a/hwdata-0.383-noarch-1.txz: Upgraded.
a/pciutils-3.13.0-x86_64-1.txz: Upgraded.
d/ccache-4.10-x86_64-1.txz: Upgraded.
d/meson-1.4.1-x86_64-1.txz: Upgraded.
d/ruby-3.3.2-x86_64-1.txz: Upgraded.
kde/plasma-sdk-5.27.11.1-x86_64-1.txz: Upgraded.
kde/plasma-workspace-5.27.11.1-x86_64-1.txz: Upgraded.
kde/tokodon-23.08.5-x86_64-1.txz: Added.
l/libvpx-1.14.1-x86_64-1.txz: Upgraded.
l/python-requests-2.32.3-x86_64-1.txz: Upgraded.
n/NetworkManager-1.48.0-x86_64-1.txz: Upgraded.
n/getmail-6.19.00-x86_64-1.txz: Upgraded.
x/libevdev-1.13.2-x86_64-1.txz: Upgraded.
x/wayland-1.23.0-x86_64-1.txz: Upgraded.
xap/gnuplot-6.0.1-x86_64-1.txz: Upgraded.
xap/mpv-0.38.0-x86_64-1.txz: Added.
Evidently we need one more media player. ;-)
Thanks to John Vogel Corning, Andreas Guldstrand, and Christoph Willing.
a/sysvinit-scripts-15.1-noarch-17.txz: Rebuilt.
rc.S: enable swapping on a ZRAM device, configurable in /etc/default/zram.
rc.S, rc.6: Don't use mount -n option.
l/adwaita-icon-theme-46.2-noarch-1.txz: Upgraded.
l/adwaita-icon-theme-legacy-20240517_7642b10-noarch-1.txz: Added.
Thanks to reddog83.
l/enchant-2.8.0-x86_64-1.txz: Upgraded.
l/ffmpeg-6.1.1-x86_64-3.txz: Rebuilt.
Patched to fix AV1 VA-API dropping frames. Thanks to fulalas.
l/python-zipp-3.19.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-126.0.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/126.0.1/releasenotes/
isolinux/initrd.img: Rebuilt.
Add /sbin/zramctl.
rc.S: Set up some swap on a ZRAM device.
SeTpartitions: Support installing to bcachefs filesystems.
SeTpartitions: quit offering reiserfs which will be gone in Linux 6.10.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Add /sbin/zramctl.
rc.S: Set up some swap on a ZRAM device.
SeTpartitions: Support installing to bcachefs filesystems.
SeTpartitions: quit offering reiserfs which will be gone in Linux 6.10.
ap/sqlite-3.46.0-x86_64-1.txz: Upgraded.
l/gvfs-1.54.1-x86_64-1.txz: Upgraded.
l/python-requests-2.32.2-x86_64-1.txz: Upgraded.
n/c-ares-1.29.0-x86_64-1.txz: Upgraded.
n/dhcpcd-10.0.8-x86_64-1.txz: Upgraded.
n/wsdd2-1.8.7-x86_64-1.txz: Added.
Needed by Samba to enable share discovery.
Thanks to mistfire and Tim Dickson.
a/bcachefs-tools-1.7.0-x86_64-1.txz: Added.
a/kernel-generic-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-huge-6.9.0-x86_64-2.txz: Upgraded.
a/kernel-modules-6.9.0-x86_64-2.txz: Upgraded.
d/git-2.45.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002https://www.cve.org/CVERecord?id=CVE-2024-32004https://www.cve.org/CVERecord?id=CVE-2024-32020https://www.cve.org/CVERecord?id=CVE-2024-32021https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
d/kernel-headers-6.9.0-x86-2.txz: Upgraded.
d/strace-6.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.9.0-noarch-2.txz: Upgraded.
BCACHEFS_FS m -> y
CRYPTO_CHACHA20 m -> y
CRYPTO_LIB_CHACHA_GENERIC m -> y
CRYPTO_LIB_POLY1305_GENERIC m -> y
CRYPTO_POLY1305 m -> y
MITIGATION_GDS_FORCE y -> n
kde/wcslib-8.3-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.12-x86_64-1.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
l/gtk+3-3.24.42-x86_64-1.txz: Upgraded.
n/bind-9.18.27-x86_64-1.txz: Upgraded.
This is a bugfix release.
n/popa3d-1.0.3-x86_64-8.txz: Rebuilt.
This is a bugfix release:
Build with AUTH_PAM, not AUTH_SHADOW.
Thanks to jayjwa.
x/xorg-server-xwayland-23.2.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
d/mercurial-6.7.3-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_32-x86_64-2.txz: Rebuilt.
Add INSTALL_BASE= to --with-perl-options= to fix perl modules installation
not honoring $LIBDIRSUFFIX since 7.1.1-30. Thanks to HQuest.
l/libqalculate-5.1.1-x86_64-1.txz: Upgraded.
l/nodejs-20.13.0-x86_64-1.txz: Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz: Removed.
No longer needed with the upgrade to python-setuptools_scm-8.1.0.
Thanks to audriusk for the reminder.
x/anthy-unicode-1.0.0.20240502-x86_64-1.txz: Upgraded.
a/kernel-firmware-20240426_fc21f47-noarch-1.txz: Upgraded.
ap/cups-2.4.7-x86_64-3.txz: Rebuilt.
Rebuild using --with-rundir=/run/cups.
ap/cups-browsed-2.0.0-x86_64-1.txz: Added.
This is the CUPS/IPP print queue browser daemon, previously part of the
cups-filters package.
ap/cups-filters-2.0.0-x86_64-1.txz: Upgraded.
l/libarchive-3.7.4-x86_64-1.txz: Upgraded.
l/libcupsfilters-2.0.0-x86_64-1.txz: Added.
This is required by cups-filters-2.0.0.
l/libppd-2.0.0-x86_64-1.txz: Added.
This is required by cups-filters-2.0.0.
l/libproxy-0.5.6-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.36-noarch-1.txz: Upgraded.
xap/mozilla-firefox-125.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-125.0-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Removed.
l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded.
Revert to the previous ImageMagick because the latest one is destroying SVG
files if "identify" or "display" is used on them.
Thanks to pc2005.
a/etc-15.1-x86_64-10.txz: Rebuilt.
Added nut user (218) and nut group (218).
a/genpower-1.0.5-x86_64-5.txz: Removed.
a/nut-2.8.2-x86_64-1.txz: Added.
This is a package to support uninterruptible power supplies, and replaces
the obsolete genpower package.
Thanks to V'yacheslav Stetskevych for the original SBo script.
a/sysvinit-scripts-15.1-noarch-16.txz: Rebuilt.
rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and
rc.nut-upsmon. Remove the genpower block.
rc.6: support stopping the UPS inverter on the way down if we see
/etc/killpower. Remove the genpower block.
a/tcsh-6.24.12-x86_64-1.txz: Upgraded.
ap/man-db-2.12.1-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.6-x86_64-1.txz: Upgraded.
ap/vim-9.1.0265-x86_64-1.txz: Upgraded.
d/cargo-vendor-filterer-0.5.14-x86_64-1.txz: Upgraded.
d/nasm-2.16.02-x86_64-1.txz: Upgraded.
l/libproxy-0.5.5-x86_64-1.txz: Upgraded.
l/python-hatchling-1.22.5-x86_64-1.txz: Upgraded.
l/python-typing_extensions-4.11.0-x86_64-1.txz: Upgraded.
x/xdm-1.1.16-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.1.0265-x86_64-1.txz: Upgraded.
extra/bash-completion/bash-completion-2.13.0-noarch-1.txz: Upgraded.
extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz: Rebuilt.
