ap/hplip-3.19.12-x86_64-1.txz: Upgraded.
ap/pamixer-1.4-x86_64-4.txz: Rebuilt.
Recompiled against boost-1.72.0.
ap/vim-8.2.0000-x86_64-1.txz: Upgraded.
d/bison-3.5-x86_64-1.txz: Upgraded.
kde/calligra-2.9.11-x86_64-33.txz: Rebuilt.
Recompiled against boost-1.72.0.
l/akonadi-1.13.0-x86_64-14.txz: Rebuilt.
Recompiled against boost-1.72.0.
l/boost-1.72.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libssh-0.9.3-x86_64-1.txz: Upgraded.
This fixes a security issue (low impact according to upstream):
Unsanitized location in scp could lead to unwanted command execution.
In addition, the 0.9.3 release benefited from a security audit sponsored
by the Mozilla Open Source Support program. The audit results were used
to improve the overall security and code quality of libssh.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14889
(* Security fix *)
n/libqmi-1.24.2-x86_64-1.txz: Upgraded.
x/compiz-0.8.16.1-x86_64-1.txz: Upgraded.
x/mesa-19.3.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0000-x86_64-1.txz: Upgraded.
ap/mariadb-10.4.11-x86_64-1.txz: Upgraded.
d/cmake-3.16.1-x86_64-1.txz: Upgraded.
d/git-2.24.1-x86_64-1.txz: Upgraded.
l/mozjs52-52.9.0esr-x86_64-2.txz: Removed.
This was used only by polkit-0.115.
l/mozjs60-60.9.0esr-x86_64-1.txz: Added.
This is needed for polkit-0.116.
l/polkit-0.116-x86_64-1.txz: Upgraded.
n/ModemManager-1.12.2-x86_64-1.txz: Upgraded.
xap/xine-ui-0.99.12-x86_64-1.txz: Upgraded.
l/dconf-0.34.0-x86_64-2.txz: Rebuilt.
Rebuilt using the sed replacements suggested by LFS. This fixes a
subsequent build of dconf-editor.
l/glib-networking-2.62.2-x86_64-1.txz: Upgraded.
n/samba-4.11.3-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD DC zone-named record Denial of Service in DNS management server.
DelegationNotAllowed was not enforced in protocol transition on Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
(* Security fix *)
x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded.
a/tcsh-6.22.02-x86_64-1.txz: Upgraded.
ap/vim-8.1.2391-x86_64-1.txz: Upgraded.
l/fuse3-3.8.0-x86_64-2.txz: Rebuilt.
rc.fuse3: Don't source /lib/lsb/init-functions unless it exists.
NOTE: FUSE seems to work fine without starting rc.fuse3, which it why it
isn't actually called from anywhere during system startup.
n/iw-5.4-x86_64-1.txz: Upgraded.
n/php-7.4.0-x86_64-2.txz: Rebuilt.
Rebuilt using --enable-gd=shared and --with-zip=shared.
Thanks to Matteo Bernardini.
xap/gv-3.7.4-x86_64-3.txz: Rebuilt.
Patched to fix save/print features when used with the latest ghostscript.
Added --enable-international build option.
Fixed broken whitespace in the bounding-box patch.
Thanks to Xsane.
xap/vim-gvim-8.1.2391-x86_64-1.txz: Upgraded.
a/hwdata-0.330-noarch-1.txz: Upgraded.
a/lvm2-2.03.07-x86_64-1.txz: Upgraded.
a/tcsh-6.22.01-x86_64-1.txz: Upgraded.
d/python-setuptools-42.0.2-x86_64-1.txz: Upgraded.
n/gnutls-3.6.11.1-x86_64-1.txz: Upgraded.
xap/gnuplot-5.2.8-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.3.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.3.0/releasenotes/
ap/xfsdump-3.1.8-x86_64-4.txz: Rebuilt.
Patched for new xfsprogs-5.3.0 API. Thanks to nobodino.
d/cmake-3.16.0-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.18-x86_64-1.txz: Upgraded.
gpg: Prepare against chosen-prefix SHA-1 collisions in key signatures.
This change removes all SHA-1 based key signature newer than 2019-01-19
from the web-of-trust. Note that this includes all key signatures
created with dsa1024 keys. The new option --allow-weak-key-signatures
can be used to override the new and safer behaviour.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855
(* Security fix *)
n/iproute2-5.4.0-x86_64-1.txz: Upgraded.
x/libepoxy-1.5.4-x86_64-1.txz: Upgraded.
n/bind-9.14.8-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Set a limit on the number of concurrently served pipelined TCP queries.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6477
(* Security fix *)
x/mesa-19.2.5-x86_64-1.txz: Upgraded.
testing/packages/kernel-generic-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-headers-5.4.0_rc8-x86-1.txz: Upgraded.
testing/packages/kernel-huge-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-modules-5.4.0_rc8-x86_64-1.txz: Upgraded.
testing/packages/kernel-source-5.4.0_rc8-noarch-1.txz: Upgraded.
