Commit graph

1949 commits

Author SHA1 Message Date
Patrick J Volkerding
6dbbaa7eea Thu Apr 25 17:58:17 UTC 2024
l/PyQt-builder-1.16.2-x86_64-1.txz:  Upgraded.
l/fribidi-1.0.14-x86_64-1.txz:  Upgraded.
l/libarchive-3.7.3-x86_64-2.txz:  Rebuilt.
  Patched an out-of-bound error in the rar e8 filter that could allow for
  the execution of arbitrary code.
  Thanks to gmgf for the heads-up.
  For more information, see:
    https://github.com/advisories/GHSA-2jc9-36w4-pmqw
    https://www.cve.org/CVERecord?id=CVE-2024-26256
  (* Security fix *)
n/bluez-5.75-x86_64-3.txz:  Rebuilt.
  [PATCH] shared/uhid: Fix crash if bt_uhid_destroy free replay structure.
  Thanks to sombragris.
n/libgpg-error-1.49-x86_64-1.txz:  Upgraded.
2024-04-25 20:28:55 +02:00
Patrick J Volkerding
48fa1dd303 Wed Apr 24 20:08:55 UTC 2024
ap/dmidecode-3.6-x86_64-1.txz:  Upgraded.
kde/fcitx5-configtool-5.1.5-x86_64-1.txz:  Upgraded.
l/aom-3.9.0-x86_64-1.txz:  Upgraded.
x/mesa-24.0.6-x86_64-1.txz:  Upgraded.
2024-04-24 22:30:34 +02:00
Patrick J Volkerding
1531b10f73 Tue Apr 23 22:24:03 UTC 2024
d/ruby-3.3.1-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Arbitrary memory address read vulnerability with Regex search.
  RCE vulnerability with .rdoc_options in RDoc.
  Buffer overread vulnerability in StringIO.
  For more information, see:
    https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
    https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
    https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
    https://www.cve.org/CVERecord?id=CVE-2024-27282
    https://www.cve.org/CVERecord?id=CVE-2024-27281
    https://www.cve.org/CVERecord?id=CVE-2024-27280
  (* Security fix *)
l/python-docutils-0.21.2-x86_64-1.txz:  Upgraded.
x/rendercheck-1.6-x86_64-1.txz:  Upgraded.
x/xcb-imdkit-1.0.8-x86_64-1.txz:  Upgraded.
2024-04-24 01:01:16 +02:00
Patrick J Volkerding
388220eab9 Tue Apr 23 19:48:05 UTC 2024
a/ed-1.20.2-x86_64-1.txz:  Upgraded.
d/parallel-20240422-noarch-1.txz:  Upgraded.
kde/krusader-2.8.1-x86_64-1.txz:  Upgraded.
kde/ktextaddons-1.5.4-x86_64-1.txz:  Upgraded.
l/libgusb-0.4.9-x86_64-1.txz:  Upgraded.
n/nmap-7.95-x86_64-1.txz:  Upgraded.
x/fcitx5-5.1.9-x86_64-1.txz:  Upgraded.
x/fcitx5-anthy-5.1.4-x86_64-1.txz:  Upgraded.
x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-gtk-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-hangul-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-kkc-5.1.3-x86_64-1.txz:  Upgraded.
x/fcitx5-m17n-5.1.1-x86_64-1.txz:  Upgraded.
x/fcitx5-qt-5.1.6-x86_64-1.txz:  Upgraded.
x/fcitx5-sayura-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-table-extra-5.1.5-x86_64-1.txz:  Upgraded.
x/fcitx5-table-other-5.1.2-x86_64-1.txz:  Upgraded.
x/fcitx5-unikey-5.1.4-x86_64-1.txz:  Upgraded.
x/libime-1.1.7-x86_64-1.txz:  Upgraded.
extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz:  Rebuilt.
  This is a bugfix release.
  Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it
  in a terminal emulator in text mode, or rebuild if you really need to get
  rid of the X11 dependency for some reason.
  Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces
  a buggy Emacs here in the modern era, with symptoms such as "child signal FD:
  Invalid argument". It's possible this had something to do with the reported
  memory leaks as well.
  Thanks to 3Tom for the bug report.
2024-04-23 22:34:04 +02:00
Patrick J Volkerding
a99ccc15cf Mon Apr 22 19:36:38 UTC 2024
a/elogind-255.4_r2-x86_64-2.txz:  Rebuilt.
  OK, this is looking good enough to return to the main tree now.
  Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues
  with upstream, and to Sven Eden for the upstream fixes. I've changed the
  default sleep mode from s2idle to deep as s2idle still locks up most of the
  systems I've tried it on. Eventually we'll probably have to swallow this pill
  though (more notes on that in the SlackBuild).
  It didn't seem like recompiling polkit again was necessary, but correct me if
  I'm wrong about that.
l/imagemagick-7.1.1_31-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.24.2-x86_64-1.txz:  Upgraded.
l/vte-0.76.1-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.2-x86_64-1.txz:  Upgraded.
xap/freerdp-2.11.7-x86_64-1.txz:  Upgraded.
  This release eliminates a bunch of issues detected during oss-fuzz runs.
  (* Security fix *)
2024-04-22 22:00:43 +02:00
Patrick J Volkerding
62755e6ce1 Sun Apr 21 21:41:34 UTC 2024
a/etc-15.1-x86_64-11.txz:  Rebuilt.
  Populate missing /etc/gshadow entries. Thanks to opty.
l/PyQt-builder-1.16.1-x86_64-1.txz:  Upgraded.
l/python-pluggy-1.5.0-x86_64-1.txz:  Upgraded.
2024-04-21 23:59:55 +02:00
Patrick J Volkerding
189be804b3 Sat Apr 20 00:10:39 UTC 2024
l/gdk-pixbuf2-2.42.11-x86_64-2.txz:  Rebuilt.
  Recompiled with -Dtests=false -Dothers=enabled to fix gkrellm.
  Thanks to J_W for the bug report.
2024-04-20 02:28:35 +02:00
Patrick J Volkerding
ed81ac8dda Fri Apr 19 19:36:17 UTC 2024
a/elogind-252.23-x86_64-3.txz:  Rebuilt.
  All right, it's time to stop the bleeding (edge). This has been verified as
  the last working version of elogind, so we'll revert for now while moving the
  newer sources into /testing. We didn't actually *need* the 255 branch for
  libgudev (I was mistakenly under that impression), so this will be fine for
  now. We'll keep an eye on upstream and move forward when things settle down.
d/vala-0.56.17-x86_64-1.txz:  Upgraded.
l/gdk-pixbuf2-2.42.11-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.3-x86_64-1.txz:  Upgraded.
l/polkit-124-x86_64-2.txz:  Rebuilt.
  Recompiled against elogind-252.23.
l/python-sphinx-7.3.7-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.46.0-x86_64-2.txz:  Rebuilt.
  Build with meson instead of autotools, since setting session_tracking to
  elogind is ignored with autotools, and is set to consolekit instead.
  While this didn't seem to make a difference in practice, better to get this
  right now and rule it out as part of the issue.
  Thanks to marav and LuckyCyborg for the options hints.
x/xdg-desktop-portal-1.18.4-x86_64-1.txz:  Upgraded.
xap/freerdp-2.11.6-x86_64-1.txz:  Upgraded.
  This release is a security release and addresses multiple issues:
  [Low] OutOfBound Read in zgfx_decompress_segment.
  [Moderate] Integer overflow & OutOfBound Write in
  clear_decompress_residual_data.
  [Low] integer underflow in nsc_rle_decode.
  [Low] OutOfBound Read in planar_skip_plane_rle.
  [Low] OutOfBound Read in ncrush_decompress.
