current - Tracking development of slackware-current

	Commit message (Collapse)	Author	Age	Files	Lines
*	Tue Sep 6 20:21:24 UTC 202220220906202124_15.0	Patrick J Volkerding	2022-09-07	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	extra/rust-for-mozilla/rust-1.60.0-x86_64-1_slack15.0.txz: Upgraded. Upgraded the Rust compiler for Firefox 102.2.0 and Thunderbird 102.2.1. patches/packages/mozilla-firefox-102.2.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/102.2.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-34/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38473 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38476 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38477 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38478 (* Security fix ) patches/packages/mozilla-thunderbird-102.2.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. Some accounts may need to be reconfigured after moving from Thunderbird 91.13.0 to Thunderbird 102.2.1. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.2.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-38/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3033 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3032 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3034 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059 ( Security fix ) patches/packages/vim-9.0.0396-x86_64-1_slack15.0.txz: Upgraded. Fixed use after free. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3099 ( Security fix *) patches/packages/vim-gvim-9.0.0396-x86_64-1_slack15.0.txz: Upgraded.
*	Thu Sep 1 20:01:13 UTC 202220220901200113_15.0	Patrick J Volkerding	2022-09-02	1	-0/+1
\| \| \| \| \| \| \| \|	patches/packages/poppler-21.12.0-x86_64-2_slack15.0.txz: Rebuilt. [PATCH] JBIG2Stream: Fix crash on broken file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30860 (* Security fix *)
*	Tue Aug 30 19:39:30 UTC 202220220830193930_15.0	Patrick J Volkerding	2022-08-31	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	extra/sendmail/sendmail-8.17.1-x86_64-4_slack15.0.txz: Rebuilt. Patched sendmail.h to fix SASL auth. Thanks to af7567. Build without -DUSE_EAI (which is evidently considered experimental) since the option breaks the vacation binary. Thanks to bitfuzzy and HQuest. It is possible that this could work but requires additional options. I found this in the ChangeLog for the SUSE rpm: Experimental support for SMTPUTF8 (EAI, see RFC 6530-6533) is available when using the compile time option USE_EAI (see also devtools/Site/site.config.m4.sample for other required settings) and the cf option SMTPUTF8. If a mail submission via the command line requires the use of SMTPUTF8, e.g., because a header uses UTF-8 encoding, but the addresses on the command line are all ASCII, then the new option -U must be used, and the cf option SMTPUTF8 must be set in submit.cf. Any assistance with getting -DUSE_EAI working properly would be appreciated. extra/sendmail/sendmail-cf-8.17.1-noarch-4_slack15.0.txz: Rebuilt. patches/packages/vim-9.0.0334-x86_64-1_slack15.0.txz: Upgraded. Fixed use after free. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3016 (* Security fix *) patches/packages/vim-gvim-9.0.0334-x86_64-1_slack15.0.txz: Upgraded.
*	Fri Aug 26 04:02:20 UTC 202220220826040220_15.0	Patrick J Volkerding	2022-08-27	1	-4/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/linux-5.15.63/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 5.15.39: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1974 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1975 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1734 Fixed in 5.15.40: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1943 Fixed in 5.15.41: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28893 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1012 Fixed in 5.15.42: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1652 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1729 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21499 Fixed in 5.15.44: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1789 Fixed in 5.15.45: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2873 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1966 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32250 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1972 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2503 Fixed in 5.15.46: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1184 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1973 Fixed in 5.15.47: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34495 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32981 Fixed in 5.15.48: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21166 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21123 Fixed in 5.15.53: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2318 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26365 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33744 Fixed in 5.15.54: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33655 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34918 Fixed in 5.15.56: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36123 Fixed in 5.15.57: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29901 Fixed in 5.15.58: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36879 Fixed in 5.15.59: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36946 Fixed in 5.15.60: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26373 Fixed in 5.15.61: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1679 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588 ( Security fix ) patches/packages/vim-9.0.0270-x86_64-1_slack15.0.txz: Upgraded. We're just going to move to vim-9 instead of continuing to backport patches to the vim-8 branch. Most users will be better served by this. Fixed use after free and null pointer dereference. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2946 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2923 ( Security fix *) patches/packages/vim-gvim-9.0.0270-x86_64-1_slack15.0.txz: Upgraded.
*	Sat Aug 20 20:04:15 UTC 202220220820200415_15.0	Patrick J Volkerding	2022-08-21	1	-0/+1
\| \| \| \| \| \| \| \| \| \|	patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt. Fix use after free. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
*	Wed Aug 17 20:41:53 UTC 202220220817204153_15.0	Patrick J Volkerding	2022-08-18	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt. Fix use after free, out-of-bounds read, and heap based buffer overflow. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt.
*	Mon Jul 25 20:53:49 UTC 202220220725205349_15.0	Patrick J Volkerding	2022-07-26	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/mozilla-firefox-91.12.0esr-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/91.12.0/releasenotes/ (* Security fix *) patches/packages/perl-5.34.0-x86_64-2_slack15.0.txz: Rebuilt. This is a bugfix release. Upgraded: Devel-CheckLib-1.16, IO-Socket-SSL-2.074, Net-SSLeay-1.92, Path-Tiny-0.122, Template-Toolkit-3.100, URI-5.12, libnet-3.14. Added a symlink to libperl.so in /usr/${LIBDIRSUFFIX} since net-snmp (and possibly other programs) might have trouble linking with it since it's not in the LD_LIBRARY_PATH. Thanks to oneforall.
