summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt1116
1 files changed, 1116 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 864f6713b..a468bf8ba 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,1119 @@
+Sun May 12 19:10:12 UTC 2024
+a/less-654-x86_64-1.txz: Upgraded.
+d/ninja-1.12.1-x86_64-1.txz: Upgraded.
+n/whois-5.5.23-x86_64-1.txz: Upgraded.
+ Updated the .sc, .********* (.xn--yfro4i67o, Singapore)
+ and .********************************* (.xn--clchc0ea0b2g2a9gcd, Singapore)
+ TLD servers.
+extra/bittornado/bittornado-0.3.18-noarch-3.txz: Removed.
+ Obsolete and based on python2.
++--------------------------+
+Thu May 9 19:26:51 UTC 2024
+l/libjpeg-turbo-3.0.3-x86_64-1.txz: Upgraded.
+l/nodejs-20.13.1-x86_64-1.txz: Upgraded.
+l/pipewire-1.0.6-x86_64-1.txz: Upgraded.
+n/php-8.3.7-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+ For more information, see:
+ https://www.php.net/ChangeLog-8.php#8.3.7
+n/wireless-regdb-2024.05.08-x86_64-1.txz: Upgraded.
+extra/bash-completion/bash-completion-2.14.0-noarch-1.txz: Upgraded.
++--------------------------+
+Wed May 8 21:05:29 UTC 2024
+d/cmake-3.29.3-x86_64-1.txz: Upgraded.
+l/adwaita-icon-theme-46.0-noarch-2.txz: Rebuilt.
+ Restore icons that went missing after adwaita-icon-theme-41.0.
+l/glib2-2.80.2-x86_64-1.txz: Upgraded.
+l/libgnt-2.14.4_dev-x86_64-1.txz: Upgraded.
+l/mozilla-nss-3.100-x86_64-1.txz: Upgraded.
+n/samba-4.20.1-x86_64-1.txz: Upgraded.
+x/mesa-24.0.7-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue May 7 20:06:35 UTC 2024
+d/mercurial-6.7.3-x86_64-1.txz: Upgraded.
+l/imagemagick-7.1.1_32-x86_64-2.txz: Rebuilt.
+ Add INSTALL_BASE= to --with-perl-options= to fix perl modules installation
+ not honoring $LIBDIRSUFFIX since 7.1.1-30. Thanks to HQuest.
+l/libqalculate-5.1.1-x86_64-1.txz: Upgraded.
+l/nodejs-20.13.0-x86_64-1.txz: Upgraded.
+l/python-typing_extensions-4.11.0-x86_64-1.txz: Removed.
+ No longer needed with the upgrade to python-setuptools_scm-8.1.0.
+ Thanks to audriusk for the reminder.
+x/anthy-unicode-1.0.0.20240502-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon May 6 17:41:36 UTC 2024
+a/util-linux-2.40.1-x86_64-1.txz: Upgraded.
+l/imagemagick-7.1.1_32-x86_64-1.txz: Upgraded.
+l/libqalculate-5.1.0-x86_64-1.txz: Upgraded.
+l/python-Jinja2-3.1.4-x86_64-1.txz: Upgraded.
+l/python-setuptools_scm-8.1.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun May 5 18:35:56 UTC 2024
+l/python-babel-2.15.0-x86_64-1.txz: Upgraded.
+y/nethack-3.6.7-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
++--------------------------+
+Sat May 4 17:37:11 UTC 2024
+a/elvis-2.2_0-x86_64-9.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+a/gettext-0.22.5-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+a/procps-ng-4.0.4-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/bc-1.07.1-x86_64-6.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/bpe-2.01.00-x86_64-7.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/gutenprint-5.3.4-x86_64-4.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/ispell-3.4.06-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/joe-4.6-x86_64-5.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/nvme-cli-2.9.1-x86_64-1.txz: Upgraded.
+ap/powertop-2.15-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/sc-7.16-x86_64-11.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/screen-4.9.1-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+ap/xfsdump-3.1.12-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/clisp-2.50_20230718_669249717-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/cmake-3.29.2-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/cscope-15.9-x86_64-4.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/gettext-tools-0.22.5-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/guile-3.0.9-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/lua-5.4.6-x86_64-6.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+d/poke-4.0-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+kde/kalgebra-23.08.5-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/enchant-2.7.3-x86_64-1.txz: Upgraded.
+l/gdbm-1.23-x86_64-3.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/lame-3.100-x86_64-5.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/libcdio-2.1.0-x86_64-4.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/libedit-20230828_3.1-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/libnjb-2.2.7-x86_64-5.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/libnvme-1.9-x86_64-1.txz: Upgraded.
+l/libqalculate-5.0.0-x86_64-3.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+l/python-pygments-2.18.0-x86_64-1.txz: Upgraded.
+l/qtkeychain-0.14.3-x86_64-1.txz: Upgraded.
+l/readline-8.2.010-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/elm-2.5.8-x86_64-8.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/epic5-2.1.12-x86_64-8.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/iftop-1.0pre4-x86_64-5.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/metamail-2.7-x86_64-11.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/mtr-0.95-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/net-snmp-5.9.4-x86_64-4.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/netkit-ftp-0.17-x86_64-8.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/netkit-ntalk-0.17-x86_64-8.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/netwatch-1.3.1_2-x86_64-6.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/nn-6.7.3-x86_64-9.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/php-8.3.6-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/samba-4.20.0-x86_64-3.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/telnet-0.17-x86_64-7.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/wpa_supplicant-2.10-x86_64-4.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+n/ytalk-3.3.0-x86_64-7.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+xap/MPlayer-20240403-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+xap/ddd-3.4.0-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+xap/gnuchess-6.2.9-x86_64-2.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+xap/xine-ui-0.99.14-x86_64-3.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
+y/bsd-games-2.17-x86_64-5.txz: Rebuilt.
+ Recompiled against ncurses-6.5.
++--------------------------+
+Fri May 3 17:37:59 UTC 2024
+a/hwdata-0.382-noarch-1.txz: Upgraded.
+a/ndctl-79-x86_64-1.txz: Upgraded.
+l/gtk4-4.14.4-x86_64-1.txz: Upgraded.
+xap/gimp-2.10.38-x86_64-1.txz: Upgraded.
++--------------------------+
+Thu May 2 23:49:58 UTC 2024
+a/btrfs-progs-6.8.1-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20240502_28f75f1-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.30-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.30-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.30-x86_64-1.txz: Upgraded.
+ap/mariadb-10.11.7-x86_64-2.txz: Rebuilt.
+ Try to preserve the timestamp on rc.mysqld.new.
+d/kernel-headers-6.6.30-x86-1.txz: Upgraded.
+d/llvm-18.1.5-x86_64-1.txz: Upgraded.
+d/rust-1.78.0-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.30-noarch-1.txz: Upgraded.
+l/SDL2-2.30.3-x86_64-1.txz: Upgraded.
+n/mobile-broadband-provider-info-20240502-noarch-1.txz: Upgraded.
+x/ibus-1.5.30-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Wed May 1 18:48:17 UTC 2024
+ap/nano-8.0-x86_64-1.txz: Upgraded.
+ap/vim-9.1.0386-x86_64-1.txz: Upgraded.
+l/liburing-2.6-x86_64-1.txz: Upgraded.
+xap/vim-gvim-9.1.0386-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Apr 30 18:54:11 UTC 2024
+a/elogind-255.5-x86_64-1.txz: Upgraded.
+d/git-2.45.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-bad-free-1.24.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.24.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.24.3-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.24.3-x86_64-1.txz: Upgraded.
+l/gstreamer-1.24.3-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Apr 29 21:32:37 UTC 2024
+a/aaa_libraries-15.1-x86_64-31.txz: Rebuilt.
+ Added: libncurses++w.so.6.5, libtic.so.6.5.