  [Low] OutOfBound Read in interleaved_decompress.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-32041
    https://www.cve.org/CVERecord?id=CVE-2024-32039
    https://www.cve.org/CVERecord?id=CVE-2024-32040
    https://www.cve.org/CVERecord?id=CVE-2024-32458
    https://www.cve.org/CVERecord?id=CVE-2024-32459
    https://www.cve.org/CVERecord?id=CVE-2024-32460
  (* Security fix *)
2024-04-19 21:59:51 +02:00
Patrick J Volkerding
f924be94d2 Fri Apr 19 05:38:28 UTC 2024
xap/mozilla-thunderbird-115.10.1-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/
2024-04-19 07:59:28 +02:00
Patrick J Volkerding
11cd602e0f Thu Apr 18 19:17:30 UTC 2024
a/aaa_glibc-solibs-2.39-x86_64-2.txz:  Rebuilt.
ap/vim-9.1.0346-x86_64-1.txz:  Upgraded.
d/llvm-18.1.4-x86_64-1.txz:  Upgraded.
d/nasm-2.16.03-x86_64-1.txz:  Upgraded.
l/glibc-2.39-x86_64-2.txz:  Rebuilt.
  This update fixes a security issue:
  The iconv() function in the GNU C Library versions 2.39 and older may
  overflow the output buffer passed to it by up to 4 bytes when converting
  strings to the ISO-2022-CN-EXT character set, which may be used to crash
  an application or overwrite a neighbouring variable.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-2961
  (* Security fix *)
l/glibc-i18n-2.39-x86_64-2.txz:  Rebuilt.
l/glibc-profile-2.39-x86_64-2.txz:  Rebuilt.
l/pycups-2.0.4-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.24.1-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.3.6-x86_64-1.txz:  Upgraded.
n/bind-9.18.26-x86_64-1.txz:  Upgraded.
  This is a bugfix release.
xap/vim-gvim-9.1.0346-x86_64-1.txz:  Upgraded.
2024-04-18 22:19:52 +02:00
Patrick J Volkerding
2953aca3b1 Wed Apr 17 20:35:48 UTC 2024
a/kernel-firmware-20240417_e678699-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.28-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.28-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.28-x86_64-1.txz:  Upgraded.
a/xfsprogs-6.7.0-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.28-x86-1.txz:  Upgraded.
k/kernel-source-6.6.28-noarch-1.txz:  Upgraded.
l/pycups-2.0.3-x86_64-1.txz:  Upgraded.
l/python-sphinx-7.3.5-x86_64-1.txz:  Upgraded.
n/bluez-5.75-x86_64-2.txz:  Rebuilt.
  Prune duplicate config files. Thanks to audriusk.
x/libXmu-1.2.1-x86_64-1.txz:  Upgraded.
x/util-macros-1.20.1-noarch-1.txz:  Upgraded.
x/wayland-protocols-1.35-noarch-1.txz:  Upgraded.
xap/mozilla-thunderbird-115.10.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.10.0/releasenotes/
    https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird115.10
  (* Security fix *)
xfce/xfce4-notifyd-0.9.4-x86_64-2.txz:  Rebuilt.
  Do not install DBus service files, as these cause xfce4-notifyd to start in
  plasma sessions. Thanks to ctrlaltca.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-04-17 23:41:21 +02:00
Patrick J Volkerding
0172ca92cd Tue Apr 16 21:57:56 UTC 2024
a/aaa_libraries-15.1-x86_64-30.txz:  Rebuilt.
  Upgraded: libcares.so.2.13.1.
  Added (temporarily): libboost_*.so.1.84.0.
ap/pamixer-1.6-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
kde/kig-23.08.5-x86_64-4.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
kde/kopeninghours-23.08.5-x86_64-4.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
kde/krita-5.2.2-x86_64-8.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
l/boost-1.85.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/cryfs-0.10.3-x86_64-11.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
x/fcitx5-chinese-addons-5.1.4-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
x/libime-1.1.6-x86_64-2.txz:  Rebuilt.
  Recompiled against boost-1.85.0.
2024-04-17 00:28:26 +02:00
Patrick J Volkerding
8a05a39fd3 Tue Apr 16 18:50:13 UTC 2024
a/elogind-255.4_r2-x86_64-1.txz:  Upgraded.
  Prefer SuspendMode=deep. Thanks to LuckyCyborg.
  Make 10-elogind.conf .new (but it will still be forced in this time).
  Fix reading login.conf. Thanks to af7567.
  This branch is feeling a bit alpha to me, but we'll stick with it for now.
ap/groff-1.23.0-x86_64-2.txz:  Rebuilt.
  [PATCH] Revert upstream change of mapping special characters for UTF-8.
  Thanks to Stuart Winter.
l/mozjs115-115.10.0esr-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.24.0-x86_64-1.txz:  Upgraded.
n/bluez-5.75-x86_64-1.txz:  Upgraded.
x/libxcb-1.17.0-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-115.10.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.10.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-19/
    https://www.cve.org/CVERecord?id=CVE-2024-3852
    https://www.cve.org/CVERecord?id=CVE-2024-3854
    https://www.cve.org/CVERecord?id=CVE-2024-3857
    https://www.cve.org/CVERecord?id=CVE-2024-2609
    https://www.cve.org/CVERecord?id=CVE-2024-3859
    https://www.cve.org/CVERecord?id=CVE-2024-3861
    https://www.cve.org/CVERecord?id=CVE-2024-3863
    https://www.cve.org/CVERecord?id=CVE-2024-3302
    https://www.cve.org/CVERecord?id=CVE-2024-3864
  (* Security fix *)
2024-04-16 21:36:10 +02:00
Patrick J Volkerding
2cc32ba84e Mon Apr 15 22:28:37 UTC 2024
ap/linuxdoc-tools-0.9.83-x86_64-1.txz:  Upgraded.
  Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0.
  See the ChangeLog in source/ap/linuxdoc-tools for more details.
  Thanks to Stuart Winter.
ap/sqlite-3.45.3-x86_64-1.txz:  Upgraded.
l/Mako-1.3.3-x86_64-1.txz:  Upgraded.
l/pipewire-1.0.5-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.23.0-x86_64-1.txz:  Upgraded.
x/libwacom-2.11.0-x86_64-1.txz:  Upgraded.
x/xcb-proto-1.17.0-x86_64-1.txz:  Upgraded.
x/xf86-input-wacom-1.2.2-x86_64-1.txz:  Upgraded.
xap/pan-0.158-x86_64-1.txz:  Upgraded.
  Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-)
2024-04-16 01:59:06 +02:00
Patrick J Volkerding
a9219aba34 Sun Apr 14 18:35:32 UTC 2024
a/less-653-x86_64-2.txz:  Rebuilt.
  This update patches a security issue:
  less through 653 allows OS command execution via a newline character in the
  name of a file, because quoting is mishandled in filename.c. Exploitation
  typically requires use with attacker-controlled file names, such as the files
  extracted from an untrusted archive. Exploitation also requires the LESSOPEN
  environment variable, but this is set by default in many common cases.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-32487
  (* Security fix *)
ap/inxi-3.3.34_1-noarch-1.txz:  Upgraded.
d/python-setuptools-69.5.1-x86_64-1.txz:  Upgraded.
n/bluez-5.74-x86_64-1.txz:  Upgraded.
xfce/xfce4-notifyd-0.9.4-x86_64-1.txz:  Upgraded.
  Almost everyone has jumped to this version, so we'll get with the program.
2024-04-14 21:00:38 +02:00
Patrick J Volkerding
34da3f5aa8 Sat Apr 13 19:45:25 UTC 2024
l/imagemagick-7.1.1_29-x86_64-1.txz:  Upgraded.
  Revert to the previous ImageMagick because the latest one is destroying SVG
  files if "identify" or "display" is used on them.
  Thanks to pc2005.
2024-04-13 22:01:32 +02:00
Patrick J Volkerding
ce3e6fa735 Sat Apr 13 00:59:20 UTC 2024
l/python-docutils-0.21.1-x86_64-2.txz:  Rebuilt.
  Fix ridiculous broken symlink. Thanks to marav.
