVERecord?id=CVE-2022-46874
    https://www.cve.org/CVERecord?id=CVE-2022-46875
    https://www.cve.org/CVERecord?id=CVE-2022-46882
    https://www.cve.org/CVERecord?id=CVE-2022-46878
  (* Security fix *)
xap/xscreensaver-6.06-x86_64-1.txz:  Upgraded.
testing/packages/mozilla-firefox-108.0-x86_64-1.txz:  Upgraded.
  Starting this out in /testing for now, since I've been trying for 2 days to
  get it to compile on 32-bit with no luck. It ends up failing with a bunch of
  errors like this:
  ld.lld: error: undefined hidden symbol: tabs_4d51_TabsStore_sync
  Any help getting this to build on 32-bit would be greatly appreciated.
  I've tried most of ponce's bag of tricks already. :-)
2022-12-14 23:46:49 +01:00
Patrick J Volkerding
ac5857bb77 Sat Dec 10 19:28:02 UTC 2022
kde/attica-5.101.0-x86_64-1.txz:  Upgraded.
kde/baloo-5.101.0-x86_64-1.txz:  Upgraded.
kde/bluez-qt-5.101.0-x86_64-1.txz:  Upgraded.
kde/breeze-icons-5.101.0-noarch-1.txz:  Upgraded.
kde/extra-cmake-modules-5.101.0-x86_64-1.txz:  Upgraded.
kde/frameworkintegration-5.101.0-x86_64-1.txz:  Upgraded.
kde/kactivities-5.101.0-x86_64-1.txz:  Upgraded.
kde/kactivities-stats-5.101.0-x86_64-1.txz:  Upgraded.
kde/kapidox-5.101.0-x86_64-1.txz:  Upgraded.
kde/karchive-5.101.0-x86_64-1.txz:  Upgraded.
kde/kauth-5.101.0-x86_64-1.txz:  Upgraded.
kde/kbookmarks-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcalendarcore-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcmutils-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcodecs-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcompletion-5.101.0-x86_64-1.txz:  Upgraded.
kde/kconfig-5.101.0-x86_64-1.txz:  Upgraded.
kde/kconfigwidgets-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcontacts-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcoreaddons-5.101.0-x86_64-1.txz:  Upgraded.
kde/kcrash-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdav-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdbusaddons-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdeclarative-5.101.0-x86_64-1.txz:  Upgraded.
kde/kded-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdelibs4support-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdesignerplugin-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdesu-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdewebkit-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdnssd-5.101.0-x86_64-1.txz:  Upgraded.
kde/kdoctools-5.101.0-x86_64-1.txz:  Upgraded.
kde/kemoticons-5.101.0-x86_64-1.txz:  Upgraded.
kde/kfilemetadata-5.101.0-x86_64-1.txz:  Upgraded.
kde/kglobalaccel-5.101.0-x86_64-1.txz:  Upgraded.
kde/kguiaddons-5.101.0-x86_64-1.txz:  Upgraded.
kde/kholidays-5.101.0-x86_64-1.txz:  Upgraded.
kde/khtml-5.101.0-x86_64-1.txz:  Upgraded.
kde/ki18n-5.101.0-x86_64-1.txz:  Upgraded.
kde/kiconthemes-5.101.0-x86_64-1.txz:  Upgraded.
kde/kidletime-5.101.0-x86_64-1.txz:  Upgraded.
kde/kimageformats-5.101.0-x86_64-1.txz:  Upgraded.
kde/kinit-5.101.0-x86_64-1.txz:  Upgraded.
kde/kio-5.101.0-x86_64-1.txz:  Upgraded.
kde/kirigami2-5.101.0-x86_64-1.txz:  Upgraded.
kde/kitemmodels-5.101.0-x86_64-1.txz:  Upgraded.
kde/kitemviews-5.101.0-x86_64-1.txz:  Upgraded.
kde/kjobwidgets-5.101.0-x86_64-1.txz:  Upgraded.
kde/kjs-5.101.0-x86_64-1.txz:  Upgraded.
kde/kjsembed-5.101.0-x86_64-1.txz:  Upgraded.
kde/kmediaplayer-5.101.0-x86_64-1.txz:  Upgraded.
kde/knewstuff-5.101.0-x86_64-1.txz:  Upgraded.
kde/knotifications-5.101.0-x86_64-1.txz:  Upgraded.
kde/knotifyconfig-5.101.0-x86_64-1.txz:  Upgraded.
kde/kpackage-5.101.0-x86_64-1.txz:  Upgraded.