Recompiled against xorg-server-21.1.12 to fix security issues:
Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
Use-after-free in ProcRenderAddGlyphs.
For more information, see:
https://lists.x.org/archives/xorg-announce/2024-April/003497.htmlhttps://www.cve.org/CVERecord?id=CVE-2024-31080https://www.cve.org/CVERecord?id=CVE-2024-31081https://www.cve.org/CVERecord?id=CVE-2024-31082https://www.cve.org/CVERecord?id=CVE-2024-31083
(* Security fix *)
a/hwdata-0.381-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded.
d/cmake-3.29.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.25-x86-1.txz: Upgraded.
d/llvm-18.1.3-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.25-noarch-1.txz: Upgraded.
kde/kstars-3.7.0-x86_64-1.txz: Upgraded.
l/enchant-2.6.9-x86_64-1.txz: Upgraded.
l/libclc-18.1.3-x86_64-1.txz: Upgraded.
l/sof-firmware-2024.03-noarch-1.txz: Upgraded.
n/gnutls-3.8.5-x86_64-1.txz: Upgraded.
n/httpd-2.4.59-x86_64-1.txz: Upgraded.
This update fixes security issues:
HTTP/2 DoS by memory exhaustion on endless continuation frames.
HTTP Response Splitting in multiple modules.
HTTP response splitting.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.59https://www.cve.org/CVERecord?id=CVE-2024-27316https://www.cve.org/CVERecord?id=CVE-2024-24795https://www.cve.org/CVERecord?id=CVE-2023-38709
(* Security fix *)
n/nghttp2-1.61.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
frames even after a stream is reset to keep HPACK context in sync. This
causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
this vulnerability by limiting the number of CONTINUATION frames it can
accept after a HEADERS frame.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57qhttps://www.kb.cert.org/vuls/id/421644https://www.cve.org/CVERecord?id=CVE-2024-28182
(* Security fix *)
x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.24-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.24-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.24-x86-1.txz: Upgraded.
d/python3-3.11.9-x86_64-1.txz: Upgraded.
k/kernel-source-6.6.24-noarch-1.txz: Upgraded.
-AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
-GCC11_NO_ARRAY_BOUNDS y
NUMA_BALANCING n -> y
+GCC10_NO_ARRAY_BOUNDS y
+NUMA_BALANCING_DEFAULT_ENABLED y
kde/libindi-2.0.7-x86_64-1.txz: Upgraded.
l/SDL2-2.30.2-x86_64-1.txz: Upgraded.
l/aom-3.8.2-x86_64-1.txz: Added.
Needed to add AV1 encode/decode support to ffmpeg.
Thanks to Andrew Strong.
l/dav1d-1.4.1-x86_64-1.txz: Added.
Needed to add AV1 decode support to ffmpeg.
l/ffmpeg-6.1.1-x86_64-2.txz: Rebuilt.
Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
Thanks to glennmcc.
l/gtk4-4.14.2-x86_64-1.txz: Upgraded.
n/whois-5.5.22-x86_64-1.txz: Upgraded.
Fixed a segmentation fault with --no-recursion.
Updated the .bm and .vi TLD servers.
Removed 4 new gTLDs which are no longer active.
xap/MPlayer-20240403-x86_64-1.txz: Upgraded.
Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
Thanks to glennmcc.
xap/pan-0.157-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/xz-5.6.1-x86_64-3.txz: Rebuilt.
[PATCH] CMake: Fix sabotaged Landlock sandbox check.
We don't build with CMake (yet), but it doesn't hurt to apply this.
d/mercurial-6.7.2-x86_64-1.txz: Upgraded.
l/boost-1.84.0-x86_64-3.txz: Rebuilt.
Recompiled against python-3.11.8. Thanks to rinza.
l/python-pycparser-2.22-x86_64-1.txz: Upgraded.
l/python-pytz-2024.1-x86_64-2.txz: Removed.
No longer needed with python-3.11. Thanks to audriusk.
l/python-tomli-2.0.1-x86_64-2.txz: Removed.
No longer needed with python-3.11. Thanks to TommyC7 and audriusk.
n/c-ares-1.28.0-x86_64-1.txz: Upgraded.
xap/xsnow-3.7.9-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.6-x86_64-4.txz: Rebuilt.
Don't install anything under /usr/local. Thanks to reddog83.
ap/vim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
l/duktape-2.7.0-x86_64-1.txz: Added.
Needed by polkit.
l/gjs-1.80.1-x86_64-1.txz: Upgraded.
l/libdeflate-1.20-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.1esr-x86_64-2.txz: Removed.
l/mozjs115-115.9.1esr-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-2.txz: Rebuilt.
Use duktape instead of mozjs102 as the JavaScript engine.
x/iceauth-1.0.10-x86_64-2.txz: Rebuilt.
It's never too early to build with --enable-year2038. Thanks to bigbadaboum.
xap/geeqie-2.4-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.9.1esr-x86_64-1.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/https://www.mozilla.org/security/advisories/mfsa2024-16/https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
xap/vim-gvim-9.1.0199-x86_64-1.txz: Upgraded.
Dropped python2 support. Thanks to Audrius Kažukauskas.
d/mercurial-6.7.1-x86_64-1.txz: Upgraded.
d/rust-1.77.0-x86_64-1.txz: Upgraded.
l/cairomm1-1.18.0-x86_64-1.txz: Added.
Thanks to jloco.
l/glibmm2-2.78.1-x86_64-1.txz: Added.
Thanks to jloco.
l/gtkmm4-4.12.0-x86_64-1.txz: Added.
Thanks to jloco.
l/libclc-18.1.2-x86_64-1.txz: Upgraded.
l/pangomm-2.46.4-x86_64-1.txz: Upgraded.
l/pangomm2-2.50.2-x86_64-1.txz: Added.
Thanks to jloco.
n/openvpn-2.6.10-x86_64-1.txz: Upgraded.
x/libkkc-0.3.5-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/libkkc-data-0.2.7-x86_64-5.txz: Rebuilt.
Use python for the build, not python2.
x/marisa-0.2.6-x86_64-8.txz: Rebuilt.
Drop python2 support and rebuild marisa module for python3.
x/wayland-protocols-1.34-noarch-1.txz: Upgraded.
a/libblockdev-2.28-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/sysvinit-scripts-15.1-noarch-15.txz: Rebuilt.
rc.M: start rc.iceccd and rc.icecc-scheduler earlier.
a/util-linux-2.39.3-x86_64-2.txz: Rebuilt.
Drop python2 support.
a/volume_key-0.3.12-x86_64-6.txz: Rebuilt.
Drop python2 support.
ap/man-pages-6.7-noarch-1.txz: Upgraded.
d/cmake-3.28.4-x86_64-1.txz: Upgraded.
d/llvm-18.1.2-x86_64-1.txz: Upgraded.
d/python2-2.7.18-x86_64-7.txz: Rebuilt.
Bundle the final python2 versions of pip and setuptools.