+ Upgraded: libformw.so.6.5, libmenuw.so.6.5, libncursesw.so.6.5,
+ libpanelw.so.6.5, libtinfo.so.6.5.
+ Removed (with compat symlinks made): libform.so.6.4, libmenu.so.6.4,
+ libncurses.so.6.4, libpanel.so.6.4.
+a/aaa_terminfo-6.5-x86_64-1.txz: Upgraded.
+l/ncurses-6.5-x86_64-1.txz: Upgraded.
+ This seemed like a good opportunity to go over my notes and try to make this
+ SlackBuild at least defensible, if not correct. :-) The non-wide libraries
+ have all been purged and replaced with compatibility symlinks pointing to the
+ wide versions. Anything trying to use -lncurses (etc) will be redirected to
+ -lncursesw (etc) at compile time. Looks like nearly 50 packages are linked to
+ the non-wide libraries, but everything works this way.
+ Thanks to GazL who provided most of the suggestions used.
+l/python-pyproject-hooks-1.1.0-x86_64-1.txz: Upgraded.
+n/lynx-2.9.1-x86_64-1.txz: Upgraded.
+x/xconsole-1.1.0-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-125.0.3-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+ For more information, see:
+ https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/
++--------------------------+
+Sun Apr 28 19:20:42 UTC 2024
+a/iniparser-4.2-x86_64-1.txz: Upgraded.
+ap/hplip-3.23.12-x86_64-5.txz: Rebuilt.
+ Replace a single unicode space character in models.dat with an ASCII space
+ to prevent python3 from tripping over it in some cases. This seems to follow
+ the extreme programming motto of "do the simplest thing that could possibly
+ work", so we'll see if it does.
+ Thanks to pdags.
+ap/jove-4.17.5.3-x86_64-1.txz: Upgraded.
+l/enchant-2.7.2-x86_64-1.txz: Upgraded.
+l/jasper-4.2.4-x86_64-1.txz: Upgraded.
+l/libgtop-2.41.3-x86_64-1.txz: Upgraded.
+l/mlt-7.24.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Apr 27 19:02:25 UTC 2024
+a/kernel-generic-6.6.29-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.29-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.29-x86_64-1.txz: Upgraded.
+ap/cups-2.4.8-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.29-x86-1.txz: Upgraded.
+d/valgrind-3.23.0-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.29-noarch-1.txz: Upgraded.
+l/enchant-2.7.1-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Fri Apr 26 20:12:32 UTC 2024
+a/kernel-firmware-20240426_fc21f47-noarch-1.txz: Upgraded.
+ap/cups-2.4.7-x86_64-3.txz: Rebuilt.
+ Rebuild using --with-rundir=/run/cups.
+ap/cups-browsed-2.0.0-x86_64-1.txz: Added.
+ This is the CUPS/IPP print queue browser daemon, previously part of the
+ cups-filters package.
+ap/cups-filters-2.0.0-x86_64-1.txz: Upgraded.
+l/libarchive-3.7.4-x86_64-1.txz: Upgraded.
+l/libcupsfilters-2.0.0-x86_64-1.txz: Added.
+ This is required by cups-filters-2.0.0.
+l/libppd-2.0.0-x86_64-1.txz: Added.
+ This is required by cups-filters-2.0.0.
+l/libproxy-0.5.6-x86_64-1.txz: Upgraded.
+x/wayland-protocols-1.36-noarch-1.txz: Upgraded.
+xap/mozilla-firefox-125.0.2-x86_64-1.txz: Upgraded.
+xap/mozilla-thunderbird-125.0-x86_64-1.txz: Upgraded.
+extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Removed.
++--------------------------+
+Thu Apr 25 17:58:17 UTC 2024
+l/PyQt-builder-1.16.2-x86_64-1.txz: Upgraded.
+l/fribidi-1.0.14-x86_64-1.txz: Upgraded.
+l/libarchive-3.7.3-x86_64-2.txz: Rebuilt.
+ Patched an out-of-bound error in the rar e8 filter that could allow for
+ the execution of arbitrary code.
+ Thanks to gmgf for the heads-up.
+ For more information, see:
+ https://github.com/advisories/GHSA-2jc9-36w4-pmqw
+ https://www.cve.org/CVERecord?id=CVE-2024-26256
+ (* Security fix *)
+n/bluez-5.75-x86_64-3.txz: Rebuilt.
+ [PATCH] shared/uhid: Fix crash if bt_uhid_destroy free replay structure.
+ Thanks to sombragris.
+n/libgpg-error-1.49-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Apr 24 20:08:55 UTC 2024
+ap/dmidecode-3.6-x86_64-1.txz: Upgraded.
+kde/fcitx5-configtool-5.1.5-x86_64-1.txz: Upgraded.
+l/aom-3.9.0-x86_64-1.txz: Upgraded.
+x/mesa-24.0.6-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Apr 23 22:24:03 UTC 2024
+d/ruby-3.3.1-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Arbitrary memory address read vulnerability with Regex search.
+ RCE vulnerability with .rdoc_options in RDoc.
+ Buffer overread vulnerability in StringIO.
+ For more information, see:
+ https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
+ https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
+ https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
+ https://www.cve.org/CVERecord?id=CVE-2024-27282
+ https://www.cve.org/CVERecord?id=CVE-2024-27281
+ https://www.cve.org/CVERecord?id=CVE-2024-27280
+ (* Security fix *)
+l/python-docutils-0.21.2-x86_64-1.txz: Upgraded.
+x/rendercheck-1.6-x86_64-1.txz: Upgraded.
+x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded.
++--------------------------+
+Tue Apr 23 19:48:05 UTC 2024
+a/ed-1.20.2-x86_64-1.txz: Upgraded.
+d/parallel-20240422-noarch-1.txz: Upgraded.
+kde/krusader-2.8.1-x86_64-1.txz: Upgraded.
+kde/ktextaddons-1.5.4-x86_64-1.txz: Upgraded.
+l/libgusb-0.4.9-x86_64-1.txz: Upgraded.
+n/nmap-7.95-x86_64-1.txz: Upgraded.
+x/fcitx5-5.1.9-x86_64-1.txz: Upgraded.
+x/fcitx5-anthy-5.1.4-x86_64-1.txz: Upgraded.
+x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz: Upgraded.
+x/fcitx5-gtk-5.1.3-x86_64-1.txz: Upgraded.
+x/fcitx5-hangul-5.1.3-x86_64-1.txz: Upgraded.
+x/fcitx5-kkc-5.1.3-x86_64-1.txz: Upgraded.
+x/fcitx5-m17n-5.1.1-x86_64-1.txz: Upgraded.
+x/fcitx5-qt-5.1.6-x86_64-1.txz: Upgraded.
+x/fcitx5-sayura-5.1.2-x86_64-1.txz: Upgraded.
+x/fcitx5-table-extra-5.1.5-x86_64-1.txz: Upgraded.
+x/fcitx5-table-other-5.1.2-x86_64-1.txz: Upgraded.
+x/fcitx5-unikey-5.1.4-x86_64-1.txz: Upgraded.
+x/libime-1.1.7-x86_64-1.txz: Upgraded.
+extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz: Rebuilt.
+ This is a bugfix release.
+ Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it
+ in a terminal emulator in text mode, or rebuild if you really need to get
+ rid of the X11 dependency for some reason.
+ Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces
+ a buggy Emacs here in the modern era, with symptoms such as "child signal FD:
+ Invalid argument". It's possible this had something to do with the reported
+ memory leaks as well.
+ Thanks to 3Tom for the bug report.
++--------------------------+
+Mon Apr 22 19:36:38 UTC 2024
+a/elogind-255.4_r2-x86_64-2.txz: Rebuilt.
+ OK, this is looking good enough to return to the main tree now.
+ Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues
+ with upstream, and to Sven Eden for the upstream fixes. I've changed the
+ default sleep mode from s2idle to deep as s2idle still locks up most of the
+ systems I've tried it on. Eventually we'll probably have to swallow this pill
+ though (more notes on that in the SlackBuild).
+ It didn't seem like recompiling polkit again was necessary, but correct me if
+ I'm wrong about that.
+l/imagemagick-7.1.1_31-x86_64-1.txz: Upgraded.
+l/python-hatchling-1.24.2-x86_64-1.txz: Upgraded.
+l/vte-0.76.1-x86_64-1.txz: Upgraded.
+l/wireplumber-0.5.2-x86_64-1.txz: Upgraded.
+xap/freerdp-2.11.7-x86_64-1.txz: Upgraded.
+ This release eliminates a bunch of issues detected during oss-fuzz runs.
+ (* Security fix *)
++--------------------------+
+Sun Apr 21 21:41:34 UTC 2024
+a/etc-15.1-x86_64-11.txz: Rebuilt.
+ Populate missing /etc/gshadow entries. Thanks to opty.
+l/PyQt-builder-1.16.1-x86_64-1.txz: Upgraded.
+l/python-pluggy-1.5.0-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Apr 20 00:10:39 UTC 2024
+l/gdk-pixbuf2-2.42.11-x86_64-2.txz: Rebuilt.
+ Recompiled with -Dtests=false -Dothers=enabled to fix gkrellm.
+ Thanks to J_W for the bug report.
++--------------------------+
+Fri Apr 19 19:36:17 UTC 2024
+a/elogind-252.23-x86_64-3.txz: Rebuilt.
+ All right, it's time to stop the bleeding (edge). This has been verified as
+ the last working version of elogind, so we'll revert for now while moving the
+ newer sources into /testing. We didn't actually *need* the 255 branch for
+ libgudev (I was mistakenly under that impression), so this will be fine for
+ now. We'll keep an eye on upstream and move forward when things settle down.
+d/vala-0.56.17-x86_64-1.txz: Upgraded.
+l/gdk-pixbuf2-2.42.11-x86_64-1.txz: Upgraded.
+l/gtk4-4.14.3-x86_64-1.txz: Upgraded.
+l/polkit-124-x86_64-2.txz: Rebuilt.
+ Recompiled against elogind-252.23.
+l/python-sphinx-7.3.7-x86_64-1.txz: Upgraded.
+n/NetworkManager-1.46.0-x86_64-2.txz: Rebuilt.
+ Build with meson instead of autotools, since setting session_tracking to
+ elogind is ignored with autotools, and is set to consolekit instead.
+ While this didn't seem to make a difference in practice, better to get this
+ right now and rule it out as part of the issue.
+ Thanks to marav and LuckyCyborg for the options hints.
+x/xdg-desktop-portal-1.18.4-x86_64-1.txz: Upgraded.
+xap/freerdp-2.11.6-x86_64-1.txz: Upgraded.
+ This release is a security release and addresses multiple issues:
+ [Low] OutOfBound Read in zgfx_decompress_segment.
+ [Moderate] Integer overflow & OutOfBound Write in
+ clear_decompress_residual_data.
+ [Low] integer underflow in nsc_rle_decode.
+ [Low] OutOfBound Read in planar_skip_plane_rle.
+ [Low] OutOfBound Read in ncrush_decompress.
+ [Low] OutOfBound Read in interleaved_decompress.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2024-32041
+ https://www.cve.org/CVERecord?id=CVE-2024-32039
+ https://www.cve.org/CVERecord?id=CVE-2024-32040
+ https://www.cve.org/CVERecord?id=CVE-2024-32458
+ https://www.cve.org/CVERecord?id=CVE-2024-32459
+ https://www.cve.org/CVERecord?id=CVE-2024-32460
+ (* Security fix *)
++--------------------------+
+Fri Apr 19 05:38:28 UTC 2024
+xap/mozilla-thunderbird-115.10.1-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/
++--------------------------+
+Thu Apr 18 19:17:30 UTC 2024
+a/aaa_glibc-solibs-2.39-x86_64-2.txz: Rebuilt.
+ap/vim-9.1.0346-x86_64-1.txz: Upgraded.
+d/llvm-18.1.4-x86_64-1.txz: Upgraded.
+d/nasm-2.16.03-x86_64-1.txz: Upgraded.
+l/glibc-2.39-x86_64-2.txz: Rebuilt.
+ This update fixes a security issue:
+ The iconv() function in the GNU C Library versions 2.39 and older may
+ overflow the output buffer passed to it by up to 4 bytes when converting
+ strings to the ISO-2022-CN-EXT character set, which may be used to crash
+ an application or overwrite a neighbouring variable.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2024-2961
+ (* Security fix *)
+l/glibc-i18n-2.39-x86_64-2.txz: Rebuilt.
+l/glibc-profile-2.39-x86_64-2.txz: Rebuilt.
+l/pycups-2.0.4-x86_64-1.txz: Upgraded.
+l/python-hatchling-1.24.1-x86_64-1.txz: Upgraded.
+l/python-sphinx-7.3.6-x86_64-1.txz: Upgraded.
+n/bind-9.18.26-x86_64-1.txz: Upgraded.
+ This is a bugfix release.
+xap/vim-gvim-9.1.0346-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Apr 17 20:35:48 UTC 2024
+a/kernel-firmware-20240417_e678699-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.28-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.28-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.28-x86_64-1.txz: Upgraded.
+a/xfsprogs-6.7.0-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.28-x86-1.txz: Upgraded.
+k/kernel-source-6.6.28-noarch-1.txz: Upgraded.
+l/pycups-2.0.3-x86_64-1.txz: Upgraded.
+l/python-sphinx-7.3.5-x86_64-1.txz: Upgraded.
+n/bluez-5.75-x86_64-2.txz: Rebuilt.
+ Prune duplicate config files. Thanks to audriusk.
+x/libXmu-1.2.1-x86_64-1.txz: Upgraded.
+x/util-macros-1.20.1-noarch-1.txz: Upgraded.
+x/wayland-protocols-1.35-noarch-1.txz: Upgraded.
+xap/mozilla-thunderbird-115.10.0-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/thunderbird/115.10.0/releasenotes/
+ https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird115.10
+ (* Security fix *)
+xfce/xfce4-notifyd-0.9.4-x86_64-2.txz: Rebuilt.
+ Do not install DBus service files, as these cause xfce4-notifyd to start in
+ plasma sessions. Thanks to ctrlaltca.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue Apr 16 21:57:56 UTC 2024
+a/aaa_libraries-15.1-x86_64-30.txz: Rebuilt.
+ Upgraded: libcares.so.2.13.1.
+ Added (temporarily): libboost_*.so.1.84.0.
+ap/pamixer-1.6-x86_64-2.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+kde/kig-23.08.5-x86_64-4.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+kde/kopeninghours-23.08.5-x86_64-4.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+kde/krita-5.2.2-x86_64-8.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+l/boost-1.85.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/cryfs-0.10.3-x86_64-11.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+x/fcitx5-chinese-addons-5.1.4-x86_64-2.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
+x/libime-1.1.6-x86_64-2.txz: Rebuilt.
+ Recompiled against boost-1.85.0.
++--------------------------+
+Tue Apr 16 18:50:13 UTC 2024
+a/elogind-255.4_r2-x86_64-1.txz: Upgraded.
+ Prefer SuspendMode=deep. Thanks to LuckyCyborg.
+ Make 10-elogind.conf .new (but it will still be forced in this time).
+ Fix reading login.conf. Thanks to af7567.
+ This branch is feeling a bit alpha to me, but we'll stick with it for now.
+ap/groff-1.23.0-x86_64-2.txz: Rebuilt.
+ [PATCH] Revert upstream change of mapping special characters for UTF-8.
+ Thanks to Stuart Winter.