kde/kparts-5.101.0-x86_64-1.txz:  Upgraded.
kde/kpeople-5.101.0-x86_64-1.txz:  Upgraded.
kde/kplotting-5.101.0-x86_64-1.txz:  Upgraded.
kde/kpty-5.101.0-x86_64-1.txz:  Upgraded.
kde/kquickcharts-5.101.0-x86_64-1.txz:  Upgraded.
kde/kross-5.101.0-x86_64-1.txz:  Upgraded.
kde/krunner-5.101.0-x86_64-1.txz:  Upgraded.
kde/kservice-5.101.0-x86_64-1.txz:  Upgraded.
kde/ktexteditor-5.101.0-x86_64-1.txz:  Upgraded.
kde/ktextwidgets-5.101.0-x86_64-1.txz:  Upgraded.
kde/kunitconversion-5.101.0-x86_64-1.txz:  Upgraded.
kde/kwallet-5.101.0-x86_64-1.txz:  Upgraded.
kde/kwayland-5.101.0-x86_64-1.txz:  Upgraded.
kde/kwidgetsaddons-5.101.0-x86_64-1.txz:  Upgraded.
kde/kwindowsystem-5.101.0-x86_64-1.txz:  Upgraded.
kde/kxmlgui-5.101.0-x86_64-1.txz:  Upgraded.
kde/kxmlrpcclient-5.101.0-x86_64-1.txz:  Upgraded.
kde/modemmanager-qt-5.101.0-x86_64-1.txz:  Upgraded.
kde/networkmanager-qt-5.101.0-x86_64-1.txz:  Upgraded.
kde/oxygen-icons5-5.101.0-noarch-1.txz:  Upgraded.
kde/plasma-framework-5.101.0-x86_64-1.txz:  Upgraded.
kde/prison-5.101.0-x86_64-1.txz:  Upgraded.
kde/purpose-5.101.0-x86_64-1.txz:  Upgraded.
kde/qqc2-desktop-style-5.101.0-x86_64-1.txz:  Upgraded.
kde/solid-5.101.0-x86_64-1.txz:  Upgraded.
kde/sonnet-5.101.0-x86_64-1.txz:  Upgraded.
kde/syndication-5.101.0-x86_64-1.txz:  Upgraded.
kde/syntax-highlighting-5.101.0-x86_64-1.txz:  Upgraded.
kde/threadweaver-5.101.0-x86_64-1.txz:  Upgraded.
x/xf86-video-vesa-2.6.0-x86_64-1.txz:  Upgraded.
2022-12-10 21:34:44 +01:00
Patrick J Volkerding
b98f1614c2 Wed Dec 7 18:48:07 UTC 2022
d/cargo-vendor-filterer-0.5.7-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
d/cbindgen-0.24.3-x86_64-1.txz:  Added.
d/python3-3.9.16-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  gh-98739: Updated bundled libexpat to 2.5.0 to fix CVE-2022-43680
  (heap use-after-free).
  gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio
  related name resolution functions no longer involves a quadratic algorithm
  to fix CVE-2022-45061. This prevents a potential CPU denial of service if an
  out-of-spec excessive length hostname involving bidirectional characters were
  decoded. Some protocols such as urllib http 3xx redirects potentially allow
  for an attacker to supply such a name.
  gh-100001: python -m http.server no longer allows terminal control characters
  sent within a garbage request to be printed to the stderr server log.
  gh-87604: Avoid publishing list of active per-interpreter audit hooks via the
  gc module.
  gh-97514: On Linux the multiprocessing module returns to using filesystem
  backed unix domain sockets for communication with the forkserver process
  instead of the Linux abstract socket namespace. Only code that chooses to use
  the "forkserver" start method is affected. This prevents Linux CVE-2022-42919
  (potential privilege escalation) as abstract sockets have no permissions and
  could allow any user on the system in the same network namespace (often the
  whole system) to inject code into the multiprocessing forkserver process.
  Filesystem based socket permissions restrict this to the forkserver process
  user as was the default in Python 3.8 and earlier.
  gh-98517: Port XKCP's fix for the buffer overflows in SHA-3 to fix
  CVE-2022-37454.
  gh-68966: The deprecated mailcap module now refuses to inject unsafe text
  (filenames, MIME types, parameters) into shell commands to address
  CVE-2015-20107. Instead of using such text, it will warn and act as if a
  match was not found (or for test commands, as if the test failed).