Drop the /usr/bin/python symlink.
d/python3-3.9.19-x86_64-1.txz: Upgraded.
Point the /usr/bin/python symlink at python3.9.
PEP 394 says we can do this, and in a world of ambigious shebangs, this
is probably the best of the available options.
This update also fixes security issues:
bundled libexpat was updated to 2.6.0.
zipfile is now protected from the "quoted-overlap" zipbomb.
tempfile.TemporaryDirectory cleanup no longer dereferences symlinks when
working around file system permission errors.
For more information, see:
https://pythoninsider.blogspot.com/2024/03/python-31014-3919-and-3819-is-now.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-52425https://www.cve.org/CVERecord?id=CVE-2024-0450https://www.cve.org/CVERecord?id=CVE-2023-6597
(* Security fix *)
d/strace-6.8-x86_64-1.txz: Upgraded.
kde/kross-interpreters-23.08.5-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/libxml2-2.12.6-x86_64-2.txz: Rebuilt.
Drop python2 support.
l/mozjs115-115.9.0esr-x86_64-2.txz: Rebuilt.
Fixed installed library name. Thanks to reddog83.
Fixed slack-desc. Thanks to r1w1s1.
l/phonon-4.12.0-x86_64-1.txz: Upgraded.
l/pilot-link-0.12.5-x86_64-17.txz: Rebuilt.
Drop python2 support.
l/python2-module-collection-2.7.18-x86_64-6.txz: Removed.
Good bye!
l/python2-pycairo-1.18.2-x86_64-1.txz: Added.
We'll need this (along with pygtk and pygobject) until we get gimp3.
Well, we could build gimp without python support, but I really don't think
that's the route we want to take.
n/bind-9.18.25-x86_64-1.txz: Upgraded.
n/crda-4.15-x86_64-1.txz: Removed.
The kernel is able to load from wireless-regdb directly. Obsolete.
n/getmail-6.18.14-x86_64-1.txz: Upgraded.
n/gpgme-1.23.2-x86_64-2.txz: Rebuilt.
Drop python2 support.
n/obexftp-0.24.2-x86_64-11.txz: Rebuilt.
Drop python2 support.
n/wireless-regdb-2024.01.23-x86_64-1.txz: Added.
Wireless regulatory database, previously bundled with crda.
x/ibus-1.5.29-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/libkkc-0.3.5-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/libkkc-data-0.2.7-x86_64-4.txz: Rebuilt.
Still forcing python2 with this one, but perhaps a python3 marisa module
could work around this.
x/xcb-proto-1.16.0-x86_64-2.txz: Rebuilt.
Drop python2 support.
x/xpyb-1.3.1-x86_64-7.txz: Removed.
Nothing uses it, and it was never updated for python3. Removed as obsolete.
d/perl-5.38.2-x86_64-2.txz: Rebuilt.
Added IO-Tty-1.20, needed by mosh.
Upgraded: DBD-mysql-4.051, URI-5.27, XML-Parser-2.47, IO-Socket-SSL-2.085,
and Net-SSLeay-1.94.
kde/cantor-23.08.5-x86_64-3.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
kde/plasma-workspace-5.27.11-x86_64-2.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
kde/step-23.08.5-x86_64-2.txz: Rebuilt.
Recompiled against libqalculate-5.0.0.
l/abseil-cpp-20240116.1-x86_64-1.txz: Added.
Needed for protobuf and mosh.
l/libgnt-2.14.3-x86_64-2.txz: Rebuilt.
Build with -Dpython2=false. Thanks to USUARIONUEVO.
l/libqalculate-5.0.0-x86_64-2.txz: Rebuilt.
Shared library .so-version bump.
Thanks to gmgf.
l/protobuf-26.0-x86_64-1.txz: Added.
Needed for mosh.
n/mosh-1.4.0-x86_64-1.txz: Added.
Thanks to unInstance for cueing me in on this one.
n/pinentry-1.3.0-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.3.275.0-x86_64-2.txz: Rebuilt.
Build glslang with -DENABLE_OPT=Off. Thanks to F0nix.
d/parallel-20240222-noarch-1.txz: Upgraded.
kde/krita-5.2.2-x86_64-4.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/accountsservice-23.13.9-x86_64-1.txz: Upgraded.
Thanks to reddog83.
l/libass-0.17.1-x86_64-2.txz: Rebuilt.
Recompiled against libunibreak-6.0.
l/libunibreak-6.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/orc-0.4.38-x86_64-1.txz: Upgraded.
l/python-requests-2.31.0-x86_64-1.txz: Upgraded.
l/python-urllib3-2.2.1-x86_64-1.txz: Upgraded.
l/qt6-6.6.2_20240210_15b7e743-x86_64-1.txz: Added.
n/wpa_supplicant-2.10-x86_64-3.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
xap/gparted-1.6.0-x86_64-1.txz: Upgraded.
a/dcron-4.5-x86_64-17.txz: Rebuilt.
run-parts.8: document skiping *.orig files. Thanks to metaed.
a/etc-15.1-x86_64-6.txz: Rebuilt.
Add support for nss-mdns to /etc/nsswitch.conf.
a/kernel-firmware-20240220_97b693d-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.18-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.18-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.18-x86_64-1.txz: Upgraded.
ap/cups-filters-1.28.17-x86_64-5.txz: Rebuilt.
Don't specify --with-browseremoteprotocols=cups in order to get the default
values of cups and dnssd, which should enable discovering shared printers on
the network. We'll refrain from sharing your printer -- you'll need to change
that setting yourself. ;-)
Thanks to TurboBlaze.
ap/hplip-3.23.12-x86_64-2.txz: Rebuilt.
The new --disable-imageProcessor-build option doesn't do squat, so we'll hit
it with the good old patch again.
Thanks to Petri Kaukasoina and Stuart Winter.
d/kernel-headers-6.6.18-x86-1.txz: Upgraded.
k/kernel-source-6.6.18-noarch-1.txz: Upgraded.
l/gvfs-1.52.2-x86_64-2.txz: Rebuilt.
Added -Ddnssd=true option and recompiled against avahi.
l/libsecret-0.21.4-x86_64-1.txz: Upgraded.
n/c-ares-1.27.0-x86_64-1.txz: Upgraded.
n/libgpg-error-1.48-x86_64-1.txz: Upgraded.
n/nss-mdns-0.15.1-x86_64-1.txz: Added.
Needed for .local lookups. Thanks to Lockywolf.
xap/pidgin-2.14.13-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_libraries-15.1-x86_64-26.txz: Rebuilt.
Upgraded: libacl.so.1.1.2302, libattr.so.1.1.2502, liblzma.so.5.4.6,
libpcre2-8.so.0.12.0, libz.so.1.3.1, libcares.so.2.11.0,
libexpat.so.1.9.0, libffi.so.8.1.4, libglib-2.0.so.0.7800.4,
libgmodule-2.0.so.0.7800.4, libgobject-2.0.so.0.7800.4,
libgthread-2.0.so.0.7800.4, libidn.so.12.6.5, libidn2.so.0.4.0,
libpng16.so.16.41.0, libpsl.so.5.3.5, libtdb.so.1.4.10, libusb-1.0.so.0.4.0.
a/etc-15.1-x86_64-5.txz: Rebuilt.
