a/aaa_glibc-solibs-2.40-x86_64-5.txz: Rebuilt.
a/kernel-firmware-20240828_335a1de-noarch-1.txz: Upgraded.
a/kernel-generic-6.10.7-x86_64-1.txz: Upgraded.
a/kernel-huge-6.10.7-x86_64-1.txz: Upgraded.
a/kernel-modules-6.10.7-x86_64-1.txz: Upgraded.
a/userspace-rcu-0.14.1-x86_64-1.txz: Upgraded.
ap/man-db-2.13.0-x86_64-1.txz: Upgraded.
ap/screen-5.0.0-x86_64-1.txz: Upgraded.
ap/vim-9.1.0702-x86_64-1.txz: Upgraded.
d/cmake-3.30.3-x86_64-1.txz: Upgraded.
d/gcc-14.2.0-x86_64-2.txz: Rebuilt.
Merge in parts of alienBOB's multilib build script, generalize the script
to work with both --enable-multilib and --disable-multilib, and otherwise
clean things up. Go ahead and build it multilib on 64-bit, because why not?
It's worth the bit of bloat to no longer have this package need to be
maintained separately and kept in sync. Thanks to alienBOB.
d/gcc-g++-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-gdc-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-gfortran-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-gm2-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-gnat-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-go-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-14.2.0-x86_64-2.txz: Rebuilt.
d/gcc-rust-14.2.0-x86_64-2.txz: Rebuilt.
d/kernel-headers-6.10.7-x86-1.txz: Upgraded.
d/python-setuptools-73.0.1-x86_64-1.txz: Rebuilt.
Reverted due to regression: breaks g-ir-scanner
k/kernel-source-6.10.7-noarch-1.txz: Upgraded.
l/glibc-2.40-x86_64-5.txz: Rebuilt.
Enable multilib on 64-bit. Thanks to alienBOB.
Note that Slackware 64-bit can now run a 32-bit "Hello World!" but there
are no immediate plans to add additional multilib support by default.
Maybe down the road when bare metal 32-bit support goes away.
l/glibc-i18n-2.40-x86_64-5.txz: Rebuilt.
l/glibc-profile-2.40-x86_64-5.txz: Rebuilt.
l/gtk4-4.15.6-x86_64-1.txz: Upgraded.
l/libssh-0.11.1-x86_64-1.txz: Upgraded.
l/protobuf-28.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/python-certifi-2024.8.30-x86_64-1.txz: Upgraded.
l/qt6-6.7.2_20240610_3f005f1e-x86_64-6.txz: Rebuilt.
Recompiled against protobuf-28.0.
n/ca-certificates-20240830-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
n/mosh-1.4.0-x86_64-4.txz: Rebuilt.
Recompiled against protobuf-28.0.
n/php-8.3.11-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.3.11
x/mesa-24.2.1-x86_64-1.txz: Upgraded.
Thanks to lucabon for the rust-bindgen patch.
xap/vim-gvim-9.1.0702-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/python-setuptools-73.0.1-x86_64-1.txz: Upgraded.
d/rust-bindgen-0.70.1-x86_64-1.txz: Upgraded.
n/ModemManager-1.22.0-x86_64-1.txz: Upgraded.
n/dhcpcd-10.0.10-x86_64-1.txz: Upgraded.
n/epic5-2.4-x86_64-1.txz: Upgraded.
n/libqmi-1.34.0-x86_64-2.txz: Rebuilt.
Build against libqrtr-glib with -Dqrtr=true.
n/libqrtr-glib-1.2.2-x86_64-1.txz: Added.
ModemManager-1.22.0 needs libqmi to be linked with this.
x/xorg-server-21.1.13-x86_64-3.txz: Rebuilt.
Patched changing a type from unsigned long to unsigned long long which fixes
the black screen seen on 32-bit with the modesetting driver. Seems fine on
64-bit as well, so the patch is applied for all builds. The patch to default
to modesetting for Intel graphics is restored (and the one for nouveau is kept
as well).
