diff options
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 229 |
1 files changed, 229 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 7a4314aeb..5d18c726b 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,232 @@ +Wed May 1 18:48:17 UTC 2024 +ap/nano-8.0-x86_64-1.txz: Upgraded. +ap/vim-9.1.0386-x86_64-1.txz: Upgraded. +l/liburing-2.6-x86_64-1.txz: Upgraded. +xap/vim-gvim-9.1.0386-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 30 18:54:11 UTC 2024 +a/elogind-255.5-x86_64-1.txz: Upgraded. +d/git-2.45.0-x86_64-1.txz: Upgraded. +l/gst-plugins-bad-free-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-base-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-good-1.24.3-x86_64-1.txz: Upgraded. +l/gst-plugins-libav-1.24.3-x86_64-1.txz: Upgraded. +l/gstreamer-1.24.3-x86_64-1.txz: Upgraded. ++--------------------------+ +Mon Apr 29 21:32:37 UTC 2024 +a/aaa_libraries-15.1-x86_64-31.txz: Rebuilt. + Added: libncurses++w.so.6.5, libtic.so.6.5. + Upgraded: libformw.so.6.5, libmenuw.so.6.5, libncursesw.so.6.5, + libpanelw.so.6.5, libtinfo.so.6.5. + Removed (with compat symlinks made): libform.so.6.4, libmenu.so.6.4, + libncurses.so.6.4, libpanel.so.6.4. +a/aaa_terminfo-6.5-x86_64-1.txz: Upgraded. +l/ncurses-6.5-x86_64-1.txz: Upgraded. + This seemed like a good opportunity to go over my notes and try to make this + SlackBuild at least defensible, if not correct. :-) The non-wide libraries + have all been purged and replaced with compatibility symlinks pointing to the + wide versions. Anything trying to use -lncurses (etc) will be redirected to + -lncursesw (etc) at compile time. Looks like nearly 50 packages are linked to + the non-wide libraries, but everything works this way. + Thanks to GazL who provided most of the suggestions used. +l/python-pyproject-hooks-1.1.0-x86_64-1.txz: Upgraded. +n/lynx-2.9.1-x86_64-1.txz: Upgraded. +x/xconsole-1.1.0-x86_64-1.txz: Upgraded. +xap/mozilla-firefox-125.0.3-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/firefox/125.0.3/releasenotes/ ++--------------------------+ +Sun Apr 28 19:20:42 UTC 2024 +a/iniparser-4.2-x86_64-1.txz: Upgraded. +ap/hplip-3.23.12-x86_64-5.txz: Rebuilt. + Replace a single unicode space character in models.dat with an ASCII space + to prevent python3 from tripping over it in some cases. This seems to follow + the extreme programming motto of "do the simplest thing that could possibly + work", so we'll see if it does. + Thanks to pdags. +ap/jove-4.17.5.3-x86_64-1.txz: Upgraded. +l/enchant-2.7.2-x86_64-1.txz: Upgraded. +l/jasper-4.2.4-x86_64-1.txz: Upgraded. +l/libgtop-2.41.3-x86_64-1.txz: Upgraded. +l/mlt-7.24.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 27 19:02:25 UTC 2024 +a/kernel-generic-6.6.29-x86_64-1.txz: Upgraded. +a/kernel-huge-6.6.29-x86_64-1.txz: Upgraded. +a/kernel-modules-6.6.29-x86_64-1.txz: Upgraded. +ap/cups-2.4.8-x86_64-1.txz: Upgraded. +d/kernel-headers-6.6.29-x86-1.txz: Upgraded. +d/valgrind-3.23.0-x86_64-1.txz: Upgraded. +k/kernel-source-6.6.29-noarch-1.txz: Upgraded. +l/enchant-2.7.1-x86_64-1.txz: Upgraded. +isolinux/initrd.img: Rebuilt. +kernels/*: Upgraded. +usb-and-pxe-installers/usbboot.img: Rebuilt. ++--------------------------+ +Fri Apr 26 20:12:32 UTC 2024 +a/kernel-firmware-20240426_fc21f47-noarch-1.txz: Upgraded. +ap/cups-2.4.7-x86_64-3.txz: Rebuilt. + Rebuild using --with-rundir=/run/cups. +ap/cups-browsed-2.0.0-x86_64-1.txz: Added. + This is the CUPS/IPP print queue browser daemon, previously part of the + cups-filters package. +ap/cups-filters-2.0.0-x86_64-1.txz: Upgraded. +l/libarchive-3.7.4-x86_64-1.txz: Upgraded. +l/libcupsfilters-2.0.0-x86_64-1.txz: Added. + This is required by