Commit graph

1824 commits

Author SHA1 Message Date
Patrick J Volkerding
34de96534a Mon Feb 19 20:29:16 UTC 2024
l/giflib-5.2.2-x86_64-1.txz:  Upgraded.
l/libwnck3-43.0-x86_64-2.txz:  Rebuilt.
  Fixed crash bug. Thanks to fulalas.
n/samba-4.19.5-x86_64-1.txz:  Upgraded.
2024-02-19 21:59:13 +01:00
Patrick J Volkerding
b21fd9a685 Sun Feb 18 21:03:57 UTC 2024
a/ndctl-78-x86_64-1.txz:  Upgraded.
ap/mpg123-1.32.5-x86_64-1.txz:  Upgraded.
l/libffi-3.4.6-x86_64-1.txz:  Upgraded.
x/mesa-24.0.1-x86_64-2.txz:  Rebuilt.
  Added av1dec,av1enc,and vp9dec to the list of codecs to support.
  Thanks to fulalas and ZhaoLin1547.
2024-02-18 22:59:53 +01:00
Patrick J Volkerding
14a06990b9 Sat Feb 17 21:09:51 UTC 2024
l/nodejs-20.11.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Code injection and privilege escalation through Linux capabilities - (High).
  http: Reading unprocessed HTTP request with unbounded chunk extension allows
  DoS attacks - (High).
  Path traversal by monkey-patching Buffer internals - (High).
  setuid() does not drop all privileges due to io_uring - (High).
  Node.js is vulnerable to the Marvin Attack (timing variant of the
  Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium).
  Multiple permission model bypasses due to improper path traversal sequence
  sanitization - (Medium).
  Improper handling of wildcards in --allow-fs-read and --allow-fs-write -
  (Medium).
  Denial of Service by resource exhaustion in fetch() brotli decoding -
  (Medium).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21892
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22019
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21896
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22017
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46809
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21891
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21890
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22025
  (* Security fix *)
l/pcre2-10.43-x86_64-1.txz:  Upgraded.
2024-02-17 23:00:07 +01:00
Patrick J Volkerding
68034e96e4 Fri Feb 16 20:18:59 UTC 2024
a/kernel-generic-6.6.17-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.17-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.17-x86_64-1.txz:  Upgraded.
ap/soma-3.3.7-noarch-3.txz:  Rebuilt.
  Strip trailing whitespace from soma.desktop. Thanks to DryFalls.
d/kernel-headers-6.6.17-x86-1.txz:  Upgraded.
k/kernel-source-6.6.17-noarch-1.txz:  Upgraded.
l/mozilla-nss-3.98-x86_64-1.txz:  Upgraded.
n/ca-certificates-20240216-noarch-1.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
x/ibus-m17n-1.4.28-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-02-16 22:05:09 +01:00
Patrick J Volkerding
ca8d589d9f Fri Feb 16 02:19:13 UTC 2024
a/etc-15.1-x86_64-4.txz:  Rebuilt.
  Added UID 303 and GID 303 for colord.
ap/nvme-cli-2.8-x86_64-1.txz:  Upgraded.
kde/akonadi-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-calendar-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-calendar-tools-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-contacts-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-import-wizard-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-mime-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-notes-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadi-search-23.08.5-x86_64-1.txz:  Upgraded.
kde/akonadiconsole-23.08.5-x86_64-1.txz:  Upgraded.
kde/akregator-23.08.5-x86_64-1.txz:  Upgraded.
kde/alligator-23.08.5-x86_64-1.txz:  Upgraded.
kde/analitza-23.08.5-x86_64-1.txz:  Upgraded.
kde/ark-23.08.5-x86_64-1.txz:  Upgraded.
kde/artikulate-23.08.5-x86_64-1.txz:  Upgraded.
kde/audiocd-kio-23.08.5-x86_64-1.txz:  Upgraded.
kde/baloo-widgets-23.08.5-x86_64-1.txz:  Upgraded.
kde/blinken-23.08.5-x86_64-1.txz:  Upgraded.
kde/bomber-23.08.5-x86_64-1.txz:  Upgraded.
kde/bovo-23.08.5-x86_64-1.txz:  Upgraded.
kde/calendarsupport-23.08.5-x86_64-1.txz:  Upgraded.
kde/cantor-23.08.5-x86_64-1.txz:  Upgraded.
kde/cervisia-23.08.5-x86_64-1.txz:  Upgraded.
kde/colord-kde-23.08.5-x86_64-1.txz:  Added.
kde/dolphin-23.08.5-x86_64-1.txz:  Upgraded.
kde/dolphin-plugins-23.08.5-x86_64-1.txz:  Upgraded.
kde/dragon-23.08.5-x86_64-1.txz:  Upgraded.
kde/elisa-23.08.5-x86_64-1.txz:  Upgraded.
kde/eventviews-23.08.5-x86_64-1.txz:  Upgraded.
kde/falkon-23.08.5-x86_64-1.txz:  Upgraded.
kde/ffmpegthumbs-23.08.5-x86_64-1.txz:  Upgraded.
kde/filelight-23.08.5-x86_64-1.txz:  Upgraded.
kde/ghostwriter-23.08.5-x86_64-1.txz:  Upgraded.
kde/granatier-23.08.5-x86_64-1.txz:  Upgraded.
kde/grantlee-editor-23.08.5-x86_64-1.txz:  Upgraded.
kde/grantleetheme-23.08.5-x86_64-1.txz:  Upgraded.
kde/gwenview-23.08.5-x86_64-1.txz:  Upgraded.
kde/incidenceeditor-23.08.5-x86_64-1.txz:  Upgraded.
kde/itinerary-23.08.5-x86_64-1.txz:  Upgraded.
kde/juk-23.08.5-x86_64-1.txz:  Upgraded.
kde/k3b-23.08.5-x86_64-1.txz:  Upgraded.
kde/kaddressbook-23.08.5-x86_64-1.txz:  Upgraded.
kde/kalarm-23.08.5-x86_64-1.txz:  Upgraded.
kde/kalgebra-23.08.5-x86_64-1.txz:  Upgraded.
kde/kalzium-23.08.5-x86_64-1.txz:  Upgraded.
kde/kamera-23.08.5-x86_64-1.txz:  Upgraded.
kde/kamoso-23.08.5-x86_64-1.txz:  Upgraded.
kde/kanagram-23.08.5-x86_64-1.txz:  Upgraded.
kde/kapman-23.08.5-x86_64-1.txz:  Upgraded.
kde/kapptemplate-23.08.5-x86_64-1.txz:  Upgraded.
kde/kate-23.08.5-x86_64-1.txz:  Upgraded.
kde/katomic-23.08.5-x86_64-1.txz:  Upgraded.
kde/kbackup-23.08.5-x86_64-1.txz:  Upgraded.
kde/kblackbox-23.08.5-x86_64-1.txz:  Upgraded.
kde/kblocks-23.08.5-x86_64-1.txz:  Upgraded.
kde/kbounce-23.08.5-x86_64-1.txz:  Upgraded.
kde/kbreakout-23.08.5-x86_64-1.txz:  Upgraded.
kde/kbruch-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcachegrind-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcalc-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcalutils-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcharselect-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcolorchooser-23.08.5-x86_64-1.txz:  Upgraded.
kde/kcron-23.08.5-x86_64-1.txz:  Upgraded.
kde/kde-dev-scripts-23.08.5-x86_64-1.txz:  Upgraded.
kde/kde-dev-utils-23.08.5-x86_64-1.txz:  Upgraded.
kde/kde-inotify-survey-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdebugsettings-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdeconnect-kde-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdeedu-data-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdegraphics-mobipocket-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdegraphics-thumbnailers-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdenetwork-filesharing-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdenlive-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdepim-addons-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdepim-runtime-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdesdk-kio-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdesdk-thumbnailers-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdev-php-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdev-python-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdevelop-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdf-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdialog-23.08.5-x86_64-1.txz:  Upgraded.
kde/kdiamond-23.08.5-x86_64-1.txz:  Upgraded.
kde/keditbookmarks-23.08.5-x86_64-1.txz:  Upgraded.
kde/keysmith-23.08.5-x86_64-1.txz:  Upgraded.
kde/kfind-23.08.5-x86_64-1.txz:  Upgraded.
kde/kfourinline-23.08.5-x86_64-1.txz:  Upgraded.
kde/kgeography-23.08.5-x86_64-1.txz:  Upgraded.
kde/kget-23.08.5-x86_64-1.txz:  Upgraded.
kde/kgoldrunner-23.08.5-x86_64-1.txz:  Upgraded.
kde/kgpg-23.08.5-x86_64-1.txz:  Upgraded.
kde/khangman-23.08.5-x86_64-1.txz:  Upgraded.
kde/khelpcenter-23.08.5-x86_64-1.txz:  Upgraded.
kde/kidentitymanagement-23.08.5-x86_64-1.txz:  Upgraded.
kde/kig-23.08.5-x86_64-1.txz:  Upgraded.
kde/kigo-23.08.5-x86_64-1.txz:  Upgraded.
kde/killbots-23.08.5-x86_64-1.txz:  Upgraded.
kde/kimagemapeditor-23.08.5-x86_64-1.txz:  Upgraded.