Added UID 214 and GID 214 for avahi.
a/gettext-0.22.5-x86_64-1.txz: Upgraded.
a/pkgtools-15.1-noarch-9.txz: Rebuilt.
setup.services: support rc.avahidaemon and rc.avahidnsconfd.
a/sysvinit-scripts-15.1-noarch-13.txz: Rebuilt.
rc.M: start (if executable) rc.avahidaemon and rc.avahidnsconfd.
ap/cups-2.4.7-x86_64-2.txz: Rebuilt.
Recompiled against avahi.
ap/cups-filters-1.28.17-x86_64-4.txz: Rebuilt.
Recompiled against avahi.
ap/hplip-3.23.12-x86_64-1.txz: Upgraded.
Compiled against avahi.
ap/xmltoman-0.6-x86_64-1.txz: Added.
This is needed to generate manpages for avahi.
d/distcc-3.4-x86_64-4.txz: Rebuilt.
Recompiled against avahi.
d/gettext-tools-0.22.5-x86_64-1.txz: Upgraded.
l/avahi-20240220_dffd549-x86_64-1.txz: Added.
It was either this, or drop (or fork) hplip. We'll enjoy it in the long run.
Thanks to David Somero for the original build script, and to Robby Workman
for years of maintenance.
Signed-off-by: volkerdi
Acked-by: alienBOB
l/libdaemon-0.14-x86_64-1.txz: Added.
This is needed by avahi.
l/pipewire-1.0.3-x86_64-5.txz: Rebuilt.
Recompiled against avahi.
l/pulseaudio-17.0-x86_64-3.txz: Rebuilt.
Recompiled against avahi.
n/NetworkManager-1.46.0-x86_64-1.txz: Upgraded.
n/netatalk-3.1.18-x86_64-2.txz: Rebuilt.
Recompiled against avahi.
n/samba-4.19.5-x86_64-2.txz: Rebuilt.
Recompiled against avahi.
xap/pidgin-2.14.12-x86_64-3.txz: Rebuilt.
Recompiled against avahi.
xap/sane-1.2.1-x86_64-3.txz: Rebuilt.
Recompiled against avahi.
extra/bash-completion/bash-completion-2.12.0-noarch-1.txz: Upgraded.
a/procps-ng-4.0.4-x86_64-1.txz: Upgraded.
a/shadow-4.14.4-x86_64-1.txz: Upgraded.
ap/man-pages-6.06-noarch-1.txz: Upgraded.
ap/vim-9.1.0098-x86_64-1.txz: Upgraded.
d/libgccjit-13.2.0-x86_64-1.txz: Added.
If we can ship GCC's D and Modula-2 support, then we can ship this.
We'll probably find a use for it. ;-)
Thanks to Didier Spaier for hints on the build script.
d/mercurial-6.6.3-x86_64-1.txz: Upgraded.
d/rust-1.76.0-x86_64-1.txz: Upgraded.
l/gegl-0.4.48-x86_64-1.txz: Upgraded.
l/openexr-3.2.2-x86_64-1.txz: Upgraded.
l/pango-1.51.2-x86_64-1.txz: Upgraded.
l/python-calver-2022.6.26-x86_64-1.txz: Added.
Needed for python-trove-classifiers. Thanks to lucabon.
n/openvpn-2.6.9-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.1.0098-x86_64-1.txz: Upgraded.
extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Added.
Let's move this here since it's lagging behind the latest Rust.
a/kernel-firmware-20240208_fbef4d3-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.16-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.16-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.16-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.16-x86-1.txz: Upgraded.
k/kernel-source-6.6.16-noarch-1.txz: Upgraded.
-VIDEO_ATOMISP m
-VIDEO_ATOMISP_GC0310 n
-VIDEO_ATOMISP_GC2235 n
-VIDEO_ATOMISP_ISP2401 n
-VIDEO_ATOMISP_LM3554 n
-VIDEO_ATOMISP_MSRLIST_HELPER n
-VIDEO_ATOMISP_MT9M114 n
-VIDEO_ATOMISP_OV2722 n
-VIDEO_ATOMISP_OV5693 n
INTEL_ATOMISP y -> n
+INTEL_ATOMISP2_PM m
l/enchant-2.6.7-x86_64-1.txz: Upgraded.
l/libsecret-0.21.3-x86_64-1.txz: Upgraded.
l/libuv-1.48.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.76.0-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
ap/nvme-cli-2.7.1-x86_64-1.txz: Upgraded.
l/libnvme-1.7.1-x86_64-1.txz: Added.
This is required by nvme-cli.
l/pipewire-1.0.2-x86_64-1.txz: Upgraded.
n/curl-8.6.0-x86_64-1.txz: Upgraded.
n/libmilter-8.18.1-x86_64-1.txz: Upgraded.
extra/sendmail/sendmail-8.18.1-x86_64-1.txz: Upgraded.
sendmail through 8.17.2 allows SMTP smuggling in certain configurations.
Remote attackers can use a published exploitation technique to inject e-mail
messages with a spoofed MAIL FROM address, allowing bypass of an SPF
protection mechanism. This occurs because sendmail supports <LF>.<CR><LF>
but some other popular e-mail servers do not. This is resolved in 8.18 and
later versions with 'o' in srv_features.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-51765
(* Security fix *)
extra/sendmail/sendmail-cf-8.18.1-noarch-1.txz: Upgraded.
ap/diffstat-1.66-x86_64-1.txz: Upgraded.
ap/moc-2.6_alpha3-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
ap/vim-9.1.0061-x86_64-1.txz: Upgraded.
d/nv-codec-headers-12.1.14.0-x86_64-1.txz: Added.
Needed to build support for nvidia hardware decoders/encoders on newer GPUs.
gst-plugins-bad can use it too.
Thanks to Heinz Wiesinger.
kde/digikam-8.2.0-x86_64-4.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
kde/ffmpegthumbs-23.08.4-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
kde/k3b-23.08.4-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
kde/kfilemetadata-5.114.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
kde/kpipewire-5.27.10-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/Imath-3.1.10-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.2.7.1-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/ffmpeg-6.1.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Added some new build options in the SlackBuild.
Use shaderc instead of glslang.
Build against libgcrypt to enable support for RTMP[E].
Enable support for lcms2.
Build against libass, libplacebo, and nv-codec-headers.
Thanks to Heinz Wiesinger.
l/gegl-0.4.46-x86_64-4.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/gst-plugins-bad-free-1.22.9-x86_64-2.txz: Rebuilt.
Recompiled against libass-0.17.1.
l/gst-plugins-libav-1.22.9-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/libass-0.17.1-x86_64-1.txz: Added.
Adds ASS/SSA subtitle renderer (commonly used in the anime community).
adapted SlackBuild from SBo, original by Larry Hajali/Matteo Bernardini.
MPlayer and gst-plugins-bad can use it too.
Thanks to Heinz Wiesinger.
l/libplacebo-6.338.2-x86_64-1.txz: Added.
Adds various hardware accelerated filters such as HDR -> SDR tone mapping.
adapted SlackBuild from SBo, original by Hunter Sezen/Christoph Willing.
Thanks to Heinz Wiesinger.
l/mlt-7.22.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/netpbm-11.05.02-x86_64-1.txz: Upgraded.
l/opencv-4.9.0-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/pipewire-1.0.1-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-3.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
x/pixman-0.43.2-x86_64-1.txz: Upgraded.
xap/MPlayer-20240127-x86_64-1.txz: Upgraded.
