Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-29 10:25:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1842 commits 8 branches 2369 tags 481 MiB
Commit graph

4 commits

Author SHA1 Message Date
Patrick J Volkerding
c9ced48b11 Tue Jul 23 18:54:25 UTC 2024 
Hey folks, we got a new glibc and are beginning the process of baking the new
default compile flags into the toolchain, the graphics stack, and whatever else
happens along. Enjoy! :-)
a/aaa_glibc-solibs-2.40-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-2.txz:  Rebuilt.
  Fix build against recent ext2fs.h. Thanks to shipujin.
a/xfsprogs-6.9.0-x86_64-1.txz:  Upgraded.
ap/rpm-4.19.1.1-x86_64-3.txz:  Rebuilt.
ap/slackpkg-15.0.10-noarch-4.txz:  Rebuilt.
  Prefer gpg1 again. Going with the modern gpg with more dependencies was
  a mistake in this case. (now we know why gnupg-1 is still around :-)
  Thanks to Petri Kaukasoina.
d/binutils-2.42-x86_64-3.txz:  Rebuilt.
d/cargo-vendor-filterer-0.5.14-x86_64-2.txz:  Rebuilt.
d/cbindgen-0.26.0-x86_64-2.txz:  Rebuilt.
d/ccache-4.10.2-x86_64-1.txz:  Upgraded.
d/cmake-3.30.1-x86_64-2.txz:  Rebuilt.
d/gcc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-g++-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gdc-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gfortran-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gm2-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-gnat-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-go-14.1.0-x86_64-2.txz:  Rebuilt.
d/gcc-objc-14.1.0-x86_64-2.txz:  Rebuilt.
d/libgccjit-14.1.0-x86_64-2.txz:  Rebuilt.
d/libtool-2.4.7-x86_64-8.txz:  Rebuilt.
d/parallel-20240722-noarch-1.txz:  Upgraded.
d/pkg-config-0.29.2-x86_64-5.txz:  Rebuilt.
d/python-setuptools-71.1.0-x86_64-1.txz:  Upgraded.
d/ruby-3.3.4-x86_64-2.txz:  Rebuilt.
d/rust-bindgen-0.69.4-x86_64-2.txz:  Rebuilt.
d/strace-6.10-x86_64-1.txz:  Upgraded.
d/subversion-1.14.3-x86_64-3.txz:  Rebuilt.
e/emacs-29.4-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.16.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.11-x86_64-1.txz:  Upgraded.
l/PyQt5_sip-12.15.0-x86_64-2.txz:  Rebuilt.
l/argon2-20190702-x86_64-6.txz:  Rebuilt.
l/ffmpeg-6.1.1-x86_64-5.txz:  Rebuilt.
l/glibc-2.40-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nscd: Stack-based buffer overflow in netgroup cache.
  nscd: Null pointer crash after notfound response.
  nscd: netgroup cache may terminate daemon on memory allocation failure.
  nscd: netgroup cache assumes NSS callback uses in-buffer strings.
  These vulnerabilities were only present in the nscd binary.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-33599
    https://www.cve.org/CVERecord?id=CVE-2024-33600
    https://www.cve.org/CVERecord?id=CVE-2024-33601
    https://www.cve.org/CVERecord?id=CVE-2024-33602
  (* Security fix *)
l/glibc-i18n-2.40-x86_64-1.txz:  Upgraded.
l/glibc-profile-2.40-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.5-x86_64-2.txz:  Rebuilt.
l/libcdio-paranoia-10.2+2.0.2-x86_64-1.txz:  Upgraded.
l/libclc-18.1.8-x86_64-3.txz:  Rebuilt.
l/libproxy-0.5.8-x86_64-1.txz:  Upgraded.
l/lz4-1.10.0-x86_64-1.txz:  Upgraded.
l/poppler-24.07.0-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-8.1.0-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.4.7-x86_64-1.txz:  Upgraded.
l/qt5-5.15.14_20240716_ae0c8451-x86_64-1.txz:  Upgraded.
l/qt5-webkit-5.212.0_alpha4-x86_64-13.txz:  Rebuilt.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-3.txz:  Rebuilt.
l/sip-6.8.6-x86_64-2.txz:  Rebuilt.
l/spirv-llvm-translator-18.1.2-x86_64-2.txz:  Rebuilt.
l/v4l-utils-1.28.0-x86_64-1.txz:  Upgraded.
n/bind-9.18.28-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Remove SIG(0) support from named as a countermeasure for CVE-2024-1975.
  qctx-zversion was not being cleared when it should have been leading to
  an assertion failure if it needed to be reused.
  An excessively large number of rrtypes per owner can slow down database query
  processing, so a limit has been placed on the number of rrtypes that can be
  stored per owner (node) in a cache or zone database. This is configured with
  the new "max-rrtypes-per-name" option, and defaults to 100.
  Excessively large rdatasets can slow down database query processing, so a
  limit has been placed on the number of records that can be stored per
  rdataset in a cache or zone database. This is configured with the new
  "max-records-per-type" option, and defaults to 100.