+l/mozjs115-115.10.0esr-x86_64-1.txz: Upgraded.
+l/python-hatchling-1.24.0-x86_64-1.txz: Upgraded.
+n/bluez-5.75-x86_64-1.txz: Upgraded.
+x/libxcb-1.17.0-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-115.10.0esr-x86_64-1.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information, see:
+ https://www.mozilla.org/en-US/firefox/115.10.0/releasenotes/
+ https://www.mozilla.org/security/advisories/mfsa2024-19/
+ https://www.cve.org/CVERecord?id=CVE-2024-3852
+ https://www.cve.org/CVERecord?id=CVE-2024-3854
+ https://www.cve.org/CVERecord?id=CVE-2024-3857
+ https://www.cve.org/CVERecord?id=CVE-2024-2609
+ https://www.cve.org/CVERecord?id=CVE-2024-3859
+ https://www.cve.org/CVERecord?id=CVE-2024-3861
+ https://www.cve.org/CVERecord?id=CVE-2024-3863
+ https://www.cve.org/CVERecord?id=CVE-2024-3302
+ https://www.cve.org/CVERecord?id=CVE-2024-3864
+ (* Security fix *)
++--------------------------+
+Mon Apr 15 22:28:37 UTC 2024
+ap/linuxdoc-tools-0.9.83-x86_64-1.txz: Upgraded.
+ Upgraded to linuxdoc-tools-0.9.83, gtk-doc-1.34.0, and asciidoc-10.2.0.
+ See the ChangeLog in source/ap/linuxdoc-tools for more details.
+ Thanks to Stuart Winter.
+ap/sqlite-3.45.3-x86_64-1.txz: Upgraded.
+l/Mako-1.3.3-x86_64-1.txz: Upgraded.
+l/pipewire-1.0.5-x86_64-1.txz: Upgraded.
+l/python-hatchling-1.23.0-x86_64-1.txz: Upgraded.
+x/libwacom-2.11.0-x86_64-1.txz: Upgraded.
+x/xcb-proto-1.17.0-x86_64-1.txz: Upgraded.
+x/xf86-input-wacom-1.2.2-x86_64-1.txz: Upgraded.
+xap/pan-0.158-x86_64-1.txz: Upgraded.
+ Let's process the git pull with NOCONFIGURE=1 ./autogen.sh for FTIO. :-)
++--------------------------+
+Sun Apr 14 18:35:32 UTC 2024
+a/less-653-x86_64-2.txz: Rebuilt.
+ This update patches a security issue:
+ less through 653 allows OS command execution via a newline character in the
+ name of a file, because quoting is mishandled in filename.c. Exploitation
+ typically requires use with attacker-controlled file names, such as the files
+ extracted from an untrusted archive. Exploitation also requires the LESSOPEN
+ environment variable, but this is set by default in many common cases.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2024-32487
+ (* Security fix *)
+ap/inxi-3.3.34_1-noarch-1.txz: Upgraded.
+d/python-setuptools-69.5.1-x86_64-1.txz: Upgraded.
+n/bluez-5.74-x86_64-1.txz: Upgraded.
+xfce/xfce4-notifyd-0.9.4-x86_64-1.txz: Upgraded.
+ Almost everyone has jumped to this version, so we'll get with the program.
++--------------------------+
+Sat Apr 13 19:45:25 UTC 2024
+l/imagemagick-7.1.1_29-x86_64-1.txz: Upgraded.
+ Revert to the previous ImageMagick because the latest one is destroying SVG
+ files if "identify" or "display" is used on them.
+ Thanks to pc2005.
++--------------------------+
+Sat Apr 13 18:44:55 UTC 2024
+a/kernel-firmware-20240412_5da74b1-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.27-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.27-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.27-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.27-x86-1.txz: Upgraded.
+d/python-setuptools-69.5.0-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.27-noarch-1.txz: Upgraded.
+l/libwebp-1.4.0-x86_64-1.txz: Upgraded.
+l/opus-1.5.2-x86_64-1.txz: Upgraded.
+x/xorg-server-21.1.13-x86_64-1.txz: Upgraded.
+x/xorg-server-xephyr-21.1.13-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-21.1.13-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-21.1.13-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Sat Apr 13 00:59:20 UTC 2024
+l/python-docutils-0.21.1-x86_64-2.txz: Rebuilt.
+ Fix ridiculous broken symlink. Thanks to marav.
++--------------------------+
+Fri Apr 12 19:08:59 UTC 2024
+a/less-653-x86_64-1.txz: Upgraded.
+d/ninja-1.12.0-x86_64-1.txz: Upgraded.
+d/valgrind-3.22.0-x86_64-1.txz: Added.
+ Thanks to Kyle Guinn, Peter Wang, and Willy Sudiarto Raharjo.
+l/netpbm-11.06.01-x86_64-1.txz: Upgraded.
+n/php-8.3.6-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
+ For more information, see:
+ https://www.php.net/ChangeLog-8.php#8.3.6
+ (* Security fix *)
++--------------------------+
+Thu Apr 11 21:36:28 UTC 2024
+d/cmake-3.29.2-x86_64-1.txz: Upgraded.
+l/polkit-124-x86_64-1.txz: Upgraded.
+ Thanks to marav for the patches.
++--------------------------+
+Thu Apr 11 19:05:36 UTC 2024
+a/elogind-255.4-x86_64-1.txz: Upgraded.
+a/libblockdev-3.1.1_1-x86_64-1.txz: Upgraded.
+a/libbytesize-2.10-x86_64-1.txz: Upgraded.
+a/libgudev-238-x86_64-1.txz: Upgraded.
+a/udisks-1.0.5-x86_64-11.txz: Removed.
+a/udisks2-2.10.1-x86_64-1.txz: Upgraded.
+a/upower-1.90.4-x86_64-1.txz: Upgraded.
+l/python-docutils-0.21.1-x86_64-1.txz: Upgraded.
+l/python-idna-3.7-x86_64-1.txz: Upgraded.
+n/php-8.3.5-x86_64-1.txz: Upgraded.
+ This update fixes bugs and security issues.
+ For more information, see:
+ https://www.php.net/ChangeLog-8.php#8.3.6
+ (* Security fix *)
+x/ibus-m17n-1.4.29-x86_64-1.txz: Upgraded.
+x/mesa-24.0.5-x86_64-1.txz: Upgraded.
++--------------------------+
+Wed Apr 10 19:09:14 UTC 2024
+a/cryptsetup-2.7.2-x86_64-1.txz: Upgraded.
+a/kernel-firmware-20240410_53438f8-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.26-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.26-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.26-x86_64-1.txz: Upgraded.
+a/openssl-solibs-3.3.0-x86_64-1.txz: Upgraded.
+a/pam-1.6.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.26-x86-1.txz: Upgraded.
+d/rust-1.77.2-x86_64-1.txz: Upgraded.
+ [PATCH] compiler: Use wasm-ld for wasm targets.
+ Thanks to Heinz Wiesinger.
+k/kernel-source-6.6.26-noarch-1.txz: Upgraded.
+ +SPECTRE_BHI_AUTO n
+ +SPECTRE_BHI_OFF n
+ +SPECTRE_BHI_ON y
+l/gst-plugins-bad-free-1.24.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-base-1.24.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-good-1.24.2-x86_64-1.txz: Upgraded.
+l/gst-plugins-libav-1.24.2-x86_64-1.txz: Upgraded.
+l/gstreamer-1.24.2-x86_64-1.txz: Upgraded.
+l/libcap-ng-0.8.5-x86_64-1.txz: Upgraded.
+l/nodejs-20.12.2-x86_64-1.txz: Upgraded.
+l/python-trove-classifiers-2024.4.10-x86_64-1.txz: Upgraded.
+n/gnutls-3.8.5-x86_64-2.txz: Rebuilt.
+ [PATCH] Fix RSAES-PKCS1-v1_5 system-wide configuration.
