a/less-654-x86_64-1.txz: Upgraded.
d/ninja-1.12.1-x86_64-1.txz: Upgraded.
n/whois-5.5.23-x86_64-1.txz: Upgraded.
Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
TLD servers.
extra/bittornado/bittornado-0.3.18-noarch-3.txz: Removed.
Obsolete and based on python2.
ap/linuxdoc-tools-0.9.83-x86_64-1.txz: Upgraded.
Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0.
See the ChangeLog in source/ap/linuxdoc-tools for more details.
Thanks to Stuart Winter.
ap/sqlite-3.45.3-x86_64-1.txz: Upgraded.
l/Mako-1.3.3-x86_64-1.txz: Upgraded.
l/pipewire-1.0.5-x86_64-1.txz: Upgraded.
l/python-hatchling-1.23.0-x86_64-1.txz: Upgraded.
x/libwacom-2.11.0-x86_64-1.txz: Upgraded.
x/xcb-proto-1.17.0-x86_64-1.txz: Upgraded.
x/xf86-input-wacom-1.2.2-x86_64-1.txz: Upgraded.
xap/pan-0.158-x86_64-1.txz: Upgraded.
Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-)
a/shadow-4.15.1-x86_64-1.txz: Upgraded.
The main point of this release is to fix a bug that caused spurious error
messages about unknown login.defs configuration options.
a/sysvinit-3.09-x86_64-1.txz: Upgraded.
l/python-trove-classifiers-2024.3.25-x86_64-1.txz: Upgraded.
x/libX11-1.8.8-x86_64-1.txz: Upgraded.
x/libXmu-1.2.0-x86_64-1.txz: Upgraded.
x/lndir-1.0.5-x86_64-1.txz: Upgraded.
x/xf86-video-savage-2.4.1-x86_64-1.txz: Upgraded.
x/xman-1.2.0-x86_64-1.txz: Upgraded.
x/xorg-docs-1.7.3-noarch-1.txz: Upgraded.
ap/vim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz: Added.
Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz: Upgraded.
l/libdeflate-1.20-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz: Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-2.txz: Rebuilt.
Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz: Rebuilt.
It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/https://www.mozilla.org/security/advisories/mfsa2024-16/https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
a/libblockdev-2.28-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz: Rebuilt.
rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz: Rebuilt.
Drop python2 support.
ap/man-pages-6.7-noarch-1.txz: Upgraded.
d/cmake-3.28.4-x86_64-1.txz: Upgraded.
d/llvm-18.1.2-x86_64-1.txz: Upgraded.
d/python2-2.7.18-x86_64-7.txz: Rebuilt.
Bundle the final python2 versions of pip and setuptools.
Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz: Upgraded.
Point the /usr/bin/python symlink at python3.9.
PEP 394 says we can do this, and in a world of ambigious shebangs, this
is probably the best of the available options.
This update also fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-52425https://www.cve.org/CVERecord?id=CVE-2024-0450https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
d/strace-6.8-x86_64-1.txz: Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz: Rebuilt.
Fixed installed library name. Thanks to reddog83.
Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz: Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz: Rebuilt.
Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz: Removed.
Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz: Added.
We'll need this (along with pygtk and pygobject) until we get gimp3.
Well, we could build gimp without python support, but I really don't think
that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz: Upgraded.
n/crda-4.15-x86_64-1.txz: Removed.
The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz: Upgraded.
n/gpgme-1.23.2-x86_64-2.txz: Rebuilt.
Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz: Rebuilt.
Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz: Added.
Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz: Removed.
Nothing uses it, and it was never updated for python3. Removed as obsolete.
kde/kalk-23.04.0-x86_64-1.txz: Removed.
kde/ktextaddons-1.2.1-x86_64-1.txz: Upgraded.
Revert to this version until a newer one works.
kde/qcoro-0.9.0-x86_64-1.txz: Upgraded.
l/iso-codes-4.15.0-noarch-1.txz: Upgraded.
n/lynx-2.9.0dev.12-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.4-x86_64-1.txz: Upgraded.
x/xinput-1.6.4-x86_64-1.txz: Upgraded.
a/kernel-firmware-20230406_86da2ac-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.23-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.23-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.23-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.23-x86-1.txz: Upgraded.
d/llvm-16.0.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.23-noarch-1.txz: Upgraded.
l/SDL2-2.26.5-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_6-x86_64-1.txz: Upgraded.
l/isl-0.26-x86_64-1.txz: Upgraded.
l/spirv-llvm-translator-16.0.0-x86_64-2.txz: Rebuilt.