  Malicious DNS client that sends many queries over TCP but never reads
  responses can cause server to respond slowly or not respond at all for other
  clients.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-1975
    https://www.cve.org/CVERecord?id=CVE-2024-4076
    https://www.cve.org/CVERecord?id=CVE-2024-1737
    https://www.cve.org/CVERecord?id=CVE-2024-0760
  (* Security fix *)
n/fetchmail-6.4.39-x86_64-1.txz:  Upgraded.
n/obexftp-0.24.2-x86_64-13.txz:  Rebuilt.
n/pinentry-1.3.1-x86_64-2.txz:  Rebuilt.
n/wpa_supplicant-2.11-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.6-x86_64-3.txz:  Rebuilt.
x/ibus-m17n-1.4.30-x86_64-1.txz:  Upgraded.
x/libdrm-2.4.122-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-10.txz:  Rebuilt.
x/mesa-24.1.4-x86_64-2.txz:  Rebuilt.
x/vulkan-sdk-1.3.275.0-x86_64-3.txz:  Rebuilt.
xap/audacious-4.4-x86_64-2.txz:  Rebuilt.
xap/audacious-plugins-4.4-x86_64-2.txz:  Rebuilt.
xap/mozilla-thunderbird-128.0.1esr-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/128.0.1esr/releasenotes/
xap/xaos-4.3.2-x86_64-2.txz:  Rebuilt.
extra/emacs-regular-build/emacs-29.4-x86_64-2_regular.txz:  Rebuilt.
 2024-07-23 22:50:05 +02:00
Patrick J Volkerding
1e89414bae Sat Mar 23 19:34:02 UTC 2024 
ap/vim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz:  Added.
  Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz:  Upgraded.
l/libdeflate-1.20-x86_64-1.txz:  Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz:  Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz:  Upgraded.
l/polkit-123-x86_64-2.txz:  Rebuilt.
  Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz:  Rebuilt.
  It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An attacker was able to inject an event handler into a privileged object
  that would allow arbitrary JavaScript execution in the parent process.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-16/
    https://www.cve.org/CVERecord?id=CVE-2024-29944
  (* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
 2024-03-23 21:19:32 +01:00
Patrick J Volkerding
0cbf4c3859 Wed Mar 20 21:10:30 UTC 2024 
a/libblockdev-2.28-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz:  Rebuilt.
  rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz:  Rebuilt.
  Drop python2 support.
ap/man-pages-6.7-noarch-1.txz:  Upgraded.
d/cmake-3.28.4-x86_64-1.txz:  Upgraded.
d/llvm-18.1.2-x86_64-1.txz:  Upgraded.
d/python2-2.7.18-x86_64-7.txz:  Rebuilt.
  Bundle the final python2 versions of pip and setuptools.
  Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz:  Upgraded.
  Point the /usr/bin/python symlink at python3.9.
  PEP 394 says we can do this, and in a world of ambigious shebangs, this
  is probably the best of the available options.
  This update also fixes security issues:
  bundled libexpat was updated to 2.6.0.
  zipfile is now protected from the "quoted-overlap" zipbomb.
  tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
  working around file system permission errors.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2024-0450
    https://www.cve.org/CVERecord?id=CVE-2023-6597
  (* Security fix *)
d/strace-6.8-x86_64-1.txz:  Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz:  Rebuilt.
  Fixed installed library name. Thanks to reddog83.
  Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz:  Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz:  Rebuilt.
  Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz:  Removed.
  Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz:  Added.
  We'll need this (along with pygtk and pygobject) until we get gimp3.
  Well, we could build gimp without python support, but I really don't think
  that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz:  Upgraded.
n/crda-4.15-x86_64-1.txz:  Removed.
  The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz:  Upgraded.
n/gpgme-1.23.2-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz:  Rebuilt.
  Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz:  Added.
  Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz:  Removed.
  Nothing uses it, and it was never updated for python3. Removed as obsolete.
 2024-03-20 23:08:57 +01:00
Patrick J Volkerding
5a8e431607 Wed Mar 20 00:08:59 UTC 2024 
a/sysvinit-scripts-15.1-noarch-14.txz:  Rebuilt.
  rc.S: fix motd matching so that it works on a fresh install.
d/scons-4.7.0-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-46.0-noarch-1.txz:  Upgraded.
l/at-spi2-core-2.52.0-x86_64-1.txz:  Upgraded.
l/gcr4-4.2.1-x86_64-1.txz:  Added.
l/gjs-1.80.0-x86_64-1.txz:  Upgraded.
l/glib-networking-2.80.0-x86_64-1.txz:  Upgraded.
l/glib2-2.80.0-x86_64-1.txz:  Upgraded.
l/gobject-introspection-1.80.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-46.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.54.0-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.0-x86_64-1.txz:  Upgraded.
l/mozjs115-115.9.0esr-x86_64-1.txz:  Added.
  Needed by gjs-1.80.0.
l/newt-0.52.24-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/pygobject3-3.48.1-x86_64-1.txz:  Upgraded.
l/python-glad2-2.0.6-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.3-x86_64-1.txz:  Upgraded.
l/vte-0.76.0-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.0-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.4-x86_64-1.txz:  Upgraded.
  This update fixes two medium severity security issues:
  libgnutls: Fix side-channel in the deterministic ECDSA.
  Reported by George Pantelakis (#1516).
  libgnutls: Fixed a bug where certtool crashed when verifying a certificate
  chain with more than 16 certificates. Reported by William Woodruff (#1525)
  and yixiangzhike (#1527).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-28834
    https://www.cve.org/CVERecord?id=CVE-2024-28835
  (* Security fix *)
xap/mozilla-firefox-115.9.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-13/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
xap/mozilla-thunderbird-115.9.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
 2024-03-20 02:20:04 +01:00