kde/kimap-23.08.5-x86_64-1.txz:  Upgraded.
kde/kio-admin-23.08.5-x86_64-1.txz:  Upgraded.
kde/kio-extras-23.08.5-x86_64-1.txz:  Upgraded.
kde/kio-gdrive-23.08.5-x86_64-1.txz:  Upgraded.
kde/kio-zeroconf-23.08.5-x86_64-1.txz:  Upgraded.
kde/kipi-plugins-23.08.5-x86_64-1.txz:  Upgraded.
kde/kirigami-gallery-23.08.5-x86_64-1.txz:  Upgraded.
kde/kiriki-23.08.5-x86_64-1.txz:  Upgraded.
kde/kiten-23.08.5-x86_64-1.txz:  Upgraded.
kde/kitinerary-23.08.5-x86_64-1.txz:  Upgraded.
kde/kjumpingcube-23.08.5-x86_64-1.txz:  Upgraded.
kde/kldap-23.08.5-x86_64-1.txz:  Upgraded.
kde/kleopatra-23.08.5-x86_64-1.txz:  Upgraded.
kde/klickety-23.08.5-x86_64-1.txz:  Upgraded.
kde/klines-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmag-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmahjongg-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmail-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmail-account-wizard-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmailtransport-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmbox-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmime-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmines-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmix-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmousetool-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmouth-23.08.5-x86_64-1.txz:  Upgraded.
kde/kmplot-23.08.5-x86_64-1.txz:  Upgraded.
kde/knavalbattle-23.08.5-x86_64-1.txz:  Upgraded.
kde/knetwalk-23.08.5-x86_64-1.txz:  Upgraded.
kde/knights-23.08.5-x86_64-1.txz:  Upgraded.
kde/knotes-23.08.5-x86_64-1.txz:  Upgraded.
kde/kolf-23.08.5-x86_64-1.txz:  Upgraded.
kde/kollision-23.08.5-x86_64-1.txz:  Upgraded.
kde/kolourpaint-23.08.5-x86_64-1.txz:  Upgraded.
kde/kompare-23.08.5-x86_64-1.txz:  Upgraded.
kde/konqueror-23.08.5-x86_64-1.txz:  Upgraded.
kde/konquest-23.08.5-x86_64-1.txz:  Upgraded.
kde/konsole-23.08.5-x86_64-1.txz:  Upgraded.
kde/kontact-23.08.5-x86_64-1.txz:  Upgraded.
kde/kontactinterface-23.08.5-x86_64-1.txz:  Upgraded.
kde/kontrast-23.08.5-x86_64-1.txz:  Upgraded.
kde/konversation-23.08.5-x86_64-1.txz:  Upgraded.
kde/kopeninghours-23.08.5-x86_64-1.txz:  Upgraded.
kde/kopete-23.08.5-x86_64-1.txz:  Upgraded.
kde/korganizer-23.08.5-x86_64-1.txz:  Upgraded.
kde/kosmindoormap-23.08.5-x86_64-1.txz:  Upgraded.
kde/kpat-23.08.5-x86_64-1.txz:  Upgraded.
kde/kpimtextedit-23.08.5-x86_64-1.txz:  Upgraded.
kde/kpkpass-23.08.5-x86_64-1.txz:  Upgraded.
kde/kpmcore-23.08.5-x86_64-1.txz:  Upgraded.
kde/kpublictransport-23.08.5-x86_64-1.txz:  Upgraded.
kde/kqtquickcharts-23.08.5-x86_64-1.txz:  Upgraded.
kde/krdc-23.08.5-x86_64-1.txz:  Upgraded.
kde/kreversi-23.08.5-x86_64-1.txz:  Upgraded.
kde/krfb-23.08.5-x86_64-1.txz:  Upgraded.
kde/kross-interpreters-23.08.5-x86_64-1.txz:  Upgraded.
kde/kruler-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksanecore-23.08.5-x86_64-1.txz:  Upgraded.
kde/kshisen-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksirk-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksmtp-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksnakeduel-23.08.5-x86_64-1.txz:  Upgraded.
kde/kspaceduel-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksquares-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksudoku-23.08.5-x86_64-1.txz:  Upgraded.
kde/ksystemlog-23.08.5-x86_64-1.txz:  Upgraded.
kde/kteatime-23.08.5-x86_64-1.txz:  Upgraded.
kde/ktimer-23.08.5-x86_64-1.txz:  Upgraded.
kde/ktnef-23.08.5-x86_64-1.txz:  Upgraded.
kde/ktorrent-23.08.5-x86_64-1.txz:  Upgraded.
kde/ktouch-23.08.5-x86_64-1.txz:  Upgraded.
kde/kturtle-23.08.5-x86_64-1.txz:  Upgraded.
kde/kubrick-23.08.5-x86_64-1.txz:  Upgraded.
kde/kwalletmanager-23.08.5-x86_64-1.txz:  Upgraded.
kde/kwave-23.08.5-x86_64-1.txz:  Upgraded.
kde/kwordquiz-23.08.5-x86_64-1.txz:  Upgraded.
kde/libgravatar-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkcddb-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkcompactdisc-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkdcraw-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkdegames-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkdepim-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkeduvocdocument-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkexiv2-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkgapi-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkipi-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkleo-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkmahjongg-23.08.5-x86_64-1.txz:  Upgraded.
kde/libkomparediff2-23.08.5-x86_64-1.txz:  Upgraded.
kde/libksane-23.08.5-x86_64-1.txz:  Upgraded.
kde/libksieve-23.08.5-x86_64-1.txz:  Upgraded.
kde/libktorrent-23.08.5-x86_64-1.txz:  Upgraded.
kde/lokalize-23.08.5-x86_64-1.txz:  Upgraded.
kde/lskat-23.08.5-x86_64-1.txz:  Upgraded.
kde/mailcommon-23.08.5-x86_64-1.txz:  Upgraded.
kde/mailimporter-23.08.5-x86_64-1.txz:  Upgraded.
kde/marble-23.08.5-x86_64-1.txz:  Upgraded.
kde/markdownpart-23.08.5-x86_64-1.txz:  Upgraded.
kde/mbox-importer-23.08.5-x86_64-1.txz:  Upgraded.
kde/merkuro-23.08.5-x86_64-1.txz:  Upgraded.
kde/messagelib-23.08.5-x86_64-1.txz:  Upgraded.
kde/minuet-23.08.5-x86_64-1.txz:  Upgraded.
kde/okular-23.08.5-x86_64-1.txz:  Upgraded.
kde/palapeli-23.08.5-x86_64-1.txz:  Upgraded.
kde/parley-23.08.5-x86_64-1.txz:  Upgraded.
kde/partitionmanager-23.08.5-x86_64-1.txz:  Upgraded.
kde/picmi-23.08.5-x86_64-1.txz:  Upgraded.
kde/pim-data-exporter-23.08.5-x86_64-1.txz:  Upgraded.
kde/pim-sieve-editor-23.08.5-x86_64-1.txz:  Upgraded.
kde/pimcommon-23.08.5-x86_64-1.txz:  Upgraded.
kde/poxml-23.08.5-x86_64-1.txz:  Upgraded.
kde/print-manager-23.08.5-x86_64-1.txz:  Upgraded.
kde/rocs-23.08.5-x86_64-1.txz:  Upgraded.
kde/skanlite-23.08.5-x86_64-1.txz:  Upgraded.
kde/skanpage-23.08.5-x86_64-1.txz:  Upgraded.
kde/spectacle-23.08.5-x86_64-1.txz:  Upgraded.
kde/step-23.08.5-x86_64-1.txz:  Upgraded.
kde/svgpart-23.08.5-x86_64-1.txz:  Upgraded.
kde/sweeper-23.08.5-x86_64-1.txz:  Upgraded.
kde/umbrello-23.08.5-x86_64-1.txz:  Upgraded.
kde/yakuake-23.08.5-x86_64-1.txz:  Upgraded.
kde/zanshin-23.08.5-x86_64-1.txz:  Upgraded.
l/colord-1.4.7-x86_64-1.txz:  Added.
  Thanks to Willy Sudiarto Raharjo.
l/cxxopts-3.2.0-x86_64-1.txz:  Upgraded.
l/libffi-3.4.5-x86_64-1.txz:  Upgraded.
l/libgusb-0.4.8-x86_64-1.txz:  Added.
  This is needed by colord.
  Thanks to Willy Sudiarto Raharjo.
l/taglib-extras-1.0.1-x86_64-4.txz:  Removed.
  This package is obsolete.
n/php-8.3.3-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.3
x/mesa-24.0.1-x86_64-1.txz:  Upgraded.
xfce/xfce4-settings-4.18.4-x86_64-2.txz:  Rebuilt.
  Recompiled using --enable-colord.
2024-02-16 04:01:23 +01:00
Patrick J Volkerding
32009082ed Wed Feb 14 22:46:52 UTC 2024
a/btrfs-progs-6.7.1-x86_64-1.txz:  Upgraded.
a/ed-1.20.1-x86_64-1.txz:  Upgraded.
a/shadow-4.14.5-x86_64-1.txz:  Upgraded.
d/git-2.43.2-x86_64-1.txz:  Upgraded.
d/meson-1.3.2-x86_64-1.txz:  Upgraded.
d/tree-sitter-0.20.9-x86_64-1.txz:  Upgraded.
e/emacs-29.2-x86_64-2.txz:  Rebuilt.