Compiled against ffmpeg-6.1.1 and libass-0.17.1.
xap/audacious-plugins-4.3.1-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
xap/ffmpegthumbnailer-2.2.2-x86_64-5.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
xap/freerdp-2.11.5-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
xap/ssr-0.4.4-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
xap/vim-gvim-9.1.0061-x86_64-1.txz: Upgraded.
xap/xine-lib-1.2.13-x86_64-6.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
xap/xscreensaver-6.08-x86_64-2.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
extra/tigervnc/tigervnc-1.13.1-x86_64-4.txz: Rebuilt.
Recompiled against ffmpeg-6.1.1.
a/mcelog-197-x86_64-1.txz: Upgraded.
ap/qpdf-11.8.0-x86_64-1.txz: Upgraded.
kde/qca-2.3.8-x86_64-1.txz: Upgraded.
l/enchant-2.6.5-x86_64-1.txz: Upgraded.
n/iproute2-6.7.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.6.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.thunderbird.net/en-US/thunderbird/115.6.1/releasenotes/
We've gone ahead and moved the 6.6 kernel into the main tree. As previously
mentioned when this branch first appeared in /testing, on the 32-bit side
there are no longer any -smp labeled kernel packages, so if you were using
those previously, you'll need to switch to using to kernel-generic or
kernel-huge kernel, including the changes needed to your bootloader setup to
load this instead of the -smp labeled kernel. Also, if you happen to be using
a first generation Pentium M chip, you will need to append forcepae to your
kernel command-line options. Enjoy! :-)
a/kernel-firmware-20231211_f2e52a1-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.6-x86_64-1.txz: Upgraded.
a/kernel-huge-6.6.6-x86_64-1.txz: Upgraded.
a/kernel-modules-6.6.6-x86_64-1.txz: Upgraded.
ap/qpdf-11.6.4-x86_64-1.txz: Upgraded.
d/kernel-headers-6.6.6-x86-1.txz: Upgraded.
k/kernel-source-6.6.6-noarch-1.txz: Upgraded.
l/imagemagick-7.1.1_23-x86_64-1.txz: Upgraded.
l/libsecret-0.21.2-x86_64-1.txz: Upgraded.
Thanks to reddog83 and saxa.
l/zxing-cpp-2.2.1-x86_64-1.txz: Upgraded.
n/postfix-3.8.3-x86_64-2.txz: Rebuilt.
OpenSSL upstream says that major versions are ABI/API compatible, so stop
warning in the logs that they might not be.
Thanks to gildbg and Markus Wiesner.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
l/python-psutil-5.9.6-x86_64-1.txz: Added.
This is needed by xfce4-panel-profiles. Thanks to stormtracknole.
extra/fltk/fltk-1.3.9-x86_64-1.txz: Upgraded.
d/perl-5.38.1-x86_64-1.txz: Upgraded.
Upgraded: Authen-SASL-2.1700, IO-Socket-SSL-2.084, URI-5.21.
l/pipewire-1.0.0-x86_64-1.txz: Upgraded.
l/python-toml-0.10.2-x86_64-1.txz: Removed.
I'm told gi-docgen was ported to python-tomli earlier this year, so we don't
need this after all. Out it goes.
Thanks to Heinz Wiesinger.
l/v4l-utils-1.26.0-x86_64-1.txz: Upgraded.
xfce/xfce4-whiskermenu-plugin-2.8.2-x86_64-1.txz: Upgraded.
a/shadow-4.14.2-x86_64-2.txz: Rebuilt.
adduser: fixed chown syntax to silence warnings. Thanks to Stuart Winter.
l/gi-docgen-2023.3-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
l/python-smartypants-2.0.1-x86_64-1.txz: Added.
Needed for gi-docgen. Thanks to Heinz Wiesinger.
l/python-toml-0.10.2-x86_64-1.txz: Added.
Needed for gi-docgen. Thanks to Heinz Wiesinger.
l/python-typogrify-2.0.7-x86_64-1.txz: Added.
Needed for gi-docgen. Thanks to Heinz Wiesinger.
x/xdg-desktop-portal-1.18.2-x86_64-1.txz: Upgraded.
Thanks to 0XBF.
testing/packages/php-8.3.0-x86_64-1.txz: Added.
We have fresh 6.6 kernels in /testing! You may notice that on the 32-bit side
we have done away with the -smp labeled kernel packages, but it's actually the
other kernels that were retired -- the non-SMP, non-PAE ones. If you were
previously using kernel-generic-smp or kernel-huge-smp, you'll need to make
some adjustments to your bootloader setup to load kernel-generic or kernel-huge
instead. About the only non-obsolete CPUs that may have an issue with this are
the first generation Pentium M chips, which supported PAE but unfortunately did
not advertise this in the CPU flags. But these will support PAE if the kernel
option "forcepae" is appended at boot time. Enjoy! :-)
a/gettext-0.22.4-x86_64-1.txz: Upgraded.
a/kbd-2.6.3-x86_64-3.txz: Rebuilt.
Installed extra console fonts.
a/kernel-firmware-20231120_9552083-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.63-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.63-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.63-x86_64-1.txz: Upgraded.
a/mkinitrd-1.4.11-x86_64-34.txz: Rebuilt.
Fix tests for including jfs/xfs repair tools. Thanks to regdub.
a/pkgtools-15.1-noarch-8.txz: Rebuilt.
Make vim the default vi choice.
ap/vim-9.0.2116-x86_64-1.txz: Upgraded.
d/gettext-tools-0.22.4-x86_64-1.txz: Upgraded.
d/git-2.43.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.63-x86-1.txz: Upgraded.
d/mercurial-6.6-x86_64-1.txz: Upgraded.
d/meson-1.3.0-x86_64-1.txz: Upgraded.
d/scons-4.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.63-noarch-1.txz: Upgraded.
l/readline-8.2.007-x86_64-1.txz: Upgraded.
n/c-ares-1.22.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.6.4-x86_64-1.txz: Upgraded.
x/libdrm-2.4.118-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.5.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
Thanks to zuriel for the taskbar icon fix on Wayland. :-)
For more information, see:
https://www.mozilla.org/en-US/firefox/115.5.0/releasenotes/https://www.mozilla.org/security/advisories/mfsa2023-50/https://www.cve.org/CVERecord?id=CVE-2023-6204https://www.cve.org/CVERecord?id=CVE-2023-6205https://www.cve.org/CVERecord?id=CVE-2023-6206https://www.cve.org/CVERecord?id=CVE-2023-6207https://www.cve.org/CVERecord?id=CVE-2023-6208https://www.cve.org/CVERecord?id=CVE-2023-6209https://www.cve.org/CVERecord?id=CVE-2023-6212
(* Security fix *)
xap/vim-gvim-9.0.2116-x86_64-1.txz: Upgraded.
xap/xsnow-3.7.6-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/kernel-generic-6.6.2-x86_64-1.txz: Added.
testing/packages/kernel-headers-6.6.2-x86-1.txz: Added.
testing/packages/kernel-huge-6.6.2-x86_64-1.txz: Added.
testing/packages/kernel-modules-6.6.2-x86_64-1.txz: Added.
testing/packages/kernel-source-6.6.2-noarch-1.txz: Added.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/pam-1.5.3-x86_64-2.txz: Rebuilt.