2024-04-13 03:28:42 +02:00
Patrick J Volkerding
b280795dd5 Fri Apr 12 19:08:59 UTC 2024
a/less-653-x86_64-1.txz:  Upgraded.
d/ninja-1.12.0-x86_64-1.txz:  Upgraded.
d/valgrind-3.22.0-x86_64-1.txz:  Added.
  Thanks to Kyle Guinn, Peter Wang, and Willy Sudiarto Raharjo.
l/netpbm-11.06.01-x86_64-1.txz:  Upgraded.
n/php-8.3.6-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.6
  (* Security fix *)
2024-04-12 22:01:31 +02:00
Patrick J Volkerding
79267f6e54 Thu Apr 11 21:36:28 UTC 2024
d/cmake-3.29.2-x86_64-1.txz:  Upgraded.
l/polkit-124-x86_64-1.txz:  Upgraded.
  Thanks to marav for the patches.
2024-04-12 00:10:09 +02:00
Patrick J Volkerding
66d9bc3f90 Thu Apr 11 19:05:36 UTC 2024
a/elogind-255.4-x86_64-1.txz:  Upgraded.
a/libblockdev-3.1.1_1-x86_64-1.txz:  Upgraded.
a/libbytesize-2.10-x86_64-1.txz:  Upgraded.
a/libgudev-238-x86_64-1.txz:  Upgraded.
a/udisks-1.0.5-x86_64-11.txz:  Removed.
a/udisks2-2.10.1-x86_64-1.txz:  Upgraded.
a/upower-1.90.4-x86_64-1.txz:  Upgraded.
l/python-docutils-0.21.1-x86_64-1.txz:  Upgraded.
l/python-idna-3.7-x86_64-1.txz:  Upgraded.
n/php-8.3.5-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://www.php.net/ChangeLog-8.php#8.3.6
  (* Security fix *)
x/ibus-m17n-1.4.29-x86_64-1.txz:  Upgraded.
x/mesa-24.0.5-x86_64-1.txz:  Upgraded.
2024-04-11 21:30:49 +02:00
Patrick J Volkerding
2136209b06 Wed Apr 10 19:09:14 UTC 2024
a/cryptsetup-2.7.2-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20240410_53438f8-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.26-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.26-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.26-x86_64-1.txz:  Upgraded.
a/openssl-solibs-3.3.0-x86_64-1.txz:  Upgraded.
a/pam-1.6.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.26-x86-1.txz:  Upgraded.
d/rust-1.77.2-x86_64-1.txz:  Upgraded.
  [PATCH] compiler: Use wasm-ld for wasm targets.
  Thanks to Heinz Wiesinger.
k/kernel-source-6.6.26-noarch-1.txz:  Upgraded.
  +SPECTRE_BHI_AUTO n
  +SPECTRE_BHI_OFF n
  +SPECTRE_BHI_ON y
l/gst-plugins-bad-free-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.2-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.2-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.2-x86_64-1.txz:  Upgraded.
l/libcap-ng-0.8.5-x86_64-1.txz:  Upgraded.
l/nodejs-20.12.2-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.4.10-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.5-x86_64-2.txz:  Rebuilt.
  [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration.
  Thanks to bortolotto.
n/openssl-3.3.0-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-04-10 22:18:19 +02:00
Patrick J Volkerding
075f0a2233 Tue Apr 9 18:14:27 UTC 2024
l/abseil-cpp-20240116.2-x86_64-1.txz:  Upgraded.
l/dotconf-1.4.1-x86_64-1.txz:  Upgraded.
t/texlive-2024.240409-x86_64-1.txz:  Upgraded.
  Thanks to Johannes Schoepfer.
x/xorg-server-xwayland-23.2.6-x86_64-1.txz:  Upgraded.
xap/blueman-2.4.1-x86_64-1.txz:  Upgraded.
2024-04-09 21:00:29 +02:00
Patrick J Volkerding
c302fc308c Mon Apr 8 18:44:37 UTC 2024
l/imagemagick-7.1.1_30-x86_64-1.txz:  Upgraded.
l/libarchive-3.7.3-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  Fix possible vulnerability in tar error reporting introduced in f27c173
  by JiaT75.
  For more information, see:
    f27c173d17
    https://github.com/libarchive/libarchive/pull/2101
  (* Security fix *)
n/net-snmp-5.9.4-x86_64-3.txz:  Rebuilt.
  [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp.
  Thanks to walecha.
n/rsync-3.3.0-x86_64-1.txz:  Upgraded.
x/xorg-sgml-doctools-1.12.1-x86_64-1.txz:  Upgraded.
xap/gimp-2.10.36-x86_64-3.txz:  Rebuilt.
  [PATCH] QuitDialog: disconnect signal handler on dialog destroy.
  This fixes a crash on quit.
  Thanks to USUARIONUEVO.
xap/xlockmore-5.77-x86_64-1.txz:  Upgraded.
2024-04-08 21:32:38 +02:00
Patrick J Volkerding
ff9f5e9d28 Sat Apr 6 17:19:58 UTC 2024
a/pciutils-3.12.0-x86_64-1.txz:  Upgraded.
l/pygobject-2.28.7-x86_64-10.txz:  Rebuilt.
  Build with PYTHON=python2 so that we don't have a call to unversioned python
  in pygobject-codegen-2.0. Fixes building gimp from git.
  Thanks to Petri Kaukasoina.
l/pygobject3-3.48.2-x86_64-1.txz:  Upgraded.
x/libX11-1.8.9-x86_64-1.txz:  Upgraded.
x/mtdev-1.1.7-x86_64-1.txz:  Upgraded.
2024-04-06 19:59:46 +02:00
Patrick J Volkerding
f603ff80a7 Fri Apr 5 20:11:23 UTC 2024
a/etc-15.1-x86_64-10.txz:  Rebuilt.
  Added nut user (218) and nut group (218).
a/genpower-1.0.5-x86_64-5.txz:  Removed.
a/nut-2.8.2-x86_64-1.txz:  Added.
  This is a package to support uninterruptible power supplies, and replaces
  the obsolete genpower package.
  Thanks to V'yacheslav Stetskevych for the original SBo script.
a/sysvinit-scripts-15.1-noarch-16.txz:  Rebuilt.
  rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and
  rc.nut-upsmon. Remove the genpower block.
  rc.6: support stopping the UPS inverter on the way down if we see
  /etc/killpower. Remove the genpower block.
a/tcsh-6.24.12-x86_64-1.txz:  Upgraded.
ap/man-db-2.12.1-x86_64-1.txz:  Upgraded.
ap/mpg123-1.32.6-x86_64-1.txz:  Upgraded.
ap/vim-9.1.0265-x86_64-1.txz:  Upgraded.
d/cargo-vendor-filterer-0.5.14-x86_64-1.txz:  Upgraded.
d/nasm-2.16.02-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.5-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.5-x86_64-1.txz:  Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz:  Upgraded.
x/xdm-1.1.16-x86_64-1.txz:  Upgraded.
xap/vim-gvim-9.1.0265-x86_64-1.txz:  Upgraded.
extra/bash-completion/bash-completion-2.13.0-noarch-1.txz:  Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz:  Rebuilt.
  Recompiled against xorg-server-21.1.12 to fix security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31082
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
2024-04-05 22:28:59 +02:00
Patrick J Volkerding
e0375de323 Thu Apr 4 20:49:23 UTC 2024
a/hwdata-0.381-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.25-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.25-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.25-x86_64-1.txz:  Upgraded.
d/cmake-3.29.1-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.25-x86-1.txz:  Upgraded.
d/llvm-18.1.3-x86_64-1.txz:  Upgraded.
k/kernel-source-6.6.25-noarch-1.txz:  Upgraded.
kde/kstars-3.7.0-x86_64-1.txz:  Upgraded.
l/enchant-2.6.9-x86_64-1.txz:  Upgraded.
l/libclc-18.1.3-x86_64-1.txz:  Upgraded.
l/sof-firmware-2024.03-noarch-1.txz:  Upgraded.
n/gnutls-3.8.5-x86_64-1.txz:  Upgraded.
n/httpd-2.4.59-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  HTTP/2 DoS by memory exhaustion on endless continuation frames.