  Compiled with support for pdumper and native compilation.
  The emacs-no-x11 binary has been dropped from the package because when
  pdumper is used the support files need to be matched to a specific binary.
  If you need a non-X console version of Emacs (or just want to reduce the
  footprint) a traditional build is available in /extra.
  Thanks to drgibbon who requested this long ago. :-)
  Thanks to Didier Spaier for the sample build script.
l/libnvme-1.8-x86_64-1.txz:  Upgraded.
xap/xlockmore-5.75-x86_64-1.txz:  Upgraded.
extra/emacs-regular-build/emacs-29.2-x86_64-2_regular.txz:  Added.
  A "regular" build of Emacs like was previously in the main tree, with a
  version supporting X11/GTK+3, and a non-X console version.
2024-02-15 00:28:38 +01:00
Patrick J Volkerding
0dcf6c9e37 Wed Feb 14 04:31:08 UTC 2024
l/exiv2-0.28.2-x86_64-1.txz:  Upgraded.
  Fixes two low-severity security issues introduced in 0.28.x:
  Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
  Denial of service due to unbounded recursion in
  QuickTimeVideo::multipleEntriesDecoder.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-24826
    https://www.cve.org/CVERecord?id=CVE-2024-25112
  (* Security fix *)
l/gnome-keyring-46.1-x86_64-1.txz:  Upgraded.
n/dnsmasq-2.90-x86_64-1.txz:  Upgraded.
  Add limits on the resources used to do DNSSEC validation.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50868
  (* Security fix *)
x/igt-gpu-tools-1.28-x86_64-2.txz:  Rebuilt.
  Recompiled against /procps-ng-4.0.4.
2024-02-14 05:59:05 +01:00
Patrick J Volkerding
8712cd5e26 Tue Feb 13 19:19:24 UTC 2024
ap/tmux-3.4-x86_64-1.txz:  Upgraded.
d/lua-5.4.6-x86_64-5.txz:  Rebuilt.
  Search paths under /usr/local in addition to /usr.
  Thanks to Arch for the patch.
l/gst-plugins-bad-free-1.22.10-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.22.10-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.22.10-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.22.10-x86_64-1.txz:  Upgraded.
l/gstreamer-1.22.10-x86_64-1.txz:  Upgraded.
l/wireplumber-0.4.17-x86_64-3.txz:  Rebuilt.
  Build against system lua.
n/bind-9.18.24-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Specific DNS answers could cause a denial-of-service condition due to DNS
  validation taking a long time.
  Restore DNS64 state when handling a serve-stale timeout.
  Specific queries could trigger an assertion check with nxdomain-redirect
  enabled.
  Speed up parsing of DNS messages with many different names.
  For more information, see:
    https://kb.isc.org/docs/cve-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50387
    https://kb.isc.org/docs/cve-2023-5679
    https://www.cve.org/CVERecord?id=CVE-2023-5679
    https://kb.isc.org/docs/cve-2023-5517
    https://www.cve.org/CVERecord?id=CVE-2023-5517
    https://kb.isc.org/docs/cve-2023-4408
    https://www.cve.org/CVERecord?id=CVE-2023-4408
  (* Security fix *)
n/ipset-7.21-x86_64-1.txz:  Upgraded.
2024-02-13 21:00:01 +01:00
Patrick J Volkerding
adcf8dd382 Mon Feb 12 20:58:46 UTC 2024
a/procps-ng-4.0.4-x86_64-1.txz:  Upgraded.
a/shadow-4.14.4-x86_64-1.txz:  Upgraded.
ap/man-pages-6.06-noarch-1.txz:  Upgraded.
ap/vim-9.1.0098-x86_64-1.txz:  Upgraded.
d/libgccjit-13.2.0-x86_64-1.txz:  Added.
  If we can ship GCC's D and Modula-2 support, then we can ship this.
  We'll probably find a use for it. ;-)
  Thanks to Didier Spaier for hints on the build script.
d/mercurial-6.6.3-x86_64-1.txz:  Upgraded.
d/rust-1.76.0-x86_64-1.txz:  Upgraded.
l/gegl-0.4.48-x86_64-1.txz:  Upgraded.
l/openexr-3.2.2-x86_64-1.txz:  Upgraded.
l/pango-1.51.2-x86_64-1.txz:  Upgraded.
l/python-calver-2022.6.26-x86_64-1.txz:  Added.
  Needed for python-trove-classifiers. Thanks to lucabon.
n/openvpn-2.6.9-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0098-x86_64-1.txz:  Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz:  Added.
  Let's move this here since it's lagging behind the latest Rust.
2024-02-12 22:59:33 +01:00
Patrick J Volkerding
8f1367463b Sun Feb 11 22:11:59 UTC 2024
ap/mariadb-10.11.7-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://mariadb.com/kb/en/mariadb-10-11-7-release-notes/
l/gjs-1.76.3-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_28-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.3-x86_64-4.txz:  Rebuilt.
  Use cmp -s in doinst.sh. Thanks to Thom1b and Windu.
l/wireplumber-0.4.17-x86_64-2.txz:  Rebuilt.
  Use cmp -s in doinst.sh. Thanks to Thom1b and Windu.
n/dnsmasq-2.89-x86_64-2.txz:  Rebuilt.
  Added trust-anchors.conf and edited PREFIX in dnsmasq.conf to simplify
  setting up DNSSEC. Thanks to marav.
xap/xsnow-3.7.8-x86_64-1.txz:  Upgraded.
2024-02-12 00:02:09 +01:00
Patrick J Volkerding
ae890b6c29 Sat Feb 10 21:19:10 UTC 2024
d/git-2.43.1-x86_64-1.txz:  Upgraded.
kde/attica-5.115.0-x86_64-1.txz:  Upgraded.
kde/baloo-5.115.0-x86_64-1.txz:  Upgraded.
kde/bluez-qt-5.115.0-x86_64-1.txz:  Upgraded.
kde/breeze-icons-5.115.0-noarch-1.txz:  Upgraded.
kde/extra-cmake-modules-5.115.0-x86_64-1.txz:  Upgraded.
kde/frameworkintegration-5.115.0-x86_64-1.txz:  Upgraded.
kde/kactivities-5.115.0-x86_64-1.txz:  Upgraded.
kde/kactivities-stats-5.115.0-x86_64-1.txz:  Upgraded.
kde/kapidox-5.115.0-x86_64-1.txz:  Upgraded.
kde/karchive-5.115.0-x86_64-1.txz:  Upgraded.
kde/kauth-5.115.0-x86_64-1.txz:  Upgraded.
kde/kbookmarks-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcalendarcore-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcmutils-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcodecs-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcompletion-5.115.0-x86_64-1.txz:  Upgraded.
kde/kconfig-5.115.0-x86_64-1.txz:  Upgraded.
kde/kconfigwidgets-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcontacts-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcoreaddons-5.115.0-x86_64-1.txz:  Upgraded.
kde/kcrash-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdav-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdbusaddons-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdeclarative-5.115.0-x86_64-1.txz:  Upgraded.
kde/kded-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdelibs4support-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdesignerplugin-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdesu-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdewebkit-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdnssd-5.115.0-x86_64-1.txz:  Upgraded.
kde/kdoctools-5.115.0-x86_64-1.txz:  Upgraded.
kde/kemoticons-5.115.0-x86_64-1.txz:  Upgraded.
kde/kfilemetadata-5.115.0-x86_64-1.txz:  Upgraded.
kde/kglobalaccel-5.115.0-x86_64-1.txz:  Upgraded.
kde/kguiaddons-5.115.0-x86_64-1.txz:  Upgraded.
kde/kholidays-5.115.0-x86_64-1.txz:  Upgraded.
kde/khtml-5.115.0-x86_64-1.txz:  Upgraded.
kde/ki18n-5.115.1-x86_64-1.txz:  Upgraded.
kde/kiconthemes-5.115.0-x86_64-1.txz:  Upgraded.
kde/kidletime-5.115.0-x86_64-1.txz:  Upgraded.
kde/kimageformats-5.115.0-x86_64-1.txz:  Upgraded.
kde/kinit-5.115.0-x86_64-1.txz:  Upgraded.
kde/kio-5.115.0-x86_64-1.txz:  Upgraded.
kde/kirigami2-5.115.0-x86_64-1.txz:  Upgraded.
kde/kitemmodels-5.115.0-x86_64-1.txz:  Upgraded.
kde/kitemviews-5.115.0-x86_64-1.txz:  Upgraded.
kde/kjobwidgets-5.115.0-x86_64-1.txz:  Upgraded.
kde/kjs-5.115.0-x86_64-1.txz:  Upgraded.
kde/kjsembed-5.115.0-x86_64-1.txz:  Upgraded.
kde/kmediaplayer-5.115.0-x86_64-1.txz:  Upgraded.
kde/knewstuff-5.115.0-x86_64-1.txz:  Upgraded.
kde/knotifications-5.115.0-x86_64-1.txz:  Upgraded.
kde/knotifyconfig-5.115.0-x86_64-1.txz:  Upgraded.