  For more information, see:
    https://pythoninsider.blogspot.com/2022/12/python-3111-3109-3916-3816-3716-and.html
    https://www.cve.org/CVERecord?id=CVE-2022-43680
    https://www.cve.org/CVERecord?id=CVE-2022-45061
    https://www.cve.org/CVERecord?id=CVE-2022-42919
    https://www.cve.org/CVERecord?id=CVE-2022-37454
    https://www.cve.org/CVERecord?id=CVE-2015-20107
  (* Security fix *)
d/rust-bindgen-0.63.0-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
l/pcre2-10.41-x86_64-1.txz:  Upgraded.
n/proftpd-1.3.8-x86_64-1.txz:  Upgraded.
x/mesa-22.3.0-x86_64-1.txz:  Upgraded.
  Compiled with Rusticl support. Thanks to Heinz Wiesinger.
x/xdm-1.1.14-x86_64-1.txz:  Upgraded.
2022-12-07 22:19:17 +01:00
Patrick J Volkerding
6229c1ff54 Mon Dec 5 02:40:12 UTC 2022
x/OpenCC-1.1.5-x86_64-1.txz:  Upgraded.
x/libXScrnSaver-1.2.4-x86_64-1.txz:  Upgraded.
x/libXcomposite-0.4.6-x86_64-1.txz:  Upgraded.
x/libXdamage-1.1.6-x86_64-1.txz:  Upgraded.
x/libXres-1.2.2-x86_64-1.txz:  Upgraded.
x/libXv-1.0.12-x86_64-1.txz:  Upgraded.
x/libXxf86dga-1.1.6-x86_64-1.txz:  Upgraded.
x/lndir-1.0.4-x86_64-1.txz:  Upgraded.
2022-12-05 07:00:11 +01:00
Patrick J Volkerding
2d4b9b1926 Sat Dec 3 21:07:32 UTC 2022
a/tcsh-6.24.04-x86_64-1.txz:  Upgraded.
ap/texinfo-7.0.1-x86_64-1.txz:  Upgraded.
l/vte-0.70.2-x86_64-1.txz:  Upgraded.
x/transset-1.0.3-x86_64-1.txz:  Upgraded.
x/xcursorgen-1.0.8-x86_64-1.txz:  Upgraded.
2022-12-04 06:59:45 +01:00
Patrick J Volkerding
7354944bf0 Mon Nov 21 20:23:13 UTC 2022
a/libpwquality-1.4.5-x86_64-1.txz:  Upgraded.
a/pciutils-3.9.0-x86_64-1.txz:  Upgraded.
ap/qpdf-11.2.0-x86_64-1.txz:  Upgraded.
d/mercurial-6.3.1-x86_64-1.txz:  Upgraded.
kde/krusader-2.8.0-x86_64-1.txz:  Upgraded.
l/libpng-1.6.39-x86_64-1.txz:  Upgraded.
l/mlt-7.12.0-x86_64-1.txz:  Upgraded.
x/fcitx5-5.0.20-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.0.13-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.0.16-x86_64-1.txz:  Upgraded.
x/fcitx5-gtk-5.0.20-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.0.11-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.0.11-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.0.16-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.0.12-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.0.12-x86_64-1.txz:  Upgraded.
x/libXdmcp-1.1.4-x86_64-1.txz:  Upgraded.
x/libXpm-3.5.14-x86_64-1.txz:  Upgraded.
x/libXrandr-1.5.3-x86_64-1.txz:  Upgraded.
x/libime-1.0.15-x86_64-1.txz:  Upgraded.
x/libinput-1.22.0-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.4-x86_64-1.txz:  Upgraded.
2022-11-22 07:00:14 +01:00
Patrick J Volkerding
7925f7cd17 Tue Nov 15 01:28:38 UTC 2022
a/xz-5.2.8-x86_64-1.txz:  Upgraded.
d/mercurial-6.3.0-x86_64-1.txz:  Upgraded.
d/rust-1.64.0-x86_64-1.txz:  Upgraded.
kde/attica-5.100.0-x86_64-1.txz:  Upgraded.
kde/baloo-5.100.0-x86_64-1.txz:  Upgraded.
kde/bluez-qt-5.100.0-x86_64-1.txz:  Upgraded.
kde/breeze-icons-5.100.0-noarch-1.txz:  Upgraded.
kde/extra-cmake-modules-5.100.0-x86_64-1.txz:  Upgraded.
kde/frameworkintegration-5.100.0-x86_64-1.txz:  Upgraded.
