diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 1116 |
1 files changed, 1116 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 864f6713b..a468bf8ba 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,1119 @@ +Sun May 12 19:10:12 UTC 2024 +a/less-654-x86_64-1.txz: Upgraded. +d/ninja-1.12.1-x86_64-1.txz: Upgraded. +n/whois-5.5.23-x86_64-1.txz: Upgraded. + Updated the .sc, .********* (.xn--yfro4i67o, Singapore) + and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore) + TLD servers. +extra/bittornado/bittornado-0.3.18-noarch-3.txz: Removed. + Obsolete and based on python2. ++--------------------------+ +Thu May 9 19:26:51 UTC 2024 +l/libjpeg-turbo-3.0.3-x86_64-1.txz: Upgraded. +l/nodejs-20.13.1-x86_64-1.txz: Upgraded. +l/pipewire-1.0.6-x86_64-1.txz: Upgraded. +n/php-8.3.7-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.php.net/ChangeLog-8.php#8.3.7 +n/wireless-regdb-2024.05.08-x86_64-1.txz: Upgraded. +extra/bash-completion/bash-completion-2.14.0-noarch-1.txz: Upgraded. ++--------------------------+ +Wed May 8 21:05:29 UTC 2024 +d/cmake-3.29.3-x86_64-1.txz: Upgraded. +l/adwaita-icon-theme-46.0-noarch-2.txz: Rebuilt. + Restore icons that went missing after adwaita-icon-theme-41.0. +l/glib2-2.80.2-x86_64-1.txz: Upgraded. +l/libgnt-2.14.4_dev-x86_64-1.txz: Upgraded. +l/mozilla-nss-3.100-x86_64-1.txz: Upgraded. +n/samba-4.20.1-x86_64-1.txz: Upgraded. +x/mesa-24.0.7-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue May 7 20:06:35 UTC 2024 +d/mercurial-6.7.3-x86_64-1.txz: Upgraded. +l/imagemagick-7.1.1_32-x86_64-2.txz: Rebuilt. + Add INSTALL_BASE= to --with-perl-options= to fix perl modules installation + not honoring $LIBDIRSUFFIX since 7.1.1-30. Thanks to HQuest. +l/libqalculate-5.1.1-x86_64-1.txz: Upgraded. +l/nodejs-20.13.0-x86_64-1.txz: Upgraded. +l/python-typing_extensions-4.11.0-x86_64-1.txz: Removed. + No longer needed with the upgrade to python-setuptools_scm-8.1.0. + Thanks to audriusk for the reminder. +x/anthy-unicode-1.0.0.20240502-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon May 6 17:41:36 UTC 2024 +a/util-linux-2.40.1-x86_64-1.txz: Upgraded. +l/imagemagick-7.1.1_32-x86_64-1.txz: Upgraded. +l/libqalculate-5.1.0-x86_64-1.txz: Upgraded. +l/python-Jinja2-3.1.4-x86_64-1.txz: Upgraded. +l/python-setuptools_scm-8.1.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun May 5 18:35:56 UTC 2024 +l/python-babel-2.15.0-x86_64-1.txz: Upgraded. +y/nethack-3.6.7-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. ++--------------------------+ +Sat May 4 17:37:11 UTC 2024 +a/elvis-2.2_0-x86_64-9.txz: Rebuilt. + Recompiled against ncurses-6.5. +a/gettext-0.22.5-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +a/procps-ng-4.0.4-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/bc-1.07.1-x86_64-6.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/bpe-2.01.00-x86_64-7.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/gutenprint-5.3.4-x86_64-4.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/ispell-3.4.06-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/joe-4.6-x86_64-5.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/nvme-cli-2.9.1-x86_64-1.txz: Upgraded. +ap/powertop-2.15-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/sc-7.16-x86_64-11.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/screen-4.9.1-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +ap/xfsdump-3.1.12-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/clisp-2.50_20230718_669249717-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/cmake-3.29.2-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/cscope-15.9-x86_64-4.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/gettext-tools-0.22.5-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/guile-3.0.9-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/lua-5.4.6-x86_64-6.txz: Rebuilt. + Recompiled against ncurses-6.5. +d/poke-4.0-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +kde/kalgebra-23.08.5-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/enchant-2.7.3-x86_64-1.txz: Upgraded. +l/gdbm-1.23-x86_64-3.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/lame-3.100-x86_64-5.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/libcdio-2.1.0-x86_64-4.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/libedit-20230828_3.1-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/libnjb-2.2.7-x86_64-5.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/libnvme-1.9-x86_64-1.txz: Upgraded. +l/libqalculate-5.0.0-x86_64-3.txz: Rebuilt. + Recompiled against ncurses-6.5. +l/python-pygments-2.18.0-x86_64-1.txz: Upgraded. +l/qtkeychain-0.14.3-x86_64-1.txz: Upgraded. +l/readline-8.2.010-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/elm-2.5.8-x86_64-8.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/epic5-2.1.12-x86_64-8.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/iftop-1.0pre4-x86_64-5.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/metamail-2.7-x86_64-11.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/mtr-0.95-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/net-snmp-5.9.4-x86_64-4.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/netkit-ftp-0.17-x86_64-8.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/netkit-ntalk-0.17-x86_64-8.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/netwatch-1.3.1_2-x86_64-6.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/nn-6.7.3-x86_64-9.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/php-8.3.6-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/samba-4.20.0-x86_64-3.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/telnet-0.17-x86_64-7.