  HTTP Response Splitting in multiple modules.
  HTTP response splitting.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.59
    https://www.cve.org/CVERecord?id=CVE-2024-27316
    https://www.cve.org/CVERecord?id=CVE-2024-24795
    https://www.cve.org/CVERecord?id=CVE-2023-38709
  (* Security fix *)
n/nghttp2-1.61.0-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
  frames even after a stream is reset to keep HPACK context in sync. This
  causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
  this vulnerability by limiting the number of CONTINUATION frames it can
  accept after a HEADERS frame.
  For more information, see:
    https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
    https://www.kb.cert.org/vuls/id/421644
    https://www.cve.org/CVERecord?id=CVE-2024-28182
  (* Security fix *)
x/xdg-desktop-portal-1.18.3-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-04-04 23:55:21 +02:00
Patrick J Volkerding
ddf1c99d25 Wed Apr 3 22:22:06 UTC 2024
l/PyQt-builder-1.16.0-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.1-x86_64-2.txz:  Rebuilt.
  Recompiled against aom-3.8.2 to build libgstaom.so.
l/nodejs-20.12.1-x86_64-1.txz:  Upgraded.
l/python-lxml-5.2.1-x86_64-1.txz:  Upgraded.
x/xorg-server-21.1.12-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31082
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
x/xorg-server-xephyr-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xnest-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xvfb-21.1.12-x86_64-1.txz:  Upgraded.
x/xorg-server-xwayland-23.2.5-x86_64-1.txz:  Upgraded.
  This update fixes security issues:
  Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
  Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
  Use-after-free in ProcRenderAddGlyphs.
  For more information, see:
    https://lists.x.org/archives/xorg-announce/2024-April/003497.html
    https://www.cve.org/CVERecord?id=CVE-2024-31080
    https://www.cve.org/CVERecord?id=CVE-2024-31081
    https://www.cve.org/CVERecord?id=CVE-2024-31083
  (* Security fix *)
2024-04-04 01:04:57 +02:00
Patrick J Volkerding
76d67b71a0 Wed Apr 3 19:58:56 UTC 2024
a/kernel-generic-6.6.24-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.24-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.24-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.24-x86-1.txz:  Upgraded.
d/python3-3.11.9-x86_64-1.txz:  Upgraded.
k/kernel-source-6.6.24-noarch-1.txz:  Upgraded.
  -AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
  -GCC11_NO_ARRAY_BOUNDS y
   NUMA_BALANCING n -> y
  +GCC10_NO_ARRAY_BOUNDS y
  +NUMA_BALANCING_DEFAULT_ENABLED y
kde/libindi-2.0.7-x86_64-1.txz:  Upgraded.
l/SDL2-2.30.2-x86_64-1.txz:  Upgraded.
l/aom-3.8.2-x86_64-1.txz:  Added.
  Needed to add AV1 encode/decode support to ffmpeg.
  Thanks to Andrew Strong.
l/dav1d-1.4.1-x86_64-1.txz:  Added.
  Needed to add AV1 decode support to ffmpeg.
l/ffmpeg-6.1.1-x86_64-2.txz:  Rebuilt.
  Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
  Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
  Thanks to glennmcc.
l/gtk4-4.14.2-x86_64-1.txz:  Upgraded.
n/whois-5.5.22-x86_64-1.txz:  Upgraded.
  Fixed a segmentation fault with --no-recursion.
  Updated the .bm and .vi TLD servers.
  Removed 4 new gTLDs which are no longer active.
xap/MPlayer-20240403-x86_64-1.txz:  Upgraded.
  Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
  Thanks to glennmcc.
xap/pan-0.157-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-04-03 23:12:56 +02:00
Patrick J Volkerding
148aaa82e1 Mon Apr 1 19:02:42 UTC 2024
d/nv-codec-headers-12.2.72.0-x86_64-1.txz:  Upgraded.
d/parallel-20240322-noarch-1.txz:  Upgraded.
kde/calligra-3.2.1-x86_64-38.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/cantor-23.08.5-x86_64-5.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/kfilemetadata-5.115.0-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/kile-2.9.93-x86_64-32.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/kitinerary-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/krita-5.2.2-x86_64-7.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
kde/okular-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against poppler-24.04.0.
l/gobject-introspection-1.80.1-x86_64-1.txz:  Upgraded.
l/netpbm-11.06.00-x86_64-1.txz:  Upgraded.
l/poppler-24.04.0-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/python-pillow-10.3.0-x86_64-1.txz:  Upgraded.
xap/x3270-4.3ga8-x86_64-1.txz:  Upgraded.
2024-04-02 21:29:20 +02:00
Patrick J Volkerding
5a37cf6064 Sun Mar 31 22:44:32 UTC 2024
d/python-pip-24.0-x86_64-3.txz:  Rebuilt.
  Get rid of unneeded Windows garbage in the package.
d/python2-2.7.18-x86_64-8.txz:  Rebuilt.
  Get rid of unneeded Windows garbage in the package.
l/PyQt-builder-1.15.4-x86_64-3.txz:  Rebuilt.
  Get rid of unneeded Windows garbage in the package.
l/python-installer-0.7.0-x86_64-3.txz:  Rebuilt.
  Get rid of unneeded Windows garbage in the package.
2024-04-01 00:57:33 +02:00
Patrick J Volkerding
f81c11c624 Sun Mar 31 18:28:19 UTC 2024
ap/hplip-3.23.12-x86_64-4.txz:  Rebuilt.
  Add a few patches from Arch, including one to fix a Unicode error with the
  sixext.py script that causes hp-setup to crash after detecting a printer.
  Thanks to truepatriot76.
d/Cython-3.0.10-x86_64-1.txz:  Upgraded.
d/cargo-vendor-filterer-0.5.13-x86_64-1.txz:  Upgraded.
d/poke-4.0-x86_64-1.txz:  Upgraded.
l/editorconfig-core-c-0.12.7-x86_64-1.txz:  Upgraded.
l/jasper-4.2.3-x86_64-1.txz:  Upgraded.
l/libical-3.0.18-x86_64-1.txz:  Upgraded.
l/pango-1.52.2-x86_64-1.txz:  Upgraded.
l/python-lxml-5.2.0-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.1-x86_64-1.txz:  Upgraded.
n/c-ares-1.28.1-x86_64-1.txz:  Upgraded.
xap/blueman-2.4-x86_64-1.txz:  Upgraded.
2024-03-31 20:58:48 +02:00
Patrick J Volkerding
86ba9cf839 Sat Mar 30 20:58:19 UTC 2024
ap/undervolt-0.4.0-x86_64-1.txz:  Upgraded.
kde/kig-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled to link with libboost_python311.so.1.84.0.
kde/kopeninghours-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled to link with libboost_python311.so.1.84.0. Thanks to gmgf.
2024-03-30 22:28:04 +01:00
Patrick J Volkerding
730cbea730 Sat Mar 30 18:08:12 UTC 2024
a/xz-5.6.1-x86_64-3.txz:  Rebuilt.
  [PATCH] CMake: Fix sabotaged Landlock sandbox check.
  We don't build with CMake (yet), but it doesn't hurt to apply this.
d/mercurial-6.7.2-x86_64-1.txz:  Upgraded.
l/boost-1.84.0-x86_64-3.txz:  Rebuilt.
  Recompiled against python-3.11.8. Thanks to rinza.
l/python-pycparser-2.22-x86_64-1.txz:  Upgraded.
l/python-pytz-2024.1-x86_64-2.txz:  Removed.
  No longer needed with python-3.11. Thanks to audriusk.
l/python-tomli-2.0.1-x86_64-2.txz:  Removed.
  No longer needed with python-3.11. Thanks to TommyC7 and audriusk.
n/c-ares-1.28.0-x86_64-1.txz:  Upgraded.
xap/xsnow-3.7.9-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.6-x86_64-4.txz:  Rebuilt.