*	Thu Jul 21 18:13:18 UTC 202220220721181318_15.0	Patrick J Volkerding	2022-07-22	1	-0/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously. A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference. A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810 (* Security fix *)
*	Wed Jul 13 19:56:59 UTC 202220220713195659_15.0	Patrick J Volkerding	2022-07-14	1	-0/+11
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/xorg-server-1.20.14-x86_64-3_slack15.0.txz: Rebuilt. xkb: switch to array index loops to moving pointers. xkb: add request length validation for XkbSetGeometry. xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320 (* Security fix *) patches/packages/xorg-server-xephyr-1.20.14-x86_64-3_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xnest-1.20.14-x86_64-3_slack15.0.txz: Rebuilt. patches/packages/xorg-server-xvfb-1.20.14-x86_64-3_slack15.0.txz: Rebuilt.
*	Thu May 26 18:27:32 UTC 202220220526182732_15.0	Patrick J Volkerding	2022-05-27	1	-0/+1
\| \| \| \| \| \| \| \|	patches/packages/cups-2.4.2-x86_64-1_slack15.0.txz: Upgraded. Fixed certificate strings comparison for Local authorization. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26691 (* Security fix *)
*	Mon May 9 21:33:25 UTC 202220220509213325_15.0	Patrick J Volkerding	2022-05-10	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/linux-5.15.38/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 5.15.27: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0494 Fixed in 5.15.28: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23038 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23039 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23036 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23037 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0002 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23040 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23042 Fixed in 5.15.29: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1199 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27666 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1011 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0854 Fixed in 5.15.32: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1015 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1048 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1016 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28356 Fixed in 5.15.33: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28390 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0168 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1158 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1353 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1198 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28389 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1516 Fixed in 5.15.34: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1263 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29582 Fixed in 5.15.35: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1204 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1205 Fixed in 5.15.37: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0500 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23222 ( Security fix *)
*	Mon May 2 20:02:49 UTC 202220220502200249_15.0	Patrick J Volkerding	2022-05-03	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/libxml2-2.9.14-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix integer overflow in xmlBuf and xmlBuffer. Fix potential double-free in xmlXPtrStringRangeFunction. Fix memory leak in xmlFindCharEncodingHandler. Normalize XPath strings in-place. Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars(). Fix leak of xmlElementContent. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824 (* Security fix *) patches/packages/mozilla-firefox-91.9.0esr-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/91.9.0/releasenotes/ patches/packages/samba-4.15.7-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. For more information, see: https://www.samba.org/samba/history/samba-4.15.7.html
*	Sat Apr 30 21:18:47 UTC 202220220430211847_15.0	Patrick J Volkerding	2022-05-01	1	-0/+2
\| \| \| \| \| \| \| \| \| \|	patches/packages/pidgin-2.14.9-x86_64-1_slack15.0.txz: Upgraded. Mitigate the potential for a man in the middle attack via DNS spoofing by removing the code that supported the _xmppconnect DNS TXT record. For more information, see: https://www.pidgin.im/about/security/advisories/cve-2022-26491/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26491 (* Security fix *)
*	Wed Mar 30 22:37:05 UTC 202220220330223705_15.0	Patrick J Volkerding	2022-03-31	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded. Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646. This vulnerability is capable of crashing software, bypassing protection mechanisms, modifying memory, and possibly execution of arbitrary code. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154 https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425 https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
*	Sat Mar 19 20:28:16 UTC 202220220319202816_15.0	Patrick J Volkerding	2022-03-20	1	-0/+2
\| \| \| \| \|	patches/packages/glibc-zoneinfo-2022a-noarch-1_slack15.0.txz: Upgraded. This package provides the latest timezone updates.
*	Fri Mar 18 20:16:12 UTC 202220220318201612_15.0	Patrick J Volkerding	2022-03-19	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/python3-3.9.11-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: libexpat upgraded from 2.4.1 to 2.4.7 bundled pip upgraded from 21.2.4 to 22.0.4 authorization bypass fixed in urllib.request REDoS avoided in importlib.metadata For more information, see: https://pythoninsider.blogspot.com/2022/03/python-3103-3911-3813-and-3713-are-now.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363 (* Security fix *)
*	Thu Mar 17 19:46:28 UTC 202220220317194628_15.0	Patrick J Volkerding	2022-03-18	1	-0/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: An assertion could occur in resume_dslookup() if the fetch had been shut down earlier. Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec" was enabled. A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() to be called recursively, which in turn left TCP connections hanging in the CLOSE_WAIT state blocking indefinitely when out-of-order processing was disabled. The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220 (* Security fix ) patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release: Fix issue with handling A2DP discover procedure. Fix issue with media endpoint replies and SetConfiguration. Fix issue with HoG queuing events before report map is read. Fix issue with HoG and read order of GATT attributes. Fix issue with HoG and not using UHID_CREATE2 interface. Fix issue with failed scanning for 5 minutes after reboot. patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. This update fixes a high severity security issue: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. For more information, see: https://www.openssl.org/news/secadv/20220315.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 ( Security fix *) patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded. Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make sure that the QtWebEngine version matches the rest of Qt, which got the latest git pull compiling again. If a 32-bit userspace is detected, then: export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox" This works around crashes occuring with 32-bit QtWebEngine applications. Thanks to alienBOB.
*	Tue Mar 15 00:13:59 UTC 202220220315001359_15.0	Patrick J Volkerding	2022-03-15	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: mod_sed: Read/write beyond bounds core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody HTTP request smuggling vulnerability mod_lua: Use of uninitialized value in r:parsebody For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.53 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719 (* Security fix ) patches/packages/mozilla-firefox-91.7.1esr-x86_64-1_slack15.0.txz: Upgraded. This release makes the following change: Yandex and Mail.ru have been removed as optional search providers in the drop-down search menu in Firefox. For more information, see: https://www.mozilla.org/en-US/firefox/91.7.1/releasenotes/ ( Security fix *)
*	Sat Mar 12 20:57:35 UTC 202220220312205735_15.0	Patrick J Volkerding	2022-03-13	1	-0/+5
\| \| \| \| \| \| \| \| \| \|	patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt. Patched to fix a security issue where an unprivileged user could cause a denial of service due to process file descriptor exhaustion. Thanks to marav. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115 (* Security fix *)
*	Thu Mar 10 02:30:54 UTC 202220220310023054_15.0	Patrick J Volkerding	2022-03-10	1	-0/+3
\| \| \| \| \| \|	patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz: Upgraded. This update provides the latest CA certificates to check for the authenticity of SSL connections.