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/wpa_supplicant-2.10-x86_64-4.txz: Rebuilt. + Recompiled against ncurses-6.5. +n/ytalk-3.3.0-x86_64-7.txz: Rebuilt. + Recompiled against ncurses-6.5. +xap/MPlayer-20240403-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +xap/ddd-3.4.0-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +xap/gnuchess-6.2.9-x86_64-2.txz: Rebuilt. + Recompiled against ncurses-6.5. +xap/xine-ui-0.99.14-x86_64-3.txz: Rebuilt. + Recompiled against ncurses-6.5. +y/bsd-games-2.17-x86_64-5.txz: Rebuilt. + Recompiled against ncurses-6.5. ++--------------------------+ +Fri May 3 17:37:59 UTC 2024 +a/hwdata-0.382-noarch-1.txz: Upgraded. +a/ndctl-79-x86_64-1.txz: Upgraded. +l/gtk4-4.14.4-x86_64-1.txz: Upgraded. +xap/gimp-2.10.38-x86_64-1.txz: Upgraded. ++--------------------------+ +Thu May 2 23:49:58 UTC 2024 +a/btrfs-progs-6.8.1-x86_64-1.txz: Upgraded. +a/kernel-firmware-20240502_28f75f1-noarch-1.txz: Upgraded. +a/kernel-generic-6.6.30-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.30-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.30-x86_64-1.txz: Upgraded. +ap/mariadb-10.11.7-x86_64-2.txz: Rebuilt. + Try to preserve the timestamp on rc.mysqld.new. +d/kernel-headers-6.6.30-x86-1.txz: Upgraded. +d/llvm-18.1.5-x86_64-1.txz: Upgraded. +d/rust-1.78.0-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.30-noarch-1.txz: Upgraded. +l/SDL2-2.30.3-x86_64-1.txz: Upgraded. +n/mobile-broadband-provider-info-20240502-noarch-1.txz: Upgraded. +x/ibus-1.5.30-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Wed May 1 18:48:17 UTC 2024 +ap/nano-8.0-x86_64-1.txz: Upgraded. +ap/vim-9.1.0386-x86_64-1.txz: Upgraded. +l/liburing-2.6-x86_64-1.txz: Upgraded. +xap/vim-gvim-9.1.0386-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 30 18:54:11 UTC 2024 +a/elogind-255.5-x86_64-1.txz: Upgraded. +d/git-2.45.0-x86_64-1.txz: Upgraded. +l/gst-plugins-bad-free-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.24.3-x86_64-1.txz: Upgraded. +l/gstreamer-1.24.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 29 21:32:37 UTC 2024 +a/aaa_libraries-15.1-x86_64-31.txz: Rebuilt. + Added: libncurses++w.so.6.5, libtic.so.6.5. + Upgraded: libformw.so.6.5, libmenuw.so.6.5, libncursesw.so.6.5, + libpanelw.so.6.5, libtinfo.so.6.5. + Removed (with compat symlinks made): libform.so.6.4, libmenu.so.6.4, + libncurses.so.6.4, libpanel.so.6.4. +a/aaa_terminfo-6.5-x86_64-1.txz: Upgraded. +l/ncurses-6.5-x86_64-1.txz: Upgraded. + This seemed like a good opportunity to go over my notes and try to make this + SlackBuild at least defensible, if not correct. :-) The non-wide libraries + have all been purged and replaced with compatibility symlinks pointing to the + wide versions. Anything trying to use -lncurses (etc) will be redirected to + -lncursesw (etc) at compile time. Looks like nearly 50 packages are linked to + the non-wide libraries, but everything works this way. + Thanks to GazL who provided most of the suggestions used. +l/python-pyproject-hooks-1.1.0-x86_64-1.txz: Upgraded. +n/lynx-2.9.1-x86_64-1.txz: Upgraded. +x/xconsole-1.1.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-125.0.3-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/ ++--------------------------+ +Sun Apr 28 19:20:42 UTC 2024 +a/iniparser-4.2-x86_64-1.txz: Upgraded. +ap/hplip-3.23.12-x86_64-5.txz: Rebuilt. + Replace a single unicode space character in models.dat with an ASCII space + to prevent python3 from tripping over it in some cases. This seems to follow + the extreme programming motto of "do the simplest thing that could possibly + work", so we'll see if it does. + Thanks to pdags. +ap/jove-4.17.5.3-x86_64-1.txz: Upgraded. +l/enchant-2.7.2-x86_64-1.txz: Upgraded. +l/jasper-4.2.4-x86_64-1.txz: Upgraded. +l/libgtop-2.41.3-x86_64-1.txz: Upgraded. +l/mlt-7.24.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 27 19:02:25 UTC 2024 +a/kernel-generic-6.6.29-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.29-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.29-x86_64-1.txz: Upgraded. +ap/cups-2.4.8-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.29-x86-1.txz: Upgraded. +d/valgrind-3.23.0-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.29-noarch-1.txz: Upgraded. +l/enchant-2.7.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Fri Apr 26 20:12:32 UTC 2024 +a/kernel-firmware-20240426_fc21f47-noarch-1.txz: Upgraded. +ap/cups-2.4.7-x86_64-3.txz: Rebuilt. + Rebuild using --with-rundir=/run/cups. +ap/cups-browsed-2.0.0-x86_64-1.txz: Added. + This is the CUPS/IPP print queue browser daemon, previously part of the + cups-filters package. +ap/cups-filters-2.0.0-x86_64-1.txz: Upgraded. +l/libarchive-3.7.4-x86_64-1.txz: Upgraded. +l/libcupsfilters-2.0.0-x86_64-1.txz: Added. + This is required by cups-filters-2.0.0. +l/libppd-2.0.0-x86_64-1.txz: Added. + This is required by cups-filters-2.0.0. +l/libproxy-0.5.6-x86_64-1.txz: Upgraded. +x/wayland-protocols-1.36-noarch-1.txz: Upgraded. +xap/mozilla-firefox-125.0.2-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-125.0-x86_64-1.txz: Upgraded. +extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Removed. ++--------------------------+ +Thu Apr 25 17:58:17 UTC 2024 +l/PyQt-builder-1.16.2-x86_64-1.txz: Upgraded. +l/fribidi-1.0.14-x86_64-1.txz: Upgraded. +l/libarchive-3.7.3-x86_64-2.txz: Rebuilt. + Patched an out-of-bound error in the rar e8 filter that could allow for + the execution of arbitrary code. + Thanks to gmgf for the heads-up. + For more information, see: + https://github.com/advisories/GHSA-2jc9-36w4-pmqw + https://www.cve.org/CVERecord?id=CVE-2024-26256 + (* Security fix *) +n/bluez-5.75-x86_64-3.txz: Rebuilt. + [PATCH] shared/uhid: Fix crash if bt_uhid_destroy free replay structure. + Thanks to sombragris. +n/libgpg-error-1.49-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Apr 24 20:08:55 UTC 2024 +ap/dmidecode-3.6-x86_64-1.txz: Upgraded. +kde/fcitx5-configtool-5.1.5-x86_64-1.txz: Upgraded. +l/aom-3.9.0-x86_64-1.txz: Upgraded. +x/mesa-24.0.