Looks like this is working now after some linking adjustments.
Thanks very much to lucabon!
x/mesa-23.0.1-x86_64-3.txz: Rebuilt.
x/xf86-input-wacom-1.2.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/pkgtools-15.1-noarch-4.txz: Rebuilt.
makepkg: also let xz decide how many threads to use on ARM platforms aarch64
and riscv64. Thanks to Stuart Winter.
installpkg: fix reversed test for if a --threads option was given. It appears
that it's been wrong for years but since xz didn't support threaded
decompression yet it wasn't noticed.
a/xz-5.4.1-x86_64-2.txz: Rebuilt.
Reduce default verbosity from V_WARNING to V_ERROR to avoid sending non-fatal
memory usage information to stderr.
kde/plasma-wayland-protocols-1.10.0-x86_64-1.txz: Upgraded.
l/exiv2-0.27.6-x86_64-1.txz: Upgraded.
l/tdb-1.4.8-x86_64-1.txz: Upgraded.
x/igt-gpu-tools-1.27.1-x86_64-1.txz: Upgraded.
x/libX11-1.8.3-x86_64-2.txz: Rebuilt.
[PATCH] Fix a9e845 and 797755 Allow X*IfEvent() to reenter libX11
Thanks to marav.
d/p2c-2.02-x86_64-1.txz: Upgraded.
kde/dolphin-22.12.0-x86_64-2.txz: Rebuilt.
[PATCH] Revert "portalize drag urls"
Thanks to marav.
l/gst-plugins-bad-free-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.20.5-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.20.5-x86_64-1.txz: Upgraded.
l/gstreamer-1.20.5-x86_64-1.txz: Upgraded.
l/libqalculate-4.5.0-x86_64-1.txz: Upgraded.
l/libvncserver-0.9.14-x86_64-1.txz: Upgraded.
l/sdl-1.2.15-x86_64-14.txz: Rebuilt.
This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
By crafting a malicious .BMP file, an attacker can cause the application
using this library to crash, denial of service, or code execution.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-33657
(* Security fix *)
n/gnupg2-2.2.41-x86_64-1.txz: Upgraded.
n/libksba-1.6.3-x86_64-1.txz: Upgraded.
Fix another integer overflow in the CRL's signature parser.
(* Security fix *)
x/libSM-1.2.4-x86_64-1.txz: Upgraded.
x/xcb-util-0.4.1-x86_64-1.txz: Upgraded.
x/xdriinfo-1.0.7-x86_64-1.txz: Upgraded.
a/logrotate-3.21.0-x86_64-1.txz: Upgraded.
kde/gwenview-22.12.0-x86_64-2.txz: Rebuilt.
Recompiled against cfitsio-4.2.0.
kde/kstars-3.6.2-x86_64-2.txz: Rebuilt.
Recompiled against cfitsio-4.2.0.
l/cfitsio-4.2.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gsettings-desktop-schemas-43.0-x86_64-1.txz: Upgraded.
l/gtk4-4.8.2-x86_64-1.txz: Upgraded.
x/xorg-server-21.1.6-x86_64-1.txz: Upgraded.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
x/xorg-server-xephyr-21.1.6-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.6-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.6-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-22.1.7-x86_64-1.txz: Upgraded.
This release fixes an invalid event type mask in XTestSwapFakeInput which
was inadvertently changed from octal 0177 to hexadecimal 0x177 in the fix
for CVE-2022-46340.
testing/packages/rust-1.66.0-x86_64-1.txz: Added.
d/cargo-vendor-filterer-0.5.7-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
d/cbindgen-0.24.3-x86_64-1.txz: Added.
d/python3-3.9.16-x86_64-1.txz: Upgraded.
This update fixes security issues:
gh-98739: Updated bundled libexpat to 2.5.0 to fix CVE-2022-43680
(heap use-after-free).
gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio
related name resolution functions no longer involves a quadratic algorithm
to fix CVE-2022-45061. This prevents a potential CPU denial of service if an
out-of-spec excessive length hostname involving bidirectional characters were
decoded. Some protocols such as urllib http 3xx redirects potentially allow
for an attacker to supply such a name.
gh-100001: python -m http.server no longer allows terminal control characters
sent within a garbage request to be printed to the stderr server log.
gh-87604: Avoid publishing list of active per-interpreter audit hooks via the
gc module.
gh-97514: On Linux the multiprocessing module returns to using filesystem
backed unix domain sockets for communication with the forkserver process
instead of the Linux abstract socket namespace. Only code that chooses to use
the "forkserver" start method is affected. This prevents Linux CVE-2022-42919
(potential privilege escalation) as abstract sockets have no permissions and
could allow any user on the system in the same network namespace (often the
whole system) to inject code into the multiprocessing forkserver process.
