Enjoy your shiny new vmlinuz-6.9.11-generic!
Thanks again to LuckyCyborg for teaching me about the path of least resistance.
a/grub-2.12-x86_64-14.txz: Rebuilt.
Don't mention 09_slackware_linux in the /etc/default/grub comments.
a/kernel-generic-6.9.11-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.11-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.11-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-35.txz: Rebuilt.
d/kernel-headers-6.9.11-x86-1.txz: Upgraded.
d/rust-1.80.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.11-noarch-1.txz: Upgraded.
l/xapian-core-1.4.26-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.24-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.24-x86-1.txz: Upgraded.
d/python3-3.11.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.24-noarch-1.txz: Upgraded.
-AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
-GCC11_NO_ARRAY_BOUNDS y
NUMA_BALANCING n -> y
+GCC10_NO_ARRAY_BOUNDS y
+NUMA_BALANCING_DEFAULT_ENABLED y
kde/libindi-2.0.7-x86_64-1.txz: Upgraded.
l/SDL2-2.30.2-x86_64-1.txz: Upgraded.
l/aom-3.8.2-x86_64-1.txz: Added.
Needed to add AV1 encode/decode support to ffmpeg.
Thanks to Andrew Strong.
l/dav1d-1.4.1-x86_64-1.txz: Added.
Needed to add AV1 decode support to ffmpeg.
l/ffmpeg-6.1.1-x86_64-2.txz: Rebuilt.
Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
Thanks to glennmcc.
l/gtk4-4.14.2-x86_64-1.txz: Upgraded.
n/whois-5.5.22-x86_64-1.txz: Upgraded.
Fixed a segmentation fault with --no-recursion.
Updated the .bm and .vi TLD servers.
Removed 4 new gTLDs which are no longer active.
xap/MPlayer-20240403-x86_64-1.txz: Upgraded.
Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
Thanks to glennmcc.
xap/pan-0.157-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/btrfs-progs-6.8-x86_64-1.txz: Upgraded.
a/gpm-1.20.7-x86_64-10.txz: Rebuilt.
Clean up the compile fix patch omitting the Emacs Lisp file.
Clean up and apply the weak-wgetch patch.
Build using the option --without-curses.
Thanks to qunying.
a/util-linux-2.40-x86_64-1.txz: Upgraded.
This release fixes a vulnerability where the wall command did not filter
escape sequences from command line arguments, allowing unprivileged users
to put arbitrary text on other users terminals.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-28085
(* Security fix *)
d/rust-1.77.1-x86_64-1.txz: Upgraded.
l/fluidsynth-2.3.5-x86_64-1.txz: Upgraded.
l/protobuf-26.1-x86_64-1.txz: Upgraded.
l/python-build-1.2.1-x86_64-1.txz: Upgraded.
n/samba-4.20.0-x86_64-1.txz: Upgraded.
x/mesa-24.0.4-x86_64-1.txz: Upgraded.
xap/seamonkey-2.53.18.2-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.18.2
(* Security fix *)
d/mercurial-6.7.1-x86_64-1.txz: Upgraded.
d/rust-1.77.0-x86_64-1.txz: Upgraded.
l/cairomm1-1.18.0-x86_64-1.txz: Added.
Thanks to jloco.
l/glibmm2-2.78.1-x86_64-1.txz: Added.
Thanks to jloco.
l/gtkmm4-4.12.0-x86_64-1.txz: Added.
Thanks to jloco.
l/libclc-18.1.2-x86_64-1.txz: Upgraded.
l/pangomm-2.46.4-x86_64-1.txz: Upgraded.
l/pangomm2-2.50.2-x86_64-1.txz: Added.
Thanks to jloco.
n/openvpn-2.6.10-x86_64-1.txz: Upgraded.
x/libkkc-0.3.5-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/libkkc-data-0.2.7-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/marisa-0.2.6-x86_64-8.txz: Rebuilt.