cups-filters-2.0.0. +l/libppd-2.0.0-x86_64-1.txz: Added. + This is required by cups-filters-2.0.0. +l/libproxy-0.5.6-x86_64-1.txz: Upgraded. +x/wayland-protocols-1.36-noarch-1.txz: Upgraded. +xap/mozilla-firefox-125.0.2-x86_64-1.txz: Upgraded. +xap/mozilla-thunderbird-125.0-x86_64-1.txz: Upgraded. +extra/rust-for-mozilla/rust-1.70.0-x86_64-4.txz: Removed. ++--------------------------+ +Thu Apr 25 17:58:17 UTC 2024 +l/PyQt-builder-1.16.2-x86_64-1.txz: Upgraded. +l/fribidi-1.0.14-x86_64-1.txz: Upgraded. +l/libarchive-3.7.3-x86_64-2.txz: Rebuilt. + Patched an out-of-bound error in the rar e8 filter that could allow for + the execution of arbitrary code. + Thanks to gmgf for the heads-up. + For more information, see: + https://github.com/advisories/GHSA-2jc9-36w4-pmqw + https://www.cve.org/CVERecord?id=CVE-2024-26256 + (* Security fix *) +n/bluez-5.75-x86_64-3.txz: Rebuilt. + [PATCH] shared/uhid: Fix crash if bt_uhid_destroy free replay structure. + Thanks to sombragris. +n/libgpg-error-1.49-x86_64-1.txz: Upgraded. ++--------------------------+ +Wed Apr 24 20:08:55 UTC 2024 +ap/dmidecode-3.6-x86_64-1.txz: Upgraded. +kde/fcitx5-configtool-5.1.5-x86_64-1.txz: Upgraded. +l/aom-3.9.0-x86_64-1.txz: Upgraded. +x/mesa-24.0.6-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 23 22:24:03 UTC 2024 +d/ruby-3.3.1-x86_64-1.txz: Upgraded. + This update fixes security issues: + Arbitrary memory address read vulnerability with Regex search. + RCE vulnerability with .rdoc_options in RDoc. + Buffer overread vulnerability in StringIO. + For more information, see: + https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ + https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ + https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ + https://www.cve.org/CVERecord?id=CVE-2024-27282 + https://www.cve.org/CVERecord?id=CVE-2024-27281 + https://www.cve.org/CVERecord?id=CVE-2024-27280 + (* Security fix *) +l/python-docutils-0.21.2-x86_64-1.txz: Upgraded. +x/rendercheck-1.6-x86_64-1.txz: Upgraded. +x/xcb-imdkit-1.0.8-x86_64-1.txz: Upgraded. ++--------------------------+ +Tue Apr 23 19:48:05 UTC 2024 +a/ed-1.20.2-x86_64-1.txz: Upgraded. +d/parallel-20240422-noarch-1.txz: Upgraded. +kde/krusader-2.8.1-x86_64-1.txz: Upgraded. +kde/ktextaddons-1.5.4-x86_64-1.txz: Upgraded. +l/libgusb-0.4.9-x86_64-1.txz: Upgraded. +n/nmap-7.95-x86_64-1.txz: Upgraded. +x/fcitx5-5.1.9-x86_64-1.txz: Upgraded. +x/fcitx5-anthy-5.1.4-x86_64-1.txz: Upgraded. +x/fcitx5-chinese-addons-5.1.5-x86_64-1.txz: Upgraded. +x/fcitx5-gtk-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-hangul-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-kkc-5.1.3-x86_64-1.txz: Upgraded. +x/fcitx5-m17n-5.1.1-x86_64-1.txz: Upgraded. +x/fcitx5-qt-5.1.6-x86_64-1.txz: Upgraded. +x/fcitx5-sayura-5.1.2-x86_64-1.txz: Upgraded. +x/fcitx5-table-extra-5.1.5-x86_64-1.txz: Upgraded. +x/fcitx5-table-other-5.1.2-x86_64-1.txz: Upgraded. +x/fcitx5-unikey-5.1.4-x86_64-1.txz: Upgraded. +x/libime-1.1.7-x86_64-1.txz: Upgraded. +extra/emacs-regular-build/emacs-29.3-x86_64-2_regular.txz: Rebuilt. + This is a bugfix release. + Only build the X11/GTK+3 version. Use "emacs -nw" if you want to start it + in a terminal emulator in text mode, or rebuild if you really need to get + rid of the X11 dependency for some reason. + Build using --with-pdumper=auto. It seems that --with-dumping=unexec produces + a buggy Emacs here in the modern era, with symptoms such as "child signal FD: + Invalid argument". It's possible this had something to do with the reported + memory leaks as well. + Thanks to 3Tom for the bug report. ++--------------------------+ +Mon Apr 22 19:36:38 UTC 2024 +a/elogind-255.4_r2-x86_64-2.txz: Rebuilt. + OK, this is looking good enough to return to the main tree now. + Thanks to hamkg, ctrlaltca, and rizitis for helping to debug the sleep issues + with upstream, and to Sven Eden for the upstream fixes. I've changed the + default sleep mode from s2idle to deep as s2idle still locks up most of the + systems I've tried it on. Eventually we'll probably have to swallow this pill + though (more notes on that in the SlackBuild). + It didn't seem like recompiling polkit again was necessary, but correct me if + I'm wrong about that. +l/imagemagick-7.1.1_31-x86_64-1.txz: Upgraded. +l/python-hatchling-1.24.2-x86_64-1.txz: Upgraded. +l/vte-0.76.1-x86_64-1.txz: Upgraded. +l/wireplumber-0.5.2-x86_64-1.txz: Upgraded. +xap/freerdp-2.11.7-x86_64-1.txz: Upgraded. + This release eliminates a bunch of issues detected during oss-fuzz runs. + (* Security fix *) ++--------------------------+ +Sun Apr 21 21:41:34 UTC 2024 +a/etc-15.1-x86_64-11.txz: Rebuilt. + Populate missing /etc/gshadow entries. Thanks to opty. +l/PyQt-builder-1.16.1-x86_64-1.txz: Upgraded. +l/python-pluggy-1.5.0-x86_64-1.txz: Upgraded. ++--------------------------+ +Sat Apr 20 00:10:39 UTC 2024 +l/gdk-pixbuf2-2.42.11-x86_64-2.txz: Rebuilt. + Recompiled with -Dtests=false -Dothers=enabled to fix gkrellm. + Thanks to J_W for the bug report. ++--------------------------+ +Fri Apr 19 19:36:17 UTC 2024 +a/elogind-252.23-x86_64-3.txz: Rebuilt. + All right, it's time to stop the bleeding (edge). This has been verified as + the last working version of elogind, so we'll revert for now while moving the + newer sources into /testing. We didn't actually *need* the 255 branch for + libgudev (I was mistakenly under that impression), so this will be fine for + now. We'll keep an eye on upstream and move forward when things settle down. +d/vala-0.56.17-x86_64-1.txz: Upgraded. +l/gdk-pixbuf2-2.42.11-x86_64-1.txz: Upgraded. +l/gtk4-4.14.3-x86_64-1.txz: Upgraded. +l/polkit-124-x86_64-2.txz: Rebuilt. + Recompiled against elogind-252.23. +l/python-sphinx-7.3.7-x86_64-1.txz: Upgraded. +n/NetworkManager-1.46.0-x86_64-2.txz: Rebuilt. + Build with meson instead of autotools, since setting session_tracking to + elogind is ignored with autotools, and is set to consolekit instead. + While this didn't seem to make a difference in practice, better to get this + right now and rule it out as part of the issue. + Thanks to marav and LuckyCyborg for the options hints. +x/xdg-desktop-portal-1.18.4-x86_64-1.txz: Upgraded. +xap/freerdp-2.11.6-x86_64-1.txz: Upgraded. + This release is a security release and addresses multiple issues: + [Low] OutOfBound Read in zgfx_decompress_segment. + [Moderate] Integer overflow & OutOfBound Write in + clear_decompress_residual_data. + [Low] integer underflow in nsc_rle_decode. + [Low] OutOfBound Read in planar_skip_plane_rle. + [Low] OutOfBound Read in ncrush_decompress. + [Low] OutOfBound Read in interleaved_decompress. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2024-32041 + https://www.cve.org/CVERecord?id=CVE-2024-32039 + https://www.cve.org/CVERecord?id=CVE-2024-32040 + https://www.cve.org/CVERecord?id=CVE-2024-32458 + https://www.cve.org/CVERecord?id=CVE-2024-32459 + https://www.cve.org/CVERecord?id=CVE-2024-32460 + (* Security fix *) ++--------------------------+ +Fri Apr 19 05:38:28 UTC 2024 +xap/mozilla-thunderbird-115.10.1-x86_64-1.txz: Upgraded. + This is a bugfix release. + For more information, see: + https://www.mozilla.org/en-US/thunderbird/115.10.1/releasenotes/ ++--------------------------+ Thu Apr 18 19:17:30 UTC 2024 a/aaa_glibc-solibs-2.39-x86_64-2.txz: Rebuilt. ap/vim-9.1.0346-x86_64-1.txz: Upgraded. |