  Don't install anything under /usr/local. Thanks to reddog83.
2024-03-30 19:28:56 +01:00
Patrick J Volkerding
44183f6ba3 Fri Mar 29 20:39:11 UTC 2024
Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a
rebuild or upgrade to build against python-3.11.8. Looking at the python
readiness page, it seems like a lot of stuff we use is not certified for
python-3.12 yet (although to be fair, about half as much isn't certified for
python-3.11 either). But 3.11 seems to be the safer choice even though the
final bugfix update is scheduled for Monday. And, if we do decide to move
ahead to 3.12 later on, it'll be a lot easier than this update was.
Enjoy! :-)
a/aaa_libraries-15.1-x86_64-29.txz:  Rebuilt.
  Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0,
  libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0,
  libgthread-2.0.so.0.8000.0.
  Removed: libboost_*.so.1.83.0.
a/libblockdev-2.28-x86_64-3.txz:  Rebuilt.
a/libbytesize-2.8-x86_64-2.txz:  Rebuilt.
a/libpwquality-1.4.5-x86_64-2.txz:  Rebuilt.
a/mcelog-198-x86_64-1.txz:  Upgraded.
a/util-linux-2.40-x86_64-2.txz:  Rebuilt.
a/volume_key-0.3.12-x86_64-8.txz:  Rebuilt.
a/xz-5.6.1-x86_64-2.txz:  Rebuilt.
  Seems like a good idea to build this from a git pull rather than the signed
  release tarballs. :-)
  The liblzma in the previous packages were not found to be vulnerable by the
  detection script, but I'd rather not carry the bad m4 files in our sources.
  Here's a test script for anyone wanting to try it:
  if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then
    echo probably vulnerable
  else
    echo probably not vulnerable
  fi
ap/hplip-3.23.12-x86_64-3.txz:  Rebuilt.
ap/linuxdoc-tools-0.9.82-x86_64-5.txz:  Rebuilt.
ap/rpm-4.19.1.1-x86_64-2.txz:  Rebuilt.
ap/undervolt-20210815_e39aea1-x86_64-3.txz:  Rebuilt.
ap/vim-9.1.0225-x86_64-1.txz:  Upgraded.
d/Cython-3.0.9-x86_64-2.txz:  Rebuilt.
d/distcc-3.4-x86_64-5.txz:  Rebuilt.
d/gdb-14.2-x86_64-2.txz:  Rebuilt.
d/gyp-20210831_d6c5dd51-x86_64-3.txz:  Rebuilt.
d/llvm-18.1.2-x86_64-2.txz:  Rebuilt.
d/mercurial-6.7.1-x86_64-2.txz:  Rebuilt.
d/meson-1.4.0-x86_64-2.txz:  Rebuilt.
d/python-pip-24.0-x86_64-2.txz:  Rebuilt.
d/python-setuptools-69.2.0-x86_64-2.txz:  Rebuilt.
d/python3-3.11.8-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
d/scons-4.7.0-x86_64-2.txz:  Rebuilt.
kde/cantor-23.08.5-x86_64-4.txz:  Rebuilt.
kde/kapidox-5.115.0-x86_64-2.txz:  Rebuilt.
kde/kdev-python-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kig-23.08.5-x86_64-2.txz:  Rebuilt.
kde/kmymoney-5.1.3-x86_64-4.txz:  Rebuilt.
kde/kopeninghours-23.08.5-x86_64-2.txz:  Rebuilt.
kde/krita-5.2.2-x86_64-6.txz:  Rebuilt.
l/M2Crypto-0.41.0-x86_64-2.txz:  Rebuilt.
l/Mako-1.3.2-x86_64-2.txz:  Rebuilt.
l/PyQt-builder-1.15.4-x86_64-2.txz:  Rebuilt.
l/PyQt5-5.15.10-x86_64-2.txz:  Rebuilt.
l/PyQt5_sip-12.13.0-x86_64-2.txz:  Rebuilt.
l/QScintilla-2.14.1-x86_64-3.txz:  Rebuilt.
l/avahi-20240306_709e60f-x86_64-2.txz:  Rebuilt.
l/brotli-1.1.0-x86_64-2.txz:  Rebuilt.
l/dbus-python-1.3.2-x86_64-2.txz:  Rebuilt.
l/gexiv2-0.14.2-x86_64-3.txz:  Rebuilt.
l/gi-docgen-2023.3-x86_64-2.txz:  Rebuilt.
l/glade-3.40.0-x86_64-2.txz:  Rebuilt.
l/gobject-introspection-1.80.0-x86_64-2.txz:  Rebuilt.
l/harfbuzz-8.4.0-x86_64-1.txz:  Upgraded.
l/lensfun-0.3.4-x86_64-2.txz:  Rebuilt.
l/libcaca-0.99.beta20-x86_64-2.txz:  Rebuilt.
l/libcap-ng-0.8.4-x86_64-2.txz:  Rebuilt.
l/libieee1284-0.2.11-x86_64-8.txz:  Rebuilt.
l/libimobiledevice-20231007_04c0233-x86_64-2.txz:  Rebuilt.
l/libnvme-1.8-x86_64-2.txz:  Rebuilt.
l/libplist-2.4.0-x86_64-2.txz:  Rebuilt.
l/libwebp-1.3.2-x86_64-3.txz:  Rebuilt.
l/libxml2-2.12.6-x86_64-3.txz:  Rebuilt.
l/libxslt-1.1.39-x86_64-2.txz:  Rebuilt.
l/newt-0.52.24-x86_64-3.txz:  Rebuilt.
l/protobuf-26.1-x86_64-2.txz:  Rebuilt.
l/pycairo-1.26.0-x86_64-3.txz:  Rebuilt.
l/pycups-2.0.1-x86_64-7.txz:  Rebuilt.
l/pycurl-7.45.3-x86_64-2.txz:  Rebuilt.
l/pygobject3-3.48.1-x86_64-2.txz:  Rebuilt.
l/pyparsing-3.1.2-x86_64-2.txz:  Rebuilt.
l/python-Jinja2-3.1.3-x86_64-2.txz:  Rebuilt.
l/python-MarkupSafe-2.1.5-x86_64-2.txz:  Rebuilt.
l/python-PyYAML-6.0.1-x86_64-3.txz:  Rebuilt.
l/python-alabaster-0.7.16-x86_64-2.txz:  Rebuilt.
l/python-appdirs-1.4.4-x86_64-7.txz:  Rebuilt.
l/python-babel-2.14.0-x86_64-2.txz:  Rebuilt.
l/python-build-1.2.1-x86_64-2.txz:  Rebuilt.
l/python-calver-2022.6.26-x86_64-2.txz:  Rebuilt.
l/python-certifi-2024.2.2-x86_64-2.txz:  Rebuilt.
l/python-cffi-1.16.0-x86_64-2.txz:  Rebuilt.
l/python-chardet-5.2.0-x86_64-2.txz:  Rebuilt.
l/python-charset-normalizer-3.3.2-x86_64-2.txz:  Rebuilt.
l/python-distro-1.9.0-x86_64-2.txz:  Rebuilt.
l/python-dnspython-2.6.1-x86_64-2.txz:  Rebuilt.
l/python-docutils-0.20.1-x86_64-2.txz:  Rebuilt.
l/python-doxypypy-0.8.8.7-x86_64-2.txz:  Rebuilt.
l/python-doxyqml-0.5.3-x86_64-2.txz:  Rebuilt.
l/python-editables-0.5-x86_64-2.txz:  Rebuilt.
l/python-flit-core-3.9.0-x86_64-2.txz:  Rebuilt.
l/python-future-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-glad2-2.0.6-x86_64-2.txz:  Rebuilt.
l/python-hatchling-1.22.4-x86_64-2.txz:  Rebuilt.
l/python-html5lib-1.1-x86_64-2.txz:  Rebuilt.
l/python-idna-3.6-x86_64-2.txz:  Rebuilt.