kde/kpackage-5.115.0-x86_64-1.txz:  Upgraded.
kde/kparts-5.115.0-x86_64-1.txz:  Upgraded.
kde/kpeople-5.115.0-x86_64-1.txz:  Upgraded.
kde/kplotting-5.115.0-x86_64-1.txz:  Upgraded.
kde/kpty-5.115.0-x86_64-1.txz:  Upgraded.
kde/kquickcharts-5.115.0-x86_64-1.txz:  Upgraded.
kde/kross-5.115.0-x86_64-1.txz:  Upgraded.
kde/krunner-5.115.0-x86_64-1.txz:  Upgraded.
kde/kservice-5.115.0-x86_64-1.txz:  Upgraded.
kde/ktexteditor-5.115.0-x86_64-1.txz:  Upgraded.
kde/ktextwidgets-5.115.0-x86_64-1.txz:  Upgraded.
kde/kunitconversion-5.115.0-x86_64-1.txz:  Upgraded.
kde/kwallet-5.115.0-x86_64-1.txz:  Upgraded.
kde/kwayland-5.115.0-x86_64-1.txz:  Upgraded.
kde/kwidgetsaddons-5.115.0-x86_64-1.txz:  Upgraded.
kde/kwindowsystem-5.115.0-x86_64-1.txz:  Upgraded.
kde/kxmlgui-5.115.0-x86_64-1.txz:  Upgraded.
kde/kxmlrpcclient-5.115.0-x86_64-1.txz:  Upgraded.
kde/modemmanager-qt-5.115.0-x86_64-1.txz:  Upgraded.
kde/networkmanager-qt-5.115.0-x86_64-1.txz:  Upgraded.
kde/oxygen-icons-5.115.0-noarch-1.txz:  Upgraded.
kde/plasma-framework-5.115.0-x86_64-1.txz:  Upgraded.
kde/prison-5.115.0-x86_64-1.txz:  Upgraded.
kde/purpose-5.115.0-x86_64-1.txz:  Upgraded.
kde/qqc2-desktop-style-5.115.0-x86_64-1.txz:  Upgraded.
kde/solid-5.115.0-x86_64-1.txz:  Upgraded.
kde/sonnet-5.115.0-x86_64-1.txz:  Upgraded.
kde/syndication-5.115.0-x86_64-1.txz:  Upgraded.
kde/syntax-highlighting-5.115.0-x86_64-1.txz:  Upgraded.
kde/threadweaver-5.115.0-x86_64-1.txz:  Upgraded.
l/babl-0.1.108-x86_64-1.txz:  Upgraded.
l/glib-networking-2.78.0-x86_64-2.txz:  Rebuilt.
  Recompiled against libproxy-0.5.4.
l/libproxy-0.5.4-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/neon-0.33.0-x86_64-2.txz:  Rebuilt.
  Recompiled against libproxy-0.5.4.
l/pipewire-1.0.3-x86_64-3.txz:  Rebuilt.
  Removed bundled wireplumber.
l/wireplumber-0.4.17-x86_64-1.txz:  Added.
  This has been broken out as a new package.
  Thanks to alex14641 for the suggestion.
2024-02-10 23:10:35 +01:00
Patrick J Volkerding
86d36ef502 Fri Feb 9 21:48:09 UTC 2024
l/libhandy-1.8.3-x86_64-1.txz:  Upgraded.
xap/xpdf-4.05-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Fixed a bug in the ICCBased color space parser that was allowing the number
  of components to be zero. Thanks to huckleberry for the bug report.
  Fixed a bug in the ICCBased color space parser that was allowing the number
  of components to be zero. Thanks to huckleberry for the bug report.
  Added checks for PDF object loops in AcroForm::scanField(),
  Catalog::readPageLabelTree2(), and Catalog::readEmbeddedFileTree().
  The zero-width character problem can also happen if the page size is very
  large -- that needs to be limited too, the same way as character position
  coordinates. Thanks to jlinliu for the bug report.
  Add some missing bounds check code in DCTStream. Thanks to Jiahao Liu for
  the bug report.
  Fix a deadlock when an object stream's length field is contained in another
  object stream. Thanks to Jiahao Liu for the bug report.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-2662
    https://www.cve.org/CVERecord?id=CVE-2023-2662
    https://www.cve.org/CVERecord?id=CVE-2018-7453
    https://www.cve.org/CVERecord?id=CVE-2018-16369
    https://www.cve.org/CVERecord?id=CVE-2022-36561
    https://www.cve.org/CVERecord?id=CVE-2022-41844
    https://www.cve.org/CVERecord?id=CVE-2023-2663
    https://www.cve.org/CVERecord?id=CVE-2023-2664
    https://www.cve.org/CVERecord?id=CVE-2023-3044
    https://www.cve.org/CVERecord?id=CVE-2023-3436
  (* Security fix *)
2024-02-09 23:28:55 +01:00
Patrick J Volkerding
75fbe2b8aa Thu Feb 8 22:17:18 UTC 2024
a/kernel-firmware-20240208_fbef4d3-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.16-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.16-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.16-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.16-x86-1.txz:  Upgraded.
k/kernel-source-6.6.16-noarch-1.txz:  Upgraded.
  -VIDEO_ATOMISP m
  -VIDEO_ATOMISP_GC0310 n
  -VIDEO_ATOMISP_GC2235 n
  -VIDEO_ATOMISP_ISP2401 n
  -VIDEO_ATOMISP_LM3554 n
  -VIDEO_ATOMISP_MSRLIST_HELPER n
  -VIDEO_ATOMISP_MT9M114 n
  -VIDEO_ATOMISP_OV2722 n
  -VIDEO_ATOMISP_OV5693 n
   INTEL_ATOMISP y -> n
  +INTEL_ATOMISP2_PM m
l/enchant-2.6.7-x86_64-1.txz:  Upgraded.
l/libsecret-0.21.3-x86_64-1.txz:  Upgraded.
l/libuv-1.48.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/rust-1.76.0-x86_64-1.txz:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-02-09 00:47:38 +01:00
Patrick J Volkerding
dc74348a7f Wed Feb 7 20:07:29 UTC 2024
a/hwdata-0.379-noarch-1.txz:  Upgraded.
ap/inxi-3.3.33_1-noarch-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-1.txz:  Upgraded.
kde/kstars-3.6.9-x86_64-1.txz:  Upgraded.
l/enchant-2.6.5-x86_64-1.txz:  Upgraded.
  Reverted to non-broken version.
l/expat-2.6.0-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Fix quadratic runtime issues with big tokens that can cause
  denial of service.
  Fix billion laughs attacks for users compiling *without* XML_DTD
  defined (which is not common).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2023-52426
  (* Security fix *)
l/orc-0.4.37-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.3-x86_64-2.txz:  Rebuilt.
  Use wireplumber-0.4.17, as the newer version's support for elogind seems to
  be broken, and this prevents bluetooth from connecting properly.
  Thanks to mistfire and rizitis.
x/libwacom-2.10.0-x86_64-1.txz:  Upgraded.
xap/hexchat-2.16.2-x86_64-1.txz:  Upgraded.
extra/xv/xv-5.0.0-x86_64-1.txz:  Upgraded.
2024-02-07 21:35:44 +01:00
Patrick J Volkerding
b1547e7faa Tue Feb 6 21:45:37 UTC 2024
a/kernel-firmware-20240203_b4b04a5-noarch-1.txz:  Upgraded.
ap/inxi-3.3.32_1-noarch-1.txz:  Upgraded.
d/ccache-4.9.1-x86_64-1.txz:  Upgraded.
d/cmake-3.28.3-x86_64-1.txz:  Upgraded.
l/jasper-4.2.0-x86_64-1.txz:  Upgraded.
x/libpciaccess-0.18-x86_64-1.txz:  Upgraded.
x/xdg-utils-1.2.1-noarch-1.txz:  Upgraded.
xfce/garcon-4.18.2-x86_64-1.txz:  Upgraded.
xfce/libxfce4ui-4.18.5-x86_64-1.txz:  Upgraded.
xfce/libxfce4util-4.18.2-x86_64-1.txz:  Upgraded.
2024-02-06 23:44:07 +01:00
Patrick J Volkerding
4ad114cc61 Mon Feb 5 19:54:29 UTC 2024
a/xfsprogs-6.6.0-x86_64-1.txz:  Upgraded.
l/enchant-2.6.6-x86_64-1.txz:  Upgraded.
l/libgsf-1.14.52-x86_64-1.txz:  Upgraded.
l/sbc-2.0-x86_64-1.txz:  Upgraded.
n/stunnel-5.72-x86_64-1.txz:  Upgraded.
x/libXext-1.3.6-x86_64-1.txz:  Upgraded.
x/libXvMC-1.0.14-x86_64-1.txz:  Upgraded.
x/libxkbfile-1.1.3-x86_64-1.txz:  Upgraded.
x/makedepend-1.0.9-x86_64-1.txz:  Upgraded.
x/xkeyboard-config-2.41-noarch-1.txz:  Upgraded.
xfce/mousepad-0.6.2-x86_64-1.txz:  Upgraded.
xfce/xfce4-screenshooter-1.10.5-x86_64-1.txz:  Upgraded.
xfce/xfce4-terminal-1.1.2-x86_64-1.txz:  Upgraded.