*	Tue Mar 8 04:39:53 UTC 202220220308043953_15.0	Patrick J Volkerding	2022-03-09	1	-0/+1
\| \| \| \| \| \| \| \|	patches/packages/boost-1.78.0-x86_64-2_slack15.0.txz: Rebuilt. This update has been patched to fix a regression: Boost.Build silently skips installation of library headers and binaries in some cases. Thanks to Willy Sudiarto Raharjo.
*	Wed Mar 2 21:39:57 UTC 202220220302213957_15.0	Patrick J Volkerding	2022-03-03	1	-0/+3
\| \| \| \| \| \| \| \|	patches/packages/seamonkey-2.53.11-x86_64-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.11 (* Security fix *)
*	Tue Mar 1 05:05:48 UTC 202220220301050548_15.0	Patrick J Volkerding	2022-03-02	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/libxml2-2.9.13-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Use-after-free of ID and IDREF attributes (Thanks to Shinji Sato for the report) Use-after-free in xmlXIncludeCopyRange (David Kilzer) Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong) Fix memory leak in xmlXPathCompNodeTest Fix null pointer deref in xmlStringGetNodeList Fix several memory leaks found by Coverity (David King) For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308 (* Security fix ) patches/packages/libxslt-1.1.35-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix use-after-free in xsltApplyTemplates Fix memory leak in xsltDocumentElem (David King) Fix memory leak in xsltCompileIdKeyPattern (David King) Fix double-free with stylesheets containing entity nodes For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560 ( Security fix *)
*	Fri Feb 25 00:03:28 UTC 202220220225000328_15.0	Patrick J Volkerding	2022-02-25	1	-0/+2
\| \| \| \| \| \| \| \| \|	patches/packages/cyrus-sasl-2.1.28-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24407 (* Security fix *)
*	Mon Feb 21 20:21:38 UTC 202220220221202138_15.0	Patrick J Volkerding	2022-02-22	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/expat-2.4.6-x86_64-1_slack15.0.txz: Upgraded. Fixed a regression introduced by the fix for CVE-2022-25313 that affects applications that (1) call function XML_SetElementDeclHandler and (2) are parsing XML that contains nested element declarations: (e.g. "<!ELEMENT junk ((bar\|foo\|xyz+), zebra)>"). patches/packages/flac-1.3.4-x86_64-1_slack15.0.txz: Upgraded. This update fixes overflow issues with encoding and decoding. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0499 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0561 ( Security fix *) patches/packages/mariadb-10.5.15-x86_64-2_slack15.0.txz: Rebuilt. Removed dangling symlink.
*	Fri Feb 18 05:29:00 UTC 202220220218052900_15.0	Patrick J Volkerding	2022-02-19	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/mozilla-thunderbird-91.6.1-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.6.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0566 (* Security fix ) patches/packages/php-7.4.28-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix ) extra/php80/php80-8.0.16-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix ) extra/php81/php81-8.1.3-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: UAF due to php_filter_float() failing for ints. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21708 ( Security fix *)
*	Tue Feb 15 20:00:48 UTC 202220220215200048_15.0	Patrick J Volkerding	2022-02-16	1	-0/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt. If root's mailbox did not already exist, it would be created with insecure permissions leading to possible local information disclosure. This update ensures that a new mailbox will be created with proper permissions and ownership, and corrects the permissions on an existing mailbox if they are found to be incorrect. Thanks to Martin for the bug report. (* Security fix ) patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded. This release fixes a security issue in chsh(1) and chfn(8): By default, these utilities had been linked with libreadline, which allows the INPUTRC environment variable to be abused to produce an error message containing data from an arbitrary file. So, don't link these utilities with libreadline as it does not use secure_getenv() (or a similar concept), or sanitize the config file path to avoid vulnerabilities that could occur in set-user-ID or set-group-ID programs. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563 ( Security fix *)
*	Mon Feb 14 00:10:38 UTC 202220220214001038_15.0	Patrick J Volkerding	2022-02-14	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/mariadb-10.5.15-x86_64-1_slack15.0.txz: Upgraded. This update fixes potential denial-of-service vulnerabilities. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46665 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46664 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46661 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46668 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46663 (* Security fix *)
*	Thu Feb 10 01:46:55 UTC 202220220210014655_15.0	Patrick J Volkerding	2022-02-10	1	-0/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	patches/packages/at-3.2.3-x86_64-1_slack15.0.txz: Upgraded. Switched to at-3.2.3 since version 3.2.4 has a regression that causes queued jobs to not always run on time when atd is run as a standalone daemon. Thanks to Cesare. patches/packages/mozilla-firefox-91.6.0esr-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/91.6.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-05/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22753 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764 (* Security fix ) patches/packages/mozilla-thunderbird-91.6.0-x86_64-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.6.0/releasenotes/ https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird91.6 ( Security fix *)