Drop python2 support and rebuild marisa module for python3.
x/wayland-protocols-1.34-noarch-1.txz: Upgraded.
a/procps-ng-4.0.4-x86_64-1.txz: Upgraded.
a/shadow-4.14.4-x86_64-1.txz: Upgraded.
ap/man-pages-6.06-noarch-1.txz: Upgraded.
ap/vim-9.1.0098-x86_64-1.txz: Upgraded.
d/libgccjit-13.2.0-x86_64-1.txz: Added.
If we can ship GCC's D and Modula-2 support, then we can ship this.
We'll probably find a use for it. ;-)
Thanks to Didier Spaier for hints on the build script.
d/mercurial-6.6.3-x86_64-1.txz: Upgraded.
d/rust-1.76.0-x86_64-1.txz: Upgraded.
l/gegl-0.4.48-x86_64-1.txz: Upgraded.
l/openexr-3.2.2-x86_64-1.txz: Upgraded.
l/pango-1.51.2-x86_64-1.txz: Upgraded.
l/python-calver-2022.6.26-x86_64-1.txz: Added.
Needed for python-trove-classifiers. Thanks to lucabon.
n/openvpn-2.6.9-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.1.0098-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Added.
Let's move this here since it's lagging behind the latest Rust.
d/rust-1.70.0-x86_64-3.txz: Rebuilt.
Fixed the installation of rls and added rust-analyzer (the successor to rls)
and rust-demangler. Thanks to Heinz Wiesinger.
l/enchant-2.6.2-x86_64-1.txz: Upgraded.
l/gexiv2-0.14.2-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
l/libsigc++3-3.6.0-x86_64-1.txz: Upgraded.
l/vid.stab-1.1.1-x86_64-1.txz: Upgraded.
x/ibus-m17n-1.4.23-x86_64-1.txz: Upgraded.
testing/packages/rust-1.73.0-x86_64-2.txz: Rebuilt.
Fixed the installation of rls and added rust-analyzer (the successor to rls)
and rust-demangler. Thanks to Heinz Wiesinger.
ap/xorriso-1.5.6.pl01-x86_64-1.txz: Upgraded.
d/rust-1.69.0-x86_64-1.txz: Upgraded.
n/ntp-4.2.8p17-x86_64-2.txz: Rebuilt.
Fixed typo in ntp.conf comments.
Fixed logic in ntp.logrotate to allow proper rotation on systems where ntpd
is not automatically started at boot.
Thanks to allend.
x/xkeyboard-config-2.39-noarch-1.txz: Upgraded.
testing/packages/rust-1.70.0-x86_64-1.txz: Upgraded.
a/glibc-zoneinfo-2023c-noarch-1.txz: Upgraded.
This package provides the latest timezone updates.
ap/inxi-3.3.26_1-noarch-1.txz: Upgraded.
d/rust-1.67.1-x86_64-3.txz: Rebuilt.
Use the bundled LLVM rather than the system LLVM.
x/xorg-server-21.1.8-x86_64-1.txz: Upgraded.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
x/xorg-server-xephyr-21.1.8-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.8-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.8-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-23.1.1-x86_64-1.txz: Upgraded.
[PATCH] composite: Fix use-after-free of the COW.
Fix use-after-free that can lead to local privileges elevation on systems
where the X server is running privileged and remote code execution for ssh
X forwarding sessions.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-March/003374.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-1393
(* Security fix *)
xap/mozilla-thunderbird-102.9.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.9.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2023-12/https://www.cve.org/CVERecord?id=CVE-2023-28427
(* Security fix *)
xfce/garcon-4.18.1-x86_64-1.txz: Upgraded.
xfce/libxfce4ui-4.18.3-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.18.3-x86_64-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.4.6-x86_64-1.txz: Upgraded.
xfce/xfce4-session-4.18.2-x86_64-1.txz: Upgraded.
Hey folks, just some more updates on the road to an eventual beta. :-)
At this point nothing remains linked with openssl-1.1.1 except for python2 and
modules, and vsftpd. I think nobody cares about trying to force python2 to use
openssl3... it's EOL but still a zombie, unfortunately. I have seen some
patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2
and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible
with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2
already out for several revisions, 8.1 does not seem particularly valuable.