2024-02-05 21:29:59 +01:00
Patrick J Volkerding
362e0f90f1 Sun Feb 4 19:20:00 UTC 2024
ap/pamixer-1.6-x86_64-1.txz:  Upgraded.
d/rust-bindgen-0.69.4-x86_64-1.txz:  Upgraded.
l/cxxopts-3.1.1-x86_64-1.txz:  Added.
  Needed by pamixer-1.6.
l/gc-8.2.6-x86_64-1.txz:  Upgraded.
l/libxml2-2.12.5-x86_64-1.txz:  Upgraded.
  Fix the following security issue:
  xmlreader: Don't expand XIncludes when backtracking.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-25062
  (* Security fix *)
x/bitmap-1.1.1-x86_64-1.txz:  Upgraded.
x/xditview-1.0.7-x86_64-1.txz:  Upgraded.
x/xkbcomp-1.4.7-x86_64-1.txz:  Upgraded.
x/xkbutils-1.0.6-x86_64-1.txz:  Upgraded.
x/xmore-1.0.4-x86_64-1.txz:  Upgraded.
x/xprop-1.2.7-x86_64-1.txz:  Upgraded.
2024-02-04 20:59:45 +01:00
Patrick J Volkerding
97075b27ca Sat Feb 3 20:54:00 UTC 2024
a/glibc-zoneinfo-2024a-noarch-1.txz:  Upgraded.
  This package provides the latest timezone updates.
n/ca-certificates-20240203-noarch-1.txz:  Upgraded.
  This update provides the latest CA certificates to check for the
  authenticity of SSL connections.
x/ibus-libpinyin-1.15.7-x86_64-1.txz:  Upgraded.
x/xdg-utils-1.2.0-noarch-1.txz:  Upgraded.
2024-02-03 22:29:12 +01:00
Patrick J Volkerding
da45f62f68 Fri Feb 2 22:12:45 UTC 2024
A test mass rebuild here didn't find any new failure-to-build-from-source, so
we'll go ahead and upgrade to the new glibc. Enjoy! :-)
a/aaa_glibc-solibs-2.39-x86_64-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-36.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/cantor-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/kfilemetadata-5.114.0-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/kile-2.9.93-x86_64-30.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/kitinerary-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/krita-5.2.2-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
kde/okular-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against poppler-24.02.0.
l/SDL2-2.30.0-x86_64-1.txz:  Upgraded.
l/glibc-2.39-x86_64-1.txz:  Upgraded.
  This fixes a few __vsyslog_internal related overflows that could result in
  an application crash or local privilege escalation.
  The issues affected glibc 2.36 and newer.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-6246
    https://www.cve.org/CVERecord?id=CVE-2023-6779
    https://www.cve.org/CVERecord?id=CVE-2023-6780
  (* Security fix *)
l/glibc-i18n-2.39-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.39-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.3-x86_64-1.txz:  Upgraded.
l/poppler-24.02.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
n/ipset-7.20-x86_64-1.txz:  Upgraded.
2024-02-02 23:36:24 +01:00
Patrick J Volkerding
67afc7b997 Thu Feb 1 19:51:54 UTC 2024
a/kernel-firmware-20240201_09f0fb8-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.15-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.15-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.15-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.15-x86-1.txz:  Upgraded.
k/kernel-source-6.6.15-noarch-1.txz:  Upgraded.
kde/libindi-2.0.6-x86_64-1.txz:  Upgraded.
l/libusb-1.0.27-x86_64-1.txz:  Upgraded.
n/fetchmail-6.4.38-x86_64-1.txz:  Upgraded.
x/mesa-24.0.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-02-01 22:08:06 +01:00
Patrick J Volkerding
f75fcd750e Wed Jan 31 21:19:19 UTC 2024
ap/nvme-cli-2.7.1-x86_64-1.txz:  Upgraded.
l/libnvme-1.7.1-x86_64-1.txz:  Added.
  This is required by nvme-cli.
l/pipewire-1.0.2-x86_64-1.txz:  Upgraded.
n/curl-8.6.0-x86_64-1.txz:  Upgraded.
n/libmilter-8.18.1-x86_64-1.txz:  Upgraded.
extra/sendmail/sendmail-8.18.1-x86_64-1.txz:  Upgraded.
  sendmail through 8.17.2 allows SMTP smuggling in certain configurations.
  Remote attackers can use a published exploitation technique to inject e-mail
  messages with a spoofed MAIL FROM address, allowing bypass of an SPF
  protection mechanism. This occurs because sendmail supports <LF>.<CR><LF>
  but some other popular e-mail servers do not. This is resolved in 8.18 and
  later versions with 'o' in srv_features.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-51765
  (* Security fix *)
extra/sendmail/sendmail-cf-8.18.1-noarch-1.txz:  Upgraded.
2024-01-31 23:07:15 +01:00
Patrick J Volkerding
7b9b973e94 Tue Jan 30 22:01:28 UTC 2024
a/lzip-1.24-x86_64-1.txz:  Upgraded.
a/openssl-solibs-3.2.1-x86_64-1.txz:  Upgraded.
ap/alsa-utils-1.2.11-x86_64-1.txz:  Upgraded.
ap/sqlite-3.45.1-x86_64-1.txz:  Upgraded.
d/binutils-2.42-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/cmake-3.28.2-x86_64-1.txz:  Upgraded.
d/oprofile-1.4.0-x86_64-13.txz:  Rebuilt.
  Recompiled against binutils-2.42.
d/strace-6.7-x86_64-1.txz:  Upgraded.
kde/digikam-8.2.0-x86_64-5.txz:  Rebuilt.
  Recompiled against libpng-1.6.42.
l/alsa-lib-1.2.11-x86_64-1.txz:  Upgraded.
l/libpng-1.6.42-x86_64-1.txz:  Upgraded.
  Fixed the implementation of the macro function png_check_sig().
  This was an API regression, introduced in libpng-1.6.41.
  Reported by Matthieu Darbois.
l/lmdb-0.9.32-x86_64-1.txz:  Upgraded.
l/neon-0.33.0-x86_64-1.txz:  Upgraded.
l/opencv-4.9.0-x86_64-3.txz:  Rebuilt.
  Recompiled against libpng-1.6.42.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-4.txz:  Rebuilt.
  Recompiled against libpng-1.6.42.
l/talloc-2.4.2-x86_64-1.txz:  Upgraded.
l/tdb-1.4.10-x86_64-1.txz:  Upgraded.
l/tevent-0.16.1-x86_64-1.txz:  Upgraded.
n/openldap-2.6.7-x86_64-1.txz:  Upgraded.
n/openssl-3.2.1-x86_64-1.txz:  Upgraded.
  This update fixes possible denial-of-service security issues:
  A file in PKCS12 format can contain certificates and keys and may come from
  an untrusted source. The PKCS12 specification allows certain fields to be
  NULL, but OpenSSL did not correctly check for this case. A fix has been
  applied to prevent a NULL pointer dereference that results in OpenSSL
  crashing. If an application processes PKCS12 files from an untrusted source
  using the OpenSSL APIs then that application will be vulnerable to this
  issue prior to this fix.
  OpenSSL APIs that were vulnerable to this are: PKCS12_parse(),
  PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
  and PKCS12_newpass().
  When function EVP_PKEY_public_check() is called on RSA public keys,
  a computation is done to confirm that the RSA modulus, n, is composite.
  For valid RSA keys, n is a product of two or more large primes and this
  computation completes quickly. However, if n is an overly large prime,
  then this computation would take a long time.
  An application that calls EVP_PKEY_public_check() and supplies an RSA key
  obtained from an untrusted source could be vulnerable to a Denial of Service
  attack.
  The function EVP_PKEY_public_check() is not called from other OpenSSL
  functions however it is called from the OpenSSL pkey command line
  application. For that reason that application is also vulnerable if used
  with the "-pubin" and "-check" options on untrusted data.
  To resolve this issue RSA keys larger than OPENSSL_RSA_MAX_MODULUS_BITS will
  now fail the check immediately with an RSA_R_MODULUS_TOO_LARGE error reason.
  Fix excessive time spent in DH check / generation with large Q parameter
  value.
  Applications that use the functions DH_generate_key() to generate an
  X9.42 DH key may experience long delays. Likewise, applications that use
  DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
  to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
  Where the key or parameters that are being checked have been obtained from
  an untrusted source this may lead to a Denial of Service.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0727
    https://www.cve.org/CVERecord?id=CVE-2023-6237
    https://www.cve.org/CVERecord?id=CVE-2023-5678
  (* Security fix *)
xap/MPlayer-20240130-x86_64-1.txz:  Upgraded.
  Fixed build script to exit on errors.
  Patched to build against gettext-0.22.4.
  Thanks to Matteo Bernardini.
xap/xine-lib-1.2.13-x86_64-7.txz:  Rebuilt.
  Recompiled against libpng-1.6.42.
2024-01-30 23:34:34 +01:00
Patrick J Volkerding
8713bd99bf Mon Jan 29 19:17:30 UTC 2024
ap/diffstat-1.66-x86_64-1.txz:  Upgraded.
ap/moc-2.6_alpha3-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
ap/vim-9.1.0061-x86_64-1.txz:  Upgraded.
d/nv-codec-headers-12.1.14.0-x86_64-1.txz:  Added.