kde/kactivities-5.100.0-x86_64-1.txz:  Upgraded.
kde/kactivities-stats-5.100.0-x86_64-1.txz:  Upgraded.
kde/kapidox-5.100.0-x86_64-1.txz:  Upgraded.
kde/karchive-5.100.0-x86_64-1.txz:  Upgraded.
kde/kauth-5.100.0-x86_64-1.txz:  Upgraded.
kde/kbookmarks-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcalendarcore-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcmutils-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcodecs-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcompletion-5.100.0-x86_64-1.txz:  Upgraded.
kde/kconfig-5.100.0-x86_64-1.txz:  Upgraded.
kde/kconfigwidgets-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcontacts-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcoreaddons-5.100.0-x86_64-1.txz:  Upgraded.
kde/kcrash-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdav-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdbusaddons-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdeclarative-5.100.0-x86_64-1.txz:  Upgraded.
kde/kded-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdelibs4support-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdesignerplugin-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdesu-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdewebkit-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdnssd-5.100.0-x86_64-1.txz:  Upgraded.
kde/kdoctools-5.100.0-x86_64-1.txz:  Upgraded.
kde/kemoticons-5.100.0-x86_64-1.txz:  Upgraded.
kde/kfilemetadata-5.100.0-x86_64-1.txz:  Upgraded.
kde/kglobalaccel-5.100.0-x86_64-1.txz:  Upgraded.
kde/kguiaddons-5.100.0-x86_64-1.txz:  Upgraded.
kde/kholidays-5.100.0-x86_64-1.txz:  Upgraded.
kde/khtml-5.100.0-x86_64-1.txz:  Upgraded.
kde/ki18n-5.100.0-x86_64-1.txz:  Upgraded.
kde/kiconthemes-5.100.0-x86_64-1.txz:  Upgraded.
kde/kidletime-5.100.0-x86_64-1.txz:  Upgraded.
kde/kimageformats-5.100.0-x86_64-1.txz:  Upgraded.
kde/kinit-5.100.0-x86_64-1.txz:  Upgraded.
kde/kio-5.100.0-x86_64-1.txz:  Upgraded.
kde/kirigami2-5.100.0-x86_64-1.txz:  Upgraded.
kde/kitemmodels-5.100.0-x86_64-1.txz:  Upgraded.
kde/kitemviews-5.100.0-x86_64-1.txz:  Upgraded.
kde/kjobwidgets-5.100.0-x86_64-1.txz:  Upgraded.
kde/kjs-5.100.0-x86_64-1.txz:  Upgraded.
kde/kjsembed-5.100.0-x86_64-1.txz:  Upgraded.
kde/kmediaplayer-5.100.0-x86_64-1.txz:  Upgraded.
kde/knewstuff-5.100.0-x86_64-1.txz:  Upgraded.
kde/knotifications-5.100.0-x86_64-1.txz:  Upgraded.
kde/knotifyconfig-5.100.0-x86_64-1.txz:  Upgraded.
kde/kpackage-5.100.0-x86_64-1.txz:  Upgraded.
kde/kparts-5.100.0-x86_64-1.txz:  Upgraded.
kde/kpeople-5.100.0-x86_64-1.txz:  Upgraded.
kde/kplotting-5.100.0-x86_64-1.txz:  Upgraded.
kde/kpty-5.100.0-x86_64-1.txz:  Upgraded.
kde/kquickcharts-5.100.0-x86_64-1.txz:  Upgraded.
kde/kross-5.100.0-x86_64-1.txz:  Upgraded.
kde/krunner-5.100.0-x86_64-1.txz:  Upgraded.
kde/kservice-5.100.0-x86_64-1.txz:  Upgraded.
kde/ktexteditor-5.100.0-x86_64-1.txz:  Upgraded.
kde/ktextwidgets-5.100.0-x86_64-1.txz:  Upgraded.
kde/kunitconversion-5.100.0-x86_64-1.txz:  Upgraded.
kde/kwallet-5.100.0-x86_64-1.txz:  Upgraded.
kde/kwayland-5.100.0-x86_64-1.txz:  Upgraded.
kde/kwidgetsaddons-5.100.0-x86_64-1.txz:  Upgraded.
kde/kwindowsystem-5.100.0-x86_64-1.txz:  Upgraded.
kde/kxmlgui-5.100.0-x86_64-1.txz:  Upgraded.
kde/kxmlrpcclient-5.100.0-x86_64-1.txz:  Upgraded.
kde/modemmanager-qt-5.100.0-x86_64-1.txz:  Upgraded.