l/python-imagesize-1.4.1-x86_64-2.txz:  Rebuilt.
l/python-importlib_metadata-7.1.0-x86_64-2.txz:  Rebuilt.
l/python-installer-0.7.0-x86_64-2.txz:  Rebuilt.
l/python-lxml-5.1.1-x86_64-1.txz:  Upgraded.
l/python-markdown-3.6-x86_64-2.txz:  Rebuilt.
l/python-notify2-0.3.1-x86_64-11.txz:  Rebuilt.
l/python-packaging-24.0-x86_64-2.txz:  Rebuilt.
l/python-pathspec-0.12.1-x86_64-2.txz:  Rebuilt.
l/python-pbr-6.0.0-x86_64-2.txz:  Rebuilt.
l/python-pillow-10.2.0-x86_64-2.txz:  Rebuilt.
l/python-pluggy-1.4.0-x86_64-2.txz:  Rebuilt.
l/python-ply-3.11-x86_64-9.txz:  Rebuilt.
l/python-psutil-5.9.8-x86_64-2.txz:  Rebuilt.
l/python-pycparser-2.21-x86_64-2.txz:  Rebuilt.
l/python-pygments-2.17.2-x86_64-2.txz:  Rebuilt.
l/python-pyproject-hooks-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-pysol_cards-0.16.0-x86_64-2.txz:  Rebuilt.
l/python-pytz-2024.1-x86_64-2.txz:  Rebuilt.
l/python-random2-1.0.2-x86_64-2.txz:  Rebuilt.
l/python-requests-2.31.0-x86_64-2.txz:  Rebuilt.
l/python-sane-2.9.1-x86_64-6.txz:  Rebuilt.
l/python-setuptools_scm-8.0.4-x86_64-2.txz:  Rebuilt.
l/python-six-1.16.0-x86_64-4.txz:  Rebuilt.
l/python-smartypants-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-snowballstemmer-2.2.0-x86_64-2.txz:  Rebuilt.
l/python-sphinx-7.2.6-x86_64-2.txz:  Rebuilt.
l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz:  Rebuilt.
l/python-tomli-2.0.1-x86_64-2.txz:  Rebuilt.
l/python-tomli-w-1.0.0-x86_64-2.txz:  Rebuilt.
l/python-trove-classifiers-2024.3.25-x86_64-2.txz:  Rebuilt.
l/python-typing_extensions-4.10.0-x86_64-2.txz:  Rebuilt.
l/python-typogrify-2.0.7-x86_64-2.txz:  Rebuilt.
l/python-urllib3-2.2.1-x86_64-2.txz:  Rebuilt.
l/python-webencodings-0.5.1-x86_64-2.txz:  Rebuilt.
l/python-wheel-0.43.0-x86_64-2.txz:  Rebuilt.
l/python-zipp-3.18.1-x86_64-2.txz:  Rebuilt.
l/sip-6.8.3-x86_64-2.txz:  Rebuilt.
l/speech-dispatcher-0.11.5-x86_64-2.txz:  Rebuilt.
l/system-config-printer-1.5.18-x86_64-2.txz:  Rebuilt.
l/talloc-2.4.2-x86_64-2.txz:  Rebuilt.
l/tdb-1.4.10-x86_64-2.txz:  Rebuilt.
l/tevent-0.16.1-x86_64-2.txz:  Rebuilt.
n/epic5-2.1.12-x86_64-7.txz:  Rebuilt.
n/fetchmail-6.4.38-x86_64-2.txz:  Rebuilt.
n/getmail-6.18.14-x86_64-2.txz:  Rebuilt.
n/gpgme-1.23.2-x86_64-3.txz:  Rebuilt.
n/net-snmp-5.9.4-x86_64-2.txz:  Rebuilt.
n/nftables-1.0.9-x86_64-2.txz:  Rebuilt.
n/nmap-7.94-x86_64-2.txz:  Rebuilt.
n/nss-pam-ldapd-0.9.12-x86_64-4.txz:  Rebuilt.
n/obexftp-0.24.2-x86_64-12.txz:  Rebuilt.
n/pssh-2.3.5-x86_64-2.txz:  Rebuilt.
n/samba-4.20.0-x86_64-2.txz:  Rebuilt.
x/ibus-1.5.29-x86_64-3.txz:  Rebuilt.
x/ibus-anthy-1.5.16-x86_64-2.txz:  Rebuilt.
x/ibus-hangul-1.5.5-x86_64-2.txz:  Rebuilt.
x/ibus-libpinyin-1.15.7-x86_64-2.txz:  Rebuilt.
x/ibus-table-1.17.4-x86_64-2.txz:  Rebuilt.
x/marisa-0.2.6-x86_64-9.txz:  Rebuilt.
x/pyxdg-0.28-x86_64-2.txz:  Rebuilt.
x/xcb-proto-1.16.0-x86_64-3.txz:  Rebuilt.
xap/blueman-2.3.5-x86_64-2.txz:  Rebuilt.
xap/hexchat-2.16.2-x86_64-2.txz:  Rebuilt.
xap/vim-gvim-9.1.0225-x86_64-1.txz:  Upgraded.
extra/brltty/brltty-6.6-x86_64-3.txz:  Rebuilt.
2024-03-29 22:36:12 +01:00
Patrick J Volkerding
90b9714d2f Fri Mar 29 02:25:21 UTC 2024
a/coreutils-9.5-x86_64-1.txz:  Upgraded.
  chmod -R now avoids a race where an attacker may replace a traversed file
  with a symlink, causing chmod to operate on an unintended file.
  [This bug was present in "the beginning".]
  split --line-bytes with a mixture of very long and short lines no longer
  overwrites the heap.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0684
  (* Security fix *)
2024-03-29 04:01:39 +01:00
Patrick J Volkerding
6b5ab0b4ab Thu Mar 28 21:40:08 UTC 2024
a/btrfs-progs-6.8-x86_64-1.txz:  Upgraded.
a/gpm-1.20.7-x86_64-10.txz:  Rebuilt.
  Clean up the compile fix patch omitting the Emacs Lisp file.
  Clean up and apply the weak-wgetch patch.
  Build using the option --without-curses.
  Thanks to qunying.
a/util-linux-2.40-x86_64-1.txz:  Upgraded.
  This release fixes a vulnerability where the wall command did not filter
  escape sequences from command line arguments, allowing unprivileged users
  to put arbitrary text on other users terminals.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-28085
  (* Security fix *)
d/rust-1.77.1-x86_64-1.txz:  Upgraded.
l/fluidsynth-2.3.5-x86_64-1.txz:  Upgraded.
l/protobuf-26.1-x86_64-1.txz:  Upgraded.
l/python-build-1.2.1-x86_64-1.txz:  Upgraded.
n/samba-4.20.0-x86_64-1.txz:  Upgraded.
x/mesa-24.0.4-x86_64-1.txz:  Upgraded.
xap/seamonkey-2.53.18.2-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.18.2
  (* Security fix *)
2024-03-28 23:48:35 +01:00
Patrick J Volkerding
0566738f32 Wed Mar 27 19:16:09 UTC 2024
a/kernel-firmware-20240322_e068ccf-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.23-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.23-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.23-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.23-x86-1.txz:  Upgraded.
k/kernel-source-6.6.23-noarch-1.txz:  Upgraded.
l/nodejs-20.12.0-x86_64-1.txz:  Upgraded.
l/openexr-3.2.4-x86_64-1.txz:  Upgraded.
l/zstd-1.5.6-x86_64-1.txz:  Upgraded.
n/curl-8.7.1-x86_64-1.txz:  Upgraded.
  This release fixes the following security issues:
  TLS certificate check bypass with mbedTLS.
  HTTP/2 push headers memory-leak.
  QUIC certificate check bypass with wolfSSL.
  Usage of disabled protocol.