Filesystem based socket permissions restrict this to the forkserver process
user as was the default in Python 3.8 and earlier.
gh-98517: Port XKCP's fix for the buffer overflows in SHA-3 to fix
CVE-2022-37454.
gh-68966: The deprecated mailcap module now refuses to inject unsafe text
(filenames, MIME types, parameters) into shell commands to address
CVE-2015-20107. Instead of using such text, it will warn and act as if a
match was not found (or for test commands, as if the test failed).
For more information, see:
https://pythoninsider.blogspot.com/2022/12/python-3111-3109-3916-3816-3716-and.htmlhttps://www.cve.org/CVERecord?id=CVE-2022-43680https://www.cve.org/CVERecord?id=CVE-2022-45061https://www.cve.org/CVERecord?id=CVE-2022-42919https://www.cve.org/CVERecord?id=CVE-2022-37454https://www.cve.org/CVERecord?id=CVE-2015-20107
(* Security fix *)
d/rust-bindgen-0.63.0-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
l/pcre2-10.41-x86_64-1.txz: Upgraded.
n/proftpd-1.3.8-x86_64-1.txz: Upgraded.
x/mesa-22.3.0-x86_64-1.txz: Upgraded.
Compiled with Rusticl support. Thanks to Heinz Wiesinger.
x/xdm-1.1.14-x86_64-1.txz: Upgraded.
a/ntfs-3g-2022.10.3-x86_64-1.txz: Upgraded.
ap/mpg123-1.31.0-x86_64-1.txz: Upgraded.
ap/vim-9.0.0814-x86_64-1.txz: Upgraded.
A vulnerability was found in vim and classified as problematic. Affected by
this issue is the function qf_update_buffer of the file quickfix.c of the
component autocmd Handler. The manipulation leads to use after free. The
attack may be launched remotely. Upgrading to version 9.0.0805 is able to
address this issue.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-3705
(* Security fix *)
d/ccache-4.7.2-x86_64-1.txz: Upgraded.
d/make-4.4-x86_64-1.txz: Upgraded.
d/patchelf-0.16.1-x86_64-1.txz: Upgraded.
d/strace-6.0-x86_64-1.txz: Upgraded.
kde/kwin-5.26.2.1-x86_64-2.txz: Rebuilt.
[PATCH] x11window: revert more from 3a28c02f.
Thanks to Heinz Wiesinger.
[PATCH] x11: Don't force QT_NO_GLIB=1.
[PATCH] x11: Don't force QT_QPA_PLATFORM=xcb.
Thanks to marav.
l/libedit-20221030_3.1-x86_64-1.txz: Upgraded.
l/python-importlib_metadata-5.0.0-x86_64-1.txz: Upgraded.
l/taglib-1.13-x86_64-1.txz: Upgraded.
l/utf8proc-2.8.0-x86_64-1.txz: Upgraded.
n/openvpn-2.5.8-x86_64-1.txz: Upgraded.
n/socat-1.7.4.4-x86_64-1.txz: Upgraded.
x/libXext-1.3.5-x86_64-1.txz: Upgraded.
x/libXinerama-1.1.5-x86_64-1.txz: Upgraded.
x/makedepend-1.0.7-x86_64-1.txz: Upgraded.
x/rgb-1.1.0-x86_64-1.txz: Upgraded.
x/sessreg-1.1.3-x86_64-1.txz: Upgraded.
x/x11perf-1.6.2-x86_64-1.txz: Upgraded.
x/xsetroot-1.1.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-106.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/106.0.3/releasenotes/
xap/mozilla-thunderbird-102.4.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.4.1/releasenotes/
xap/vim-gvim-9.0.0814-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.25-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
extra/php81/php81-8.1.12-x86_64-1.txz: Upgraded.
This update fixes security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
ap/vim-9.0.0790-x86_64-1.txz: Upgraded.
d/ccache-4.7-x86_64-1.txz: Upgraded.
d/git-2.38.1-x86_64-1.txz: Upgraded.
This release fixes two security issues:
* CVE-2022-39253:
When relying on the `--local` clone optimization, Git dereferences
symbolic links in the source repository before creating hardlinks
(or copies) of the dereferenced link in the destination repository.
This can lead to surprising behavior where arbitrary files are
present in a repository's `$GIT_DIR` when cloning from a malicious
repository.