Thanks to Lenard Spencer for reporting that nouveau was also hitting this.
Thanks to Petri Kaukasoina for the patch.
x/xorg-server-xephyr-21.1.13-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-21.1.13-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-21.1.13-x86_64-3.txz: Rebuilt.
a/eudev-3.2.14-x86_64-2.txz: Rebuilt.
Add a few more modules to /lib/modprobe.d/watchdog.conf.
a/kmod-33-x86_64-1.txz: Upgraded.
ap/sc-im-0.8.4-x86_64-1.txz: Upgraded.
ap/scdoc-1.11.3-x86_64-1.txz: Added.
This is needed to build kmod-33.
d/luajit-2.1.1723675123-x86_64-1.txz: Upgraded.
d/rust-bindgen-0.70.0-x86_64-1.txz: Upgraded.
l/librsvg-2.58.3-x86_64-1.txz: Upgraded.
x/mesa-24.2.0-x86_64-2.txz: Rebuilt.
Updated the subprojects and recompiled.
a/kernel-generic-6.10.5-x86_64-1.txz: Upgraded.
a/kernel-huge-6.10.5-x86_64-1.txz: Upgraded.
a/kernel-modules-6.10.5-x86_64-1.txz: Upgraded.
d/kernel-headers-6.10.5-x86-1.txz: Upgraded.
d/python-setuptools-72.2.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.10.5-noarch-1.txz: Upgraded.
kde/okteta-0.26.16-x86_64-1.txz: Upgraded.
n/dovecot-2.3.21.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
A large number of address headers in email resulted in excessive CPU usage.
Abnormally large email headers are now truncated or discarded, with a limit
of 10MB on a single header and 50MB for all the headers of all the parts of
an email.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-23184https://www.cve.org/CVERecord?id=CVE-2024-23185
(* Security fix *)
n/lynx-2.9.2-x86_64-1.txz: Upgraded.
x/mesa-24.2.0-x86_64-1.txz: Upgraded.
xfce/xfce4-notifyd-0.9.5-x86_64-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.14.0-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-7.0.2.
Thanks to Petri Kaukasoina.
extra/xv/xv-6.0.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Enjoy your shiny new vmlinuz-6.9.11-generic!
Thanks again to LuckyCyborg for teaching me about the path of least resistance.
a/grub-2.12-x86_64-14.txz: Rebuilt.
Don't mention 09_slackware_linux in the /etc/default/grub comments.
a/kernel-generic-6.9.11-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.11-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.11-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-35.txz: Rebuilt.
d/kernel-headers-6.9.11-x86-1.txz: Upgraded.
d/rust-1.80.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.11-noarch-1.txz: Upgraded.
l/xapian-core-1.4.26-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20240718_058deb9-noarch-1.txz: Upgraded.
a/kernel-generic-6.9.10-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.10-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.10-x86_64-1.txz: Upgraded.
d/cmake-3.30.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.9.10-x86-1.txz: Upgraded.
d/python-setuptools-71.0.3-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.10-noarch-1.txz: Upgraded.
kde/labplot-2.11.1-x86_64-1.txz: Upgraded.
l/python-sphinx-7.4.6-x86_64-1.txz: Upgraded.
l/sof-firmware-2024.06-noarch-1.txz: Upgraded.
n/httpd-2.4.62-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
The first CVE is for Windows, but the second one is an additional fix for
the source code disclosure regression when using AddType.
Users are recommended to upgrade to version 2.4.62 which fixes this issue.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.62https://www.cve.org/CVERecord?id=CVE-2024-40898https://www.cve.org/CVERecord?id=CVE-2024-40725
(* Security fix *)
n/openvpn-2.6.12-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Thanks for the Slackiversary wishes!
a/bcachefs-tools-1.9.4-x86_64-1.txz: Upgraded.
a/sysklogd-2.6.0-x86_64-1.txz: Upgraded.
l/dbus-python-1.3.2-x86_64-3.txz: Rebuilt.