  For more information, see:
    https://curl.se/docs/CVE-2024-2466.html
    https://curl.se/docs/CVE-2024-2398.html
    https://curl.se/docs/CVE-2024-2379.html
    https://curl.se/docs/CVE-2024-2004.html
    https://www.cve.org/CVERecord?id=CVE-2024-2466
    https://www.cve.org/CVERecord?id=CVE-2024-2398
    https://www.cve.org/CVERecord?id=CVE-2024-2379
    https://www.cve.org/CVERecord?id=CVE-2024-2004
  (* Security fix *)
x/xorgproto-2024.1-x86_64-1.txz:  Upgraded.
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-03-27 21:24:52 +01:00
Patrick J Volkerding
b5abc7571b Tue Mar 26 22:24:59 UTC 2024
l/gjs-1.80.2-x86_64-1.txz:  Upgraded.
l/qt6-6.6.3_20240319_c2516323-x86_64-1.txz:  Upgraded.
2024-03-27 00:09:26 +01:00
Patrick J Volkerding
9433c582a0 Mon Mar 25 18:58:10 UTC 2024
a/shadow-4.15.1-x86_64-1.txz:  Upgraded.
  The main point of this release is to fix a bug that caused spurious error
  messages about unknown login.defs configuration options.
a/sysvinit-3.09-x86_64-1.txz:  Upgraded.
l/python-trove-classifiers-2024.3.25-x86_64-1.txz:  Upgraded.
x/libX11-1.8.8-x86_64-1.txz:  Upgraded.
x/libXmu-1.2.0-x86_64-1.txz:  Upgraded.
x/lndir-1.0.5-x86_64-1.txz:  Upgraded.
x/xf86-video-savage-2.4.1-x86_64-1.txz:  Upgraded.
x/xman-1.2.0-x86_64-1.txz:  Upgraded.
x/xorg-docs-1.7.3-noarch-1.txz:  Upgraded.
2024-03-25 20:28:22 +01:00
Patrick J Volkerding
4e0c3bd469 Sun Mar 24 18:21:46 UTC 2024
e/emacs-29.3-x86_64-1.txz:  Upgraded.
  Emacs 29.3 is an emergency bugfix release intended to fix several security
  vulnerabilities described below:
  Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
  This is for security reasons, to avoid evaluating malicious Lisp code.
  New buffer-local variable 'untrusted-content'. When this is non-nil, Lisp
  programs should treat buffer contents with extra caution.
  Gnus now treats inline MIME contents as untrusted. To get back previous
  insecure behavior, 'untrusted-content' should be reset to nil in the buffer.
  LaTeX preview is now by default disabled for email attachments. To get back
  previous insecure behavior, set the variable 'org--latex-preview-when-risky'
  to a non-nil value.
  Org mode now considers contents of remote files to be untrusted.
  Remote files are recognized by calling 'file-remote-p'.
  (* Security fix *)
l/enchant-2.6.8-x86_64-1.txz:  Upgraded.
l/gnu-efi-3.0.18-x86_64-1.txz:  Upgraded.
l/libproxy-0.5.4-x86_64-2.txz:  Rebuilt.
  Rebuilt with -Dpacrunner-duktape=true. Thanks to gmgf.
l/libxkbcommon-1.7.0-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.4-x86_64-1.txz:  Upgraded.
x/libpciaccess-0.18.1-x86_64-1.txz:  Upgraded.
x/xdm-1.1.15-x86_64-1.txz:  Upgraded.
x/xedit-1.2.4-x86_64-1.txz:  Upgraded.
x/xload-1.2.0-x86_64-1.txz:  Upgraded.
extra/emacs-regular-build/emacs-29.3-x86_64-1_regular.txz:  Upgraded.
  (* Security fix *)
2024-03-24 20:02:29 +01:00
Patrick J Volkerding
1e89414bae Sat Mar 23 19:34:02 UTC 2024
ap/vim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz:  Added.
  Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz:  Upgraded.
l/libdeflate-1.20-x86_64-1.txz:  Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz:  Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz:  Upgraded.
l/polkit-123-x86_64-2.txz:  Rebuilt.
  Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz:  Rebuilt.
  It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz:  Upgraded.
  This update fixes a critical security issue:
  An attacker was able to inject an event handler into a privileged object
  that would allow arbitrary JavaScript execution in the parent process.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-16/
    https://www.cve.org/CVERecord?id=CVE-2024-29944
  (* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz:  Upgraded.
  Dropped python2 support. Thanks to Audrius Kažukauskas.
2024-03-23 21:19:32 +01:00
Patrick J Volkerding
c0b9cd429a Fri Mar 22 22:57:06 UTC 2024
l/glibmm2-2.80.0-x86_64-1.txz:  Upgraded.
2024-03-23 00:29:56 +01:00
Patrick J Volkerding
e55090794a Fri Mar 22 20:16:55 UTC 2024
a/volume_key-0.3.12-x86_64-7.txz:  Rebuilt.
  Build python3 bindings.
l/atkmm2-2.36.3-x86_64-1.txz:  Added.
l/boost-1.84.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/glibmm-2.66.7-x86_64-1.txz:  Upgraded.
l/gst-plugins-bad-free-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-base-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-good-1.24.1-x86_64-1.txz:  Upgraded.
l/gst-plugins-libav-1.24.1-x86_64-1.txz:  Upgraded.
l/gstreamer-1.24.1-x86_64-1.txz:  Upgraded.
l/gtkmm4-4.14.0-x86_64-1.txz:  Upgraded.
l/unicode-ucd-15.1.0-noarch-1.txz:  Added.
  153MB installed... oh well. Needed by gucharmap.
xap/gucharmap-15.1.3-x86_64-1.txz:  Upgraded.
xap/x3270-4.3ga7-x86_64-1.txz:  Upgraded.
2024-03-22 21:30:31 +01:00
Patrick J Volkerding
ce7f2d7967 Thu Mar 21 22:36:42 UTC 2024
d/cmake-3.29.0-x86_64-1.txz:  Upgraded.
l/gtkmm3-3.24.9-x86_64-1.txz:  Upgraded.
l/pangomm2-2.52.0-x86_64-1.txz:  Upgraded.
l/python-importlib_metadata-7.1.0-x86_64-1.txz:  Upgraded.
2024-03-21 23:57:20 +01:00
Patrick J Volkerding
df31efd62e Thu Mar 21 19:53:15 UTC 2024
d/mercurial-6.7.1-x86_64-1.txz:  Upgraded.
d/rust-1.77.0-x86_64-1.txz:  Upgraded.
l/cairomm1-1.18.0-x86_64-1.txz:  Added.
  Thanks to jloco.
l/glibmm2-2.78.1-x86_64-1.txz:  Added.
  Thanks to jloco.
l/gtkmm4-4.12.0-x86_64-1.txz:  Added.
  Thanks to jloco.
l/libclc-18.1.2-x86_64-1.txz:  Upgraded.
l/pangomm-2.46.4-x86_64-1.txz:  Upgraded.
l/pangomm2-2.50.2-x86_64-1.txz:  Added.
  Thanks to jloco.
n/openvpn-2.6.10-x86_64-1.txz:  Upgraded.
x/libkkc-0.3.5-x86_64-5.txz:  Rebuilt.
  Use python for the build, not python2.
x/libkkc-data-0.2.7-x86_64-5.txz:  Rebuilt.
  Use python for the build, not python2.
x/marisa-0.2.6-x86_64-8.txz:  Rebuilt.
  Drop python2 support and rebuild marisa module for python3.
x/wayland-protocols-1.34-noarch-1.txz:  Upgraded.
2024-03-21 21:35:32 +01:00
Patrick J Volkerding
0cbf4c3859 Wed Mar 20 21:10:30 UTC 2024
a/libblockdev-2.28-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz:  Rebuilt.
  rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz:  Rebuilt.
  Drop python2 support.
ap/man-pages-6.7-noarch-1.txz:  Upgraded.
d/cmake-3.28.4-x86_64-1.txz:  Upgraded.
d/llvm-18.1.2-x86_64-1.txz:  Upgraded.
d/python2-2.7.18-x86_64-7.txz:  Rebuilt.