If you make use of PHP you should be used to it being a moving target by now.
Enjoy, and let me know if anything isn't working right. Cheers!
a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt.
Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0,
libldap.so.2.0.200, libssh2.so.1.0.1.
a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/kmod-30-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added.
ap/cups-2.4.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/hplip-3.20.5-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/lxc-4.0.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cvs-1.11.23-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/git-2.39.2-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/perl-5.36.0-x86_64-5.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/python3-3.9.16-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/ruby-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/rust-1.66.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/scons-4.5.1-x86_64-1.txz: Upgraded.
kde/falkon-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/SDL2-2.26.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libarchive-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libevent-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libssh2-1.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/mlt-7.14.0-x86_64-1.txz: Upgraded.
l/neon-0.32.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/nodejs-19.7.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/opusfile-0.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pipewire-0.3.66-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pulseaudio-16.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pycurl-7.44.1-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qca-2.3.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
l/serf-1.3.9-x86_64-8.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/alpine-2.26-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/bind-9.18.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/curl-7.88.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/dovecot-2.3.20-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/epic5-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/httpd-2.4.56-x86_64-1.txz: Upgraded.
This update fixes two security issues:
HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.56https://www.cve.org/CVERecord?id=CVE-2023-27522https://www.cve.org/CVERecord?id=CVE-2023-25690
(* Security fix *)
NOTE: This package is compiled against openssl-3.0.8.
n/irssi-1.4.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/krb5-1.20.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lftp-4.9.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/links-2.28-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/mutt-2.2.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/netatalk-3.1.14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/nmap-7.93-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openldap-2.6.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssh-9.2p1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssl-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/openssl11-1.1.1t-x86_64-1.txz: Added.
n/openvpn-2.6.0-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/php-8.2.3-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
n/pidentd-3.0.19-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/popa3d-1.0.3-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/postfix-3.7.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ppp-2.4.9-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/proftpd-1.3.8-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/rsync-3.2.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/s-nail-14.9.24-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/samba-4.18.0-x86_64-1.txz: Upgraded.
Build with the bundled Heimdal instead of the system MIT Kerberos.
Thanks again to rpenny.
n/slrn-1.0.3a-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/snownews-1.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/socat-1.7.4.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/stunnel-5.69-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wget-1.21.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/sane-1.0.32-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
y/bsd-games-2.17-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/php80/php80-8.0.28-x86_64-1.txz: Removed.
extra/php81/php81-8.1.16-x86_64-1.txz: Removed.
extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt.
testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
testing/packages/samba-4.17.5-x86_64-2.txz: Removed.
a/dcron-4.5-x86_64-12.txz: Rebuilt.
Rebase the run-parts script on the latest version from Fedora's crontabs
package. Thanks to avian.
a/elilo-3.16-x86_64-13.txz: Rebuilt.
Patched to disable the Confidential Computing blob for SEV-SNP, which
fixes booting a 5.19 kernel with the EFI stub enabled. If you use elilo,
be sure to either run eliloconfig again or manually copy (and rename) the
proper elilo binary to your EFI System Partition.
Thanks to PiterPunk.
a/sysklogd-2.4.2-x86_64-1.txz: Upgraded.
ap/most-5.2.0-x86_64-1.txz: Upgraded.
d/cmake-3.24.0-x86_64-1.txz: Upgraded.
x/ibus-table-1.16.10-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.5-x86_64-1.txz: Upgraded.
extra/php80/php80-8.0.22-x86_64-1.txz: Upgraded.
a/aaa_libraries-15.1-x86_64-6.txz: Rebuilt.
Upgraded: libcap.so.2.65, libglib-2.0.so.0.7200.3, libgmodule-2.0.so.0.7200.3,
libgobject-2.0.so.0.7200.3, libgthread-2.0.so.0.7200.3, libidn2.so.0.3.8.