Build with meson, which fixes pulseaudio's qpaeq.
Thanks to gmgf and USUARIONUEVO.
l/nodejs-20.15.1-x86_64-2.txz: Rebuilt.
Recompiled using --shared-nghttp3.
l/python-sphinx-7.4.4-x86_64-1.txz: Upgraded.
n/c-ares-1.32.2-x86_64-1.txz: Upgraded.
n/curl-8.8.0-x86_64-2.txz: Rebuilt.
Recompiled using --with-nghttp2=/usr and --with-nghttp3=/usr.
n/libnftnl-1.2.7-x86_64-1.txz: Upgraded.
n/nghttp3-1.4.0-x86_64-1.txz: Added.
Thanks to pbslxw and Lockywolf.
n/ntp-4.2.8p18-x86_64-5.txz: Rebuilt.
This is a bugfix release to fix a regression in ntp-4.2.8p18:
If the IPv6 link-local interface was not ready for binding on the first
attempt, ntpd would segfault in update_interfaces().
Thanks to Jonathan Woithe for the bug report and fix.
a/btrfs-progs-6.9.2-x86_64-1.txz: Upgraded.
a/grub-2.12-x86_64-10.txz: Rebuilt.
Fix initrd path when including microcode.
Hopefully we're about out of corner cases now.
Thanks to kaott, with honorable mention to gwhl.
a/kernel-firmware-20240622_cea56a5-noarch-1.txz: Upgraded.
a/kernel-generic-6.9.7-x86_64-1.txz: Upgraded.
a/kernel-huge-6.9.7-x86_64-1.txz: Upgraded.
a/kernel-modules-6.9.7-x86_64-1.txz: Upgraded.
ap/lxc-6.0.1-x86_64-1.txz: Upgraded.
Add a few more packages to the lxc-slackware.in template:
ca-certificates, glibc-zoneinfo, libksba, openssl, perl.
Thanks to Ricardson Williams.
d/kernel-headers-6.9.7-x86-1.txz: Upgraded.
d/python-pip-24.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.7-noarch-1.txz: Upgraded.
kde/krita-5.2.3-x86_64-1.txz: Upgraded.
l/harfbuzz-9.0.0-x86_64-1.txz: Upgraded.
l/pipewire-1.2.0-x86_64-1.txz: Upgraded.
n/krb5-1.21.3-x86_64-1.txz: Upgraded.
This update fixes security issues:
Fix vulnerabilities in GSS message token handling.
Fix a potential bad pointer free in krb5_cccol_have_contents().
Fix a memory leak in the macOS ccache type.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-37370https://www.cve.org/CVERecord?id=CVE-2024-37371
(* Security fix *)
x/libinput-1.26.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/less-656-x86_64-1.txz: Upgraded.
d/luajit-2.1.1716656478-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Thanks to Stuart Winter.
kde/digikam-8.3.0-x86_64-3.txz: Rebuilt.
Recompiled against opencv-4.10.0.
kde/plasma-workspace-5.27.11-x86_64-2.txz: Rebuilt.
Reverted to working version, even though this is never a fix. ;-)
l/Mako-1.3.5-x86_64-1.txz: Upgraded.
l/frei0r-plugins-2.3.2-x86_64-3.txz: Rebuilt.
Recompiled against opencv-4.10.0.
l/gst-plugins-bad-free-1.24.4-x86_64-2.txz: Rebuilt.
Recompiled against opencv-4.10.0.
l/opencv-4.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/python-certifi-2024.6.2-x86_64-1.txz: Upgraded.
l/vte-0.76.3-x86_64-1.txz: Upgraded.
l/wireplumber-0.5.3-x86_64-1.txz: Upgraded.
x/libdrm-2.4.121-x86_64-1.txz: Upgraded.
d/luajit-2.0.1716656478-x86_64-1.txz: Added.
Thanks to Erik Falor.
n/proftpd-1.3.8b-x86_64-4.txz: Rebuilt.