+ Thanks to bortolotto.
+n/openssl-3.3.0-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Tue Apr 9 18:14:27 UTC 2024
+l/abseil-cpp-20240116.2-x86_64-1.txz: Upgraded.
+l/dotconf-1.4.1-x86_64-1.txz: Upgraded.
+t/texlive-2024.240409-x86_64-1.txz: Upgraded.
+ Thanks to Johannes Schoepfer.
+x/xorg-server-xwayland-23.2.6-x86_64-1.txz: Upgraded.
+xap/blueman-2.4.1-x86_64-1.txz: Upgraded.
++--------------------------+
+Mon Apr 8 18:44:37 UTC 2024
+l/imagemagick-7.1.1_30-x86_64-1.txz: Upgraded.
+l/libarchive-3.7.3-x86_64-1.txz: Upgraded.
+ This update fixes a security issue:
+ Fix possible vulnerability in tar error reporting introduced in f27c173
+ by JiaT75.
+ For more information, see:
+ https://github.com/libarchive/libarchive/commit/f27c173d17dc807733b3a4f8c11207c3f04ff34f
+ https://github.com/libarchive/libarchive/pull/2101
+ (* Security fix *)
+n/net-snmp-5.9.4-x86_64-3.txz: Rebuilt.
+ [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp.
+ Thanks to walecha.
+n/rsync-3.3.0-x86_64-1.txz: Upgraded.
+x/xorg-sgml-doctools-1.12.1-x86_64-1.txz: Upgraded.
+xap/gimp-2.10.36-x86_64-3.txz: Rebuilt.
+ [PATCH] QuitDialog: disconnect signal handler on dialog destroy.
+ This fixes a crash on quit.
+ Thanks to USUARIONUEVO.
+xap/xlockmore-5.77-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Apr 6 17:19:58 UTC 2024
+a/pciutils-3.12.0-x86_64-1.txz: Upgraded.
+l/pygobject-2.28.7-x86_64-10.txz: Rebuilt.
+ Build with PYTHON=python2 so that we don't have a call to unversioned python
+ in pygobject-codegen-2.0. Fixes building gimp from git.
+ Thanks to Petri Kaukasoina.
+l/pygobject3-3.48.2-x86_64-1.txz: Upgraded.
+x/libX11-1.8.9-x86_64-1.txz: Upgraded.
+x/mtdev-1.1.7-x86_64-1.txz: Upgraded.
++--------------------------+
+Fri Apr 5 20:11:23 UTC 2024
+a/etc-15.1-x86_64-10.txz: Rebuilt.
+ Added nut user (218) and nut group (218).
+a/genpower-1.0.5-x86_64-5.txz: Removed.
+a/nut-2.8.2-x86_64-1.txz: Added.
+ This is a package to support uninterruptible power supplies, and replaces
+ the obsolete genpower package.
+ Thanks to V'yacheslav Stetskevych for the original SBo script.
+a/sysvinit-scripts-15.1-noarch-16.txz: Rebuilt.
+ rc.M: start the NUT init scripts rc.nut-drvctl, rc.nut-upsd, and
+ rc.nut-upsmon. Remove the genpower block.
+ rc.6: support stopping the UPS inverter on the way down if we see
+ /etc/killpower. Remove the genpower block.
+a/tcsh-6.24.12-x86_64-1.txz: Upgraded.
+ap/man-db-2.12.1-x86_64-1.txz: Upgraded.
+ap/mpg123-1.32.6-x86_64-1.txz: Upgraded.
+ap/vim-9.1.0265-x86_64-1.txz: Upgraded.
+d/cargo-vendor-filterer-0.5.14-x86_64-1.txz: Upgraded.
+d/nasm-2.16.02-x86_64-1.txz: Upgraded.
+l/libproxy-0.5.5-x86_64-1.txz: Upgraded.
+l/python-hatchling-1.22.5-x86_64-1.txz: Upgraded.
+l/python-typing_extensions-4.11.0-x86_64-1.txz: Upgraded.
+x/xdm-1.1.16-x86_64-1.txz: Upgraded.
+xap/vim-gvim-9.1.0265-x86_64-1.txz: Upgraded.
+extra/bash-completion/bash-completion-2.13.0-noarch-1.txz: Upgraded.
+extra/tigervnc/tigervnc-1.13.1-x86_64-5.txz: Rebuilt.
+ Recompiled against xorg-server-21.1.12 to fix security issues:
+ Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
+ Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
+ Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
+ Use-after-free in ProcRenderAddGlyphs.
+ For more information, see:
+ https://lists.x.org/archives/xorg-announce/2024-April/003497.html
+ https://www.cve.org/CVERecord?id=CVE-2024-31080
+ https://www.cve.org/CVERecord?id=CVE-2024-31081
+ https://www.cve.org/CVERecord?id=CVE-2024-31082
+ https://www.cve.org/CVERecord?id=CVE-2024-31083
+ (* Security fix *)
++--------------------------+
+Thu Apr 4 20:49:23 UTC 2024
+a/hwdata-0.381-noarch-1.txz: Upgraded.
+a/kernel-generic-6.6.25-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.25-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.25-x86_64-1.txz: Upgraded.
+d/cmake-3.29.1-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.25-x86-1.txz: Upgraded.
+d/llvm-18.1.3-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.25-noarch-1.txz: Upgraded.
+kde/kstars-3.7.0-x86_64-1.txz: Upgraded.
+l/enchant-2.6.9-x86_64-1.txz: Upgraded.
+l/libclc-18.1.3-x86_64-1.txz: Upgraded.
+l/sof-firmware-2024.03-noarch-1.txz: Upgraded.
+n/gnutls-3.8.5-x86_64-1.txz: Upgraded.
+n/httpd-2.4.59-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ HTTP/2 DoS by memory exhaustion on endless continuation frames.
+ HTTP Response Splitting in multiple modules.
+ HTTP response splitting.
+ For more information, see:
+ https://downloads.apache.org/httpd/CHANGES_2.4.59
+ https://www.cve.org/CVERecord?id=CVE-2024-27316
+ https://www.cve.org/CVERecord?id=CVE-2024-24795
+ https://www.cve.org/CVERecord?id=CVE-2023-38709
+ (* Security fix *)
+n/nghttp2-1.61.0-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ nghttp2 library keeps reading the unbounded number of HTTP/2 CONTINUATION
+ frames even after a stream is reset to keep HPACK context in sync. This
+ causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates
+ this vulnerability by limiting the number of CONTINUATION frames it can
+ accept after a HEADERS frame.
+ For more information, see:
+ https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q
+ https://www.kb.cert.org/vuls/id/421644
+ https://www.cve.org/CVERecord?id=CVE-2024-28182
+ (* Security fix *)
+x/xdg-desktop-portal-1.18.3-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Wed Apr 3 22:22:06 UTC 2024
+l/PyQt-builder-1.16.0-x86_64-1.txz: Upgraded.
+l/gst-plugins-bad-free-1.24.1-x86_64-2.txz: Rebuilt.
+ Recompiled against aom-3.8.2 to build libgstaom.so.
+l/nodejs-20.12.1-x86_64-1.txz: Upgraded.
+l/python-lxml-5.2.1-x86_64-1.txz: Upgraded.
+x/xorg-server-21.1.12-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
+ Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
+ Heap buffer overread/data leakage in ProcAppleDRICreatePixmap.
+ Use-after-free in ProcRenderAddGlyphs.
+ For more information, see:
+ https://lists.x.org/archives/xorg-announce/2024-April/003497.html
+ https://www.cve.org/CVERecord?id=CVE-2024-31080
+ https://www.cve.org/CVERecord?id=CVE-2024-31081
+ https://www.cve.org/CVERecord?id=CVE-2024-31082
+ https://www.cve.org/CVERecord?id=CVE-2024-31083
+ (* Security fix *)
+x/xorg-server-xephyr-21.1.12-x86_64-1.txz: Upgraded.