kde/networkmanager-qt-5.100.0-x86_64-1.txz:  Upgraded.
kde/oxygen-icons5-5.100.0-noarch-1.txz:  Upgraded.
kde/plasma-framework-5.100.0-x86_64-1.txz:  Upgraded.
kde/prison-5.100.0-x86_64-1.txz:  Upgraded.
kde/purpose-5.100.0-x86_64-1.txz:  Upgraded.
kde/qqc2-desktop-style-5.100.0-x86_64-1.txz:  Upgraded.
kde/solid-5.100.0-x86_64-1.txz:  Upgraded.
kde/sonnet-5.100.0-x86_64-1.txz:  Upgraded.
kde/syndication-5.100.0-x86_64-1.txz:  Upgraded.
kde/syntax-highlighting-5.100.0-x86_64-1.txz:  Upgraded.
kde/threadweaver-5.100.0-x86_64-1.txz:  Upgraded.
l/babl-0.1.98-x86_64-1.txz:  Upgraded.
l/gegl-0.4.40-x86_64-1.txz:  Upgraded.
l/grantlee-5.3.1-x86_64-1.txz:  Upgraded.
l/nodejs-19.1.0-x86_64-1.txz:  Upgraded.
n/libqmi-1.32.2-x86_64-1.txz:  Upgraded.
n/mutt-2.2.9-x86_64-1.txz:  Upgraded.
n/nghttp2-1.51.0-x86_64-1.txz:  Upgraded.
x/xcompmgr-1.1.9-x86_64-1.txz:  Upgraded.
x/xkbevd-1.1.5-x86_64-1.txz:  Upgraded.
x/xkill-1.0.6-x86_64-1.txz:  Upgraded.
x/xlogo-1.0.6-x86_64-1.txz:  Upgraded.
x/xlsatoms-1.1.4-x86_64-1.txz:  Upgraded.
x/xlsclients-1.1.5-x86_64-1.txz:  Upgraded.
testing/packages/rust-1.65.0-x86_64-1.txz:  Upgraded.
2022-11-15 07:00:12 +01:00
Patrick J Volkerding
f866235e9a Mon Oct 31 23:31:36 UTC 2022
a/ntfs-3g-2022.10.3-x86_64-1.txz:  Upgraded.
ap/mpg123-1.31.0-x86_64-1.txz:  Upgraded.
ap/vim-9.0.0814-x86_64-1.txz:  Upgraded.
  A vulnerability was found in vim and classified as problematic. Affected by
  this issue is the function qf_update_buffer of the file quickfix.c of the
  component autocmd Handler. The manipulation leads to use after free. The
  attack may be launched remotely. Upgrading to version 9.0.0805 is able to
  address this issue.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-3705
  (* Security fix *)
d/ccache-4.7.2-x86_64-1.txz:  Upgraded.
d/make-4.4-x86_64-1.txz:  Upgraded.
d/patchelf-0.16.1-x86_64-1.txz:  Upgraded.
d/strace-6.0-x86_64-1.txz:  Upgraded.
kde/kwin-5.26.2.1-x86_64-2.txz:  Rebuilt.
  [PATCH] x11window: revert more from 3a28c02f.
  Thanks to Heinz Wiesinger.
  [PATCH] x11: Don't force QT_NO_GLIB=1.
  [PATCH] x11: Don't force QT_QPA_PLATFORM=xcb.
  Thanks to marav.
l/libedit-20221030_3.1-x86_64-1.txz:  Upgraded.
l/python-importlib_metadata-5.0.0-x86_64-1.txz:  Upgraded.
l/taglib-1.13-x86_64-1.txz:  Upgraded.
l/utf8proc-2.8.0-x86_64-1.txz:  Upgraded.
n/openvpn-2.5.8-x86_64-1.txz:  Upgraded.
n/socat-1.7.4.4-x86_64-1.txz:  Upgraded.
x/libXext-1.3.5-x86_64-1.txz:  Upgraded.
x/libXinerama-1.1.5-x86_64-1.txz:  Upgraded.
x/makedepend-1.0.7-x86_64-1.txz:  Upgraded.
x/rgb-1.1.0-x86_64-1.txz:  Upgraded.
x/sessreg-1.1.3-x86_64-1.txz:  Upgraded.
x/x11perf-1.6.2-x86_64-1.txz:  Upgraded.
x/xsetroot-1.1.3-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-106.0.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/106.0.3/releasenotes/
xap/mozilla-thunderbird-102.4.1-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
xap/vim-gvim-9.0.0814-x86_64-1.txz:  Upgraded.
extra/php80/php80-8.0.25-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  GD: OOB read due to insufficient input validation in imageloadfont().