Build with mod_wrap2 and mod_wrap2_file instead of mod_wrap, which has
problems with ipv6. Thanks to jayjwa.
xap/mpv-0.38.0-x86_64-2.txz: Rebuilt.
[PATCH 1/4] av_common: parent mp_get_lavf_demuxer contents to the list.
[PATCH 2/4] stream: implement get_protocols method for stream_lavf.
[PATCH 3/4] build: dynamically generate mpv.desktop file protocols.
[PATCH 4/4] stream_lavf: don't add ffmpeg bluray or dvd protocols.
Thanks to gmgf.
Build against luajit. Thanks to pm_a_cup_of_tea.
a/hwdata-0.383-noarch-1.txz: Upgraded.
a/pciutils-3.13.0-x86_64-1.txz: Upgraded.
d/ccache-4.10-x86_64-1.txz: Upgraded.
d/meson-1.4.1-x86_64-1.txz: Upgraded.
d/ruby-3.3.2-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.11.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.11.1-x86_64-1.txz: Upgraded.
kde/tokodon-23.08.5-x86_64-1.txz: Added.
l/libvpx-1.14.1-x86_64-1.txz: Upgraded.
l/python-requests-2.32.3-x86_64-1.txz: Upgraded.
n/NetworkManager-1.48.0-x86_64-1.txz: Upgraded.
n/getmail-6.19.00-x86_64-1.txz: Upgraded.
x/libevdev-1.13.2-x86_64-1.txz: Upgraded.
x/wayland-1.23.0-x86_64-1.txz: Upgraded.
xap/gnuplot-6.0.1-x86_64-1.txz: Upgraded.
xap/mpv-0.38.0-x86_64-1.txz: Added.
Evidently we need one more media player. ;-)
Thanks to John Vogel Corning, Andreas Guldstrand, and Christoph Willing.
a/sysvinit-scripts-15.1-noarch-17.txz: Rebuilt.
rc.S: enable swapping on a ZRAM device, configurable in /etc/default/zram.
rc.S, rc.6: Don't use mount -n option.
l/adwaita-icon-theme-46.2-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-legacy-20240517_7642b10-noarch-1.txz: Added.
Thanks to reddog83.
l/enchant-2.8.0-x86_64-1.txz: Upgraded.
l/ffmpeg-6.1.1-x86_64-3.txz: Rebuilt.
Patched to fix AV1 VA-API dropping frames. Thanks to fulalas.
l/python-zipp-3.19.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-126.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/126.0.1/releasenotes/
isolinux/initrd.img: Rebuilt.
Add /sbin/zramctl.
rc.S: Set up some swap on a ZRAM device.
SeTpartitions: Support installing to bcachefs filesystems.
SeTpartitions: quit offering reiserfs which will be gone in Linux 6.10.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Add /sbin/zramctl.
rc.S: Set up some swap on a ZRAM device.
SeTpartitions: Support installing to bcachefs filesystems.
SeTpartitions: quit offering reiserfs which will be gone in Linux 6.10.
ap/sqlite-3.46.0-x86_64-1.txz: Upgraded.
l/gvfs-1.54.1-x86_64-1.txz: Upgraded.
l/python-requests-2.32.2-x86_64-1.txz: Upgraded.
n/c-ares-1.29.0-x86_64-1.txz: Upgraded.
n/dhcpcd-10.0.8-x86_64-1.txz: Upgraded.
n/wsdd2-1.8.7-x86_64-1.txz: Added.
Needed by Samba to enable share discovery.
Thanks to mistfire and Tim Dickson.
a/bcachefs-tools-1.7.0-x86_64-1.txz: Added.
a/kernel-generic-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-huge-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-modules-6.9.0-x86_64-2.txz: Upgraded.
d/git-2.45.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002https://www.cve.org/CVERecord?id=CVE-2024-32004https://www.cve.org/CVERecord?id=CVE-2024-32020https://www.cve.org/CVERecord?id=CVE-2024-32021https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
d/kernel-headers-6.9.0-x86-2.txz: Upgraded.
d/strace-6.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.0-noarch-2.txz: Upgraded.
