1 files changed, 229 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7a4314aeb..5d18c726b 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,232 @@
+Wed May  1 18:48:17 UTC 2024
+ap/nano-8.0-x86_64-1.txz:  Upgraded.
+ap/vim-9.1.0386-x86_64-1.txz:  Upgraded.
+l/liburing-2.6-x86_64-1.txz:  Upgraded.
+xap/vim-gvim-9.1.0386-x86_64-1.txz:  Upgraded.
++--------------------------+
+Tue Apr 30 18:54:11 UTC 2024
+a/elogind-255.5-x86_64-1.txz:  Upgraded.
+d/git-2.45.0-x86_64-1.txz:  Upgraded.
+l/gst-plugins-bad-free-1.24.3-x86_64-1.txz:  Upgraded.
+l/gst-plugins-base-1.24.3-x86_64-1.txz:  Upgraded.
+l/gst-plugins-good-1.24.3-x86_64-1.txz:  Upgraded.
+l/gst-plugins-libav-1.24.3-x86_64-1.txz:  Upgraded.
+l/gstreamer-1.24.3-x86_64-1.txz:  Upgraded.
++--------------------------+
+Mon Apr 29 21:32:37 UTC 2024
+a/aaa_libraries-15.1-x86_64-31.txz:  Rebuilt.
+  Added: libncurses++w.so.6.5, libtic.so.6.5.
+  Upgraded: libformw.so.6.5, libmenuw.so.6.5, libncursesw.so.6.5,
+  libpanelw.so.6.5, libtinfo.so.6.5.
+  Removed (with compat symlinks made): libform.so.6.4, libmenu.so.6.4,
+  libncurses.so.6.4, libpanel.so.6.4.
+a/aaa_terminfo-6.5-x86_64-1.txz:  Upgraded.
+l/ncurses-6.5-x86_64-1.txz:  Upgraded.
+  This seemed like a good opportunity to go over my notes and try to make this
+  SlackBuild at least defensible, if not correct. :-) The non-wide libraries
+  have all been purged and replaced with compatibility symlinks pointing to the
+  wide versions. Anything trying to use -lncurses (etc) will be redirected to
+  -lncursesw (etc) at compile time. Looks like nearly 50 packages are linked to
+  the non-wide libraries, but everything works this way.
+  Thanks to GazL who provided most of the suggestions used.
+l/python-pyproject-hooks-1.1.0-x86_64-1.txz:  Upgraded.
+n/lynx-2.9.1-x86_64-1.txz:  Upgraded.
+x/xconsole-1.1.0-x86_64-1.txz:  Upgraded.
+xap/mozilla-firefox-125.0.3-x86_64-1.txz:  Upgraded.
+  This is a bugfix release.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/
++--------------------------+
+Sun Apr 28 19:20:42 UTC 2024
+a/iniparser-4.2-x86_64-1.txz:  Upgraded.
+ap/hplip-3.23.12-x86_64-5.txz:  Rebuilt.
+  Replace a single unicode space character in models.dat with an ASCII space
+  to prevent python3 from tripping over it in some cases. This seems to follow
+  the extreme programming motto of "do the simplest thing that could possibly
+  work", so we'll see if it does.
+  Thanks to pdags.
+ap/jove-4.17.5.3-x86_64-1.txz:  Upgraded.
+l/enchant-2.7.2-x86_64-1.txz:  Upgraded.
+l/jasper-4.2.4-x86_64-1.txz:  Upgraded.
+l/libgtop-2.41.3-x86_64-1.txz:  Upgraded.
+l/mlt-7.24.0-x86_64-1.txz:  Upgraded.
++--------------------------+
+Sat Apr 27 19:02:25 UTC 2024
+a/kernel-generic-6.6.29-x86_64-1.txz:  Upgraded.
+a/kernel-huge-6.6.29-x86_64-1.txz:  Upgraded.
+a/kernel-modules-6.6.29-x86_64-1.txz:  Upgraded.
+ap/cups-2.4.8-x86_64-1.txz:  Upgraded.
+d/kernel-headers-6.6.29-x86-1.txz:  Upgraded.
+d/valgrind-3.23.0-x86_64-1.txz:  Upgraded.
+k/kernel-source-6.6.29-noarch-1.txz:  Upgraded.
+l/enchant-2.7.1-x86_64-1.txz:  Upgraded.
+isolinux/initrd.img:  Rebuilt.
+kernels/*:  Upgraded.
+usb-and-pxe-installers/usbboot.img:  Rebuilt.
++--------------------------+
+Fri Apr 26 20:12:32 UTC 2024
+a/kernel-firmware-20240426_fc21f47-noarch-1.txz:  Upgraded.
+ap/cups-2.4.7-x86_64-3.txz:  Rebuilt.
+  Rebuild using --with-rundir=/run/cups.
+ap/cups-browsed-2.0.0-x86_64-1.txz:  Added.