  Hash: buffer overflow in hash_update() on long parameter.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31630
    https://www.cve.org/CVERecord?id=CVE-2022-37454
  (* Security fix *)
extra/php81/php81-8.1.12-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  GD: OOB read due to insufficient input validation in imageloadfont().
  Hash: buffer overflow in hash_update() on long parameter.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-31630
    https://www.cve.org/CVERecord?id=CVE-2022-37454
  (* Security fix *)
2022-11-01 07:00:17 +01:00
Patrick J Volkerding
af2cb09097 Sat Oct 22 18:40:34 UTC 2022
d/parallel-20221022-noarch-1.txz:  Upgraded.
l/gc-8.2.2-x86_64-1.txz:  Upgraded.
x/libXrender-0.9.11-x86_64-1.txz:  Upgraded.
x/xfsinfo-1.0.7-x86_64-1.txz:  Upgraded.
2022-10-23 07:00:16 +02:00
Patrick J Volkerding
6df8986241 Wed Oct 19 20:06:33 UTC 2022
a/aaa_libraries-15.1-x86_64-11.txz:  Rebuilt.
  Upgraded: libcap.so.2.66, liblzma.so.5.2.7, libpopt.so.0.0.2,
  libexpat.so.1.8.9, libglib-2.0.so.0.7200.4, libgmodule-2.0.so.0.7200.4,
  libgobject-2.0.so.0.7200.4, libgthread-2.0.so.0.7200.4, libhistory.so.8.2,
  libreadline.so.8.2.
  Added: libunistring.so.2.1.0, libunistring.so.5.0.0.
  Removed: libffi.so.7.1.0.
a/gettext-0.21.1-x86_64-2.txz:  Rebuilt.
ap/lsof-4.96.4-x86_64-1.txz:  Upgraded.
ap/man-pages-6.01-noarch-1.txz:  Upgraded.
d/clisp-2.50_20220927_acb1266ee-x86_64-1.txz:  Upgraded.
  Compiled against libunistring-1.1.
d/gettext-tools-0.21.1-x86_64-2.txz:  Rebuilt.
  Recompiled against libunistring-1.1.
d/guile-3.0.8-x86_64-3.txz:  Rebuilt.
  Recompiled against libunistring-1.1.
kde/kguiaddons-5.99.0-x86_64-2.txz:  Rebuilt.
  [PATCH] systemclipboard: Don't signal data source cancellation.
  Thanks to marav.
l/libidn2-2.3.3-x86_64-2.txz:  Rebuilt.
l/libpsl-0.21.1-x86_64-5.txz:  Rebuilt.
  Recompiled against libunistring-1.1.
l/libunistring-1.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/bind-9.18.8-x86_64-1.txz:  Upgraded.
n/gnutls-3.7.8-x86_64-2.txz:  Rebuilt.
  Recompiled against libunistring-1.1.
n/samba-4.17.1-x86_64-1.txz:  Upgraded.
  This update fixes the following security issue:
  Bad password count not incremented atomically.
  For more information, see:
    https://bugzilla.samba.org/show_bug.cgi?id=14611
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20251
  (* Security fix *)
n/wget-1.21.3-x86_64-2.txz:  Rebuilt.
  Recompiled against libunistring-1.1.
x/imake-1.0.9-x86_64-1.txz:  Upgraded.
x/xcb-util-errors-1.0.1-x86_64-1.txz:  Upgraded.
x/xcb-util-image-0.4.1-x86_64-1.txz:  Upgraded.
x/xcb-util-keysyms-0.4.1-x86_64-1.txz:  Upgraded.
x/xcb-util-renderutil-0.3.10-x86_64-1.txz:  Upgraded.
x/xcb-util-wm-0.4.2-x86_64-1.txz:  Upgraded.
2022-10-20 17:00:19 +02:00
Patrick J Volkerding
f342454223 Tue Oct 18 20:29:54 UTC 2022
ap/vim-9.0.0790-x86_64-1.txz:  Upgraded.
d/ccache-4.7-x86_64-1.txz:  Upgraded.
d/git-2.38.1-x86_64-1.txz:  Upgraded.