*	Wed Feb 2 04:17:39 UTC 202220220202041739	Patrick J Volkerding	2022-02-02	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	fortune -m "I will be finished tomorrow" fortunes2 a/kernel-generic-5.15.19-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.19-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.19-x86_64-1.txz: Upgraded. ap/screen-4.9.0-x86_64-1.txz: Upgraded. Patched possible denial of service via a crafted UTF-8 character sequence. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26937 (* Security fix ) d/kernel-headers-5.15.19-x86-1.txz: Upgraded. k/kernel-source-5.15.19-noarch-1.txz: Upgraded. RTC_INTF_DEV_UIE_EMUL y -> n RTC_SYSTOHC n -> y +RTC_SYSTOHC_DEVICE "rtc0" l/lcms2-2.13-x86_64-2.txz: Rebuilt. [PATCH] Fix for optimization error on grayscale. Thanks to Aaron Boxer for reporting this issue. Thanks to gmgf. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. testing/source/linux-5.16.5-configs/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Tue Feb 1 04:37:04 UTC 202220220201043704	Patrick J Volkerding	2022-02-01	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The sepulchral voice intones, "The cave is now closed." kde/falkon-3.2.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt. [PATCH] only start programs in user's path. [PATCH] only execute diff in path. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 (* Security fix ) l/libcanberra-0.30-x86_64-9.txz: Rebuilt. Fix a bug crashing some applications in Wayland desktops. Thanks to 01micko. n/samba-4.15.5-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: UNIX extensions in SMB1 disclose whether the outside target of a symlink exists. Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit. Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. For more information, see: https://www.samba.org/samba/security/CVE-2021-44141.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141 https://www.samba.org/samba/security/CVE-2021-44142.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142 https://www.samba.org/samba/security/CVE-2022-0336.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336 ( Security fix ) x/xterm-370-x86_64-7.txz: Rebuilt. Rebuilt with --disable-sixel-graphics to fix a buffer overflow. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130 ( Security fix ) testing/source/linux-5.16.4-configs/: Added. Sample config files to build 5.16.4 Linux kernels.
*	Sun Jan 30 20:48:46 UTC 202220220130204846	Patrick J Volkerding	2022-01-31	1	-3/+0
\| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-19.txz: Rebuilt. Upgraded: libexpat.so.1.8.4, libjson-c.so.5.1.0 (thanks to peake). ap/at-3.2.4-x86_64-1.txz: Upgraded. d/git-2.35.1-x86_64-1.txz: Upgraded. l/expat-2.4.4-x86_64-1.txz: Upgraded. This update merges the patches we previously applied to expat-2.4.3. l/imagemagick-7.1.0_22-x86_64-1.txz: Upgraded. l/lcms2-2.13-x86_64-1.txz: Upgraded.
*	Sat Jan 29 06:17:05 UTC 202220220129061705	Patrick J Volkerding	2022-01-29	1	-0/+2
\| \| \| \| \| \| \| \| \| \|	a/rpm2tgz-1.2.2-x86_64-5.txz: Rebuilt. rpm2targz: when extracting the cpio archive from inside the RPM, use --no-absolute-filenames to protect against a poorly made RPM scribbling all over system files/directories. Thanks to Sl4ck3ver. Support -i option to ignore non-zero exit value from rpm2cpio. This allows repackaging some malformed RPMs. Thanks to ricky_cardo for the sample malformed RPM.
*	Thu Jan 27 22:43:13 UTC 202220220127224313	Patrick J Volkerding	2022-01-28	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-18.txz: Rebuilt. Rebuilt to pick up the patched libexpat.so.1.8.3. a/kernel-generic-5.15.17-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.17-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.17-x86_64-1.txz: Upgraded. a/lzlib-1.13-x86_64-1.txz: Upgraded. a/sysvinit-scripts-15.0-noarch-8.txz: Rebuilt. rc.S: clear /var/lock/subsys before starting libcgroup services. Thanks to pyllyukko. ap/pamixer-1.5-x86_64-2.txz: Rebuilt. Recompiled against boost-1.78.0. d/kernel-headers-5.15.17-x86-1.txz: Upgraded. k/kernel-source-5.15.17-noarch-1.txz: Upgraded. kde/kig-21.12.1-x86_64-2.txz: Rebuilt. Recompiled against boost-1.78.0. kde/kopeninghours-21.12.1-x86_64-2.txz: Rebuilt. Recompiled against boost-1.78.0. kde/krita-5.0.2-x86_64-2.txz: Rebuilt. Recompiled against boost-1.78.0. l/boost-1.78.0-x86_64-1.txz: Upgraded. I hadn't planned to update this at such a late stage, but POV-Ray needs it and everything we ship builds fine against it. Thanks to bender647. Shared library .so-version bump. l/cryfs-0.10.3-x86_64-4.txz: Rebuilt. Recompiled against boost-1.78.0. l/expat-2.4.3-x86_64-3.txz: Rebuilt. Prevent integer overflow in doProlog. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990 (* Security fix ) l/netpbm-10.97.03-x86_64-1.txz: Upgraded. l/openexr-2.5.7-x86_64-5.txz: Rebuilt. Recompiled against boost-1.78.0. l/pipewire-0.3.44-x86_64-1.txz: Upgraded. n/fetchmail-6.4.27-x86_64-1.txz: Upgraded. n/libgpg-error-1.44-x86_64-1.txz: Upgraded. x/mesa-21.3.5-x86_64-1.txz: Upgraded. xap/mozilla-firefox-91.5.1esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/91.5.1/releasenotes/ ( Security fix ) extra/rust-for-mozilla/rust-1.54.0-x86_64-4.txz: Rebuilt. Removed duplicated libLLVM shared library. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Wed Jan 26 20:46:44 UTC 202220220126204644	Patrick J Volkerding	2022-01-27	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-17.txz: Rebuilt. Upgraded: libcap.so.2.63, libglib-2.0.so.0.7000.3, libgmodule-2.0.so.0.7000.3, libgobject-2.0.so.0.7000.3, libgthread-2.0.so.0.7000.3, libtdb.so.1.4.6. a/mkinitrd-1.4.11-x86_64-28.txz: Rebuilt. Support kernel modules compressed with xz. Thanks to baldzhang. l/glib2-2.70.3-x86_64-1.txz: Upgraded. l/libcap-2.63-x86_64-1.txz: Upgraded. n/bluez-5.63-x86_64-2.txz: Rebuilt. rc.bluetooth: use #!/bin/bash shebang. Filter commented and empty lines when parsing uart.conf. Thanks to atelszewski.