BCACHEFS_FS m -> y
CRYPTO_CHACHA20 m -> y
CRYPTO_LIB_CHACHA_GENERIC m -> y
CRYPTO_LIB_POLY1305_GENERIC m -> y
CRYPTO_POLY1305 m -> y
MITIGATION_GDS_FORCE y -> n
kde/wcslib-8.3-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.12-x86_64-1.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
l/gtk+3-3.24.42-x86_64-1.txz: Upgraded.
n/bind-9.18.27-x86_64-1.txz: Upgraded.
This is a bugfix release.
n/popa3d-1.0.3-x86_64-8.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
x/xorg-server-xwayland-23.2.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/mercurial-6.7.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_32-x86_64-2.txz: Rebuilt.
Add INSTALL_BASE= to --with-perl-options= to fix perl modules installation
not honoring $LIBDIRSUFFIX since 7.1.1-30. Thanks to HQuest.
l/libqalculate-5.1.1-x86_64-1.txz: Upgraded.
l/nodejs-20.13.0-x86_64-1.txz: Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz: Removed.
No longer needed with the upgrade to python-setuptools_scm-8.1.0.
Thanks to audriusk for the reminder.
x/anthy-unicode-1.0.0.20240502-x86_64-1.txz: Upgraded.
a/kernel-firmware-20240426_fc21f47-noarch-1.txz: Upgraded.
ap/cups-2.4.7-x86_64-3.txz: Rebuilt.
Rebuild using --with-rundir=/run/cups.
ap/cups-browsed-2.0.0-x86_64-1.txz: Added.
This is the CUPS/IPP print queue browser daemon, previously part of the
cups-filters package.
ap/cups-filters-2.0.0-x86_64-1.txz: Upgraded.
l/libarchive-3.7.4-x86_64-1.txz: Upgraded.
l/libcupsfilters-2.0.0-x86_64-1.txz: Added.
This is required by cups-filters-2.0.0.
l/libppd-2.0.0-x86_64-1.txz: Added.
This is required by cups-filters-2.0.0.
l/libproxy-0.5.6-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.36-noarch-1.txz: Upgraded.
xap/mozilla-firefox-125.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-125.0-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Removed.
l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded.
Revert to the previous ImageMagick because the latest one is destroying SVG
files if "identify" or "display" is used on them.
Thanks to pc2005.
a/etc-15.1-x86_64-10.txz: Rebuilt.
Added nut user (218) and nut group (218).
a/genpower-1.0.5-x86_64-5.txz: Removed.
a/nut-2.8.2-x86_64-1.txz: Added.
This is a package to support uninterruptible power supplies, and replaces
the obsolete genpower package.
Thanks to V'yacheslav Stetskevych for the original SBo script.
a/sysvinit-scripts-15.1-noarch-16.txz: Rebuilt.
rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and
rc.nut-upsmon. Remove the genpower block.
rc.6: support stopping the UPS inverter on the way down if we see
/etc/killpower. Remove the genpower block.
a/tcsh-6.24.12-x86_64-1.txz: Upgraded.
ap/man-db-2.12.1-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.6-x86_64-1.txz: Upgraded.
ap/vim-9.1.0265-x86_64-1.txz: Upgraded.
d/cargo-vendor-filterer-0.5.14-x86_64-1.txz: Upgraded.
d/nasm-2.16.02-x86_64-1.txz: Upgraded.
l/libproxy-0.5.5-x86_64-1.txz: Upgraded.
l/python-hatchling-1.22.5-x86_64-1.txz: Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz: Upgraded.
x/xdm-1.1.16-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.1.0265-x86_64-1.txz: Upgraded.
extra/bash-completion/bash-completion-2.13.0-noarch-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz: Rebuilt.
Recompiled against xorg-server-21.1.12 to fix security issues:
Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
Use-after-free in ProcRenderAddGlyphs.