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 23 22:24:03 UTC 2024 +d/ruby-3.3.1-x86_64-1.txz: Upgraded. + This update fixes security issues: + Arbitrary memory address read vulnerability with Regex search. + RCE vulnerability with .rdoc_options in RDoc. + Buffer overread vulnerability in StringIO. + For more information, see: + https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ + https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ + https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ + https://www.cve.org/CVERecord?id=CVE-2024-27282 + https://www.cve.org/CVERecord?id=CVE-2024-27281 + https://www.cve.org/CVERecord?id=CVE-2024-27280 + (* Security fix *) +l/python-docutils-0.21.2-x86_64-1.txz: Upgraded. +x/rendercheck-1.6-x86_64-1.txz: Upgraded. +x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 23 19:48:05 UTC 2024 +a/ed-1.20.2-x86_64-1.txz: Upgraded. +d/parallel-20240422-noarch-1.txz: Upgraded. +kde/krusader-2.8.1-x86_64-1.txz: Upgraded. +kde/ktextaddons-1.5.4-x86_64-1.txz: Upgraded. +l/libgusb-0.4.9-x86_64-1.txz: Upgraded. +n/nmap-7.95-x86_64-1.txz: Upgraded. +x/fcitx5-5.1.9-x86_64-1.txz: Upgraded. +x/fcitx5-anthy-5.1.4-x86_64-1.txz: Upgraded. +x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz: Upgraded. +x/fcitx5-gtk-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-hangul-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-kkc-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-m17n-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-qt-5.1.6-x86_64-1.txz: Upgraded. +x/fcitx5-sayura-5.1.2-x86_64-1.txz: Upgraded. +x/fcitx5-table-extra-5.1.5-x86_64-1.txz: Upgraded. +x/fcitx5-table-other-5.1.2-x86_64-1.txz: Upgraded. +x/fcitx5-unikey-5.1.4-x86_64-1.txz: Upgraded. +x/libime-1.1.7-x86_64-1.txz: Upgraded. +extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz: Rebuilt. + This is a bugfix release. + Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it + in a terminal emulator in text mode, or rebuild if you really need to get + rid of the X11 dependency for some reason. + Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces + a buggy Emacs here in the modern era, with symptoms such as "child signal FD: + Invalid argument". It's possible this had something to do with the reported + memory leaks as well. + Thanks to 3Tom for the bug report. ++--------------------------+ +Mon Apr 22 19:36:38 UTC 2024 +a/elogind-255.4_r2-x86_64-2.txz: Rebuilt. + OK, this is looking good enough to return to the main tree now. + Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues + with upstream, and to Sven Eden for the upstream fixes. I've changed the + default sleep mode from s2idle to deep as s2idle still locks up most of the + systems I've tried it on. Eventually we'll probably have to swallow this pill + though (more notes on that in the SlackBuild). + It didn't seem like recompiling polkit again was necessary, but correct me if + I'm wrong about that. +l/imagemagick-7.1.1_31-x86_64-1.txz: Upgraded. +l/python-hatchling-1.24.2-x86_64-1.txz: Upgraded. +l/vte-0.76.1-x86_64-1.txz: Upgraded. +l/wireplumber-0.5.2-x86_64-1.txz: Upgraded. +xap/freerdp-2.11.7-x86_64-1.txz: Upgraded. + This release eliminates a bunch of issues detected during oss-fuzz runs. + (* Security fix *) ++--------------------------+ +Sun Apr 21 21:41:34 UTC 2024 +a/etc-15.1-x86_64-11.txz: Rebuilt. + Populate missing /etc/gshadow entries. Thanks to opty. +l/PyQt-builder-1.16.1-x86_64-1.txz: Upgraded. +l/python-pluggy-1.5.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 20 00:10:39 UTC 2024 +l/gdk-pixbuf2-2.42.11-x86_64-2.txz: Rebuilt. + Recompiled with -Dtests=false -Dothers=enabled to fix gkrellm. + Thanks to J_W for the bug report. ++--------------------------+ +Fri Apr 19 19:36:17 UTC 2024 +a/elogind-252.23-x86_64-3.txz: Rebuilt. + All right, it's time to stop the bleeding (edge). This has been verified as + the last working version of elogind, so we'll revert for now while moving the + newer sources into /testing. We didn't actually *need* the 255 branch for + libgudev (I was mistakenly under that impression), so this will be fine for + now. We'll keep an eye on upstream and move forward when things settle down. +d/vala-0.56.17-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.42.11-x86_64-1.txz: Upgraded. +l/gtk4-4.14.3-x86_64-1.txz: Upgraded. +l/polkit-124-x86_64-2.txz: Rebuilt. + Recompiled against elogind-252.23. +l/python-sphinx-7.3.7-x86_64-1.txz: Upgraded. +n/NetworkManager-1.46.0-x86_64-2.txz: Rebuilt. + Build with meson instead of autotools, since setting session_tracking to + elogind is ignored with autotools, and is set to consolekit instead. + While this didn't seem to make a difference in practice, better to get this + right now and rule it out as part of the issue. + Thanks to marav and LuckyCyborg for the options hints. +x/xdg-desktop-portal-1.18.4-x86_64-1.txz: Upgraded. +xap/freerdp-2.11.6-x86_64-1.txz: Upgraded. + This release is a security release and addresses multiple issues: + [Low] OutOfBound Read in zgfx_decompress_segment. + [Moderate] Integer overflow & OutOfBound Write in + clear_decompress_residual_data. + [Low] integer underflow in nsc_rle_decode. + [Low] OutOfBound Read in planar_skip_plane_rle. + [Low] OutOfBound Read in ncrush_decompress. + [Low] OutOfBound Read in interleaved_decompress. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-32041 + https://www.cve.org/CVERecord?id=CVE-2024-32039 + https://www.cve.org/CVERecord?id=CVE-2024-32040 + https://www.cve.org/CVERecord?id=CVE-2024-32458 + https://www.cve.org/CVERecord?id=CVE-2024-32459 + https://www.cve.org/CVERecord?id=CVE-2024-32460 + (* Security fix *) ++--------------------------+ +Fri Apr 19 05:38:28 UTC 2024 +xap/mozilla-thunderbird-115.10.1-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/ ++--------------------------+ +Thu Apr 18 19:17:30 UTC 2024 +a/aaa_glibc-solibs-2.39-x86_64-2.txz: Rebuilt. +ap/vim-9.1.0346-x86_64-1.txz: Upgraded. +d/llvm-18.1.4-x86_64-1.txz: Upgraded. +d/nasm-2.16.03-x86_64-1.txz: Upgraded. +l/glibc-2.39-x86_64-2.txz: Rebuilt. + This update fixes a security issue: + The iconv() function in the GNU C Library versions 2.39 and older may + overflow the output buffer passed to it by up to 4 bytes when converting + strings to the ISO-2022-CN-EXT character set, which may be used to crash + an application or overwrite a neighbouring variable. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-2961 + (* Security fix *) +l/glibc-i18n-2.39-x86_64-2.txz: Rebuilt. +l/glibc-profile-2.39-x86_64-2.txz: Rebuilt. +l/pycups-2.0.4-x86_64-1.txz: Upgraded. +l/python-hatchling-1.24.1-x86_64-1.txz: Upgraded. +l/python-sphinx-7.3.6-x86_64-1.txz: Upgraded. +n/bind-9.18.26-x86_64-1.txz: Upgraded. + This is a bugfix release. +xap/vim-gvim-9.1.0346-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Apr 17 20:35:48 UTC 2024 +a/kernel-firmware-20240417_e678699-noarch-1.txz: Upgraded. +a/kernel-generic-6.6.28-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.28-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.28-x86_64-1.txz: Upgraded. +a/xfsprogs-6.7.0-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.28-x86-1.txz: Upgraded. +k/kernel-source-6.6.28-noarch-1.txz: Upgraded. +l/pycups-2.0.3-x86_64-1.txz: Upgraded. +l/python-sphinx-7.3.5-x86_64-1.txz: Upgraded. +n/bluez-5.75-x86_64-2.txz: Rebuilt. + Prune duplicate config files. Thanks to audriusk. +x/libXmu-1.2.1-x86_64-1.txz: Upgraded. +x/util-macros-1.20.1-noarch-1.txz: Upgraded. +x/wayland-protocols-1.35-noarch-1.txz: Upgraded. +xap/mozilla-thunderbird-115.10.0-x86_64-1.txz: Upgraded. + This release contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.10.0/releasenotes/ + https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird115.10 + (* Security fix *) +xfce/xfce4-notifyd-0.9.4-x86_64-2.txz: Rebuilt. + Do not install DBus service files, as these cause xfce4-notifyd to start in + plasma sessions. Thanks to ctrlaltca. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Tue Apr 16 21:57:56 UTC 2024 +a/aaa_libraries-15.1-x86_64-30.txz: Rebuilt. + Upgraded: libcares.so.2.13.1. + Added (temporarily): libboost_*.so.1.84.0. +ap/pamixer-1.6-x86_64-2.txz: Rebuilt. + Recompiled against boost-1.85.0. +kde/kig-23.08.5-x86_64-4.txz: Rebuilt. + Recompiled against boost-1.85.0. +kde/kopeninghours-23.08.5-x86_64-4.txz: Rebuilt. + Recompiled against boost-1.85.0. +kde/krita-5.2.2-x86_64-8.txz: Rebuilt. + Recompiled against boost-1.85.0. +l/boost-1.85.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/cryfs-0.10.3-x86_64-11.txz: Rebuilt. + Recompiled against boost-1.85.0. +x/fcitx5-chinese-addons-5.1.4-x86_64-2.txz: Rebuilt. + Recompiled against boost-1.85.0. +x/libime-1.1.6-x86_64-2.txz: Rebuilt. + Recompiled against boost-1.85.0. ++--------------------------+ +Tue Apr 16 18:50:13 UTC 2024 +a/elogind-255.4_r2-x86_64-1.txz: Upgraded. + Prefer SuspendMode=deep. Thanks to LuckyCyborg. + Make 10-elogind.conf .new (but it will still be forced in this time). + Fix reading login.conf. Thanks to af7567. + This branch is feeling a bit alpha to me, but we'll stick with it for now. +ap/groff-1.23.0-x86_64-2.txz: Rebuilt. + [PATCH] Revert upstream change of mapping special characters for UTF-8. + Thanks to Stuart Winter. +l/mozjs115-115.10.0esr-x86_64-1.txz: Upgraded. +l/python-hatchling-1.24.0-x86_64-1.txz: Upgraded. +n/bluez-5.75-x86_64-1.txz: Upgraded. +x/libxcb-1.17.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-115.10.0esr-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.mozilla.org/en-US/firefox/115.10.0/releasenotes/ + https://www.mozilla.org/security/advisories/mfsa2024-19/ + https://www.cve.org/CVERecord?id=CVE-2024-3852 + https://www.cve.org/CVERecord?id=CVE-2024-3854 + https://www.cve.org/CVERecord?id=CVE-2024-3857 + https://www.cve.org/CVERecord?id=CVE-2024-2609 + https://www.cve.org/CVERecord?id=CVE-2024-3859 + https://www.cve.org/CVERecord?id=CVE-2024-3861 + https://www.cve.org/CVERecord?id=CVE-2024-3863 + https://www.cve.org/CVERecord?id=CVE-2024-3302 + https://www.cve.org/CVERecord?id=CVE-2024-3864 + (* Security fix *) ++--------------------------+ +Mon Apr 15 22:28:37 UTC 2024 +ap/linuxdoc-tools-0.9.83-x86_64-1.txz: Upgraded. + Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0. + See the ChangeLog in source/ap/linuxdoc-tools for more details. + Thanks to Stuart Winter. +ap/sqlite-3.45.3-x86_64-1.txz: Upgraded. +l/Mako-1.3.3-x86_64-1.txz: Upgraded. +l/pipewire-1.0.5-x86_64-1.txz: Upgraded. +l/python-hatchling-1.23.0-x86_64-1.txz: Upgraded. +x/libwacom-2.11.0-x86_64-1.txz: Upgraded. +x/xcb-proto-1.17.0-x86_64-1.txz: Upgraded. +x/xf86-input-wacom-1.2.2-x86_64-1.txz: Upgraded. +xap/pan-0.158-x86_64-1.txz: Upgraded. + Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-) ++--------------------------+ +Sun Apr 14 18:35:32 UTC 2024 +a/less-653-x86_64-2.txz: Rebuilt. + This update patches a security issue: + less through 653 allows OS command execution via a newline character in the + name of a file, because quoting is mishandled in filename.c. Exploitation + typically requires use with attacker-controlled file names, such as the files + extracted from an untrusted archive. Exploitation also requires the LESSOPEN + environment variable, but this is set by default in many common cases. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-32487 + (* Security fix *) +ap/inxi-3.3.34_1-noarch-1.txz: Upgraded. +d/python-setuptools-69.5.1-x86_64-1.txz: Upgraded. +n/bluez-5.74-x86_64-1.txz: Upgraded. +xfce/xfce4-notifyd-0.9.4-x86_64-1.txz: Upgraded. + Almost everyone has jumped to this version, so we'll get with the program. ++--------------------------+ +Sat Apr 13 19:45:25 UTC 2024 +l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded. + Revert to the previous ImageMagick because the latest one is destroying SVG + files if "identify" or "display" is used on them. + Thanks to pc2005. ++--------------------------+ +Sat Apr 13 18:44:55 UTC 2024 +a/kernel-firmware-20240412_5da74b1-noarch-1.txz: Upgraded. +a/kernel-generic-6.6.27-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.27-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.27-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.27-x86-1.txz: Upgraded. +d/python-setuptools-69.5.0-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.27-noarch-1.txz: Upgraded. +l/libwebp-1.4.0-x86_64-1.txz: Upgraded. +l/opus-1.5.2-x86_64-1.txz: Upgraded. +x/xorg-server-21.1.13-x86_64-1.txz: Upgraded. +x/xorg-server-xephyr-21.1.13-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-21.1.13-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-21.1.13-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Sat Apr 13 00:59:20 UTC 2024 +l/python-docutils-0.21.1-x86_64-2.txz: Rebuilt. + Fix ridiculous broken symlink. Thanks to marav. ++--------------------------+ +Fri Apr 12 19:08:59 UTC 2024 +a/less-653-x86_64-1.txz: Upgraded. +d/ninja-1.12.0-x86_64-1.txz: Upgraded. +d/valgrind-3.22.0-x86_64-1.txz: Added. + Thanks to Kyle Guinn, Peter Wang, and Willy Sudiarto Raharjo. +l/netpbm-11.06.01-x86_64-1.txz: Upgraded. +n/php-8.3.6-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://www.php.net/ChangeLog-8.php#8.3.6 + (* Security fix *) ++--------------------------+ +Thu Apr 11 21:36:28 UTC 2024 +d/cmake-3.29.2-x86_64-1.txz: Upgraded. +l/polkit-124-x86_64-1.txz: Upgraded. + Thanks to marav for the patches. ++--------------------------+ +Thu Apr 11 19:05:36 UTC 2024 +a/elogind-255.4-x86_64-1.txz: Upgraded. +a/libblockdev-3.1.1_1-x86_64-1.txz: Upgraded. +a/libbytesize-2.10-x86_64-1.txz: Upgraded. +a/libgudev-238-x86_64-1.txz: Upgraded. +a/udisks-1.0.5-x86_64-11.txz: Removed. +a/udisks2-2.10.1-x86_64-1.txz: Upgraded. +a/upower-1.90.4-x86_64-1.txz: Upgraded. +l/python-docutils-0.21.1-x86_64-1.txz: Upgraded. +l/python-idna-3.7-x86_64-1.txz: Upgraded. +n/php-8.3.5-x86_64-1.txz: Upgraded. + This update fixes bugs and security issues. + For more information, see: + https://www.php.net/ChangeLog-8.php#8.3.6 + (* Security fix *) +x/ibus-m17n-1.4.29-x86_64-1.txz: Upgraded. +x/mesa-24.0.5-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Apr 10 19:09:14 UTC 2024 +a/cryptsetup-2.7.2-x86_64-1.txz: Upgraded. +a/kernel-firmware-20240410_53438f8-noarch-1.txz: Upgraded. +a/kernel-generic-6.6.26-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.26-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.26-x86_64-1.txz: Upgraded. +a/openssl-solibs-3.3.0-x86_64-1.txz: Upgraded. +a/pam-1.6.1-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.26-x86-1.txz: Upgraded. +d/rust-1.77.2-x86_64-1.txz: Upgraded. + [PATCH] compiler: Use wasm-ld for wasm targets. + Thanks to Heinz Wiesinger. +k/kernel-source-6.6.26-noarch-1.txz: Upgraded. + +SPECTRE_BHI_AUTO n + +SPECTRE_BHI_OFF n + +SPECTRE_BHI_ON y +l/gst-plugins-bad-free-1.24.2-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.24.2-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.24.2-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.24.2-x86_64-1.txz: Upgraded. +l/gstreamer-1.24.2-x86_64-1.txz: Upgraded. +l/libcap-ng-0.8.5-x86_64-1.txz: Upgraded. +l/nodejs-20.12.2-x86_64-1.txz: Upgraded. +l/python-trove-classifiers-2024.4.10-x86_64-1.txz: Upgraded. +n/gnutls-3.8.5-x86_64-2.txz: Rebuilt. + [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration. + Thanks to bortolotto. +n/openssl-3.3.0-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Tue Apr 9 18:14:27 UTC 2024 +l/abseil-cpp-20240116.2-x86_64-1.txz: Upgraded. +l/dotconf-1.4.1-x86_64-1.txz: Upgraded. +t/texlive-2024.240409-x86_64-1.txz: Upgraded. + Thanks to Johannes Schoepfer. +x/xorg-server-xwayland-23.2.6-x86_64-1.txz: Upgraded. +xap/blueman-2.4.1-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 8 18:44:37 UTC 2024 +l/imagemagick-7.1.1_30-x86_64-1.txz: Upgraded. +l/libarchive-3.7.3-x86_64-1.txz: Upgraded. + This update fixes a security issue: + Fix possible vulnerability in tar error reporting introduced in f27c173 + by JiaT75. + For more information, see: + https://github.com/libarchive/libarchive/commit/f27c173d17dc807733b3a4f8c11207c3f04ff34f + https://github.com/libarchive/libarchive/pull/2101 + (* Security fix *) +n/net-snmp-5.9.4-x86_64-3.txz: Rebuilt. + [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp. + Thanks to walecha. +n/rsync-3.3.0-x86_64-1.txz: Upgraded. +x/xorg-sgml-doctools-1.12.1-x86_64-1.txz: Upgraded. +xap/gimp-2.10.36-x86_64-3.txz: Rebuilt. + [PATCH] QuitDialog: disconnect signal handler on dialog destroy. + This fixes a crash on quit. + Thanks to USUARIONUEVO. +xap/xlockmore-5.77-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 6 17:19:58 UTC 2024 +a/pciutils-3.12.0-x86_64-1.txz: Upgraded. +l/pygobject-2.28.7-x86_64-10.txz: Rebuilt. + Build with PYTHON=python2 so that we don't have a call to unversioned python + in pygobject-codegen-2.0. Fixes building gimp from git. + Thanks to Petri Kaukasoina. +l/pygobject3-3.48.2-x86_64-1.txz: Upgraded. +x/libX11-1.8.9-x86_64-1.txz: Upgraded. +x/mtdev-1.1.7-x86_64-1.txz: Upgraded. ++--------------------------+ +Fri Apr 5 20:11:23 UTC 2024 +a/etc-15.1-x86_64-10.txz: Rebuilt. + Added nut user (218) and nut group (218). +a/genpower-1.0.5-x86_64-5.txz: Removed. +a/nut-2.8.2-x86_64-1.txz: Added. + This is a package to support uninterruptible power supplies, and replaces + the obsolete genpower package. + Thanks to V'yacheslav Stetskevych for the original SBo script. +a/sysvinit-scripts-15.1-noarch-16.txz: Rebuilt. + rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and + rc.nut-upsmon. Remove the genpower block. + rc.6: support stopping the UPS inverter on the way down if we see + /etc/killpower. Remove the genpower block. +a/tcsh-6.24.12-x86_64-1.txz: Upgraded. +ap/man-db-2.12.1-x86_64-1.txz: Upgraded. +ap/mpg123-1.32.6-x86_64-1.txz: Upgraded. +ap/vim-9.1.0265-x86_64-1.txz: Upgraded. +d/cargo-vendor-filterer-0.5.14-x86_64-1.txz: Upgraded. +d/nasm-2.16.02-x86_64-1.txz: Upgraded. +l/libproxy-0.5.5-x86_64-1.txz: Upgraded. +l/python-hatchling-1.22.5-x86_64-1.txz: Upgraded. +l/python-typing_extensions-4.11.0-x86_64-1.txz: Upgraded. +x/xdm-1.1.16-x86_64-1.txz: Upgraded. +xap/vim-gvim-9.1.0265-x86_64-1.txz: Upgraded. +extra/bash-completion/bash-completion-2.13.0-noarch-1.txz: Upgraded. +extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz: Rebuilt. + Recompiled against xorg-server-21.1.12 to fix security issues: + Heap buffer overread/data leakage in ProcXIGetSelectedEvents. + Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. + Heap buffer overread/data