Relocated pkgconfig files.
a/userspace-rcu-0.14.0-x86_64-2.txz: Rebuilt.
Relocated pkgconfig files.
ap/mariadb-10.11.6-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
Vulnerability allows high privileged attacker with network access via
multiple protocols to compromise the server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22084
(* Security fix *)
d/llvm-17.0.5-x86_64-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.11.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.6.3-x86_64-3.txz: Rebuilt.
Only move the udev rule to /lib, don't grab libraries or pkgconfig files
from under /usr.
a/kbd-2.6.3-x86_64-1.txz: Upgraded.
Thanks to Robby Workman.
a/kernel-firmware-20231107_2340796-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.62-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.62-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.62-x86_64-1.txz: Upgraded.
ap/sudo-1.9.15p1-x86_64-1.txz: Upgraded.
This is a bugfix release:
Fixed a bug introduced in sudo 1.9.15 that prevented LDAP-based sudoers
from being able to read the ldap.conf file.
d/kernel-headers-6.1.62-x86-1.txz: Upgraded.
k/kernel-source-6.1.62-noarch-1.txz: Upgraded.
kde/plasma-wayland-protocols-1.11.0-x86_64-1.txz: Upgraded.
l/liburing-2.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.4.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.2/releasenotes/
xap/xlockmore-5.74-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/gawk-5.3.0-x86_64-1.txz: Upgraded.
a/kernel-firmware-20231030_2b304bf-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.61-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.61-x86_64-1.txz: Upgraded.
-EXT2_FS_POSIX_ACL y
-EXT2_FS_SECURITY y
-EXT2_FS_XATTR y
-EXT3_FS_POSIX_ACL y
-EXT3_FS_SECURITY y
EXT2_FS y -> n
EXT3_FS y -> n
NLS_ISO8859_15 m -> y
SCSI_SMARTPQI m -> y
+EXT4_USE_FOR_EXT2 y
a/kernel-modules-6.1.61-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.61-x86-1.txz: Upgraded.
k/kernel-source-6.1.61-noarch-1.txz: Upgraded.
-EXT2_FS_POSIX_ACL y
-EXT2_FS_SECURITY y
-EXT2_FS_XATTR y
-EXT3_FS_POSIX_ACL y
-EXT3_FS_SECURITY y
EXT2_FS y -> n
EXT3_FS y -> n
NLS_ISO8859_1 m -> y
NLS_ISO8859_15 m -> y
NLS_UTF8 m -> y
SCSI_VIRTIO m -> y
+EXT4_USE_FOR_EXT2 y
kde/calligra-3.2.1-x86_64-35.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/cantor-23.08.2-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/fcitx5-configtool-5.1.2-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.111.0-x86_64-3.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/kile-2.9.93-x86_64-29.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/kitinerary-23.08.2-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/krita-5.2.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.11.0.
kde/okular-23.08.2-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.11.0.
l/pipewire-0.3.84-x86_64-1.txz: Upgraded.
l/poppler-23.11.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/postfix-3.8.3-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-anthy-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.1.2-x86_64-1.txz: Upgraded.
x/fcitx5-sayura-5.1.1-x86_64-1.txz: Upgraded.
x/libime-1.1.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/exfatprogs-1.2.2-x86_64-1.txz: Upgraded.
kde/digikam-8.1.0-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
kde/gwenview-23.08.2-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
kde/kfilemetadata-5.111.0-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
kde/krename-5.0.2-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
kde/krita-5.2.0-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
kde/libkexiv2-23.08.2-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
l/QtAV-20220226_fdc613dc-x86_64-1.txz: Removed.
This is no longer used by digikam, so let's just remove it.
l/exiv2-0.28.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libsoup3-3.4.4-x86_64-1.txz: Upgraded.
n/c-ares-1.21.0-x86_64-1.txz: Upgraded.
n/gpgme-1.23.1-x86_64-1.txz: Upgraded.
n/nghttp2-1.58.0-x86_64-1.txz: Upgraded.
xap/geeqie-2.1-x86_64-3.txz: Rebuilt.
Recompiled against exiv2-0.28.0.
a/kernel-firmware-20231024_4ee0175-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.60-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.60-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.60-x86_64-1.txz: Upgraded.
a/shadow-4.14.1-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.60-x86-1.txz: Upgraded.
k/kernel-source-6.1.60-noarch-1.txz: Upgraded.
Hey folks, if you've been following LQ you know I've talked before about
dropping the huge kernel and moving the distribution to use only the generic
kernel plus an initrd. After mulling this over for a few months, I think I
was looking at the problem in the wrong way. First of all, it's clear that
some Slackware users have been using the huge kernel all along, without an
initrd, and are (to say the least) unhappy about the prospect of a new
requirement to start using one. I've been recommending the generic kernel for
some time, and a major reason is that we've been using the same set of kernel
modules with two slightly different kernels. Because of this, there have
always been a few (generally seldom used) kernel modules that won't load into
the huge kernel. These are things that aren't built into the huge kernel, but
because of a difference in some kernel module dependency, they won't load.
The conclusion that I've come to here is that rather than drop the huge
kernel, or slap a LOCALVERSION on it and provide a whole duplicate tree of
kernel modules especially for the huge kernel, it would be better to make the
generic kernel more huge, and minimize the differences between the two kernel
configs.
That's what I've done here.
Shown below are the differences between the previous generic kernel config
and the one shipping in this update. You'll notice that most of the popular
filesystems are built in. At this point the main difference it that the huge
kernel has a couple of dozen SCSI drivers built into it. The modules for those
drivers won't load into the huge kernel, but they're fully built in so that
doesn't matter. If you find any other modules that will not load into the huge
kernel, please make a note about it on LQ and I'll see what can be done.
So, tl;dr - what does this change mean?
Unless your root device is on SCSI, if you were able to use the huge kernel
without an initrd previously, you should now be able to use the generic
kernel without an initrd. The kernel is a bit bigger, but we probably have
enough RAM these days that it won't make a difference.