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-April/003497.htmlhttps://www.cve.org/CVERecord?id=CVE-2024-31080https://www.cve.org/CVERecord?id=CVE-2024-31081https://www.cve.org/CVERecord?id=CVE-2024-31082https://www.cve.org/CVERecord?id=CVE-2024-31083
(* Security fix *)
a/hwdata-0.381-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded.
d/cmake-3.29.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.25-x86-1.txz: Upgraded.
d/llvm-18.1.3-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.25-noarch-1.txz: Upgraded.
kde/kstars-3.7.0-x86_64-1.txz: Upgraded.
l/enchant-2.6.9-x86_64-1.txz: Upgraded.
l/libclc-18.1.3-x86_64-1.txz: Upgraded.
l/sof-firmware-2024.03-noarch-1.txz: Upgraded.
n/gnutls-3.8.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.59-x86_64-1.txz: Upgraded.
This update fixes security issues:
HTTP/2 DoS by memory exhaustion on endless continuation frames.
HTTP Response Splitting in multiple modules.
HTTP response splitting.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.59https://www.cve.org/CVERecord?id=CVE-2024-27316https://www.cve.org/CVERecord?id=CVE-2024-24795https://www.cve.org/CVERecord?id=CVE-2023-38709
(* Security fix *)
n/nghttp2-1.61.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
frames even after a stream is reset to keep HPACK context in sync. This
causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
this vulnerability by limiting the number of CONTINUATION frames it can
accept after a HEADERS frame.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57qhttps://www.kb.cert.org/vuls/id/421644https://www.cve.org/CVERecord?id=CVE-2024-28182
(* Security fix *)
x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.24-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.24-x86-1.txz: Upgraded.
d/python3-3.11.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.24-noarch-1.txz: Upgraded.
-AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
-GCC11_NO_ARRAY_BOUNDS y
NUMA_BALANCING n -> y
+GCC10_NO_ARRAY_BOUNDS y
+NUMA_BALANCING_DEFAULT_ENABLED y
kde/libindi-2.0.7-x86_64-1.txz: Upgraded.
l/SDL2-2.30.2-x86_64-1.txz: Upgraded.
l/aom-3.8.2-x86_64-1.txz: Added.
Needed to add AV1 encode/decode support to ffmpeg.
Thanks to Andrew Strong.
l/dav1d-1.4.1-x86_64-1.txz: Added.
Needed to add AV1 decode support to ffmpeg.
l/ffmpeg-6.1.1-x86_64-2.txz: Rebuilt.
Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
Thanks to glennmcc.
l/gtk4-4.14.2-x86_64-1.txz: Upgraded.
n/whois-5.5.22-x86_64-1.txz: Upgraded.
Fixed a segmentation fault with --no-recursion.
Updated the .bm and .vi TLD servers.
Removed 4 new gTLDs which are no longer active.
xap/MPlayer-20240403-x86_64-1.txz: Upgraded.
Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
Thanks to glennmcc.
xap/pan-0.157-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/xz-5.6.1-x86_64-3.txz: Rebuilt.
[PATCH] CMake: Fix sabotaged Landlock sandbox check.
We don't build with CMake (yet), but it doesn't hurt to apply this.
d/mercurial-6.7.2-x86_64-1.txz: Upgraded.
l/boost-1.84.0-x86_64-3.txz: Rebuilt.
Recompiled against python-3.11.8. Thanks to rinza.
l/python-pycparser-2.22-x86_64-1.txz: Upgraded.
l/python-pytz-2024.1-x86_64-2.txz: Removed.
No longer needed with python-3.11. Thanks to audriusk.
l/python-tomli-2.0.1-x86_64-2.txz: Removed.
No longer needed with python-3.11. Thanks to TommyC7 and audriusk.
n/c-ares-1.28.0-x86_64-1.txz: Upgraded.
xap/xsnow-3.7.9-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.6-x86_64-4.txz: Rebuilt.