  Needed to build support for nvidia hardware decoders/encoders on newer GPUs.
  gst-plugins-bad can use it too.
  Thanks to Heinz Wiesinger.
kde/digikam-8.2.0-x86_64-4.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
kde/ffmpegthumbs-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
kde/k3b-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
kde/kfilemetadata-5.114.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
kde/kpipewire-5.27.10-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/Imath-3.1.10-x86_64-1.txz:  Upgraded.
l/alsa-plugins-1.2.7.1-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/ffmpeg-6.1.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
  Added some new build options in the SlackBuild.
  Use shaderc instead of glslang.
  Build against libgcrypt to enable support for RTMP[E].
  Enable support for lcms2.
  Build against libass, libplacebo, and nv-codec-headers.
  Thanks to Heinz Wiesinger.
l/gegl-0.4.46-x86_64-4.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/gst-plugins-bad-free-1.22.9-x86_64-2.txz:  Rebuilt.
  Recompiled against libass-0.17.1.
l/gst-plugins-libav-1.22.9-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/libass-0.17.1-x86_64-1.txz:  Added.
  Adds ASS/SSA subtitle renderer (commonly used in the anime community).
  adapted SlackBuild from SBo, original by Larry Hajali/Matteo Bernardini.
  MPlayer and gst-plugins-bad can use it too.
  Thanks to Heinz Wiesinger.
l/libplacebo-6.338.2-x86_64-1.txz:  Added.
  Adds various hardware accelerated filters such as HDR -> SDR tone mapping.
  adapted SlackBuild from SBo, original by Hunter Sezen/Christoph Willing.
  Thanks to Heinz Wiesinger.
l/mlt-7.22.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/netpbm-11.05.02-x86_64-1.txz:  Upgraded.
l/opencv-4.9.0-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/pipewire-1.0.1-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-3.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
x/pixman-0.43.2-x86_64-1.txz:  Upgraded.
xap/MPlayer-20240127-x86_64-1.txz:  Upgraded.
  Compiled against ffmpeg-6.1.1 and libass-0.17.1.
xap/audacious-plugins-4.3.1-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
xap/ffmpegthumbnailer-2.2.2-x86_64-5.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
xap/freerdp-2.11.5-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
xap/ssr-0.4.4-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
xap/vim-gvim-9.1.0061-x86_64-1.txz:  Upgraded.
xap/xine-lib-1.2.13-x86_64-6.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
xap/xscreensaver-6.08-x86_64-2.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
extra/tigervnc/tigervnc-1.13.1-x86_64-4.txz:  Rebuilt.
  Recompiled against ffmpeg-6.1.1.
2024-01-29 21:03:28 +01:00
Patrick J Volkerding
cbe9ad0002 Sat Jan 27 19:18:02 UTC 2024
ap/mc-4.8.31-x86_64-1.txz:  Upgraded.
l/libidn2-2.3.7-x86_64-1.txz:  Upgraded.
l/orc-0.4.36-x86_64-1.txz:  Upgraded.
n/c-ares-1.26.0-x86_64-1.txz:  Upgraded.
tcl/tclx-8.6.3-x86_64-1.txz:  Upgraded.
xap/freerdp-2.11.5-x86_64-1.txz:  Upgraded.
2024-01-27 20:59:02 +01:00
Patrick J Volkerding
c2e6d1a771 Fri Jan 26 20:59:27 UTC 2024
a/pam-1.6.0-x86_64-1.txz:  Upgraded.
  pam_namespace.so: fixed a possible local denial-of-service vulnerability.
  For more information, see:
    https://seclists.org/oss-sec/2024/q1/31
    https://www.cve.org/CVERecord?id=CVE-2024-22365
  (* Security fix *)
a/xz-5.4.6-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.21.1-x86_64-1.txz:  Upgraded.
2024-01-26 22:29:25 +01:00
Patrick J Volkerding
0abd603d71 Fri Jan 26 01:49:20 UTC 2024
a/acl-2.3.2-x86_64-1.txz:  Upgraded.
a/btrfs-progs-6.7-x86_64-1.txz:  Upgraded.
a/cryptsetup-2.7.0-x86_64-1.txz:  Upgraded.
a/inih-58-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240124_0c40df8-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.14-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.14-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.14-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.14-x86-1.txz:  Upgraded.
d/parallel-20240122-noarch-1.txz:  Upgraded.
k/kernel-source-6.6.14-noarch-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.22.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.22.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.22.9-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.22.9-x86_64-1.txz:  Upgraded.
l/gstreamer-1.22.9-x86_64-1.txz:  Upgraded.
l/libjpeg-turbo-3.0.2-x86_64-1.txz:  Upgraded.
l/libpng-1.6.41-x86_64-1.txz:  Upgraded.
l/python-docutils-0.20.1-x86_64-1.txz:  Upgraded.
l/python-editables-0.5-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
l/python-hatchling-1.21.0-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
l/python-pathspec-0.12.1-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
l/python-pluggy-1.4.0-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
l/python-pygments-2.17.2-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.2.6-x86_64-1.txz:  Upgraded.
l/python-sphinx_rtd_theme-2.0.0-x86_64-1.txz:  Added.
l/python-trove-classifiers-2024.1.8-x86_64-1.txz:  Added.
  Thanks to Heinz Wiesinger.
n/gnupg2-2.4.4-x86_64-1.txz:  Upgraded.
x/mesa-23.3.4-x86_64-1.txz:  Upgraded.
xap/geeqie-2.2-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-26 03:50:15 +01:00
Patrick J Volkerding
593df1e491 Wed Jan 24 04:53:38 UTC 2024
ap/ddrescue-1.28-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.41-x86_64-1.txz:  Upgraded.
l/orc-0.4.35-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-115.7.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.7.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/
    https://www.cve.org/CVERecord?id=CVE-2024-0741
    https://www.cve.org/CVERecord?id=CVE-2024-0742
    https://www.cve.org/CVERecord?id=CVE-2024-0746
    https://www.cve.org/CVERecord?id=CVE-2024-0747
    https://www.cve.org/CVERecord?id=CVE-2024-0749
    https://www.cve.org/CVERecord?id=CVE-2024-0750
    https://www.cve.org/CVERecord?id=CVE-2024-0751
    https://www.cve.org/CVERecord?id=CVE-2024-0753
    https://www.cve.org/CVERecord?id=CVE-2024-0755
  (* Security fix *)
2024-01-24 06:32:07 +01:00
Patrick J Volkerding
348371357b Tue Jan 23 20:08:07 UTC 2024
a/lzlib-1.14-x86_64-1.txz:  Upgraded.
a/plzip-1.11-x86_64-1.txz:  Upgraded.
l/libpaper-2.1.3-x86_64-1.txz:  Upgraded.
l/zlib-1.3.1-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-115.7.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.7.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-02/
    https://www.cve.org/CVERecord?id=CVE-2024-0741
    https://www.cve.org/CVERecord?id=CVE-2024-0742
    https://www.cve.org/CVERecord?id=CVE-2024-0746
    https://www.cve.org/CVERecord?id=CVE-2024-0747
    https://www.cve.org/CVERecord?id=CVE-2024-0749
    https://www.cve.org/CVERecord?id=CVE-2024-0750
    https://www.cve.org/CVERecord?id=CVE-2024-0751
    https://www.cve.org/CVERecord?id=CVE-2024-0753
    https://www.cve.org/CVERecord?id=CVE-2024-0755
  (* Security fix *)
2024-01-23 22:04:31 +01:00
Patrick J Volkerding
c3e723e555 Mon Jan 22 20:57:12 UTC 2024
l/SDL2_mixer-2.8.0-x86_64-1.txz:  Upgraded.
l/glib2-2.78.4-x86_64-1.txz:  Upgraded.
l/mozilla-nss-3.97-x86_64-1.txz:  Upgraded.
n/postfix-3.8.5-x86_64-1.txz:  Upgraded.
  Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
  = normalize" (default "no" for Postfix < 3.9), the Postfix
  SMTP server requires the standard End-of-DATA sequence
  <CR><LF>.<CR><LF>, and otherwise allows command or message
  content lines ending in the non-standard <LF>, processing
  them as if the client sent the standard <CR><LF>.
  The alternative setting, "smtpd_forbid_bare_newline = reject"
  will reject any command or message that contains a bare
  <LF>, and is more likely to cause problems with legitimate
  clients.
  For backwards compatibility, local clients are excluded by
  default with "smtpd_forbid_bare_newline_exclusions =
  $mynetworks".
  For more information, see:
    https://www.postfix.org/smtp-smuggling.html
  (* Security fix *)
2024-01-22 22:30:21 +01:00
Patrick J Volkerding
c705d52caf Sun Jan 21 20:50:08 UTC 2024
a/ed-1.20-x86_64-1.txz:  Upgraded.
l/SDL2_ttf-2.22.0-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_27-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.3-x86_64-1.txz:  Upgraded.
n/nghttp2-1.59.0-x86_64-1.txz:  Upgraded.
x/xbiff-1.0.5-x86_64-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz:  Rebuilt.