Enjoy! :-)
-CIFS_SMB_DIRECT n
9P_FS m -> y
9P_FSCACHE n -> y
BTRFS_FS m -> y
CIFS m -> y
CRYPTO_CMAC m -> y
CRYPTO_CRC32 m -> y
CRYPTO_XXHASH m -> y
CRYPTO_ZSTD m -> y
EFIVAR_FS m -> y
EXFAT_FS m -> y
EXT2_FS m -> y
EXT3_FS m -> y
EXT4_FS m -> y
F2FS_FS m -> y
FAILOVER m -> y
FAT_FS m -> y
FSCACHE m -> y
FS_ENCRYPTION_ALGS m -> y
FS_MBCACHE m -> y
HW_RANDOM_VIRTIO m -> y
ISO9660_FS m -> y
JBD2 m -> y
JFS_FS m -> y
LZ4HC_COMPRESS m -> y
LZ4_COMPRESS m -> y
MSDOS_FS m -> y
NETFS_SUPPORT m -> y
NET_9P m -> y
NET_9P_FD m -> y
NET_9P_VIRTIO m -> y
NET_FAILOVER m -> y
NFSD m -> y
NLS_CODEPAGE_437 m -> y
NTFS3_FS m -> y
NTFS_FS m -> y
PSTORE_LZ4_COMPRESS n -> m
PSTORE_LZO_COMPRESS n -> m
PSTORE_ZSTD_COMPRESS n -> y
QFMT_V2 m -> y
QUOTA_TREE m -> y
REISERFS_FS m -> y
RPCSEC_GSS_KRB5 m -> y
SMBFS m -> y
SQUASHFS m -> y
UDF_FS m -> y
VFAT_FS m -> y
VIRTIO_BALLOON m -> y
VIRTIO_BLK m -> y
VIRTIO_CONSOLE m -> y
VIRTIO_INPUT m -> y
VIRTIO_MMIO m -> y
VIRTIO_NET m -> y
VIRTIO_PCI m -> y
VIRTIO_PCI_LIB m -> y
VIRTIO_PCI_LIB_LEGACY m -> y
VIRTIO_PMEM m -> y
XFS_FS m -> y
ZONEFS_FS n -> m
ZSTD_COMPRESS m -> y
+NFS_FSCACHE y
+PSTORE_LZ4_COMPRESS_DEFAULT n
+PSTORE_LZO_COMPRESS_DEFAULT n
+PSTORE_ZSTD_COMPRESS_DEFAULT n
kde/plasma-workspace-5.27.9.1-x86_64-1.txz: Upgraded.
l/glib2-2.78.1-x86_64-1.txz: Upgraded.
l/netpbm-11.04.03-x86_64-1.txz: Upgraded.
l/newt-0.52.24-x86_64-1.txz: Upgraded.
n/gpgme-1.23.0-x86_64-1.txz: Upgraded.
n/p11-kit-0.25.1-x86_64-1.txz: Upgraded.
n/php-8.2.12-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.12
x/xorg-server-21.1.9-x86_64-1.txz: Upgraded.
This update fixes security issues:
OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
Use-after-free bug in DestroyWindow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003430.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-5367https://www.cve.org/CVERecord?id=CVE-2023-5380
(* Security fix *)
x/xorg-server-xephyr-21.1.9-x86_64-1.txz: Upgraded.
x/xorg-server-xnest-21.1.9-x86_64-1.txz: Upgraded.
x/xorg-server-xvfb-21.1.9-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-23.2.2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
OOB write in XIChangeDeviceProperty/RRChangeOutputProperty.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003430.htmlhttps://www.cve.org/CVERecord?id=CVE-2023-5367
(* Security fix *)
xap/mozilla-thunderbird-115.4.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.4.1/releasenotes/https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/https://www.cve.org/CVERecord?id=CVE-2023-5721https://www.cve.org/CVERecord?id=CVE-2023-5732https://www.cve.org/CVERecord?id=CVE-2023-5724https://www.cve.org/CVERecord?id=CVE-2023-5725https://www.cve.org/CVERecord?id=CVE-2023-5726https://www.cve.org/CVERecord?id=CVE-2023-5727https://www.cve.org/CVERecord?id=CVE-2023-5728https://www.cve.org/CVERecord?id=CVE-2023-5730
(* Security fix *)
xfce/thunar-4.18.8-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/lvm2-2.03.22-x86_64-1.txz: Upgraded.
kde/kstars-3.6.7-x86_64-1.txz: Upgraded.
It's time for KStars in Slackware to be less of a toy and more of a useful
tool. The required dependencies have been added for EKOS, the INDI client
included in KStars, which will allow for computer control of astronomy
devices. Additional deps and drivers may be required, but these are runtime
dependencies. See (for example) gpsd, libdc1394, libftdi1, libindi-libraries,
and libindi-drivers, all of which can be found on slackbuilds.org.
Huge thanks to Edward W. Koenig for the detailed writeup - it was extremely
helpful! :-) Here's a link to the article:
https://www.linuxgalaxy.org/kingbeowulf/astronomy-device-control-in-slackware-15-and-current/
kde/libindi-2.0.4-x86_64-1.txz: Added.
This is required by kstars-3.6.7.
kde/libnova-0.15.0-x86_64-1.txz: Added.
This is required by kstars-3.6.7.
Thanks to Chris Abela, Ryan P.C. McQuen, and Philip Lacroix.
kde/stellarsolver-2.5-x86_64-1.txz: Added.
This is required by kstars-3.6.7.
kde/wcslib-8.1-x86_64-1.txz: Added.
This is required by kstars-3.6.7.
l/LibRaw-0.21.1-x86_64-2.txz: Rebuilt.
This update fixes a security issue:
A heap-buffer-overflow was found in raw2image_ex(int), which may lead to
application crash by maliciously crafted input file.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-1729
(* Security fix *)
l/imagemagick-7.1.1_21-x86_64-1.txz: Upgraded.
l/libev-4.33-x86_64-1.txz: Added.
This is required by kstars-3.6.7.
As this package may have more general usage than just kstars, we'll put it
in the L series.
Thanks to AA ime Ramov and Matteo Bernardini.
l/vte-0.74.1-x86_64-1.txz: Upgraded.
kde/krita-5.2.0-x86_64-1.txz: Upgraded.
l/fftw-3.3.10-x86_64-2.txz: Rebuilt.
Build and package missing FFTW3LibraryDepends.cmake.
This is needed for krita-5.2.0.
l/immer-0.8.1-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/lager-0.1.0-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/libunibreak-5.1-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/zug-0.1.0-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
xap/network-manager-applet-1.34.0-x86_64-1.txz: Upgraded.
ap/vim-9.0.1903-x86_64-1.txz: Upgraded.
l/at-spi2-atk-2.38.0-x86_64-3.txz: Removed.
l/at-spi2-core-2.50.0-x86_64-1.txz: Upgraded.
This now includes the features from the former at-spi2-atk and atk packages.
l/atk-2.38.0-x86_64-1.txz: Removed.
l/cairo-1.17.6-x86_64-1.txz: Upgraded.
l/glib-networking-2.78.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.78.1-x86_64-1.txz: Upgraded.
l/json-glib-1.8.0-x86_64-1.txz: Upgraded.
l/libsoup3-3.4.3-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.1903-x86_64-1.txz: Upgraded.
a/kernel-firmware-20230906_ad03b85-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.52-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.52-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.52-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.52-x86-1.txz: Upgraded.
d/lua-5.4.6-x86_64-3.txz: Rebuilt.
Set MYCFLAGS rather than CFLAGS in the build script to keep the other
default CFLAGS in src/Makefile. This automatically sets -DLUA_USE_LINUX
as well as -DLUA_COMPAT_5_3.
d/mercurial-6.5.2-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.52-noarch-1.txz: Upgraded.
kde/alkimia-8.1.2-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-33.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/cantor-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kfilemetadata-5.109.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kile-2.9.93-x86_64-27.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kitinerary-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/krita-5.1.5-x86_64-14.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/ktextaddons-1.5.0-x86_64-1.txz: Upgraded.
kde/okular-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
l/poppler-23.09.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/zstd-1.5.5-x86_64-3.txz: Rebuilt.
Fix library path in zstdTargets-release.cmake.
Thanks to Steven Voges and gian_d.