+x/xorg-server-xnest-21.1.12-x86_64-1.txz: Upgraded.
+x/xorg-server-xvfb-21.1.12-x86_64-1.txz: Upgraded.
+x/xorg-server-xwayland-23.2.5-x86_64-1.txz: Upgraded.
+ This update fixes security issues:
+ Heap buffer overread/data leakage in ProcXIGetSelectedEvents.
+ Heap buffer overread/data leakage in ProcXIPassiveGrabDevice.
+ Use-after-free in ProcRenderAddGlyphs.
+ For more information, see:
+ https://lists.x.org/archives/xorg-announce/2024-April/003497.html
+ https://www.cve.org/CVERecord?id=CVE-2024-31080
+ https://www.cve.org/CVERecord?id=CVE-2024-31081
+ https://www.cve.org/CVERecord?id=CVE-2024-31083
+ (* Security fix *)
++--------------------------+
+Wed Apr 3 19:58:56 UTC 2024
+a/kernel-generic-6.6.24-x86_64-1.txz: Upgraded.
+a/kernel-huge-6.6.24-x86_64-1.txz: Upgraded.
+a/kernel-modules-6.6.24-x86_64-1.txz: Upgraded.
+d/kernel-headers-6.6.24-x86-1.txz: Upgraded.
+d/python3-3.11.9-x86_64-1.txz: Upgraded.
+k/kernel-source-6.6.24-noarch-1.txz: Upgraded.
+ -AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT n
+ -GCC11_NO_ARRAY_BOUNDS y
+ NUMA_BALANCING n -> y
+ +GCC10_NO_ARRAY_BOUNDS y
+ +NUMA_BALANCING_DEFAULT_ENABLED y
+kde/libindi-2.0.7-x86_64-1.txz: Upgraded.
+l/SDL2-2.30.2-x86_64-1.txz: Upgraded.
+l/aom-3.8.2-x86_64-1.txz: Added.
+ Needed to add AV1 encode/decode support to ffmpeg.
+ Thanks to Andrew Strong.
+l/dav1d-1.4.1-x86_64-1.txz: Added.
+ Needed to add AV1 decode support to ffmpeg.
+l/ffmpeg-6.1.1-x86_64-2.txz: Rebuilt.
+ Patched to build with nv-codec-headers-12.2.72.0. Thanks to J_W.
+ Compiled against aom-3.8.2 and dav1d-1.4.1 for AV1 support.
+ Thanks to glennmcc.
+l/gtk4-4.14.2-x86_64-1.txz: Upgraded.
+n/whois-5.5.22-x86_64-1.txz: Upgraded.
+ Fixed a segmentation fault with --no-recursion.
+ Updated the .bm and .vi TLD servers.
+ Removed 4 new gTLDs which are no longer active.
+xap/MPlayer-20240403-x86_64-1.txz: Upgraded.
+ Compiled using --enable-libaom-lavc and --enable-libdav1d-lavc.
+ Thanks to glennmcc.
+xap/pan-0.157-x86_64-1.txz: Upgraded.
+isolinux/initrd.img: Rebuilt.
+kernels/*: Upgraded.
+usb-and-pxe-installers/usbboot.img: Rebuilt.
++--------------------------+
+Mon Apr 1 19:02:42 UTC 2024
+d/nv-codec-headers-12.2.72.0-x86_64-1.txz: Upgraded.
+d/parallel-20240322-noarch-1.txz: Upgraded.
+kde/calligra-3.2.1-x86_64-38.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/cantor-23.08.5-x86_64-5.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/kfilemetadata-5.115.0-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/kile-2.9.93-x86_64-32.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/kitinerary-23.08.5-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/krita-5.2.2-x86_64-7.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+kde/okular-23.08.5-x86_64-3.txz: Rebuilt.
+ Recompiled against poppler-24.04.0.
+l/gobject-introspection-1.80.1-x86_64-1.txz: Upgraded.
+l/netpbm-11.06.00-x86_64-1.txz: Upgraded.
+l/poppler-24.04.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/python-pillow-10.3.0-x86_64-1.txz: Upgraded.
+xap/x3270-4.3ga8-x86_64-1.txz: Upgraded.
++--------------------------+
+Sun Mar 31 22:44:32 UTC 2024
+d/python-pip-24.0-x86_64-3.txz: Rebuilt.
+ Get rid of unneeded Windows garbage in the package.
+d/python2-2.7.18-x86_64-8.txz: Rebuilt.
+ Get rid of unneeded Windows garbage in the package.
+l/PyQt-builder-1.15.4-x86_64-3.txz: Rebuilt.
+ Get rid of unneeded Windows garbage in the package.
+l/python-installer-0.7.0-x86_64-3.txz: Rebuilt.
+ Get rid of unneeded Windows garbage in the package.
++--------------------------+
+Sun Mar 31 18:28:19 UTC 2024
+ap/hplip-3.23.12-x86_64-4.txz: Rebuilt.
+ Add a few patches from Arch, including one to fix a Unicode error with the
+ sixext.py script that causes hp-setup to crash after detecting a printer.
+ Thanks to truepatriot76.
+d/Cython-3.0.10-x86_64-1.txz: Upgraded.
+d/cargo-vendor-filterer-0.5.13-x86_64-1.txz: Upgraded.
+d/poke-4.0-x86_64-1.txz: Upgraded.
+l/editorconfig-core-c-0.12.7-x86_64-1.txz: Upgraded.
+l/jasper-4.2.3-x86_64-1.txz: Upgraded.
+l/libical-3.0.18-x86_64-1.txz: Upgraded.
+l/pango-1.52.2-x86_64-1.txz: Upgraded.
+l/python-lxml-5.2.0-x86_64-1.txz: Upgraded.
+l/wireplumber-0.5.1-x86_64-1.txz: Upgraded.
+n/c-ares-1.28.1-x86_64-1.txz: Upgraded.
+xap/blueman-2.4-x86_64-1.txz: Upgraded.
++--------------------------+
+Sat Mar 30 20:58:19 UTC 2024
+ap/undervolt-0.4.0-x86_64-1.txz: Upgraded.
+kde/kig-23.08.5-x86_64-3.txz: Rebuilt.
+ Recompiled to link with libboost_python311.so.1.84.0.
+kde/kopeninghours-23.08.5-x86_64-3.txz: Rebuilt.
+ Recompiled to link with libboost_python311.so.1.84.0. Thanks to gmgf.
++--------------------------+
+Sat Mar 30 18:08:12 UTC 2024
+a/xz-5.6.1-x86_64-3.txz: Rebuilt.
+ [PATCH] CMake: Fix sabotaged Landlock sandbox check.
+ We don't build with CMake (yet), but it doesn't hurt to apply this.
+d/mercurial-6.7.2-x86_64-1.txz: Upgraded.
+l/boost-1.84.0-x86_64-3.txz: Rebuilt.
+ Recompiled against python-3.11.8. Thanks to rinza.
+l/python-pycparser-2.22-x86_64-1.txz: Upgraded.
+l/python-pytz-2024.1-x86_64-2.txz: Removed.
+ No longer needed with python-3.11. Thanks to audriusk.
+l/python-tomli-2.0.1-x86_64-2.txz: Removed.
+ No longer needed with python-3.11. Thanks to TommyC7 and audriusk.
+n/c-ares-1.28.0-x86_64-1.txz: Upgraded.
+xap/xsnow-3.7.9-x86_64-1.txz: Upgraded.
+extra/brltty/brltty-6.6-x86_64-4.txz: Rebuilt.
+ Don't install anything under /usr/local. Thanks to reddog83.