Git will no longer dereference symbolic links via the `--local`
clone mechanism, and will instead refuse to clone repositories that
have symbolic links present in the `$GIT_DIR/objects` directory.
Additionally, the value of `protocol.file.allow` is changed to be
"user" by default.
* CVE-2022-39260:
An overly-long command string given to `git shell` can result in
overflow in `split_cmdline()`, leading to arbitrary heap writes and
remote code execution when `git shell` is exposed and the directory
`$HOME/git-shell-commands` exists.
`git shell` is taught to refuse interactive commands that are
longer than 4MiB in size. `split_cmdline()` is hardened to reject
inputs larger than 2GiB.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
(* Security fix *)
kde/bluedevil-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-grub-5.26.1-x86_64-1.txz: Upgraded.
kde/breeze-gtk-5.26.1-x86_64-1.txz: Upgraded.
kde/drkonqi-5.26.1-x86_64-1.txz: Upgraded.
kde/kactivitymanagerd-5.26.1-x86_64-1.txz: Upgraded.
kde/kde-cli-tools-5.26.1-x86_64-1.txz: Upgraded.
kde/kde-gtk-config-5.26.1-x86_64-1.txz: Upgraded.
kde/kdecoration-5.26.1-x86_64-1.txz: Upgraded.
kde/kdeplasma-addons-5.26.1-x86_64-1.txz: Upgraded.
kde/kgamma5-5.26.1-x86_64-1.txz: Upgraded.
kde/khotkeys-5.26.1-x86_64-1.txz: Upgraded.
kde/kinfocenter-5.26.1-x86_64-1.txz: Upgraded.
kde/kmenuedit-5.26.1-x86_64-1.txz: Upgraded.
kde/kpipewire-5.26.1-x86_64-1.txz: Upgraded.
kde/kscreen-5.26.1-x86_64-1.txz: Upgraded.
kde/kscreenlocker-5.26.1-x86_64-1.txz: Upgraded.
kde/ksshaskpass-5.26.1-x86_64-1.txz: Upgraded.
kde/ksystemstats-5.26.1-x86_64-1.txz: Upgraded.
kde/kwallet-pam-5.26.1-x86_64-1.txz: Upgraded.
kde/kwayland-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/kwin-5.26.1-x86_64-1.txz: Upgraded.
kde/kwrited-5.26.1-x86_64-1.txz: Upgraded.
kde/layer-shell-qt-5.26.1-x86_64-1.txz: Upgraded.
kde/libkscreen-5.26.1-x86_64-1.txz: Upgraded.
kde/libksysguard-5.26.1-x86_64-1.txz: Upgraded.
kde/milou-5.26.1-x86_64-1.txz: Upgraded.
kde/oxygen-5.26.1-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-browser-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-disks-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-firewall-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-integration-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-nm-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-pa-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-systemmonitor-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-vault-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.26.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-wallpapers-5.26.1-x86_64-1.txz: Upgraded.
kde/polkit-kde-agent-1-5.26.1-x86_64-1.txz: Upgraded.
kde/powerdevil-5.26.1-x86_64-1.txz: Upgraded.
kde/qqc2-breeze-style-5.26.1-x86_64-1.txz: Upgraded.
kde/sddm-kcm-5.26.1-x86_64-1.txz: Upgraded.
kde/systemsettings-5.26.1-x86_64-1.txz: Upgraded.
kde/xdg-desktop-portal-kde-5.26.1-x86_64-1.txz: Upgraded.
l/libical-3.0.16-x86_64-1.txz: Upgraded.
l/nodejs-19.0.0-x86_64-1.txz: Upgraded.
n/NetworkManager-1.40.2-x86_64-1.txz: Upgraded.
n/whois-5.5.14-x86_64-1.txz: Upgraded.
x/libXmu-1.1.4-x86_64-1.txz: Upgraded.
x/libXpresent-1.0.1-x86_64-1.txz: Upgraded.
x/libpciaccess-0.17-x86_64-1.txz: Upgraded.
x/libxkbfile-1.1.1-x86_64-1.txz: Upgraded.
x/libxshmfence-1.3.1-x86_64-1.txz: Upgraded.
x/pixman-0.42.0-x86_64-1.txz: Upgraded.
x/xcb-util-cursor-0.1.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-106.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/106.0/releasenotes/https://www.mozilla.org/security/advisories/mfsa2022-44/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42927https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42928https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42929https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42930https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42931https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42932
(* Security fix *)
xap/vim-gvim-9.0.0790-x86_64-1.txz: Upgraded.