  Bundle the final python2 versions of pip and setuptools.
  Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz:  Upgraded.
  Point the /usr/bin/python symlink at python3.9.
  PEP 394 says we can do this, and in a world of ambigious shebangs, this
  is probably the best of the available options.
  This update also fixes security issues:
  bundled libexpat was updated to 2.6.0.
  zipfile is now protected from the "quoted-overlap" zipbomb.
  tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
  working around file system permission errors.
  For more information, see:
    https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.html
    https://www.cve.org/CVERecord?id=CVE-2023-52425
    https://www.cve.org/CVERecord?id=CVE-2024-0450
    https://www.cve.org/CVERecord?id=CVE-2023-6597
  (* Security fix *)
d/strace-6.8-x86_64-1.txz:  Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz:  Rebuilt.
  Fixed installed library name. Thanks to reddog83.
  Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz:  Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz:  Rebuilt.
  Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz:  Removed.
  Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz:  Added.
  We'll need this (along with pygtk and pygobject) until we get gimp3.
  Well, we could build gimp without python support, but I really don't think
  that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz:  Upgraded.
n/crda-4.15-x86_64-1.txz:  Removed.
  The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz:  Upgraded.
n/gpgme-1.23.2-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz:  Rebuilt.
  Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz:  Added.
  Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz:  Rebuilt.
  Still forcing python2 with this one, but perhaps a python3 marisa module
  could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz:  Removed.
  Nothing uses it, and it was never updated for python3. Removed as obsolete.
2024-03-20 23:08:57 +01:00
Patrick J Volkerding
5a8e431607 Wed Mar 20 00:08:59 UTC 2024
a/sysvinit-scripts-15.1-noarch-14.txz:  Rebuilt.
  rc.S: fix motd matching so that it works on a fresh install.
d/scons-4.7.0-x86_64-1.txz:  Upgraded.
l/adwaita-icon-theme-46.0-noarch-1.txz:  Upgraded.
l/at-spi2-core-2.52.0-x86_64-1.txz:  Upgraded.
l/gcr4-4.2.1-x86_64-1.txz:  Added.
l/gjs-1.80.0-x86_64-1.txz:  Upgraded.
l/glib-networking-2.80.0-x86_64-1.txz:  Upgraded.
l/glib2-2.80.0-x86_64-1.txz:  Upgraded.
l/gobject-introspection-1.80.0-x86_64-1.txz:  Upgraded.
l/gsettings-desktop-schemas-46.0-x86_64-1.txz:  Upgraded.
l/gtk4-4.14.1-x86_64-1.txz:  Upgraded.
l/gvfs-1.54.0-x86_64-1.txz:  Upgraded.
l/librsvg-2.58.0-x86_64-1.txz:  Upgraded.
l/mozjs115-115.9.0esr-x86_64-1.txz:  Added.
  Needed by gjs-1.80.0.
l/newt-0.52.24-x86_64-2.txz:  Rebuilt.
  Drop python2 support.
l/pygobject3-3.48.1-x86_64-1.txz:  Upgraded.
l/python-glad2-2.0.6-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.3-x86_64-1.txz:  Upgraded.
l/vte-0.76.0-x86_64-1.txz:  Upgraded.
l/wireplumber-0.5.0-x86_64-1.txz:  Upgraded.
n/gnutls-3.8.4-x86_64-1.txz:  Upgraded.
  This update fixes two medium severity security issues:
  libgnutls: Fix side-channel in the deterministic ECDSA.
  Reported by George Pantelakis (#1516).
  libgnutls: Fixed a bug where certtool crashed when verifying a certificate
  chain with more than 16 certificates. Reported by William Woodruff (#1525)
  and yixiangzhike (#1527).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-28834
    https://www.cve.org/CVERecord?id=CVE-2024-28835
  (* Security fix *)
xap/mozilla-firefox-115.9.0esr-x86_64-1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.9.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-13/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
xap/mozilla-thunderbird-115.9.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/
    https://www.cve.org/CVERecord?id=CVE-2024-0743
    https://www.cve.org/CVERecord?id=CVE-2024-2605
    https://www.cve.org/CVERecord?id=CVE-2024-2607
    https://www.cve.org/CVERecord?id=CVE-2024-2608
    https://www.cve.org/CVERecord?id=CVE-2024-2616
    https://www.cve.org/CVERecord?id=CVE-2023-5388
    https://www.cve.org/CVERecord?id=CVE-2024-2610
    https://www.cve.org/CVERecord?id=CVE-2024-2611
    https://www.cve.org/CVERecord?id=CVE-2024-2612
    https://www.cve.org/CVERecord?id=CVE-2024-2614
  (* Security fix *)
2024-03-20 02:20:04 +01:00
Patrick J Volkerding
52113da4b8 Mon Mar 18 21:44:21 UTC 2024
d/perl-5.38.2-x86_64-2.txz:  Rebuilt.
  Added IO-Tty-1.20, needed by mosh.
  Upgraded: DBD-mysql-4.051, URI-5.27, XML-Parser-2.47, IO-Socket-SSL-2.085,
  and Net-SSLeay-1.94.
kde/cantor-23.08.5-x86_64-3.txz:  Rebuilt.
  Recompiled against libqalculate-5.0.0.
kde/plasma-workspace-5.27.11-x86_64-2.txz:  Rebuilt.
  Recompiled against libqalculate-5.0.0.
kde/step-23.08.5-x86_64-2.txz:  Rebuilt.
  Recompiled against libqalculate-5.0.0.
l/abseil-cpp-20240116.1-x86_64-1.txz:  Added.
  Needed for protobuf and mosh.
l/libgnt-2.14.3-x86_64-2.txz:  Rebuilt.
  Build with -Dpython2=false. Thanks to USUARIONUEVO.
l/libqalculate-5.0.0-x86_64-2.txz:  Rebuilt.
  Shared library .so-version bump.
  Thanks to gmgf.
l/protobuf-26.0-x86_64-1.txz:  Added.
  Needed for mosh.
n/mosh-1.4.0-x86_64-1.txz:  Added.
  Thanks to unInstance for cueing me in on this one.
n/pinentry-1.3.0-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.3.275.0-x86_64-2.txz:  Rebuilt.
  Build glslang with -DENABLE_OPT=Off. Thanks to F0nix.
2024-03-18 23:31:26 +01:00
Patrick J Volkerding
ff3cad8da3 Sun Mar 17 21:11:08 UTC 2024
La fheile Padraig sona dhaoibh!
Pionta Guinness, le do thoil. :-)
kde/digikam-8.3.0-x86_64-2.txz:  Rebuilt.
  Fixed internal version number.
l/harfbuzz-8.3.1-x86_64-1.txz:  Upgraded.
l/libappindicator-12.10.0-x86_64-4.txz:  Rebuilt.
  Drop the python bindings.
l/mozilla-nss-3.99-x86_64-1.txz:  Upgraded.
l/python-hatchling-1.22.2-x86_64-1.txz:  Upgraded.
l/python-markdown-3.6-x86_64-1.txz:  Upgraded.
l/python-zipp-3.18.1-x86_64-1.txz:  Upgraded.
l/qt5-5.15.13_20240314_6694e805-x86_64-1.txz:  Upgraded.
2024-03-17 23:12:19 +01:00
Patrick J Volkerding
075d1459e5 Fri Mar 15 22:48:36 UTC 2024
a/kernel-firmware-20240312_3b128b6-noarch-1.txz:  Upgraded.
a/kernel-generic-6.6.22-x86_64-1.txz:  Upgraded.
a/kernel-huge-6.6.22-x86_64-1.txz:  Upgraded.
a/kernel-modules-6.6.22-x86_64-1.txz:  Upgraded.
d/kernel-headers-6.6.22-x86-1.txz:  Upgraded.
k/kernel-source-6.6.22-noarch-1.txz:  Upgraded.
  +MITIGATION_RFDS y
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
2024-03-16 00:38:13 +01:00