-VBOXSF_FS m
+X86_INTEL_TSX_MODE_AUTO n
+X86_INTEL_TSX_MODE_OFF y
+X86_INTEL_TSX_MODE_ON n
ap/qpdf-9.1.0-x86_64-1.txz: Upgraded.
d/check-0.13.0-x86_64-1.txz: Added.
This is needed to build PulseAudio using Meson.
l/alsa-lib-1.2.1-x86_64-2.txz: Rebuilt.
Merge alsa-topology-conf-1.2.1 and alsa-ucm-conf-1.2.1 into the package.
l/pulseaudio-13.0-x86_64-2.txz: Rebuilt.
Rebuilt with meson. This causes esound support to be dropped, but it's
likely that nobody will care.
l/pyparsing-2.4.5-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.2.1-x86_64-2_alsa.txz: Rebuilt.
Merge alsa-topology-conf-1.2.1 and alsa-ucm-conf-1.2.1 into the package.
ap/alsa-utils-1.2.1-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.1-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.0.9_4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.2.1-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/alsa-plugins-1.2.1-x86_64-1_alsa.txz: Upgraded.
testing/packages/kernel-generic-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-headers-5.4.0_rc7-x86-2.txz: Rebuilt.
testing/packages/kernel-huge-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-modules-5.4.0_rc7-x86_64-2.txz: Rebuilt.
testing/packages/kernel-source-5.4.0_rc7-noarch-2.txz: Rebuilt.
CRYPTO_CRC32C_INTEL m -> y
Make modules before cleaning up the source tree. This does some magic in
Module.symvers that fixes building the NVIDIA kernel modules.
l/system-config-printer-1.5.12-x86_64-1.txz: Upgraded.
n/sshfs-3.6.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.2/releasenotes/
a/aaa_terminfo-6.1_20191026-x86_64-1.txz: Upgraded.
a/cryptsetup-2.2.2-x86_64-1.txz: Upgraded.
a/lvm2-2.03.06-x86_64-1.txz: Upgraded.
d/Cython-0.29.14-x86_64-1.txz: Upgraded.
l/ncurses-6.1_20191026-x86_64-1.txz: Upgraded.
Restore the --without-normal option to skip static libraries as used in 14.2.
Thanks to Richard Narron.
x/xterm-349-x86_64-2.txz: Rebuilt.
In /etc/app-defaults/XTerm, use terminus-medium instead of terminus-bold.
Thanks to igadoter.
a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218https://www.samba.org/samba/security/CVE-2019-14833.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833https://www.samba.org/samba/security/CVE-2019-14847.htmlhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/imagemagick-6.9.10_70-x86_64-1.txz: Upgraded.
x/libinput-1.14.3-x86_64-1.txz: Upgraded.
x/mkfontdir-1.0.7-noarch-2.txz: Removed.
The mkfontdir wrapper script and man page are provided by recent versions
of the mkfontscale package, making the mkfontdir package redundant.
Thanks to DarkVision.
x/mkfontscale-1.2.1-x86_64-2.txz: Rebuilt.
Moved the mkfontdir install script to this package since it includes the
mkfontdir wrapper script now.
xap/gimp-2.10.14-x86_64-1.txz: Upgraded.
l/pycairo-1.18.2-x86_64-1.txz: Upgraded.
x/libglvnd-1.2.0-x86_64-3.txz: Rebuilt.
It seems that Mesa now expects libglvnd to provide the header files, so this
has been rebuilt without --disable-headers. These headers remain missing on
the system after doing so: GL/gl_mangle.h, glx_mangle.h, and GLES3/gl3ext.h.
If anything still requires those headers, please let me know and we'll look
into what can be done about it. Thanks to TheRealGrogan for the heads-up.
ap/man-db-2.9.0-x86_64-1.txz: Upgraded.
d/ccache-3.7.5-x86_64-1.txz: Upgraded.
l/librsvg-2.46.3-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.2.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.2.0/releasenotes/
d/python-2.7.17-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Update vendorized expat library version to 2.2.8.
Disallow URL paths with embedded whitespace or control characters into the
underlying http client request. Such potentially malicious header injection
URLs now cause an httplib.InvalidURL exception to be raised.
Avoid file reading by disallowing ``local-file://`` and ``local_file://``
URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and
:meth:`urllib.URLopener.retrieve`.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
(* Security fix *)
n/proftpd-1.3.6b-x86_64-1.txz: Upgraded.