diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 312940115..d2a77d1d2 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,87 @@ +Tue Oct 3 22:19:10 UTC 2023 +a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt. +a/dialog-1.3_20231002-x86_64-1.txz: Upgraded. +ap/mpg123-1.32.3-x86_64-1.txz: Upgraded. +d/llvm-17.0.2-x86_64-1.txz: Upgraded. +d/meson-1.2.2-x86_64-2.txz: Rebuilt. + [PATCH] Revert rust: apply global, project, and environment C args to bindgen. + This fixes building Mesa. + Thanks to lucabon and marav. +kde/calligra-3.2.1-x86_64-34.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/cantor-23.08.1-x86_64-2.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/kile-2.9.93-x86_64-28.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/krita-5.1.5-x86_64-15.txz: Rebuilt. + Recompiled against poppler-23.10.0. +kde/okular-23.08.1-x86_64-2.txz: Rebuilt. + Recompiled against poppler-23.10.0. +l/glibc-2.37-x86_64-3.txz: Rebuilt. +l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt. + Patched to fix the "Looney Tunables" vulnerability, a local privilege + escalation in ld.so. This vulnerability was introduced in April 2021 + (glibc 2.34) by commit 2ed18c. + Thanks to Qualys Research Labs for reporting this issue. + For more information, see: + https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt + https://www.cve.org/CVERecord?id=CVE-2023-4911 + (* Security fix *) +l/glibc-profile-2.37-x86_64-3.txz: Rebuilt. +l/mozilla-nss-3.94-x86_64-1.txz: Upgraded. +l/poppler-23.10.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded. +n/irssi-1.4.5-x86_64-1.txz: Upgraded. +x/fcitx5-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded. +x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded. +x/libX11-1.8.7-x86_64-1.txz: Upgraded. + This update fixes security issues: + libX11: out-of-bounds memory access in _XkbReadKeySyms(). + libX11: stack exhaustion from infinite recursion in PutSubImage(). + libX11: integer overflow in XCreateImage() leading to a heap overflow. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43785 + https://www.cve.org/CVERecord?id=CVE-2023-43786 + https://www.cve.org/CVERecord?id=CVE-2023-43787 + (* Security fix *) +x/libXpm-3.5.17-x86_64-1.txz: Upgraded. + This update fixes security issues: + libXpm: out of bounds read in XpmCreateXpmImageFromBuffer(). + libXpm: out of bounds read on XPM with corrupted colormap. + For more information, see: + https://lists.x.org/archives/xorg-announce/2023-October/003424.html + https://www.cve.org/CVERecord?id=CVE-2023-43788 + https://www.cve.org/CVERecord?id=CVE-2023-43789 + (* Security fix *) +testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt. +testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt. + Patched to fix the "Looney Tunables" vulnerability, a local privilege + escalation in ld.so. This vulnerability was introduced in April 2021 + (glibc 2.34) by commit 2ed18c. + Thanks to Qualys Research Labs for reporting this issue. + For more information, see: + https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt + https://www.cve.org/CVERecord?id=CVE-2023-4911 + (* Security fix *) +testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt. +testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt. ++--------------------------+ Mon Oct 2 19:12:58 UTC 2023 kde/kwin-5.27.8-x86_64-2.txz: Rebuilt. [PATCH] fix segfault in EglGbmBackend::textureForOutput. |