  Recompiled against xorg-server-21.1.11, including the latest patches for
  several security issues. Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-6377
    https://www.cve.org/CVERecord?id=CVE-2023-6478
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-21886
  (* Security fix *)
2024-01-21 22:29:32 +01:00
Patrick J Volkerding
f7ae570bcc Sat Jan 20 21:04:49 UTC 2024
a/kernel-firmware-20240117_bf0987d-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.13-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.13-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.13-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0041-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.13-x86-1.txz:  Upgraded.
k/kernel-source-6.6.13-noarch-1.txz:  Upgraded.
l/ffmpeg-5.1.4-x86_64-3.txz:  Rebuilt.
  Recompiled against libvpx-1.14.0.
l/gst-plugins-good-1.22.8-x86_64-2.txz:  Rebuilt.
  Recompiled against libvpx-1.14.0.
l/libvpx-1.14.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-2.txz:  Rebuilt.
  Recompiled against libvpx-1.14.0.
xap/vim-gvim-9.1.0041-x86_64-1.txz:  Upgraded.
xap/xine-lib-1.2.13-x86_64-5.txz:  Rebuilt.
  Recompiled against libvpx-1.14.0.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-20 22:50:42 +01:00
Patrick J Volkerding
833db20af8 Fri Jan 19 19:58:34 UTC 2024
n/php-8.3.2-x86_64-1.txz:  Upgraded.
x/wayland-protocols-1.33-noarch-1.txz:  Upgraded.
xap/network-manager-applet-1.36.0-x86_64-1.txz:  Upgraded.
xap/xsnow-3.7.7-x86_64-1.txz:  Upgraded.
2024-01-19 21:29:15 +01:00
Patrick J Volkerding
a70f83749f Fri Jan 19 04:40:13 UTC 2024
e/emacs-29.2-x86_64-1.txz:  Upgraded.
l/gtk+3-3.24.40-x86_64-1.txz:  Upgraded.
l/gtk4-4.12.5-x86_64-1.txz:  Upgraded.
l/kdsoap-2.2.0-x86_64-1.txz:  Upgraded.
l/python-html5lib-1.1-x86_64-1.txz:  Added.
  Thanks to alienBOB.
l/python-webencodings-0.5.1-x86_64-1.txz:  Added.
  Thanks to alienBOB.
2024-01-19 06:10:43 +01:00
Patrick J Volkerding
6876b5e5ed Wed Jan 17 21:13:27 UTC 2024
n/iputils-20240117-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.7-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.1.3-x86_64-1.txz:  Upgraded.
x/libime-1.1.5-x86_64-1.txz:  Upgraded.
xap/seamonkey-2.53.18.1-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.18.1
2024-01-17 23:15:26 +01:00
Patrick J Volkerding
a41e02d36f Tue Jan 16 20:49:28 UTC 2024
a/attr-2.5.2-x86_64-1.txz:  Upgraded.
a/shadow-4.14.3-x86_64-1.txz:  Upgraded.
a/zoo-2.10_28-x86_64-1.txz:  Upgraded.
  Merge final patches from Debian to fix various bugs. Thanks to jayjwa.
ap/sqlite-3.45.0-x86_64-1.txz:  Upgraded.
l/iso-codes-4.16.0-noarch-1.txz:  Upgraded.
n/gnutls-3.8.3-x86_64-1.txz:  Upgraded.
  This update fixes two medium severity security issues:
  Fix more timing side-channel inside RSA-PSK key exchange.
  Fix assertion failure when verifying a certificate chain with a cycle of
  cross signatures.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0553
    https://www.cve.org/CVERecord?id=CVE-2024-0567
  (* Security fix *)
x/xorg-server-21.1.11-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux context corruption.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
  (* Security fix *)
x/xorg-server-xephyr-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.11-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.2.4-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux context corruption.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
  (* Security fix *)
xfce/xfce4-whiskermenu-plugin-2.8.3-x86_64-1.txz:  Upgraded.
2024-01-16 22:29:44 +01:00
Patrick J Volkerding
715f1e2e38 Mon Jan 15 21:08:12 UTC 2024
a/kernel-firmware-20240115_9b6d0b0-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.12-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.12-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.12-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.12-x86-1.txz:  Upgraded.
k/kernel-source-6.6.12-noarch-1.txz:  Upgraded.
l/libxml2-2.12.4-x86_64-1.txz:  Upgraded.
l/pulseaudio-17.0-x86_64-2.txz:  Rebuilt.
  Patch regressions:
  [PATCH] alsa-ucm: Check UCM verb before working with device status.
  [PATCH] alsa-ucm: Replace port device UCM context assertion with an error.
l/readline-8.2.010-x86_64-1.txz:  Upgraded.
x/libinput-1.25.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-15 22:41:39 +01:00
Patrick J Volkerding
b12c0fed43 Sun Jan 14 19:16:48 UTC 2024
a/bash-5.2.026-x86_64-1.txz:  Upgraded.
a/cpio-2.15-x86_64-1.txz:  Upgraded.
kde/kdeconnect-kde-23.08.4-x86_64-2.txz:  Rebuilt.
  Recompiled against pulseaudio-qt-1.4.0.
l/libidn-1.42-x86_64-1.txz:  Upgraded.
l/libpsl-0.21.5-x86_64-1.txz:  Upgraded.
2024-01-14 20:58:46 +01:00
Patrick J Volkerding
589ec060e7 Sat Jan 13 20:31:09 UTC 2024
a/dcron-4.5-x86_64-15.txz:  Rebuilt.
  run-parts: don't redirect stderr to stdout. Thanks to Thom1b.
ap/vim-9.1.0027-x86_64-1.txz:  Upgraded.
d/mercurial-6.6.2-x86_64-1.txz:  Upgraded.
d/rust-bindgen-0.69.2-x86_64-1.txz:  Upgraded.
kde/attica-5.114.0-x86_64-1.txz:  Upgraded.
kde/baloo-5.114.0-x86_64-1.txz:  Upgraded.
kde/bluez-qt-5.114.0-x86_64-1.txz:  Upgraded.
kde/breeze-icons-5.114.0-noarch-1.txz:  Upgraded.
kde/extra-cmake-modules-5.114.0-x86_64-1.txz:  Upgraded.
kde/frameworkintegration-5.114.0-x86_64-1.txz:  Upgraded.
kde/kactivities-5.114.0-x86_64-1.txz:  Upgraded.
kde/kactivities-stats-5.114.0-x86_64-1.txz:  Upgraded.
kde/kapidox-5.114.0-x86_64-1.txz:  Upgraded.
kde/karchive-5.114.0-x86_64-1.txz:  Upgraded.
kde/kauth-5.114.0-x86_64-1.txz:  Upgraded.
kde/kbookmarks-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcalendarcore-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcmutils-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcodecs-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcompletion-5.114.0-x86_64-1.txz:  Upgraded.
kde/kconfig-5.114.0-x86_64-1.txz:  Upgraded.
kde/kconfigwidgets-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcontacts-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcoreaddons-5.114.0-x86_64-1.txz:  Upgraded.
kde/kcrash-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdav-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdbusaddons-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdeclarative-5.114.0-x86_64-1.txz:  Upgraded.
kde/kded-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdelibs4support-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdesignerplugin-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdesu-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdewebkit-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdnssd-5.114.0-x86_64-1.txz:  Upgraded.
kde/kdoctools-5.114.0-x86_64-1.txz:  Upgraded.
kde/kemoticons-5.114.0-x86_64-1.txz:  Upgraded.
kde/kfilemetadata-5.114.0-x86_64-1.txz:  Upgraded.
kde/kglobalaccel-5.114.0-x86_64-1.txz:  Upgraded.
kde/kguiaddons-5.114.0-x86_64-1.txz:  Upgraded.
kde/kholidays-5.114.0-x86_64-1.txz:  Upgraded.
kde/khtml-5.114.0-x86_64-1.txz:  Upgraded.
kde/ki18n-5.114.0-x86_64-1.txz:  Upgraded.
kde/kiconthemes-5.114.0-x86_64-1.txz:  Upgraded.
kde/kidletime-5.114.0-x86_64-1.txz:  Upgraded.
kde/kimageformats-5.114.0-x86_64-1.txz:  Upgraded.
kde/kinit-5.114.0-x86_64-1.txz:  Upgraded.
kde/kio-5.114.0-x86_64-1.txz:  Upgraded.
kde/kirigami2-5.114.0-x86_64-1.txz:  Upgraded.
kde/kitemmodels-5.114.0-x86_64-1.txz:  Upgraded.
kde/kitemviews-5.114.0-x86_64-1.txz:  Upgraded.
kde/kjobwidgets-5.114.0-x86_64-1.txz:  Upgraded.
kde/kjs-5.114.0-x86_64-1.txz:  Upgraded.
kde/kjsembed-5.114.0-x86_64-1.txz:  Upgraded.
kde/kmediaplayer-5.114.0-x86_64-1.txz:  Upgraded.
kde/knewstuff-5.114.0-x86_64-1.txz:  Upgraded.
kde/knotifications-5.114.0-x86_64-1.txz:  Upgraded.
kde/knotifyconfig-5.114.0-x86_64-1.txz:  Upgraded.
kde/kpackage-5.114.0-x86_64-1.txz:  Upgraded.