Removed: libboost_*.so.1.78.0.
a/kernel-firmware-20220719_4421586-noarch-1.txz: Upgraded.
d/python-setuptools-63.2.0-x86_64-1.txz: Upgraded.
d/rust-1.62.1-x86_64-1.txz: Upgraded.
kde/kio-5.96.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
l/libcap-2.65-x86_64-1.txz: Upgraded.
l/netpbm-10.99.01-x86_64-1.txz: Upgraded.
l/pipewire-0.3.56-x86_64-1.txz: Upgraded.
l/qt5-5.15.5_20220705_ea4efc06-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/alpine-2.26-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/bind-9.18.5-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
n/curl-7.84.0-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/fetchmail-6.4.31-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/krb5-1.19.3-x86_64-2.txz: Rebuilt.
Since Samba still won't link against krb5-1.20, I think it's best to drop
back to this version until it does. Perhaps it would be better to just use
the internal Heimdal libraries instead, but I don't really know if that has
all the same functionality or not. Hints welcome if you'd like to drop them
in the "regression on -current with samba (new krb5)" thread.
Also, just to be 100% sure the krb5 revert doesn't cause any ABI issues,
we'll recompile everything that we've linked to krb5 while krb5-1.20 was
in -current.
Thanks to nobodino.
n/php-7.4.30-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
n/samba-4.16.3-x86_64-1.txz: Upgraded.
Compiled against krb5-1.19.3.
xap/gnuplot-5.4.4-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-102.0.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.0.3/releasenotes/
extra/php80/php80-8.0.21-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
extra/php81/php81-8.1.8-x86_64-2.txz: Rebuilt.
Recompiled against krb5-1.19.3.
a/hwdata-0.361-noarch-1.txz: Upgraded.
a/kernel-firmware-20220705_f5f02da-noarch-1.txz: Upgraded.
a/kmod-30-x86_64-1.txz: Upgraded.
a/mcelog-184-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1q-x86_64-1.txz: Upgraded.
ap/vim-9.0.0041-x86_64-1.txz: Upgraded.
d/llvm-14.0.6-x86_64-2.txz: Rebuilt.
Shared library .so-version bump.
We gave the DYLIB options a try and the resulting compilers are unable to
compile Firefox or Thunderbird, so we're back to using BUILD_SHARED_LIBS
(which works fine). I'm in no real hurry to revisit this, but I'll look at
any hints you might have for me if you post them on LQ.
d/meson-0.63.0-x86_64-1.txz: Upgraded.
d/rust-1.62.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_40-x86_64-1.txz: Upgraded.
l/isl-0.25-x86_64-1.txz: Upgraded.
l/libdmtx-0.7.7-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.30-x86_64-1.txz: Upgraded.
l/libmtp-1.1.20-x86_64-1.txz: Upgraded.
l/libvpx-1.12.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.53-x86_64-1.txz: Upgraded.
l/poppler-22.07.0-x86_64-1.txz: Upgraded.
l/spirv-llvm-translator-14.0.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-14.0.6-2.
n/openssl-1.1.1q-x86_64-1.txz: Upgraded.
This update fixes security issues:
Heap memory corruption with RSA private key operation.
AES OCB fails to encrypt some bytes.
For more information, see:
https://www.openssl.org/news/secadv/20220705.txthttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2274https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2097
(* Security fix *)
n/wget2-2.0.1-x86_64-1.txz: Upgraded.
x/libva-2.15.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.15.0-x86_64-1.txz: Upgraded.
x/mesa-21.3.8-x86_64-3.txz: Rebuilt.
Recompiled against llvm-14.0.6-2.
xap/mozilla-firefox-102.0.1-x86_64-1.txz: Upgraded.
This update contains security fixes (possibly) and improvements.
At this time, the link below only says "We're still preparing the notes for
this release, and will post them here when they are ready. Please check back
later."