leakage in ProcAppleDRICreatePixmap. + Use-after-free in ProcRenderAddGlyphs. + For more information, see: + https://lists.x.org/archives/xorg-announce/2024-April/003497.html + https://www.cve.org/CVERecord?id=CVE-2024-31080 + https://www.cve.org/CVERecord?id=CVE-2024-31081 + https://www.cve.org/CVERecord?id=CVE-2024-31082 + https://www.cve.org/CVERecord?id=CVE-2024-31083 + (* Security fix *) ++--------------------------+ +Thu Apr 4 20:49:23 UTC 2024 +a/hwdata-0.381-noarch-1.txz: Upgraded. +a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded. +d/cmake-3.29.1-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.25-x86-1.txz: Upgraded. +d/llvm-18.1.3-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.25-noarch-1.txz: Upgraded. +kde/kstars-3.7.0-x86_64-1.txz: Upgraded. +l/enchant-2.6.9-x86_64-1.txz: Upgraded. +l/libclc-18.1.3-x86_64-1.txz: Upgraded. +l/sof-firmware-2024.03-noarch-1.txz: Upgraded. +n/gnutls-3.8.5-x86_64-1.txz: Upgraded. +n/httpd-2.4.59-x86_64-1.txz: Upgraded. + This update fixes security issues: + HTTP/2 DoS by memory exhaustion on endless continuation frames. + HTTP Response Splitting in multiple modules. + HTTP response splitting. + For more information, see: + https://downloads.apache.org/httpd/CHANGES_2.4.59 + https://www.cve.org/CVERecord?id=CVE-2024-27316 + https://www.cve.org/CVERecord?id=CVE-2024-24795 + https://www.cve.org/CVERecord?id=CVE-2023-38709 + (* Security fix *) +n/nghttp2-1.61.0-x86_64-1.txz: Upgraded. + This update fixes security issues: + nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION + frames even after a stream is reset to keep HPACK context in sync. This + causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates + this vulnerability by limiting the number of CONTINUATION frames it can + accept after a HEADERS frame. + For more information, see: + https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q + https://www.kb.cert.org/vuls/id/421644 + https://www.cve.org/CVERecord?id=CVE-2024-28182 + (* Security fix *) +x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Wed Apr 3 22:22:06 UTC 2024 +l/PyQt-builder-1.16.0-x86_64-1.txz: Upgraded. +l/gst-plugins-bad-free-1.24.1-x86_64-2.txz: Rebuilt. + Recompiled against aom-3.8.2 to build libgstaom.so. +l/nodejs-20.12.1-x86_64-1.txz: Upgraded. +l/python-lxml-5.2.1-x86_64-1.txz: Upgraded. +x/xorg-server-21.1.12-x86_64-1.txz: Upgraded. + This update fixes security issues: + Heap buffer overread/data leakage in ProcXIGetSelectedEvents. + Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. + Heap buffer overread/data leakage in ProcAppleDRICreatePixmap. + Use-after-free in ProcRenderAddGlyphs. + For more information, see: + https://lists.x.org/archives/xorg-announce/2024-April/003497.html + https://www.cve.org/CVERecord?id=CVE-2024-31080 + https://www.cve.org/CVERecord?id=CVE-2024-31081 + https://www.cve.org/CVERecord?id=CVE-2024-31082 + https://www.cve.org/CVERecord?id=CVE-2024-31083 + (* Security fix *) +x/xorg-server-xephyr-21.1.12-x86_64-1.txz: Upgraded. +x/xorg-server-xnest-21.1.12-x86_64-1.txz: Upgraded. +x/xorg-server-xvfb-21.1.12-x86_64-1.txz: Upgraded. +x/xorg-server-xwayland-23.2.5-x86_64-1.txz: Upgraded. + This update fixes security issues: + Heap buffer overread/data leakage in ProcXIGetSelectedEvents. + Heap buffer overread/data leakage in ProcXIPassiveGrabDevice. + Use-after-free in ProcRenderAddGlyphs. + For more information, see: + https://lists.x.org/archives/xorg-announce/2024-April/003497.html + https://www.cve.org/CVERecord?id=CVE-2024-31080 + https://www.cve.org/CVERecord?id=CVE-2024-31081 + https://www.cve.org/CVERecord?id=CVE-2024-31083 + (* Security fix *) ++--------------------------+ +Wed Apr 3 19:58:56 UTC 2024 +a/kernel-generic-6.6.24-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.24-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.24-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.24-x86-1.txz: Upgraded. +d/python3-3.11.9-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.24-noarch-1.txz: Upgraded. + -AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n + -GCC11_NO_ARRAY_BOUNDS y + NUMA_BALANCING n -> y + +GCC10_NO_ARRAY_BOUNDS y + +NUMA_BALANCING_DEFAULT_ENABLED y +kde/libindi-2.0.7-x86_64-1.txz: Upgraded. +l/SDL2-2.30.2-x86_64-1.txz: Upgraded. +l/aom-3.8.2-x86_64-1.txz: Added. + Needed to add AV1 encode/decode support to ffmpeg. + Thanks to Andrew Strong. +l/dav1d-1.4.1-x86_64-1.txz: Added. + Needed to add AV1 decode support to ffmpeg. +l/ffmpeg-6.1.1-x86_64-2.txz: Rebuilt. + Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W. + Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support. + Thanks to glennmcc. +l/gtk4-4.14.2-x86_64-1.txz: Upgraded. +n/whois-5.5.22-x86_64-1.txz: Upgraded. + Fixed a segmentation fault with --no-recursion. + Updated the .bm and .vi TLD servers. + Removed 4 new gTLDs which are no longer active. +xap/MPlayer-20240403-x86_64-1.txz: Upgraded. + Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc. + Thanks to glennmcc. +xap/pan-0.157-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Mon Apr 1 19:02:42 UTC 2024 +d/nv-codec-headers-12.2.72.0-x86_64-1.txz: Upgraded. +d/parallel-20240322-noarch-1.txz: Upgraded. +kde/calligra-3.2.1-x86_64-38.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/cantor-23.08.5-x86_64-5.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/kfilemetadata-5.115.0-x86_64-3.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/kile-2.9.93-x86_64-32.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/kitinerary-23.08.5-x86_64-3.