kde/kparts-5.114.0-x86_64-1.txz:  Upgraded.
kde/kpeople-5.114.0-x86_64-1.txz:  Upgraded.
kde/kplotting-5.114.0-x86_64-1.txz:  Upgraded.
kde/kpty-5.114.0-x86_64-1.txz:  Upgraded.
kde/kquickcharts-5.114.0-x86_64-1.txz:  Upgraded.
kde/kross-5.114.0-x86_64-1.txz:  Upgraded.
kde/krunner-5.114.0-x86_64-1.txz:  Upgraded.
kde/kservice-5.114.0-x86_64-1.txz:  Upgraded.
kde/ktextaddons-1.5.3-x86_64-1.txz:  Upgraded.
kde/ktexteditor-5.114.0-x86_64-1.txz:  Upgraded.
kde/ktextwidgets-5.114.0-x86_64-1.txz:  Upgraded.
kde/kunitconversion-5.114.0-x86_64-1.txz:  Upgraded.
kde/kwallet-5.114.0-x86_64-1.txz:  Upgraded.
kde/kwayland-5.114.0-x86_64-1.txz:  Upgraded.
kde/kwidgetsaddons-5.114.0-x86_64-1.txz:  Upgraded.
kde/kwindowsystem-5.114.0-x86_64-1.txz:  Upgraded.
kde/kxmlgui-5.114.0-x86_64-1.txz:  Upgraded.
kde/kxmlrpcclient-5.114.0-x86_64-1.txz:  Upgraded.
kde/modemmanager-qt-5.114.0-x86_64-1.txz:  Upgraded.
kde/networkmanager-qt-5.114.0-x86_64-1.txz:  Upgraded.
kde/oxygen-icons-5.114.0-noarch-1.txz:  Upgraded.
kde/plasma-framework-5.114.0-x86_64-1.txz:  Upgraded.
kde/prison-5.114.0-x86_64-1.txz:  Upgraded.
kde/pulseaudio-qt-1.4.0-x86_64-1.txz:  Upgraded.
kde/purpose-5.114.0-x86_64-1.txz:  Upgraded.
kde/qqc2-desktop-style-5.114.0-x86_64-1.txz:  Upgraded.
kde/solid-5.114.0-x86_64-1.txz:  Upgraded.
kde/sonnet-5.114.0-x86_64-1.txz:  Upgraded.
kde/syndication-5.114.0-x86_64-1.txz:  Upgraded.
kde/syntax-highlighting-5.114.0-x86_64-1.txz:  Upgraded.
kde/threadweaver-5.114.0-x86_64-1.txz:  Upgraded.
l/jasper-4.1.2-x86_64-1.txz:  Upgraded.
l/pulseaudio-17.0-x86_64-1.txz:  Upgraded.
n/bluez-5.72-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.120-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0027-x86_64-1.txz:  Upgraded.
2024-01-13 22:39:44 +01:00
Patrick J Volkerding
fa5f20fb26 Thu Jan 11 20:27:14 UTC 2024
ap/mpg123-1.32.4-x86_64-1.txz:  Upgraded.
l/nodejs-20.11.0-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.1-x86_64-1.txz:  Upgraded.
x/mesa-23.3.3-x86_64-1.txz:  Upgraded.
x/sddm-0.20.0-x86_64-4.txz:  Rebuilt.
2024-01-11 22:01:24 +01:00
Patrick J Volkerding
2498bfb1f9 Wed Jan 10 19:50:25 UTC 2024
a/kernel-firmware-20240110_323d51e-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.11-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.11-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.11-x86_64-1.txz:  Upgraded.
ap/htop-3.3.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.11-x86-1.txz:  Upgraded.
k/kernel-source-6.6.11-noarch-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-10 21:34:15 +01:00
Patrick J Volkerding
070f5e03ce Tue Jan 9 20:49:08 UTC 2024
a/mcelog-197-x86_64-1.txz:  Upgraded.
ap/qpdf-11.8.0-x86_64-1.txz:  Upgraded.
kde/qca-2.3.8-x86_64-1.txz:  Upgraded.
l/enchant-2.6.5-x86_64-1.txz:  Upgraded.
n/iproute2-6.7.0-x86_64-1.txz:  Upgraded.
xap/mozilla-thunderbird-115.6.1-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.thunderbird.net/en-US/thunderbird/115.6.1/releasenotes/
2024-01-09 22:32:52 +01:00
Patrick J Volkerding
09504fc484 Tue Jan 9 01:52:43 UTC 2024
a/procps-ng-3.3.17-x86_64-3.txz:  Rebuilt.
  Add /etc/default/sysctl to support custom options for sysctl in rc.S.
  Thanks to lostintime.
a/sysvinit-scripts-15.1-noarch-12.txz:  Rebuilt.
  rc.S: support /etc/default/sysctl for custom options.
  Thanks to lostintime.
l/imagemagick-7.1.1_26-x86_64-1.txz:  Upgraded.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-1.txz:  Upgraded.
n/samba-4.19.4-x86_64-1.txz:  Upgraded.
x/imake-1.0.10-x86_64-1.txz:  Upgraded.
2024-01-09 03:31:52 +01:00
Patrick J Volkerding
360a12d5d9 Sun Jan 7 20:24:51 UTC 2024
a/sysvinit-scripts-15.1-noarch-11.txz:  Rebuilt.
  rc.S: Don't attempt to edit /etc/motd unless it exists, it is writable, and
  the first line starts with "Linux <wrong kernel version>."
  Thanks to lostintime.
kde/okteta-0.26.15-x86_64-1.txz:  Upgraded.
l/at-spi2-core-2.50.1-x86_64-1.txz:  Upgraded.
2024-01-07 21:58:43 +01:00
Patrick J Volkerding
bf38de5939 Sat Jan 6 20:43:01 UTC 2024
x/fcitx5-anthy-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-gtk-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.2-x86_64-1.txz:  Upgraded.
x/libime-1.1.4-x86_64-1.txz:  Upgraded.
2024-01-06 22:00:08 +01:00
Patrick J Volkerding
64b7204188 Fri Jan 5 19:33:15 UTC 2024
a/hwdata-0.378-noarch-1.txz:  Upgraded.
a/kernel-firmware-20240105_c82c948-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.10-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.10-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.10-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0015-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.10-x86-1.txz:  Upgraded.
k/kernel-source-6.6.10-noarch-1.txz:  Upgraded.
  SERIAL_8250_NR_UARTS 4 -> 32
  SERIAL_8250_RUNTIME_UARTS 4 -> 32
  Thanks to Andypoo.
l/fmt-10.2.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.52.2-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0015-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-05 21:12:09 +01:00
Patrick J Volkerding
c238904d3e Thu Jan 4 20:54:16 UTC 2024
a/dcron-4.5-x86_64-14.txz:  Rebuilt.
  Add /etc/default/run-parts. Thanks to lostintime.
kde/fcitx5-configtool-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.6-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.4-x86_64-1.txz:  Upgraded.
x/pixman-0.43.0-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.6-x86_64-1.txz:  Upgraded.
2024-01-04 22:41:03 +01:00
Patrick J Volkerding
e2f5262f1f Wed Jan 3 20:25:45 UTC 2024
ap/vim-9.1.0-x86_64-1.txz:  Upgraded.
d/clisp-2.50_20230718_669249717-x86_64-1.txz:  Upgraded.
l/poppler-24.01.0-x86_64-1.txz:  Upgraded.
n/c-ares-1.25.0-x86_64-1.txz:  Upgraded.
n/mobile-broadband-provider-info-20231023-x86_64-1.txz:  Upgraded.
n/ncftp-3.2.7-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0-x86_64-1.txz:  Upgraded.
2024-01-03 22:00:24 +01:00
Patrick J Volkerding
4c234135ee Tue Jan 2 20:26:50 UTC 2024
a/dialog-1.3_20240101-x86_64-1.txz:  Upgraded.
d/swig-4.2.0-x86_64-1.txz:  Upgraded.
l/SDL2_image-2.8.2-x86_64-1.txz:  Upgraded.
l/fmt-10.2.0-x86_64-1.txz:  Upgraded.
x/xterm-389-x86_64-1.txz:  Upgraded.
testing/packages/grub-2.12-x86_64-2.txz:  Rebuilt.
  Ingore .new and .orig files in /etc/grub.d/.
2024-01-02 21:59:28 +01:00
Patrick J Volkerding
ba1dfae859 Mon Jan 1 19:45:16 UTC 2024
a/kernel-firmware-20231226_abfcad8-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.9-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.9-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.9-x86_64-1.txz:  Upgraded.
ap/ksh93-1.0.8-x86_64-1.txz:  Upgraded.
d/ccache-4.9-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.9-x86-1.txz:  Upgraded.
k/kernel-source-6.6.9-noarch-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-01-01 21:30:50 +01:00
Patrick J Volkerding
87abec467e Sun Dec 31 20:34:45 UTC 2023
ap/vim-9.0.2189-x86_64-1.txz:  Upgraded.
l/imagemagick-7.1.1_25-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.0.2189-x86_64-1.txz:  Upgraded.
xfce/thunar-4.18.10-x86_64-1.txz:  Upgraded.
2023-12-31 22:04:44 +01:00