  This release fixes two security issues:
  * CVE-2022-39253:
  When relying on the `--local` clone optimization, Git dereferences
  symbolic links in the source repository before creating hardlinks
  (or copies) of the dereferenced link in the destination repository.
  This can lead to surprising behavior where arbitrary files are
  present in a repository's `$GIT_DIR` when cloning from a malicious
  repository.
  Git will no longer dereference symbolic links via the `--local`
  clone mechanism, and will instead refuse to clone repositories that
  have symbolic links present in the `$GIT_DIR/objects` directory.
  Additionally, the value of `protocol.file.allow` is changed to be
  "user" by default.
  * CVE-2022-39260:
  An overly-long command string given to `git shell` can result in
  overflow in `split_cmdline()`, leading to arbitrary heap writes and
  remote code execution when `git shell` is exposed and the directory
  `$HOME/git-shell-commands` exists.
  `git shell` is taught to refuse interactive commands that are
  longer than 4MiB in size. `split_cmdline()` is hardened to reject
  inputs larger than 2GiB.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
  (* Security fix *)
kde/bluedevil-5.26.1-x86_64-1.txz:  Upgraded.
kde/breeze-5.26.1-x86_64-1.txz:  Upgraded.
kde/breeze-grub-5.26.1-x86_64-1.txz:  Upgraded.
kde/breeze-gtk-5.26.1-x86_64-1.txz:  Upgraded.
kde/drkonqi-5.26.1-x86_64-1.txz:  Upgraded.
kde/kactivitymanagerd-5.26.1-x86_64-1.txz:  Upgraded.
kde/kde-cli-tools-5.26.1-x86_64-1.txz:  Upgraded.
kde/kde-gtk-config-5.26.1-x86_64-1.txz:  Upgraded.
kde/kdecoration-5.26.1-x86_64-1.txz:  Upgraded.
kde/kdeplasma-addons-5.26.1-x86_64-1.txz:  Upgraded.
kde/kgamma5-5.26.1-x86_64-1.txz:  Upgraded.
kde/khotkeys-5.26.1-x86_64-1.txz:  Upgraded.
kde/kinfocenter-5.26.1-x86_64-1.txz:  Upgraded.
kde/kmenuedit-5.26.1-x86_64-1.txz:  Upgraded.
kde/kpipewire-5.26.1-x86_64-1.txz:  Upgraded.
kde/kscreen-5.26.1-x86_64-1.txz:  Upgraded.
kde/kscreenlocker-5.26.1-x86_64-1.txz:  Upgraded.
kde/ksshaskpass-5.26.1-x86_64-1.txz:  Upgraded.
kde/ksystemstats-5.26.1-x86_64-1.txz:  Upgraded.
kde/kwallet-pam-5.26.1-x86_64-1.txz:  Upgraded.
kde/kwayland-integration-5.26.1-x86_64-1.txz:  Upgraded.
kde/kwin-5.26.1-x86_64-1.txz:  Upgraded.
kde/kwrited-5.26.1-x86_64-1.txz:  Upgraded.
kde/layer-shell-qt-5.26.1-x86_64-1.txz:  Upgraded.
kde/libkscreen-5.26.1-x86_64-1.txz:  Upgraded.
kde/libksysguard-5.26.1-x86_64-1.txz:  Upgraded.
kde/milou-5.26.1-x86_64-1.txz:  Upgraded.
kde/oxygen-5.26.1-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-browser-integration-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-desktop-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-disks-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-firewall-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-integration-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-nm-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-pa-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-sdk-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-systemmonitor-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-vault-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-5.26.1-x86_64-1.txz:  Upgraded.
kde/plasma-workspace-wallpapers-5.26.1-x86_64-1.txz:  Upgraded.
kde/polkit-kde-agent-1-5.26.1-x86_64-1.txz:  Upgraded.
kde/powerdevil-5.26.1-x86_64-1.txz:  Upgraded.
kde/qqc2-breeze-style-5.26.1-x86_64-1.txz:  Upgraded.
kde/sddm-kcm-5.26.1-x86_64-1.txz:  Upgraded.
kde/systemsettings-5.26.1-x86_64-1.txz:  Upgraded.
kde/xdg-desktop-portal-kde-5.26.1-x86_64-1.txz:  Upgraded.
l/libical-3.0.16-x86_64-1.txz:  Upgraded.
l/nodejs-19.0.0-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.40.2-x86_64-1.txz:  Upgraded.
n/whois-5.5.14-x86_64-1.txz:  Upgraded.
x/libXmu-1.1.4-x86_64-1.txz:  Upgraded.
x/libXpresent-1.0.1-x86_64-1.txz:  Upgraded.
x/libpciaccess-0.17-x86_64-1.txz:  Upgraded.
x/libxkbfile-1.1.1-x86_64-1.txz:  Upgraded.
x/libxshmfence-1.3.1-x86_64-1.txz:  Upgraded.
x/pixman-0.42.0-x86_64-1.txz:  Upgraded.
x/xcb-util-cursor-0.1.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-106.0-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/106.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2022-44/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42930
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42931
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932
  (* Security fix *)
xap/vim-gvim-9.0.0790-x86_64-1.txz:  Upgraded.