*	Wed Jan 26 04:37:35 UTC 202220220126043735	Patrick J Volkerding	2022-01-26	1	-0/+1
\| \| \| \| \| \| \| \| \| \|	l/polkit-0.120-x86_64-2.txz: Rebuilt. [PATCH] pkexec: local privilege escalation. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034 (* Security fix *)
*	Tue Jan 25 06:16:36 UTC 202220220125061636	Patrick J Volkerding	2022-01-25	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	It may look like we're currently experiencing more stuckness, but this will lead us to Quality. We'll have this release in the can before you know it. a/aaa_glibc-solibs-2.33-x86_64-5.txz: Rebuilt. a/aaa_libraries-15.0-x86_64-16.txz: Rebuilt. Rebuilt to pick up the patched libexpat.so.1.8.3. a/kernel-firmware-20220124_eb8ea1b-noarch-1.txz: Upgraded. a/kernel-generic-5.15.16-x86_64-2.txz: Upgraded. a/kernel-huge-5.15.16-x86_64-2.txz: Upgraded. -9P_FSCACHE n 9P_FS m -> y Thanks to peake. a/kernel-modules-5.15.16-x86_64-2.txz: Upgraded. a/mkinitrd-1.4.11-x86_64-27.txz: Rebuilt. mkinitrd_command_generator.sh: properly detect partitions of a RAID device. Thanks to perrin4869. a/util-linux-2.37.3-x86_64-1.txz: Upgraded. This release fixes two security mount(8) and umount(8) issues: An issue related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3995 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3996 (* Security fix ) ap/vim-8.2.4212-x86_64-1.txz: Upgraded. d/git-2.35.0-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.16-x86-2.txz: Upgraded. k/kernel-source-5.15.16-noarch-2.txz: Upgraded. l/expat-2.4.3-x86_64-2.txz: Rebuilt. Fix signed integer overflow in function XML_GetBuffer for when XML_CONTEXT_BYTES is defined to >0 (which is both common and default). Impact is denial of service or other undefined behavior. While we're here, also patch a memory leak on output file opening error. Thanks to marav. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852 ( Security fix ) l/fluidsynth-2.2.5-x86_64-1.txz: Upgraded. l/glibc-2.33-x86_64-5.txz: Rebuilt. This update patches two security issues: Unexpected return value from glibc's realpath(). Off-by-one buffer overflow/underflow in glibc's getcwd(). Thanks to Qualys Research Labs for reporting these issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999 ( Security fix ) l/glibc-i18n-2.33-x86_64-5.txz: Rebuilt. l/glibc-profile-2.33-x86_64-5.txz: Rebuilt. l/tdb-1.4.6-x86_64-1.txz: Upgraded. x/xf86-input-libinput-1.2.1-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-91.5.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.5.1/releasenotes/ xap/vim-gvim-8.2.4212-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Fri Jan 21 05:47:49 UTC 202220220121054749	Patrick J Volkerding	2022-01-21	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-15.txz: Rebuilt. Upgraded: libzstd.so.1.5.2. a/kernel-firmware-20220119_0c6a7b3-noarch-1.txz: Upgraded. a/kernel-generic-5.15.16-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.16-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.16-x86_64-1.txz: Upgraded. ap/vim-8.2.4166-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.16-x86-1.txz: Upgraded. d/rust-1.58.1-x86_64-1.txz: Upgraded. k/kernel-source-5.15.16-noarch-1.txz: Upgraded. l/qt5-5.15.3_20211130_014c375b-x86_64-2.txz: Rebuilt. Applied upstream patch: [PATCH] Move the wayland socket polling to a separate event thread. Thanks to LuckyCyborg. l/svgalib-1.9.25-x86_64-7.txz: Rebuilt. Don't try to use the (broken) assembly. Thanks to nobodino. l/zstd-1.5.2-x86_64-1.txz: Upgraded. x/ibus-m17n-1.4.9-x86_64-1.txz: Upgraded. xap/vim-gvim-8.2.4166-x86_64-1.txz: Upgraded. extra/php80/php80-8.0.15-x86_64-1.txz: Upgraded. extra/php81/php81-8.1.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Wed Jan 19 18:18:02 UTC 202220220119181802	Patrick J Volkerding	2022-01-20	1	-9/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	ap/inxi-3.3.12_1-noarch-1.txz: Upgraded. ap/man-db-2.9.4-x86_64-3.txz: Rebuilt. Don't use --no-purge in the daily cron job to update the databases. l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt. Link against neon-0.32.2. Thanks to marav. n/bind-9.16.25-x86_64-1.txz: Upgraded. n/ethtool-5.16-x86_64-1.txz: Upgraded. n/samba-4.15.4-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded. The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304 (* Security fix *) x/xterm-370-x86_64-6.txz: Rebuilt. XTerm-console: improve the font settings. Thanks to GazL.