For more information, see:
https://www.mozilla.org/en-US/firefox/102.0.1/releasenotes/
(* Security fix *)
xap/vim-gvim-9.0.0041-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.60.0-x86_64-1.txz: Upgraded.
ap/inxi-3.3.13_1-noarch-1.txz: Upgraded.
d/parallel-20220222-noarch-1.txz: Upgraded.
d/patchelf-0.14.5-x86_64-1.txz: Upgraded.
d/rust-1.59.0-x86_64-1.txz: Upgraded.
n/cyrus-sasl-2.1.28-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407
(* Security fix *)
n/nftables-1.0.2-x86_64-1.txz: Upgraded.
n/nghttp2-1.47.0-x86_64-1.txz: Upgraded.
n/openssh-8.9p1-x86_64-1.txz: Upgraded.
n/whois-5.5.12-x86_64-1.txz: Upgraded.
x/mesa-21.3.7-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-22.0.0-x86_64-1.txz: Upgraded.
xap/freerdp-2.6.0-x86_64-1.txz: Upgraded.
xap/gftp-2.9.1b-x86_64-1.txz: Upgraded.
extra/xv/xv-3.10a-x86_64-10.txz: Rebuilt.
Drop JasPer support until xv can be ported to the new JasPer library (or
preferably to openjpeg).
a/aaa_libraries-15.0-x86_64-18.txz: Rebuilt.
Rebuilt to pick up the patched libexpat.so.1.8.3.
a/kernel-generic-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.17-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.17-x86_64-1.txz: Upgraded.
a/lzlib-1.13-x86_64-1.txz: Upgraded.
a/sysvinit-scripts-15.0-noarch-8.txz: Rebuilt.
rc.S: clear /var/lock/subsys before starting libcgroup services.
Thanks to pyllyukko.
ap/pamixer-1.5-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
d/kernel-headers-5.15.17-x86-1.txz: Upgraded.
k/kernel-source-5.15.17-noarch-1.txz: Upgraded.
kde/kig-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/kopeninghours-21.12.1-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
kde/krita-5.0.2-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/boost-1.78.0-x86_64-1.txz: Upgraded.
I hadn't planned to update this at such a late stage, but POV-Ray needs it
and everything we ship builds fine against it. Thanks to bender647.
Shared library .so-version bump.
l/cryfs-0.10.3-x86_64-4.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/expat-2.4.3-x86_64-3.txz: Rebuilt.
Prevent integer overflow in doProlog.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
(* Security fix *)
l/netpbm-10.97.03-x86_64-1.txz: Upgraded.
l/openexr-2.5.7-x86_64-5.txz: Rebuilt.
Recompiled against boost-1.78.0.
l/pipewire-0.3.44-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.27-x86_64-1.txz: Upgraded.
n/libgpg-error-1.44-x86_64-1.txz: Upgraded.
x/mesa-21.3.5-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.5.1esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.5.1/releasenotes/
(* Security fix *)
extra/rust-for-mozilla/rust-1.54.0-x86_64-4.txz: Rebuilt.
Removed duplicated libLLVM shared library.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_base-15.0-x86_64-3.txz: Rebuilt.
In initial email to root, use the new /var/lib/pkgtools/ paths to the files
for packages and scripts. Thanks to franzen.
a/btrfs-progs-5.16-x86_64-1.txz: Upgraded.
d/python3-3.9.10-x86_64-1.txz: Upgraded.
d/rust-1.58.0-x86_64-1.txz: Upgraded.
kde/digikam-7.5.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.90.0-x86_64-2.txz: Rebuilt.
Applied patch:
[PATCH] Prevent kglobalaccel5 getting activated on non-Plasma systems.
Although this patch was later reverted, I'm on board with the need for it.
If it causes any problems, please let me know soon.
Thanks to Lockywolf.
kde/kid3-3.9.1-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.6.0-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-10.txz: Rebuilt.
Allow the init program to properly supervise sddm when entering runlevel 4.