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/krita-5.2.2-x86_64-7.txz: Rebuilt. + Recompiled against poppler-24.04.0. +kde/okular-23.08.5-x86_64-3.txz: Rebuilt. + Recompiled against poppler-24.04.0. +l/gobject-introspection-1.80.1-x86_64-1.txz: Upgraded. +l/netpbm-11.06.00-x86_64-1.txz: Upgraded. +l/poppler-24.04.0-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +l/python-pillow-10.3.0-x86_64-1.txz: Upgraded. +xap/x3270-4.3ga8-x86_64-1.txz: Upgraded. ++--------------------------+ +Sun Mar 31 22:44:32 UTC 2024 +d/python-pip-24.0-x86_64-3.txz: Rebuilt. + Get rid of unneeded Windows garbage in the package. +d/python2-2.7.18-x86_64-8.txz: Rebuilt. + Get rid of unneeded Windows garbage in the package. +l/PyQt-builder-1.15.4-x86_64-3.txz: Rebuilt. + Get rid of unneeded Windows garbage in the package. +l/python-installer-0.7.0-x86_64-3.txz: Rebuilt. + Get rid of unneeded Windows garbage in the package. ++--------------------------+ +Sun Mar 31 18:28:19 UTC 2024 +ap/hplip-3.23.12-x86_64-4.txz: Rebuilt. + Add a few patches from Arch, including one to fix a Unicode error with the + sixext.py script that causes hp-setup to crash after detecting a printer. + Thanks to truepatriot76. +d/Cython-3.0.10-x86_64-1.txz: Upgraded. +d/cargo-vendor-filterer-0.5.13-x86_64-1.txz: Upgraded. +d/poke-4.0-x86_64-1.txz: Upgraded. +l/editorconfig-core-c-0.12.7-x86_64-1.txz: Upgraded. +l/jasper-4.2.3-x86_64-1.txz: Upgraded. +l/libical-3.0.18-x86_64-1.txz: Upgraded. +l/pango-1.52.2-x86_64-1.txz: Upgraded. +l/python-lxml-5.2.0-x86_64-1.txz: Upgraded. +l/wireplumber-0.5.1-x86_64-1.txz: Upgraded. +n/c-ares-1.28.1-x86_64-1.txz: Upgraded. +xap/blueman-2.4-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Mar 30 20:58:19 UTC 2024 +ap/undervolt-0.4.0-x86_64-1.txz: Upgraded. +kde/kig-23.08.5-x86_64-3.txz: Rebuilt. + Recompiled to link with libboost_python311.so.1.84.0. +kde/kopeninghours-23.08.5-x86_64-3.txz: Rebuilt. + Recompiled to link with libboost_python311.so.1.84.0. Thanks to gmgf. ++--------------------------+ +Sat Mar 30 18:08:12 UTC 2024 +a/xz-5.6.1-x86_64-3.txz: Rebuilt. + [PATCH] CMake: Fix sabotaged Landlock sandbox check. + We don't build with CMake (yet), but it doesn't hurt to apply this. +d/mercurial-6.7.2-x86_64-1.txz: Upgraded. +l/boost-1.84.0-x86_64-3.txz: Rebuilt. + Recompiled against python-3.11.8. Thanks to rinza. +l/python-pycparser-2.22-x86_64-1.txz: Upgraded. +l/python-pytz-2024.1-x86_64-2.txz: Removed. + No longer needed with python-3.11. Thanks to audriusk. +l/python-tomli-2.0.1-x86_64-2.txz: Removed. + No longer needed with python-3.11. Thanks to TommyC7 and audriusk. +n/c-ares-1.28.0-x86_64-1.txz: Upgraded. +xap/xsnow-3.7.9-x86_64-1.txz: Upgraded. +extra/brltty/brltty-6.6-x86_64-4.txz: Rebuilt. + Don't install anything under /usr/local. Thanks to reddog83. ++--------------------------+ +Fri Mar 29 20:39:11 UTC 2024 +Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a +rebuild or upgrade to build against python-3.11.8. Looking at the python +readiness page, it seems like a lot of stuff we use is not certified for +python-3.12 yet (although to be fair, about half as much isn't certified for +python-3.11 either). But 3.11 seems to be the safer choice even though the +final bugfix update is scheduled for Monday. And, if we do decide to move +ahead to 3.12 later on, it'll be a lot easier than this update was. +Enjoy! :-) +a/aaa_libraries-15.1-x86_64-29.txz: Rebuilt. + Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0, + libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0, + libgthread-2.0.so.0.8000.0. + Removed: libboost_*.so.1.83.0. +a/libblockdev-2.28-x86_64-3.txz: Rebuilt. +a/libbytesize-2.8-x86_64-2.txz: Rebuilt. +a/libpwquality-1.4.5-x86_64-2.txz: Rebuilt. +a/mcelog-198-x86_64-1.txz: Upgraded. +a/util-linux-2.40-x86_64-2.txz: Rebuilt. +a/volume_key-0.3.12-x86_64-8.txz: Rebuilt. +a/xz-5.6.1-x86_64-2.txz: Rebuilt. + Seems like a good idea to build this from a git pull rather than the signed + release tarballs. :-) + The liblzma in the previous packages were not found to be vulnerable by the + detection script, but I'd rather not carry the bad m4 files in our sources. + Here's a test script for anyone wanting to try it: + if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then + echo probably vulnerable + else + echo probably not vulnerable + fi +ap/hplip-3.23.12-x86_64-3.txz: Rebuilt. +ap/linuxdoc-tools-0.9.82-x86_64-5.txz: Rebuilt. +ap/rpm-4.19.1.1-x86_64-2.txz: Rebuilt. +ap/undervolt-20210815_e39aea1-x86_64-3.txz: Rebuilt. +ap/vim-9.1.0225-x86_64-1.txz: Upgraded. +d/Cython-3.0.9-x86_64-2.txz: Rebuilt. +d/distcc-3.4-x86_64-5.txz: Rebuilt. +d/gdb-14.2-x86_64-2.txz: Rebuilt. +d/gyp-20210831_d6c5dd51-x86_64-3.txz: Rebuilt. +d/llvm-18.1.2-x86_64-2.txz: Rebuilt. +d/mercurial-6.7.1-x86_64-2.txz: Rebuilt. +d/meson-1.4.0-x86_64-2.txz: Rebuilt. +d/python-pip-24.0-x86_64-2.txz: Rebuilt. +d/python-setuptools-69.2.0-x86_64-2.txz: Rebuilt. +d/python3-3.11.8-x86_64-1.txz: Upgraded. + Shared library .so-version bump. +d/scons-4.7.0-x86_64-2.txz: Rebuilt. +kde/cantor-23.08.5-x86_64-4.txz: Rebuilt. +kde/kapidox-5.115.0-x86_64-2.txz: Rebuilt. +kde/kdev-python-23.08.5-x86_64-2.txz: Rebuilt. +kde/kig-23.08.5-x86_64-2.txz: Rebuilt. +kde/kmymoney-5.1.3-x86_64-4.txz: Rebuilt. +kde/kopeninghours-23.08.5-x86_64-2.txz: Rebuilt. +kde/krita-5.2.2-x86_64-6.txz: Rebuilt. +l/M2Crypto-0.41.0-x86_64-2.txz: Rebuilt. +l/Mako-1.3.2-x86_64-2.txz: Rebuilt. +l/PyQt-builder-1.15.4-x86_64-2.txz: Rebuilt. +l/PyQt5-5.15.10-x86_64-2.txz: Rebuilt. +l/PyQt5_sip-12.13.0-x86_64-2.txz: Rebuilt. +l/QScintilla-2.14.1-x86_64-3.txz: Rebuilt. +l/avahi-20240306_709e60f-x86_64-2.txz: Rebuilt. +l/brotli-1.1.0-x86_64-2.txz: Rebuilt. +l/dbus-python-1.3.2-x86_64-2.txz: Rebuilt. +l/gexiv2-0.14.2-x86_64-3.txz: Rebuilt. +l/gi-docgen-2023.3-x86_64-2.txz: Rebuilt. +l/glade-3.40.0-x86_64-2.txz: Rebuilt. +l/gobject-introspection-1.80.0-x86_64-2.txz: Rebuilt. +l/harfbuzz-8.4.0-x86_64-1.txz: Upgraded. +l/lensfun-0.3.4-x86_64-2.txz: Rebuilt. +l/libcaca-0.99.beta20-x86_64-2.txz: Rebuilt. +l/libcap-ng-0.8.4-x86_64-2.txz: Rebuilt. +l/libieee1284-0.2.11-x86_64-8.txz: Rebuilt. +l/libimobiledevice-20231007_04c0233-x86_64-2.txz: Rebuilt. +l/libnvme-1.8-x86_64-2.txz: Rebuilt. +l/libplist-2.4.0-x86_64-2.txz: Rebuilt. +l/libwebp-1.3.2-x86_64-3.txz: Rebuilt. +l/libxml2-2.12.6-x86_64-3.txz: Rebuilt. +l/libxslt-1.1.39-x86_64-2.txz: Rebuilt. +l/newt-0.52.24-x86_64-3.txz: Rebuilt. +l/protobuf-26.1-x86_64-2.txz: Rebuilt. +l/pycairo-1.26.0-x86_64-3.txz: Rebuilt. +l/pycups-2.0.1-x86_64-7.txz: Rebuilt. +l/pycurl-7.45.3-x86_64-2.txz: Rebuilt. +l/pygobject3-3.48.1-x86_64-2.txz: Rebuilt. +l/pyparsing-3.1.2-x86_64-2.txz: Rebuilt. +l/python-Jinja2-3.1.3-x86_64-2.txz: Rebuilt. +l/python-MarkupSafe-2.1.5-x86_64-2.txz: Rebuilt. +l/python-PyYAML-6.0.1-x86_64-3.txz: Rebuilt. +l/python-alabaster-0.7.16-x86_64-2.txz: Rebuilt. +l/python-appdirs-1.4.4-x86_64-7.txz: Rebuilt. +l/python-babel-2.14.0-x86_64-2.txz: Rebuilt. +l/python-build-1.2.1-x86_64-2.txz: Rebuilt. +l/python-calver-2022.6.26-x86_64-2.txz: Rebuilt. +l/python-certifi-2024.2.2-x86_64-2.txz: Rebuilt. +l/python-cffi-1.16.0-x86_64-2.txz: Rebuilt. +l/python-chardet-5.2.0-x86_64-2.txz: Rebuilt. +l/python-charset-normalizer-3.3.2-x86_64-2.txz: Rebuilt. +l/python-distro-1.9.0-x86_64-2.txz: Rebuilt. +l/python-dnspython-2.6.1-x86_64-2.txz: Rebuilt. +l/python-docutils-0.20.1-x86_64-2.txz: Rebuilt. +l/python-doxypypy-0.8.8.7-x86_64-2.txz: Rebuilt. +l/python-doxyqml-0.5.3-x86_64-2.txz: Rebuilt. +l/python-editables-0.5-x86_64-2.txz: Rebuilt. +l/python-flit-core-3.9.0-x86_64-2.txz: Rebuilt. +l/python-future-1.0.0-x86_64-2.txz: Rebuilt. +l/python-glad2-2.0.6-x86_64-2.txz: Rebuilt. +l/python-hatchling-1.22.4-x86_64-2.txz: Rebuilt. +l/python-html5lib-1.1-x86_64-2.txz: Rebuilt. +l/python-idna-3.6-x86_64-2.txz: Rebuilt. +l/python-imagesize-1.4.1-x86_64-2.txz: Rebuilt. +l/python-importlib_metadata-7.1.0-x86_64-2.txz: Rebuilt. +l/python-installer-0.7.0-x86_64-2.txz: Rebuilt. +l/python-lxml-5.1.1-x86_64-1.txz: Upgraded. +l/python-markdown-3.6-x86_64-2.txz: Rebuilt. +l/python-notify2-0.3.1-x86_64-11.txz: Rebuilt. +l/python-packaging-24.0-x86_64-2.txz: Rebuilt. +l/python-pathspec-0.12.1-x86_64-2.txz: Rebuilt. +l/python-pbr-6.0.0-x86_64-2.txz: Rebuilt. +l/python-pillow-10.2.0-x86_64-2.txz: Rebuilt. +l/python-pluggy-1.4.0-x86_64-2.txz: Rebuilt. +l/python-ply-3.11-x86_64-9.txz: Rebuilt. +l/python-psutil-5.9.8-x86_64-2.txz: Rebuilt. +l/python-pycparser-2.21-x86_64-2.txz: Rebuilt. +l/python-pygments-2.17.2-x86_64-2.txz: Rebuilt. +l/python-pyproject-hooks-1.0.0-x86_64-2.txz: Rebuilt. +l/python-pysol_cards-0.16.0-x86_64-2.txz: Rebuilt. +l/python-pytz-2024.1-x86_64-2.txz: Rebuilt. +l/python-random2-1.0.2-x86_64-2.txz: Rebuilt. +l/python-requests-2.31.0-x86_64-2.txz: Rebuilt. +l/python-sane-2.9.1-x86_64-6.txz: Rebuilt. +l/python-setuptools_scm-8.0.4-x86_64-2.txz: Rebuilt. +l/python-six-1.16.0-x86_64-4.txz: Rebuilt. +l/python-smartypants-2.0.1-x86_64-2.txz: Rebuilt. +l/python-snowballstemmer-2.2.0-x86_64-2.txz: Rebuilt. +l/python-sphinx-7.2.6-x86_64-2.txz: Rebuilt. +l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz: Rebuilt. +l/python-tomli-2.0.1-x86_64-2.txz: Rebuilt. +l/python-tomli-w-1.0.0-x86_64-2.txz: Rebuilt. +l/python-trove-classifiers-2024.3.25-x86_64-2.txz: Rebuilt. +l/python-typing_extensions-4.10.0-x86_64-2.txz: Rebuilt. +l/python-typogrify-2.0.7-x86_64-2.txz: Rebuilt. +l/python-urllib3-2.2.1-x86_64-2.txz: Rebuilt. +l/python-webencodings-0.5.1-x86_64-2.txz: Rebuilt. +l/python-wheel-0.43.0-x86_64-2.txz: Rebuilt. +l/python-zipp-3.18.1-x86_64-2.txz: Rebuilt. +l/sip-6.8.3-x86_64-2.txz: Rebuilt. +l/speech-dispatcher-0.11.5-x86_64-2.txz: Rebuilt. +l/system-config-printer-1.5.18-x86_64-2.txz: Rebuilt. +l/talloc-2.4.2-x86_64-2.txz: Rebuilt. +l/tdb-1.4.10-x86_64-2.txz: Rebuilt. +l/tevent-0.16.1-x86_64-2.txz: Rebuilt. +n/epic5-2.1.12-x86_64-7.txz: Rebuilt. +n/fetchmail-6.4.38-x86_64-2.txz: Rebuilt. +n/getmail-6.18.14-x86_64-2.txz: Rebuilt. +n/gpgme-1.23.2-x86_64-3.txz: Rebuilt. +n/net-snmp-5.9.4-x86_64-2.txz: Rebuilt. +n/nftables-1.0.9-x86_64-2.txz: Rebuilt. +n/nmap-7.94-x86_64-2.txz: Rebuilt. +n/nss-pam-ldapd-0.9.12-x86_64-4.txz: Rebuilt. +n/obexftp-0.24.2-x86_64-12.txz: Rebuilt. +n/pssh-2.3.5-x86_64-2.txz: Rebuilt. +n/samba-4.20.0-x86_64-2.txz: Rebuilt. +x/ibus-1.5.29-x86_64-3.txz: Rebuilt. +x/ibus-anthy-1.5.16-x86_64-2.txz: Rebuilt. +x/ibus-hangul-1.5.5-x86_64-2.txz: Rebuilt. +x/ibus-libpinyin-1.15.7-x86_64-2.txz: Rebuilt. +x/ibus-table-1.17.4-x86_64-2.txz: Rebuilt. +x/marisa-0.2.6-x86_64-9.txz: Rebuilt. +x/pyxdg-0.28-x86_64-2.txz: Rebuilt. +x/xcb-proto-1.16.0-x86_64-3.txz: Rebuilt. +xap/blueman-2.3.5-x86_64-2.txz: Rebuilt. +xap/hexchat-2.16.2-x86_64-2.txz: Rebuilt. +xap/vim-gvim-9.1.0225-x86_64-1.txz: Upgraded. +extra/brltty/brltty-6.6-x86_64-3.txz: Rebuilt. ++--------------------------+ +Fri Mar 29 02:25:21 UTC 2024 +a/coreutils-9.5-x86_64-1.txz: Upgraded. + chmod -R now avoids a race where an attacker may replace a traversed file + with a symlink, causing chmod to operate on an unintended file. + [This bug was present in "the beginning".] + split --line-bytes with a mixture of very long and short lines no longer + overwrites the heap. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-0684 + (* Security fix *) ++--------------------------+ +Thu Mar 28 21:40:08 UTC 2024 +a/btrfs-progs-6.8-x86_64-1.txz: Upgraded. +a/gpm-1.20.7-x86_64-10.txz: Rebuilt. + Clean up the compile fix patch omitting the Emacs Lisp file. + Clean up and apply the weak-wgetch patch. + Build using the option --without-curses. + Thanks to qunying. +a/util-linux-2.40-x86_64-1.txz: Upgraded. + This release fixes a vulnerability where the wall command did not filter + escape sequences from command line arguments, allowing unprivileged users + to put arbitrary text on other users terminals. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-28085 + (* Security fix *) +d/rust-1.77.1-x86_64-1.txz: Upgraded. +l/fluidsynth-2.3.5-x86_64-1.txz: Upgraded. +l/protobuf-26.1-x86_64-1.txz: Upgraded. +l/python-build-1.2.1-x86_64-1.txz: Upgraded. +n/samba-4.20.0-x86_64-1.txz: Upgraded. +x/mesa-24.0.4-x86_64-1.txz: Upgraded. +xap/seamonkey-2.53.18.2-x86_64-1.txz: Upgraded. + This update contains security fixes and improvements. + For more information, see: + https://www.seamonkey-project.org/releases/seamonkey2.53.18.2 + (* Security fix *) ++--------------------------+ Wed Mar 27 19:16:09 UTC 2024 a/kernel-firmware-20240322_e068ccf-noarch-1.txz: Upgraded. a/kernel-generic-6.6.23-x86_64-1.txz: Upgraded. |