Use additional build options:
-DZSTD_BUILD_STATIC=OFF -DZSTD_PROGRAMS_LINK_SHARED=ON -DZSTD_LZ4_SUPPORT=ON
-DZSTD_LZMA_SUPPORT=ON -DZSTD_ZLIB_SUPPORT=ON
Thanks to USUARIONUEVO.
n/iproute2-6.5.0-x86_64-1.txz: Upgraded.
t/texlive-2023.230322-x86_64-5.txz: Rebuilt.
Recompiled against zlib-1.3 to fix lualatex.
Thanks to unInstance and marav.
x/ibus-libpinyin-1.15.4-x86_64-1.txz: Upgraded.
x/mesa-23.1.7-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.9-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/coreutils-9.3-x86_64-2.txz: Rebuilt.
Don't support AVX2 instructions for wc. Since it's possible to enable a
kernel option that causes the kernel to advertise AVX2 as available, but
leads to an illegal instruction if there's an attempt to actually use
AVX2 when old microcode is in use, this isn't reliable. Furthermore, wc
is used by the pkgtools and this sort of failure could lead to corruption
of the filesystem and/or package database. So, we'll disable this to be on
the safe side. Thanks to lancsuk for noticing this issue.
a/kernel-generic-6.1.48-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.48-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.48-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.48-x86-1.txz: Upgraded.
k/kernel-source-6.1.48-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-firmware-20230814_0e048b0-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.46-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.46-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.46-x86_64-1.txz: Upgraded.
ap/inxi-3.3.29_1-noarch-1.txz: Upgraded.
d/kernel-headers-6.1.46-x86-1.txz: Upgraded.
k/kernel-source-6.1.46-noarch-1.txz: Upgraded.
-ACPI_TINY_POWER_BUTTON n
ACPI_AC m -> y
ACPI_BATTERY m -> y
ACPI_BUTTON m -> y
ACPI_FAN m -> y
ACPI_THERMAL m -> y
kde/kirigami-addons-0.11.0-x86_64-1.txz: Upgraded.
n/bind-9.18.18-x86_64-1.txz: Upgraded.
n/httpd-2.4.57-x86_64-2.txz: Rebuilt.
rc.httpd: wait using pwait after stopping, fix usage to show force-restart.
Thanks to metaed.
n/net-snmp-5.9.4-x86_64-1.txz: Upgraded.
n/openvpn-2.6.6-x86_64-1.txz: Upgraded.
n/php-8.2.9-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Security issue with external entity loading in XML without enabling it.
Buffer mismanagement in phar_dir_read().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
(* Security fix *)
x/xorg-server-xwayland-23.2.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/aaa_libraries-15.1-x86_64-21.txz: Rebuilt.
Upgraded: libcap.so.2.69, liblzma.so.5.4.4, libboost*.so.1.82.0,
libglib-2.0.so.0.7600.4, libgmodule-2.0.so.0.7600.4, libgmp.so.10.5.0,
libgmpxx.so.4.7.0, libgobject-2.0.so.0.7600.4, libgthread-2.0.so.0.7600.4,
libjpeg.so.62.4.0, libpng16.so.16.40.0, libstdc++.so.6.0.32,
libtdb.so.1.4.9, libturbojpeg.so.0.3.0.
a/kernel-firmware-20230809_789aa81-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.45-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.45-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.45-x86_64-1.txz: Upgraded.
ap/pamixer-1.5-x86_64-7.txz: Rebuilt.
Recompiled against boost-1.83.0.
d/kernel-headers-6.1.45-x86-1.txz: Upgraded.
k/kernel-source-6.1.45-noarch-1.txz: Upgraded.
kde/kig-23.04.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.83.0.
kde/kopeninghours-23.04.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.83.0.
kde/krita-5.1.5-x86_64-12.txz: Rebuilt.
Recompiled against boost-1.83.0.
l/boost-1.83.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
The shared libraries from the previous version will stick around in
the aaa_libraries package for at least a month.
l/cryfs-0.10.3-x86_64-9.txz: Rebuilt.
Recompiled against boost-1.83.0.
x/fcitx5-chinese-addons-5.0.17-x86_64-3.txz: Rebuilt.
Recompiled against boost-1.83.0.
x/libime-1.0.17-x86_64-3.txz: Rebuilt.
Recompiled against boost-1.83.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Thanks to Heinz Wiesinger for these added python packages to implement
PEP 427 and PEP 517! Python modules are phasing out setup.py in favor of
building wheels, and then using python-installer to install them. These
are the bits needed to make that happen.
l/python-build-0.10.0-x86_64-1.txz: Added.
l/python-flit-core-3.9.0-x86_64-1.txz: Added.
l/python-glad2-2.0.4-x86_64-1.txz: Added.
l/python-installer-0.7.0-x86_64-1.txz: Added.
l/python-lxml-4.9.3-x86_64-1.txz: Added.
l/python-pyproject-hooks-1.0.0-x86_64-1.txz: Added.
l/python-tomli-w-1.0.0-x86_64-1.txz: Added.
l/python-wheel-0.41.1-x86_64-1.txz: Added.
n/nftables-1.0.8-x86_64-2.txz: Rebuilt.
Correctly generate nftables Python module using PEP 427/517 method.
Thanks to marav.
n/openssh-9.4p1-x86_64-1.txz: Upgraded.
d/binutils-2.41-x86_64-1.txz: Upgraded.
d/oprofile-1.4.0-x86_64-12.txz: Rebuilt.
Recompiled against binutils-2.41.
d/tree-sitter-0.20.8-x86_64-1.txz: Added.
This is a dependency for an interesting new feature of emacs-29.1.
e/emacs-29.1-x86_64-1.txz: Upgraded.
Compiled against tree-sitter-0.20.8. Grammar libraries for this can be
downloaded and installed from within Emacs - see the NEWS file for details.
l/gmp-6.3.0-x86_64-1.txz: Upgraded.
l/libarchive-3.7.1-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-1.txz: Upgraded.
a/kernel-firmware-20230724_59fbffa-noarch-1.txz: Upgraded.
AMD microcode updated to fix a use-after-free in AMD Zen2 processors.
From Tavis Ormandy's annoucement of the issue:
"The practical result here is that you can spy on the registers of other
processes. No system calls or privileges are required.
It works across virtual machines and affects all operating systems.
I have written a poc for this issue that's fast enough to reconstruct
keys and passwords as users log in."
For more information, see:
https://seclists.org/oss-sec/2023/q3/59https://www.cve.org/CVERecord?id=CVE-2023-20593
(* Security fix *)
a/kernel-generic-6.1.41-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.41-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.41-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.41-x86-1.txz: Upgraded.
k/kernel-source-6.1.41-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
a/kernel-generic-6.1.40-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.40-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.40-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.40-x86-1.txz: Upgraded.
k/kernel-source-6.1.40-noarch-1.txz: Upgraded.
l/imagemagick-7.1.1_14-x86_64-1.txz: Upgraded.
n/whois-5.5.18-x86_64-1.txz: Upgraded.
Updated the .ga TLD server.
Added new recovered IPv4 allocations.
Removed the delegation of 43.0.0.0/8 to JPNIC.
Removed 12 new gTLDs which are no longer active.
Improved the man page source, courtesy of Bjarni Ingi Gislason.
Added the .edu.za SLD server.
Updated the .alt.za SLD server.
Added the -ru and -su NIC handles servers.
x/glu-9.0.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.