*	Mon Jan 17 22:44:42 UTC 202220220117224442	Patrick J Volkerding	2022-01-18	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Things haven't quite settled down yet with more bugfixes and a couple of safe upgrades, so not today folks. But enjoy Slackware's half-birthday anyway! ;-) ap/slackpkg-15.0.10-noarch-1.txz: Upgraded. Fix mirrors.ucr.ac.cr link address (Emmet Ford) Remove wroc.pl mirrors (Emmet Ford) Remove kddilabs.jp from mirrors (Emmet Ford) Unattended usage improvements (PiterPUNK) Create file to flag if the system needs restart (PiterPUNK) Thanks to Robby Workman. kde/kstars-3.5.7-x86_64-1.txz: Upgraded. kde/kwin-5.23.5-x86_64-2.txz: Rebuilt. [PATCH] Bypass wayland interface blacklisting. Thanks to LuckyCyborg. kde/plasma-workspace-5.23.5-x86_64-3.txz: Rebuilt. [PATCH 1/2] Revert "Drop setupX11 from startplasma-waylandsession." [PATCH 2/2] Revert "Drop X11 root properties for KDE full session." Thanks to LuckyCyborg. l/libical-3.0.13-x86_64-1.txz: Upgraded. n/p11-kit-0.24.1-x86_64-1.txz: Upgraded. n/stunnel-5.62-x86_64-1.txz: Upgraded. x/xterm-370-x86_64-4.txz: Rebuilt. Fixed XTerm-console (previously XTerm.linux.console). Renamed XTerm.upstream.default to XTerm-upstream. Thanks to GazL. xap/fluxbox-1.3.7-x86_64-6.txz: Rebuilt. [PATCH] replace FbRootWindow::depth with maxDepth. Thanks to OldHolborn. xap/geeqie-1.7.1-x86_64-1.txz: Upgraded.
*	Wed Jan 12 22:04:33 UTC 202220220112220433	Patrick J Volkerding	2022-01-13	1	-1/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Good hello, and welcome to the third and final release candidate for Slackware 15.0. We're 99% frozen at this point and are mostly looking for regression or other bug reports that might be able to be addressed before this goes stable. Of course, the management here reserves the right to make exceptions... that 5.15.15 kernel version has a nice ring to it. If your requests didn't make it into this iteration, perhaps we will revisit them for the next -current cycle. Some were just a little too late but will more than likely be needed next time (I'm looking at Didier's grubconfig), while others are just out of scope for the main tree where I like to abide by YAGNI as much as possible. Anyway, let's get some testing done and we'll be there soon. Enjoy! :-) a/aaa_base-15.0-x86_64-2.txz: Rebuilt. The Linux Counter has shut down, so remove the registration email. Update the welcome email for Slackware 15.0. a/aaa_libraries-15.0-x86_64-13.txz: Rebuilt. Upgraded: libsigsegv.so.2.0.7. a/eudev-3.2.11-x86_64-1.txz: Upgraded. a/haveged-1.9.17-x86_64-1.txz: Upgraded. a/hdparm-9.63-x86_64-1.txz: Upgraded. a/kernel-firmware-20220111_13dca28-noarch-1.txz: Upgraded. a/kernel-generic-5.15.14-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.14-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.14-x86_64-1.txz: Upgraded. ap/vim-8.2.4065-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.14-x86-1.txz: Upgraded. d/strace-5.16-x86_64-1.txz: Upgraded. d/vala-0.54.6-x86_64-1.txz: Upgraded. k/kernel-source-5.15.14-noarch-1.txz: Upgraded. VMD m -> y Thanks to dr.s. kde/attica-5.90.0-x86_64-1.txz: Upgraded. kde/baloo-5.90.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.90.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.90.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.90.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.90.0-x86_64-1.txz: Upgraded. kde/kactivities-5.90.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.90.0-x86_64-1.txz: Upgraded. kde/kapidox-5.90.0-x86_64-1.txz: Upgraded. kde/karchive-5.90.0-x86_64-1.txz: Upgraded. kde/kauth-5.90.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.90.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.90.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.90.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.90.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.90.0-x86_64-1.txz: Upgraded. kde/kconfig-5.90.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.90.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.90.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.90.0-x86_64-1.txz: Upgraded. kde/kcrash-5.90.0-x86_64-1.txz: Upgraded. kde/kdav-5.90.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.90.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.90.0-x86_64-1.txz: Upgraded. kde/kded-5.90.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.90.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.90.0-x86_64-1.txz: Upgraded. kde/kdesu-5.90.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.90.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.90.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.90.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.90.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.90.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.90.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.90.0-x86_64-1.txz: Upgraded. kde/kholidays-5.90.0-x86_64-1.txz: Upgraded. kde/khtml-5.90.0-x86_64-1.txz: Upgraded. kde/ki18n-5.90.