Thanks to mumahendras3.
l/neon-0.32.2-x86_64-1.txz: Upgraded.
l/netpbm-10.97.02-x86_64-1.txz: Upgraded.
n/postfix-3.6.4-x86_64-1.txz: Upgraded.
x/mesa-21.3.4-x86_64-1.txz: Upgraded.
x/xterm-370-x86_64-2.txz: Rebuilt.
Use upstream app-defaults again. Thanks to OldHolborn.
a/dialog-1.3_20211214-x86_64-1.txz: Upgraded.
a/kernel-generic-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.8-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.8-x86_64-1.txz: Upgraded.
a/sysvinit-3.01-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.8-x86-1.txz: Upgraded.
d/patchelf-0.14.3-x86_64-1.txz: Upgraded.
k/kernel-source-5.15.8-noarch-1.txz: Upgraded.
l/oniguruma-6.9.7.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.41-x86_64-1.txz: Upgraded.
x/libinput-1.19.3-x86_64-1.txz: Upgraded.
x/xorg-server-1.20.13-x86_64-2.txz: Rebuilt.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
x/xorg-server-xephyr-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xnest-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xvfb-1.20.13-x86_64-2.txz: Rebuilt.
x/xorg-server-xwayland-21.1.4-x86_64-1.txz: Upgraded.
Fixes for multiple input validation failures in X server extensions:
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
record: Fix out of bounds access in SwapCreateRegister()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011
(* Security fix *)
xap/xsnow-3.4.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/lvm2-2.03.13-x86_64-1.txz: Upgraded.
Reverted to working version.
d/rust-1.56.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.39-x86_64-1.txz: Upgraded.
n/krb5-1.19.2-x86_64-2.txz: Rebuilt.
[PATCH] Fix KDC null deref on TGS inner body null server.
This fixes an issue where an authenticated attacker can cause a denial of
service in the KDC by sending a FAST TGS request with no server field.
Thanks to nobodino.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750
(* Security fix *)
x/ibus-m17n-1.4.8-x86_64-1.txz: Upgraded.
x/libinput-1.19.2-x86_64-1.txz: Upgraded.
xap/freerdp-2.4.1-x86_64-1.txz: Upgraded.
This update fixes two security issues:
Improper client input validation for gateway connections allows to overwrite
memory.
Improper region checks in all clients allow out of bound write to memory.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41159https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
(* Security fix *)
xap/gftp-2.7.1b-x86_64-1.txz: Upgraded.
extra/php8/php8-8.0.12-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: PHP-FPM oob R/W in root process leading to privilege escalation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21703
(* Security fix *)
ap/htop-3.1.1-x86_64-1.txz: Upgraded.
d/automake-1.16.2-noarch-4.txz: Rebuilt.
The GNU toolchain is making it increasingly impossible to use our usual
"${ARCH}-slackware-linux" host, erroring out with a host mismatch on at
least GTK+2. So, we'll drop back to this version of automake for now,
with a fix applied for detecting Python 3.10. More than likely we'll be
changing the host to "${ARCH}-slackware-linux-gnu" to satisfy upstream,
but that will have to wait for the next devel cycle.
d/llvm-13.0.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/rust-1.55.0-x86_64-2.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/kdevelop-5.6.2-x86_64-6.txz: Rebuilt.
Recompiled against llvm-13.0.0.
kde/plasma-workspace-5.23.0-x86_64-2.txz: Rebuilt.
Applied upstream patch:
[PATCH] sddm-theme: fix missing password field on "Other" page.
Thanks to USUARIONUEVO and LuckyCyborg.
l/libclc-13.0.0-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
l/python-pillow-8.4.0-x86_64-1.txz: Upgraded.
l/qt5-5.15.3_20211013_5c7c3af5-x86_64-1.txz: Upgraded.
Upgraded to latest git (might as well) and compiled against llvm-13.0.0.
l/spirv-llvm-translator-20210920_098034ea-x86_64-1.txz: Upgraded.
Recompiled against llvm-13.0.0.
x/mesa-21.2.4-x86_64-1.txz: Upgraded.