++--------------------------+
+Fri Mar 29 20:39:11 UTC 2024
+Everything in this batch besides aaa_libraries, xz, mcelog, and harfbuzz is a
+rebuild or upgrade to build against python-3.11.8. Looking at the python
+readiness page, it seems like a lot of stuff we use is not certified for
+python-3.12 yet (although to be fair, about half as much isn't certified for
+python-3.11 either). But 3.11 seems to be the safer choice even though the
+final bugfix update is scheduled for Monday. And, if we do decide to move
+ahead to 3.12 later on, it'll be a lot easier than this update was.
+Enjoy! :-)
+a/aaa_libraries-15.1-x86_64-29.txz: Rebuilt.
+ Upgraded: libzstd.so.1.5.6, libexpat.so.1.9.2, libglib-2.0.so.0.8000.0,
+ libgmodule-2.0.so.0.8000.0, libgobject-2.0.so.0.8000.0,
+ libgthread-2.0.so.0.8000.0.
+ Removed: libboost_*.so.1.83.0.
+a/libblockdev-2.28-x86_64-3.txz: Rebuilt.
+a/libbytesize-2.8-x86_64-2.txz: Rebuilt.
+a/libpwquality-1.4.5-x86_64-2.txz: Rebuilt.
+a/mcelog-198-x86_64-1.txz: Upgraded.
+a/util-linux-2.40-x86_64-2.txz: Rebuilt.
+a/volume_key-0.3.12-x86_64-8.txz: Rebuilt.
+a/xz-5.6.1-x86_64-2.txz: Rebuilt.
+ Seems like a good idea to build this from a git pull rather than the signed
+ release tarballs. :-)
+ The liblzma in the previous packages were not found to be vulnerable by the
+ detection script, but I'd rather not carry the bad m4 files in our sources.
+ Here's a test script for anyone wanting to try it:
+ if hexdump -ve '1/1 "%.2x"' /lib*/liblzma.so.5 | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410 ; then
+ echo probably vulnerable
+ else
+ echo probably not vulnerable
+ fi
+ap/hplip-3.23.12-x86_64-3.txz: Rebuilt.
+ap/linuxdoc-tools-0.9.82-x86_64-5.txz: Rebuilt.
+ap/rpm-4.19.1.1-x86_64-2.txz: Rebuilt.
+ap/undervolt-20210815_e39aea1-x86_64-3.txz: Rebuilt.
+ap/vim-9.1.0225-x86_64-1.txz: Upgraded.
+d/Cython-3.0.9-x86_64-2.txz: Rebuilt.
+d/distcc-3.4-x86_64-5.txz: Rebuilt.
+d/gdb-14.2-x86_64-2.txz: Rebuilt.
+d/gyp-20210831_d6c5dd51-x86_64-3.txz: Rebuilt.
+d/llvm-18.1.2-x86_64-2.txz: Rebuilt.
+d/mercurial-6.7.1-x86_64-2.txz: Rebuilt.
+d/meson-1.4.0-x86_64-2.txz: Rebuilt.
+d/python-pip-24.0-x86_64-2.txz: Rebuilt.
+d/python-setuptools-69.2.0-x86_64-2.txz: Rebuilt.
+d/python3-3.11.8-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+d/scons-4.7.0-x86_64-2.txz: Rebuilt.
+kde/cantor-23.08.5-x86_64-4.txz: Rebuilt.
+kde/kapidox-5.115.0-x86_64-2.txz: Rebuilt.
+kde/kdev-python-23.08.5-x86_64-2.txz: Rebuilt.
+kde/kig-23.08.5-x86_64-2.txz: Rebuilt.
+kde/kmymoney-5.1.3-x86_64-4.txz: Rebuilt.
+kde/kopeninghours-23.08.5-x86_64-2.txz: Rebuilt.
+kde/krita-5.2.2-x86_64-6.txz: Rebuilt.
+l/M2Crypto-0.41.0-x86_64-2.txz: Rebuilt.
+l/Mako-1.3.2-x86_64-2.txz: Rebuilt.
+l/PyQt-builder-1.15.4-x86_64-2.txz: Rebuilt.
+l/PyQt5-5.15.10-x86_64-2.txz: Rebuilt.
+l/PyQt5_sip-12.13.0-x86_64-2.txz: Rebuilt.
+l/QScintilla-2.14.1-x86_64-3.txz: Rebuilt.
+l/avahi-20240306_709e60f-x86_64-2.txz: Rebuilt.
+l/brotli-1.1.0-x86_64-2.txz: Rebuilt.
+l/dbus-python-1.3.2-x86_64-2.txz: Rebuilt.
+l/gexiv2-0.14.2-x86_64-3.txz: Rebuilt.
+l/gi-docgen-2023.3-x86_64-2.txz: Rebuilt.
+l/glade-3.40.0-x86_64-2.txz: Rebuilt.
+l/gobject-introspection-1.80.0-x86_64-2.txz: Rebuilt.
+l/harfbuzz-8.4.0-x86_64-1.txz: Upgraded.
+l/lensfun-0.3.4-x86_64-2.txz: Rebuilt.
+l/libcaca-0.99.beta20-x86_64-2.txz: Rebuilt.
+l/libcap-ng-0.8.4-x86_64-2.txz: Rebuilt.
+l/libieee1284-0.2.11-x86_64-8.txz: Rebuilt.
+l/libimobiledevice-20231007_04c0233-x86_64-2.txz: Rebuilt.
+l/libnvme-1.8-x86_64-2.txz: Rebuilt.
+l/libplist-2.4.0-x86_64-2.txz: Rebuilt.
+l/libwebp-1.3.2-x86_64-3.txz: Rebuilt.
+l/libxml2-2.12.6-x86_64-3.txz: Rebuilt.
+l/libxslt-1.1.39-x86_64-2.txz: Rebuilt.
+l/newt-0.52.24-x86_64-3.txz: Rebuilt.
+l/protobuf-26.1-x86_64-2.txz: Rebuilt.
+l/pycairo-1.26.0-x86_64-3.txz: Rebuilt.
+l/pycups-2.0.1-x86_64-7.txz: Rebuilt.
+l/pycurl-7.45.3-x86_64-2.txz: Rebuilt.
+l/pygobject3-3.48.1-x86_64-2.txz: Rebuilt.
+l/pyparsing-3.1.2-x86_64-2.txz: Rebuilt.
+l/python-Jinja2-3.1.3-x86_64-2.txz: Rebuilt.
+l/python-MarkupSafe-2.1.5-x86_64-2.txz: Rebuilt.
+l/python-PyYAML-6.0.1-x86_64-3.txz: Rebuilt.
+l/python-alabaster-0.7.16-x86_64-2.txz: Rebuilt.
+l/python-appdirs-1.4.4-x86_64-7.txz: Rebuilt.
+l/python-babel-2.14.0-x86_64-2.txz: Rebuilt.
+l/python-build-1.2.1-x86_64-2.txz: Rebuilt.
+l/python-calver-2022.6.26-x86_64-2.txz: Rebuilt.
+l/python-certifi-2024.2.2-x86_64-2.txz: Rebuilt.
+l/python-cffi-1.16.0-x86_64-2.txz: Rebuilt.
+l/python-chardet-5.2.0-x86_64-2.txz: Rebuilt.
+l/python-charset-normalizer-3.3.2-x86_64-2.txz: Rebuilt.
+l/python-distro-1.9.0-x86_64-2.txz: Rebuilt.
+l/python-dnspython-2.6.1-x86_64-2.txz: Rebuilt.
+l/python-docutils-0.20.1-x86_64-2.txz: Rebuilt.
+l/python-doxypypy-0.8.8.7-x86_64-2.txz: Rebuilt.
+l/python-doxyqml-0.5.3-x86_64-2.txz: Rebuilt.
+l/python-editables-0.5-x86_64-2.txz: Rebuilt.
+l/python-flit-core-3.9.0-x86_64-2.txz: Rebuilt.