+  This is the CUPS/IPP print queue browser daemon, previously part of the
+  cups-filters package.
+ap/cups-filters-2.0.0-x86_64-1.txz:  Upgraded.
+l/libarchive-3.7.4-x86_64-1.txz:  Upgraded.
+l/libcupsfilters-2.0.0-x86_64-1.txz:  Added.
+  This is required by cups-filters-2.0.0.
+l/libppd-2.0.0-x86_64-1.txz:  Added.
+  This is required by cups-filters-2.0.0.
+l/libproxy-0.5.6-x86_64-1.txz:  Upgraded.
+x/wayland-protocols-1.36-noarch-1.txz:  Upgraded.
+xap/mozilla-firefox-125.0.2-x86_64-1.txz:  Upgraded.
+xap/mozilla-thunderbird-125.0-x86_64-1.txz:  Upgraded.
+extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz:  Removed.
++--------------------------+
+Thu Apr 25 17:58:17 UTC 2024
+l/PyQt-builder-1.16.2-x86_64-1.txz:  Upgraded.
+l/fribidi-1.0.14-x86_64-1.txz:  Upgraded.
+l/libarchive-3.7.3-x86_64-2.txz:  Rebuilt.
+  Patched an out-of-bound error in the rar e8 filter that could allow for
+  the execution of arbitrary code.
+  Thanks to gmgf for the heads-up.
+  For more information, see:
+    https://github.com/advisories/GHSA-2jc9-36w4-pmqw
+    https://www.cve.org/CVERecord?id=CVE-2024-26256
+  (* Security fix *)
+n/bluez-5.75-x86_64-3.txz:  Rebuilt.
+  [PATCH] shared/uhid: Fix crash if bt_uhid_destroy free replay structure.
+  Thanks to sombragris.
+n/libgpg-error-1.49-x86_64-1.txz:  Upgraded.
++--------------------------+
+Wed Apr 24 20:08:55 UTC 2024
+ap/dmidecode-3.6-x86_64-1.txz:  Upgraded.
+kde/fcitx5-configtool-5.1.5-x86_64-1.txz:  Upgraded.
+l/aom-3.9.0-x86_64-1.txz:  Upgraded.
+x/mesa-24.0.6-x86_64-1.txz:  Upgraded.
++--------------------------+
+Tue Apr 23 22:24:03 UTC 2024
+d/ruby-3.3.1-x86_64-1.txz:  Upgraded.
+  This update fixes security issues:
+  Arbitrary memory address read vulnerability with Regex search.
+  RCE vulnerability with .rdoc_options in RDoc.
+  Buffer overread vulnerability in StringIO.
+  For more information, see:
+    https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
+    https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
+    https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
+    https://www.cve.org/CVERecord?id=CVE-2024-27282
+    https://www.cve.org/CVERecord?id=CVE-2024-27281
+    https://www.cve.org/CVERecord?id=CVE-2024-27280
+  (* Security fix *)
+l/python-docutils-0.21.2-x86_64-1.txz:  Upgraded.
+x/rendercheck-1.6-x86_64-1.txz:  Upgraded.
+x/xcb-imdkit-1.0.8-x86_64-1.txz:  Upgraded.
++--------------------------+
+Tue Apr 23 19:48:05 UTC 2024
+a/ed-1.20.2-x86_64-1.txz:  Upgraded.
+d/parallel-20240422-noarch-1.txz:  Upgraded.
+kde/krusader-2.8.1-x86_64-1.txz:  Upgraded.
+kde/ktextaddons-1.5.4-x86_64-1.txz:  Upgraded.
+l/libgusb-0.4.9-x86_64-1.txz:  Upgraded.
+n/nmap-7.95-x86_64-1.txz:  Upgraded.
+x/fcitx5-5.1.9-x86_64-1.txz:  Upgraded.
+x/fcitx5-anthy-5.1.4-x86_64-1.txz:  Upgraded.
+x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz:  Upgraded.
+x/fcitx5-gtk-5.1.3-x86_64-1.txz:  Upgraded.
+x/fcitx5-hangul-5.1.3-x86_64-1.txz:  Upgraded.
+x/fcitx5-kkc-5.1.3-x86_64-1.txz:  Upgraded.
+x/fcitx5-m17n-5.1.1-x86_64-1.txz:  Upgraded.
+x/fcitx5-qt-5.1.6-x86_64-1.txz:  Upgraded.
+x/fcitx5-sayura-5.1.2-x86_64-1.txz:  Upgraded.
+x/fcitx5-table-extra-5.1.5-x86_64-1.txz:  Upgraded.
+x/fcitx5-table-other-5.1.2-x86_64-1.txz:  Upgraded.
+x/fcitx5-unikey-5.1.4-x86_64-1.txz:  Upgraded.
+x/libime-1.1.7-x86_64-1.txz:  Upgraded.
+extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz:  Rebuilt.
+  This is a bugfix release.
+  Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it
+  in a terminal emulator in text mode, or rebuild if you really need to get
+  rid of the X11 dependency for some reason.