Compiled against llvm-13.0.0.
xap/pidgin-2.14.8-x86_64-1.txz: Upgraded.
a/btrfs-progs-5.11.1-x86_64-1.txz: Upgraded.
a/dialog-1.3_20210324-x86_64-1.txz: Upgraded.
a/kernel-generic-5.10.26-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.26-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.26-x86_64-1.txz: Upgraded.
a/openssl-solibs-1.1.1k-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.26-x86-1.txz: Upgraded.
d/rust-1.51.0-x86_64-1.txz: Upgraded.
e/emacs-27.2-x86_64-1.txz: Upgraded.
k/kernel-source-5.10.26-noarch-1.txz: Upgraded.
-ADI_AXI_ADC m
AD9467 m -> n
FONT_TER16x32 n -> y
n/openssl-1.1.1k-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fixed a problem with verifying a certificate chain when using the
X509_V_FLAG_X509_STRICT flag.
Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3450https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449
(* Security fix *)
n/samba-4.14.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
Heap corruption via crafted DN strings.
Out of bounds read in AD DC LDAP server.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27840https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20277
(* Security fix *)
x/mesa-21.0.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-5.11.x/kernel-generic-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-headers-5.11.10-x86-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-huge-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-modules-5.11.10-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-source-5.11.10-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20210315_3568f96-noarch-1.txz: Upgraded.
ap/sudo-1.9.6-x86_64-1.txz: Upgraded.
d/cmake-3.19.7-x86_64-1.txz: Upgraded.
d/python-setuptools-54.1.2-x86_64-1.txz: Upgraded.
d/rust-1.50.0-x86_64-1.txz: Upgraded.
l/libcap-2.49-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.4-x86_64-1.txz: Upgraded.
l/qt5-5.15.2-x86_64-6.txz: Rebuilt.
Rebuilt with -proprietary-codecs and -webengine-proprietary-codecs. When
combined with -webengine-ffmpeg (use system ffmpeg), this doesn't actually
build any proprietary codecs, but allows them to be used if they happen to
be built into the system ffmpeg. Thanks to alienBOB.
xap/mozilla-firefox-86.0.1-x86_64-1.txz: Upgraded.
When we first moved Slackware to the Firefox ESR channel, the motivation
was to keep Firefox secure while delaying a requirement for Rust at build
time. Of course, eventually that ESR version reached EOL and we had to
introduce Rust into Slackware 14.2 in order to continue providing updates.
Eventually that also ran into roadblocks as Firefox required first newer
C/C++ compilers, and then finally a newer libstdc++. To continue, we'd
have had to bump GCC to a much newer version, making other maintenance
difficult or impossible. At this point, the latest Firefox has no additional
dependencies beyond those of the ESR version, and it's unlikely that it
will be any more difficult to keep it maintained. I think we all want the
Slackware 15.0 release to be as good as possible, and most users will be
better served if we resume following the latest desktop releases.
Thanks to LuckyCyborg who can always be counted on to give me a friendly
kick in the rear end. :-) Thanks also to ponce for the updated gkrust patch.
d/rust-1.49.0-x86_64-1.txz: Upgraded.
Until we can figure out why audio crashes if we compile Firefox using
rust-1.50.0, it's probably better to stick with this version.
xap/mozilla-firefox-78.8.0esr-x86_64-3.txz: Rebuilt.
Recompiled with rust-1.49.0 to prevent crashing on any tab with audio.
xap/mozilla-firefox-78.7.1esr-x86_64-1.txz: Upgraded.
It looks like rebuilding Firefox with Rust 1.50.0 causes it to crash on
HTML5 streams, so let's drop back to this build. 78.8.0 is coming soon
and hopefully it'll fix this.
d/rust-1.47.0-x86_64-2.txz: Rebuilt.
Switch back to Rust 1.47.0 now that patches are available to fix Firefox
and Thunderbird.
xap/mozilla-thunderbird-78.4.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.4.1/releasenotes/