Don't install anything under /usr/local. Thanks to reddog83.
ap/vim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz: Added.
Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz: Upgraded.
l/libdeflate-1.20-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz: Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-2.txz: Rebuilt.
Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz: Rebuilt.
It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/https://www.mozilla.org/security/advisories/mfsa2024-16/https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
d/mercurial-6.7.1-x86_64-1.txz: Upgraded.
d/rust-1.77.0-x86_64-1.txz: Upgraded.
l/cairomm1-1.18.0-x86_64-1.txz: Added.
Thanks to jloco.
l/glibmm2-2.78.1-x86_64-1.txz: Added.
Thanks to jloco.
l/gtkmm4-4.12.0-x86_64-1.txz: Added.
Thanks to jloco.
l/libclc-18.1.2-x86_64-1.txz: Upgraded.
l/pangomm-2.46.4-x86_64-1.txz: Upgraded.
l/pangomm2-2.50.2-x86_64-1.txz: Added.
Thanks to jloco.
n/openvpn-2.6.10-x86_64-1.txz: Upgraded.
x/libkkc-0.3.5-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/libkkc-data-0.2.7-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/marisa-0.2.6-x86_64-8.txz: Rebuilt.
Drop python2 support and rebuild marisa module for python3.
x/wayland-protocols-1.34-noarch-1.txz: Upgraded.
a/libblockdev-2.28-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz: Rebuilt.
rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz: Rebuilt.
Drop python2 support.
ap/man-pages-6.7-noarch-1.txz: Upgraded.
d/cmake-3.28.4-x86_64-1.txz: Upgraded.
d/llvm-18.1.2-x86_64-1.txz: Upgraded.
d/python2-2.7.18-x86_64-7.txz: Rebuilt.
Bundle the final python2 versions of pip and setuptools.
Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz: Upgraded.
Point the /usr/bin/python symlink at python3.9.
PEP 394 says we can do this, and in a world of ambigious shebangs, this
is probably the best of the available options.
This update also fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-52425https://www.cve.org/CVERecord?id=CVE-2024-0450https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
d/strace-6.8-x86_64-1.txz: Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz: Rebuilt.
Fixed installed library name. Thanks to reddog83.
Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz: Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz: Rebuilt.
Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz: Removed.
Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz: Added.
We'll need this (along with pygtk and pygobject) until we get gimp3.
Well, we could build gimp without python support, but I really don't think
that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz: Upgraded.
n/crda-4.15-x86_64-1.txz: Removed.
The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz: Upgraded.
n/gpgme-1.23.2-x86_64-2.txz: Rebuilt.
Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz: Rebuilt.
Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz: Added.
Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz: Removed.
Nothing uses it, and it was never updated for python3. Removed as obsolete.
d/perl-5.38.2-x86_64-2.txz: Rebuilt.
Added IO-Tty-1.20, needed by mosh.
Upgraded: DBD-mysql-4.051, URI-5.27, XML-Parser-2.47, IO-Socket-SSL-2.085,
and Net-SSLeay-1.94.
kde/cantor-23.08.5-x86_64-3.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
kde/plasma-workspace-5.27.11-x86_64-2.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
kde/step-23.08.5-x86_64-2.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
l/abseil-cpp-20240116.1-x86_64-1.txz: Added.
Needed for protobuf and mosh.
l/libgnt-2.14.3-x86_64-2.txz: Rebuilt.
Build with -Dpython2=false. Thanks to USUARIONUEVO.
l/libqalculate-5.0.0-x86_64-2.txz: Rebuilt.
Shared library .so-version bump.
Thanks to gmgf.
l/protobuf-26.0-x86_64-1.txz: Added.
Needed for mosh.
n/mosh-1.4.0-x86_64-1.txz: Added.
Thanks to unInstance for cueing me in on this one.
n/pinentry-1.3.0-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.3.275.0-x86_64-2.txz: Rebuilt.
Build glslang with -DENABLE_OPT=Off. Thanks to F0nix.