2022-10-19 07:00:56 +02:00
Patrick J Volkerding
717971ecd6 Mon Oct 17 19:31:45 UTC 2022
l/libqalculate-4.4.0-x86_64-1.txz:  Upgraded.
l/netpbm-11.00.01-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.4-x86_64-2.txz:  Rebuilt.
  xkb: proof GetCountedString against request length attacks.
  xkb: fix some possible memleaks in XkbGetKbdByName.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
  (* Security fix *)
x/xorg-server-xephyr-21.1.4-x86_64-2.txz:  Rebuilt.
x/xorg-server-xnest-21.1.4-x86_64-2.txz:  Rebuilt.
x/xorg-server-xvfb-21.1.4-x86_64-2.txz:  Rebuilt.
x/xorg-server-xwayland-22.1.3-x86_64-2.txz:  Rebuilt.
  xkb: proof GetCountedString against request length attacks.
  xkb: fix some possible memleaks in XkbGetKbdByName.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551
  (* Security fix *)
xap/blueman-2.3.4-x86_64-1.txz:  Upgraded.
2022-10-18 07:00:18 +02:00
Patrick J Volkerding
8640934374 Sat Oct 15 20:28:34 UTC 2022
a/kernel-firmware-20221013_49fccf6-noarch-1.txz:  Upgraded.
a/kernel-generic-5.19.16-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.19.16-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.19.16-x86_64-1.txz:  Upgraded.
ap/man-db-2.11.0-x86_64-1.txz:  Upgraded.
ap/man-pages-6.00-noarch-1.txz:  Upgraded.
d/kernel-headers-5.19.16-x86-1.txz:  Upgraded.
k/kernel-source-5.19.16-noarch-1.txz:  Upgraded.
l/libedit-20221009_3.1-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.84-x86_64-1.txz:  Upgraded.
l/nodejs-18.11.0-x86_64-1.txz:  Upgraded.
l/zlib-1.2.13-x86_64-1.txz:  Upgraded.
  Fixed a bug when getting a gzip header extra field with inflateGetHeader().
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434
  (* Security fix *)
n/fetchmail-6.4.34-x86_64-1.txz:  Upgraded.
n/gnupg2-2.2.40-x86_64-1.txz:  Upgraded.
x/bdftopcf-1.1.1-x86_64-1.txz:  Upgraded.
x/libwacom-2.5.0-x86_64-1.txz:  Upgraded.
x/smproxy-1.0.7-x86_64-1.txz:  Upgraded.
x/viewres-1.0.7-x86_64-1.txz:  Upgraded.
x/xditview-1.0.6-x86_64-1.txz:  Upgraded.
x/xf86-input-vmmouse-13.2.0-x86_64-1.txz:  Added.
x/xgc-1.0.6-x86_64-1.txz:  Upgraded.
x/xkbprint-1.0.6-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2022-10-16 07:00:18 +02:00
Patrick J Volkerding
be4ce9e049 Sat Oct 8 19:23:31 UTC 2022
ap/inxi-3.3.22_1-noarch-1.txz:  Upgraded.
n/conntrack-tools-1.4.7-x86_64-1.txz:  Upgraded.
n/libgpg-error-1.46-x86_64-1.txz:  Upgraded.
n/libksba-1.6.2-x86_64-1.txz:  Upgraded.
  Detect a possible overflow directly in the TLV parser.
  This patch detects possible integer overflows immmediately when creating
  the TI object.
  Reported-by: ZDI-CAN-18927, ZDI-CAN-18928, ZDI-CAN-18929
  (* Security fix *)
n/postfix-3.7.3-x86_64-1.txz:  Upgraded.
x/freeglut-3.4.0-x86_64-1.txz:  Upgraded.
x/fstobdf-1.0.7-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-105.0.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/105.0.3/releasenotes/
2022-10-09 07:00:16 +02:00