+l/python-future-1.0.0-x86_64-2.txz: Rebuilt.
+l/python-glad2-2.0.6-x86_64-2.txz: Rebuilt.
+l/python-hatchling-1.22.4-x86_64-2.txz: Rebuilt.
+l/python-html5lib-1.1-x86_64-2.txz: Rebuilt.
+l/python-idna-3.6-x86_64-2.txz: Rebuilt.
+l/python-imagesize-1.4.1-x86_64-2.txz: Rebuilt.
+l/python-importlib_metadata-7.1.0-x86_64-2.txz: Rebuilt.
+l/python-installer-0.7.0-x86_64-2.txz: Rebuilt.
+l/python-lxml-5.1.1-x86_64-1.txz: Upgraded.
+l/python-markdown-3.6-x86_64-2.txz: Rebuilt.
+l/python-notify2-0.3.1-x86_64-11.txz: Rebuilt.
+l/python-packaging-24.0-x86_64-2.txz: Rebuilt.
+l/python-pathspec-0.12.1-x86_64-2.txz: Rebuilt.
+l/python-pbr-6.0.0-x86_64-2.txz: Rebuilt.
+l/python-pillow-10.2.0-x86_64-2.txz: Rebuilt.
+l/python-pluggy-1.4.0-x86_64-2.txz: Rebuilt.
+l/python-ply-3.11-x86_64-9.txz: Rebuilt.
+l/python-psutil-5.9.8-x86_64-2.txz: Rebuilt.
+l/python-pycparser-2.21-x86_64-2.txz: Rebuilt.
+l/python-pygments-2.17.2-x86_64-2.txz: Rebuilt.
+l/python-pyproject-hooks-1.0.0-x86_64-2.txz: Rebuilt.
+l/python-pysol_cards-0.16.0-x86_64-2.txz: Rebuilt.
+l/python-pytz-2024.1-x86_64-2.txz: Rebuilt.
+l/python-random2-1.0.2-x86_64-2.txz: Rebuilt.
+l/python-requests-2.31.0-x86_64-2.txz: Rebuilt.
+l/python-sane-2.9.1-x86_64-6.txz: Rebuilt.
+l/python-setuptools_scm-8.0.4-x86_64-2.txz: Rebuilt.
+l/python-six-1.16.0-x86_64-4.txz: Rebuilt.
+l/python-smartypants-2.0.1-x86_64-2.txz: Rebuilt.
+l/python-snowballstemmer-2.2.0-x86_64-2.txz: Rebuilt.
+l/python-sphinx-7.2.6-x86_64-2.txz: Rebuilt.
+l/python-sphinx_rtd_theme-2.0.0-x86_64-2.txz: Rebuilt.
+l/python-tomli-2.0.1-x86_64-2.txz: Rebuilt.
+l/python-tomli-w-1.0.0-x86_64-2.txz: Rebuilt.
+l/python-trove-classifiers-2024.3.25-x86_64-2.txz: Rebuilt.
+l/python-typing_extensions-4.10.0-x86_64-2.txz: Rebuilt.
+l/python-typogrify-2.0.7-x86_64-2.txz: Rebuilt.
+l/python-urllib3-2.2.1-x86_64-2.txz: Rebuilt.
+l/python-webencodings-0.5.1-x86_64-2.txz: Rebuilt.
+l/python-wheel-0.43.0-x86_64-2.txz: Rebuilt.
+l/python-zipp-3.18.1-x86_64-2.txz: Rebuilt.
+l/sip-6.8.3-x86_64-2.txz: Rebuilt.
+l/speech-dispatcher-0.11.5-x86_64-2.txz: Rebuilt.
+l/system-config-printer-1.5.18-x86_64-2.txz: Rebuilt.
+l/talloc-2.4.2-x86_64-2.txz: Rebuilt.
+l/tdb-1.4.10-x86_64-2.txz: Rebuilt.
+l/tevent-0.16.1-x86_64-2.txz: Rebuilt.
+n/epic5-2.1.12-x86_64-7.txz: Rebuilt.
+n/fetchmail-6.4.38-x86_64-2.txz: Rebuilt.
+n/getmail-6.18.14-x86_64-2.txz: Rebuilt.
+n/gpgme-1.23.2-x86_64-3.txz: Rebuilt.
+n/net-snmp-5.9.4-x86_64-2.txz: Rebuilt.
+n/nftables-1.0.9-x86_64-2.txz: Rebuilt.
+n/nmap-7.94-x86_64-2.txz: Rebuilt.
+n/nss-pam-ldapd-0.9.12-x86_64-4.txz: Rebuilt.
+n/obexftp-0.24.2-x86_64-12.txz: Rebuilt.
+n/pssh-2.3.5-x86_64-2.txz: Rebuilt.
+n/samba-4.20.0-x86_64-2.txz: Rebuilt.
+x/ibus-1.5.29-x86_64-3.txz: Rebuilt.
+x/ibus-anthy-1.5.16-x86_64-2.txz: Rebuilt.
+x/ibus-hangul-1.5.5-x86_64-2.txz: Rebuilt.
+x/ibus-libpinyin-1.15.7-x86_64-2.txz: Rebuilt.
+x/ibus-table-1.17.4-x86_64-2.txz: Rebuilt.
+x/marisa-0.2.6-x86_64-9.txz: Rebuilt.
+x/pyxdg-0.28-x86_64-2.txz: Rebuilt.
+x/xcb-proto-1.16.0-x86_64-3.txz: Rebuilt.
+xap/blueman-2.3.5-x86_64-2.txz: Rebuilt.
+xap/hexchat-2.16.2-x86_64-2.txz: Rebuilt.
+xap/vim-gvim-9.1.0225-x86_64-1.txz: Upgraded.
+extra/brltty/brltty-6.6-x86_64-3.txz: Rebuilt.
++--------------------------+
+Fri Mar 29 02:25:21 UTC 2024
+a/coreutils-9.5-x86_64-1.txz: Upgraded.
+ chmod -R now avoids a race where an attacker may replace a traversed file
+ with a symlink, causing chmod to operate on an unintended file.
+ [This bug was present in "the beginning".]
+ split --line-bytes with a mixture of very long and short lines no longer
+ overwrites the heap.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2024-0684
+ (* Security fix *)
++--------------------------+
+Thu Mar 28 21:40:08 UTC 2024
+a/btrfs-progs-6.8-x86_64-1.txz: Upgraded.
+a/gpm-1.20.7-x86_64-10.txz: Rebuilt.
+ Clean up the compile fix patch omitting the Emacs Lisp file.
+ Clean up and apply the weak-wgetch patch.
+ Build using the option --without-curses.
+ Thanks to qunying.
+a/util-linux-2.40-x86_64-1.txz: Upgraded.
+ This release fixes a vulnerability where the wall command did not filter
+ escape sequences from command line arguments, allowing unprivileged users
+ to put arbitrary text on other users terminals.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2024-28085
+ (* Security fix *)
+d/rust-1.77.1-x86_64-1.txz: Upgraded.
+l/fluidsynth-2.3.5-x86_64-1.txz: Upgraded.
+l/protobuf-26.1-x86_64-1.txz: Upgraded.
+l/python-build-1.2.1-x86_64-1.txz: Upgraded.
+n/samba-4.20.0-x86_64-1.txz: Upgraded.
+x/mesa-24.0.4-x86_64-1.txz: Upgraded.
+xap/seamonkey-2.53.18.2-x86_64-1.txz: Upgraded.
+ This update contains security fixes and improvements.
+ For more information, see:
+ https://www.seamonkey-project.org/releases/seamonkey2.53.18.2
+ (* Security fix *)
++--------------------------+
Wed Mar 27 19:16:09 UTC 2024
a/kernel-firmware-20240322_e068ccf-noarch-1.txz: Upgraded.
a/kernel-generic-6.6.23-x86_64-1.txz: Upgraded.