+  Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces
+  a buggy Emacs here in the modern era, with symptoms such as "child signal FD:
+  Invalid argument". It's possible this had something to do with the reported
+  memory leaks as well.
+  Thanks to 3Tom for the bug report.
++--------------------------+
+Mon Apr 22 19:36:38 UTC 2024
+a/elogind-255.4_r2-x86_64-2.txz:  Rebuilt.
+  OK, this is looking good enough to return to the main tree now.
+  Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues
+  with upstream, and to Sven Eden for the upstream fixes. I've changed the
+  default sleep mode from s2idle to deep as s2idle still locks up most of the
+  systems I've tried it on. Eventually we'll probably have to swallow this pill
+  though (more notes on that in the SlackBuild).
+  It didn't seem like recompiling polkit again was necessary, but correct me if
+  I'm wrong about that.
+l/imagemagick-7.1.1_31-x86_64-1.txz:  Upgraded.
+l/python-hatchling-1.24.2-x86_64-1.txz:  Upgraded.
+l/vte-0.76.1-x86_64-1.txz:  Upgraded.
+l/wireplumber-0.5.2-x86_64-1.txz:  Upgraded.
+xap/freerdp-2.11.7-x86_64-1.txz:  Upgraded.
+  This release eliminates a bunch of issues detected during oss-fuzz runs.
+  (* Security fix *)
++--------------------------+
+Sun Apr 21 21:41:34 UTC 2024
+a/etc-15.1-x86_64-11.txz:  Rebuilt.
+  Populate missing /etc/gshadow entries. Thanks to opty.
+l/PyQt-builder-1.16.1-x86_64-1.txz:  Upgraded.
+l/python-pluggy-1.5.0-x86_64-1.txz:  Upgraded.
++--------------------------+
+Sat Apr 20 00:10:39 UTC 2024
+l/gdk-pixbuf2-2.42.11-x86_64-2.txz:  Rebuilt.
+  Recompiled with -Dtests=false -Dothers=enabled to fix gkrellm.
+  Thanks to J_W for the bug report.
++--------------------------+
+Fri Apr 19 19:36:17 UTC 2024
+a/elogind-252.23-x86_64-3.txz:  Rebuilt.
+  All right, it's time to stop the bleeding (edge). This has been verified as
+  the last working version of elogind, so we'll revert for now while moving the
+  newer sources into /testing. We didn't actually *need* the 255 branch for
+  libgudev (I was mistakenly under that impression), so this will be fine for
+  now. We'll keep an eye on upstream and move forward when things settle down.
+d/vala-0.56.17-x86_64-1.txz:  Upgraded.
+l/gdk-pixbuf2-2.42.11-x86_64-1.txz:  Upgraded.
+l/gtk4-4.14.3-x86_64-1.txz:  Upgraded.
+l/polkit-124-x86_64-2.txz:  Rebuilt.
+  Recompiled against elogind-252.23.
+l/python-sphinx-7.3.7-x86_64-1.txz:  Upgraded.
+n/NetworkManager-1.46.0-x86_64-2.txz:  Rebuilt.
+  Build with meson instead of autotools, since setting session_tracking to
+  elogind is ignored with autotools, and is set to consolekit instead.
+  While this didn't seem to make a difference in practice, better to get this
+  right now and rule it out as part of the issue.
+  Thanks to marav and LuckyCyborg for the options hints.
+x/xdg-desktop-portal-1.18.4-x86_64-1.txz:  Upgraded.
+xap/freerdp-2.11.6-x86_64-1.txz:  Upgraded.
+  This release is a security release and addresses multiple issues:
+  [Low] OutOfBound Read in zgfx_decompress_segment.
+  [Moderate] Integer overflow & OutOfBound Write in
+  clear_decompress_residual_data.
+  [Low] integer underflow in nsc_rle_decode.
+  [Low] OutOfBound Read in planar_skip_plane_rle.
+  [Low] OutOfBound Read in ncrush_decompress.
+  [Low] OutOfBound Read in interleaved_decompress.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2024-32041
+    https://www.cve.org/CVERecord?id=CVE-2024-32039
+    https://www.cve.org/CVERecord?id=CVE-2024-32040
+    https://www.cve.org/CVERecord?id=CVE-2024-32458
+    https://www.cve.org/CVERecord?id=CVE-2024-32459
+    https://www.cve.org/CVERecord?id=CVE-2024-32460
+  (* Security fix *)
++--------------------------+
+Fri Apr 19 05:38:28 UTC 2024
+xap/mozilla-thunderbird-115.10.1-x86_64-1.txz:  Upgraded.
+  This is a bugfix release.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/
++--------------------------+
 Thu Apr 18 19:17:30 UTC 2024
 a/aaa_glibc-solibs-2.39-x86_64-2.txz:  Rebuilt.
 ap/vim-9.1.0346-x86_64-1.txz:  Upgraded.