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.90.0-x86_64-1.txz: Upgraded. kde/kidletime-5.90.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.90.0-x86_64-1.txz: Upgraded. kde/kinit-5.90.0-x86_64-1.txz: Upgraded. kde/kio-5.90.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.90.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.90.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.90.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.90.0-x86_64-1.txz: Upgraded. kde/kjs-5.90.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.90.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.90.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.90.0-x86_64-1.txz: Upgraded. kde/knotifications-5.90.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.90.0-x86_64-1.txz: Upgraded. kde/kpackage-5.90.0-x86_64-1.txz: Upgraded. kde/kparts-5.90.0-x86_64-1.txz: Upgraded. kde/kpeople-5.90.0-x86_64-1.txz: Upgraded. kde/kplotting-5.90.0-x86_64-1.txz: Upgraded. kde/kpty-5.90.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.90.0-x86_64-1.txz: Upgraded. kde/kross-5.90.0-x86_64-1.txz: Upgraded. kde/krunner-5.90.0-x86_64-1.txz: Upgraded. kde/kservice-5.90.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.90.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.90.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.90.0-x86_64-1.txz: Upgraded. kde/kwallet-5.90.0-x86_64-1.txz: Upgraded. kde/kwayland-5.90.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.90.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.90.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.90.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.90.0-x86_64-1.txz: Upgraded. kde/latte-dock-0.10.7-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.90.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.90.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.90.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.90.0-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.23.5-x86_64-2.txz: Rebuilt. [PATCH] [libtaskmanager] Increase buffer for pipewire format negotiation. Thanks to ZhaoLin1457. [PATCH] runners/shell: Port from KToolInvocation::invokeTerminal to KTerminalLauncherJob. Thanks to gmgf. kde/prison-5.90.0-x86_64-1.txz: Upgraded. kde/purpose-5.90.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.90.0-x86_64-1.txz: Upgraded. kde/solid-5.90.0-x86_64-1.txz: Upgraded. kde/sonnet-5.90.0-x86_64-1.txz: Upgraded. kde/syndication-5.90.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.90.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.90.0-x86_64-1.txz: Upgraded. l/SDL2-2.0.20-x86_64-1.txz: Upgraded. l/SDL2_ttf-2.0.18-x86_64-1.txz: Upgraded. l/libsigsegv-2.14-x86_64-1.txz: Upgraded. l/pango-1.48.11-x86_64-1.txz: Upgraded. l/python-urllib3-1.26.8-x86_64-1.txz: Upgraded. n/getmail-6.18.6-x86_64-1.txz: Upgraded. n/iproute2-5.16.0-x86_64-1.txz: Upgraded. n/metamail-2.7-x86_64-10.txz: Rebuilt. Fixed misnamed mimencode man page. Thanks to mbeninca. n/mtr-0.95-x86_64-1.txz: Upgraded. n/socat-1.7.4.3-x86_64-1.txz: Upgraded. xap/freerdp-2.5.0-x86_64-1.txz: Upgraded. xap/gnuplot-5.4.3-x86_64-1.txz: Upgraded. xap/mozilla-firefox-91.5.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/91.5.0/releasenotes/ https://www.mozilla.org/security/advisories/mfsa2022-02/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751 (* Security fix ) xap/mozilla-thunderbird-91.5.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.5.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22741 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22738 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22737 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22748 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22747 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22739 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22751 ( Security fix ) xap/vim-gvim-8.2.4065-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Fri Jan 7 06:03:52 UTC 202220220107060352	Patrick J Volkerding	2022-01-07	1	-1/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/kernel-firmware-20220106_4aa2c65-noarch-1.txz: Upgraded. a/tcsh-6.23.02-x86_64-1.txz: Upgraded. ap/sqlite-3.37.2-x86_64-1.txz: Upgraded. ap/vim-8.2.4018-x86_64-1.txz: Upgraded. d/mercurial-6.0.1-x86_64-1.txz: Upgraded. kde/akonadi-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-calendar-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-calendar-tools-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-contacts-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-import-wizard-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-mime-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-notes-21.12.1-x86_64-1.txz: Upgraded. kde/akonadi-search-21.12.1-x86_64-1.txz: Upgraded. kde/akonadiconsole-21.12.1-x86_64-1.txz: Upgraded. kde/akregator-21.12.1-x86_64-1.txz: Upgraded. kde/analitza-21.12.1-x86_64-1.txz: Upgraded. kde/ark-21.12.1-x86_64-1.txz: Upgraded. kde/artikulate-21.12.1-x86_64-1.txz: Upgraded. kde/audiocd-kio-21.12.1-x86_64-1.txz: Upgraded. kde/baloo-widgets-21.12.1-x86_64-1.txz: Upgraded. kde/blinken-21.12.1-x86_64-1.txz: Upgraded. kde/bomber-21.12.1-x86_64-1.txz: Upgraded. kde/bovo-21.12.1-x86_64-1.txz: Upgraded. kde/calendarsupport-21.12.1-x86_64-1.txz: Upgraded. kde/cantor-21.12.1-x86_64-1.txz: Upgraded. kde/cervisia-21.12.1-x86_64-1.txz: Upgraded. kde/dolphin-21.12.1-x86_64-1.txz: Upgraded. kde/dolphin-plugins-21.12.1-x86_64-1.txz: Upgraded. kde/dragon-21.12.1-x86_64-1.txz: Upgraded. kde/elisa-21.12.1-x86_64-1.txz: Upgraded. kde/eventviews-21.12.1-x86_64-1.txz: Upgraded. kde/ffmpegthumbs-21.12.1-x86_64-1.txz: Upgraded. kde/filelight-21.12.1-x86_64-1.txz: Upgraded. kde/granatier-21.12.1-x86_64-1.txz: Upgraded. kde/grantlee-editor-21.12.1-x86_64-1.txz: Upgraded. kde/grantleetheme-21.12.1-x86_64-1.txz: Upgraded. kde/gwenview-21.12.1-x86_64-1.txz: Upgraded. kde/incidenceeditor-21.12.1-x86_64-1.txz: Upgraded. kde/itinerary-21.12.1-x86_64-1.txz: Upgraded. kde/juk-21.12.1-x86_64-1.txz: Upgraded. kde/k3b-21.12.1-x86_64-1.txz: Upgraded. kde/kaddressbook-21.12.1-x86_64-1.txz: Upgraded. kde/kalarm-21.12.1-x86_64-1.txz: Upgraded. kde/kalarmcal-21.12.1-x86_64-1.txz: Upgraded. kde/kalgebra-21.12.1-x86_64-1.txz: Upgraded. kde/kalzium-21.12.1-x86_64-1.txz: Upgraded. kde/kamera-21.12.1-x86_64-1.txz: Upgraded. kde/kamoso-21.12.1-x86_64-1.txz: Upgraded. kde/kanagram-21.12.1-x86_64-1.txz: Upgraded. kde/kapman-21.12.1-x86_64-1.txz: Upgraded. kde/kapptemplate-21.12.1-x86_64-1.txz: Upgraded. kde/kate-21.12.1-x86_64-1.txz: Upgraded. kde/katomic-21.12.1-x86_64-1.txz: Upgraded. kde/kbackup-21.12.1-x86_64-1.txz: Upgraded. kde/kblackbox-21.12.1-x86_64-1.txz: Upgraded. kde/kblocks-21.12.1-x86_64-1.txz: Upgraded. kde/kbounce-21.12.1-x86_64-1.txz: Upgraded. kde/kbreakout-21.12.1-x86_64-1.txz: Upgraded. kde/kbruch-21.12.1-x86_64-1.txz: Upgraded. kde/kcachegrind-21.12.1-x86_64-1.txz: Upgraded. kde/kcalc-21.12.1-x86_64-1.txz: Upgraded. kde/kcalutils-21.12.1-x86_64-1.txz: Upgraded. kde/kcharselect-21.12.1-x86_64-1.txz: Upgraded. kde/kcolorchooser-21.12.1-x86_64-1.txz: Upgraded. kde/kcron-21.12.1-x86_64-1.txz: Upgraded. kde/kde-dev-scripts-21.12.1-x86_64-1.txz: Upgraded. kde/kde-dev-utils-21.12.1-x86_64-1.txz: Upgraded. kde/kdebugsettings-21.12.1-x86_64-1.txz: Upgraded. kde/kdeconnect-kde-21.12.1-x86_64-1.txz: Upgraded. kde/kdeedu-data-21.12.1-x86_64-1.txz: Upgraded. kde/kdegraphics-mobipocket-21.12.1-x86_64-1.txz: Upgraded. kde/kdegraphics-thumbnailers-21.12.1-x86_64-1.txz: Upgraded. kde/kdenetwork-filesharing-21.12.1-x86_64-1.txz: Upgraded. kde/kdenlive-21.12.1-x86_64-1.txz: Upgraded. kde/kdepim-addons-21.12.1-x86_64-1.txz: Upgraded. kde/kdepim-runtime-21.12.1-x86_64-1.txz: Upgraded. kde/kdesdk-kioslaves-21.12.1-x86_64-1.txz: Upgraded. kde/kdesdk-thumbnailers-21.12.1-x86_64-1.txz: Upgraded. kde/kdev-php-21.12.1-x86_64-1.txz: Upgraded. kde/kdev-python-21.12.1-x86_64-1.txz: Upgraded. kde/kdevelop-21.12.1-x86_64-1.txz: Upgraded. kde/kdf-21.12.1-x86_64-1.txz: Upgraded. kde/kdialog-21.12.1-x86_64-1.txz: Upgraded. kde/kdiamond-21.12.1-x86_64-1.txz: Upgraded. kde/keditbookmarks-21.12.1-x86_64-1.txz: Upgraded. kde/kfind-21.12.1-x86_64-1.txz: Upgraded. kde/kfloppy-21.12.1-x86_64-1.txz: Upgraded. kde/kfourinline-21.12.1-x86_64-1.txz: Upgraded. kde/kgeography-21.12.1-x86_64-1.txz: Upgraded. kde/kget-21.12.1-x86_64-1.txz: Upgraded. kde/kgoldrunner-21.12.1-x86_64-1.txz: Upgraded. kde/kgpg-21.12.1-x86_64-1.txz: Upgraded. kde/khangman-21.12.1-x86_64-1.txz: Upgraded. kde/khelpcenter-21.12.1-x86_64-1.txz: Upgraded. kde/kidentitymanagement-21.12.1-x86_64-1.txz: Upgraded. kde/kig-21.12.1-x86_64-1.txz: Upgraded. kde/kigo-21.12.1-x86_64-1.txz: Upgraded. kde/killbots-21.12.1-x86_64-1.txz: Upgraded. kde/kimagemapeditor-21.12.1-x86_64-1.txz: Upgraded. kde/kimap-21.12.1-x86_64-1.txz: Upgraded. kde/kio-extras-21.12.1-x86_64-1.txz: Upgraded. kde/kio-gdrive-21.12.1-x86_64-1.txz: Upgraded. kde/kipi-plugins-21.12.1-x86_64-1.txz: Upgraded. kde/kirigami-gallery-21.12.1-x86_64-1.txz: Upgraded. kde/kiriki-21.12.1-x86_64-1.txz: Upgraded. kde/kiten-21.12.1-x86_64-1.txz: Upgraded. kde/kitinerary-21.12.1-x86_64-1.txz: Upgraded. kde/kjumpingcube-21.12.1-x86_64-1.txz: Upgraded. kde/kldap-21.12.1-x86_64-1.txz: Upgraded. kde/kleopatra-21.12.1-x86_64-1.txz: Upgraded. kde/klickety-21.12.1-x86_64-1.txz: Upgraded. kde/klines-21.12.1-x86_64-1.txz: Upgraded. kde/kmag-21.12.1-x86_64-1.txz: Upgraded. kde/kmahjongg-21.12.1-x86_64-1.txz: Upgraded. kde/kmail-21.12.1-x86_64-1.txz: Upgraded. kde/kmail-account-wizard-21.12.1-x86_64-1.txz: Upgraded. kde/kmailtransport-21.12.1-x86_64-1.txz: Upgraded. kde/kmbox-21.12.1-x86_64-1.txz: Upgraded. kde/kmime-21.12.1-x86_64-1.txz: Upgraded. kde/kmines-21.12.1-x86_64-1.txz: Upgraded. kde/kmix-21.12.1-x86_64-1.txz: Upgraded. kde/kmousetool-21.12.1-x86_64-1.txz: Upgraded. kde/kmouth-21.12.1-x86_64-1.txz: Upgraded. kde/kmplot-21.12.1-x86_64-1.txz: Upgraded. kde/knavalbattle-21.12.1-x86_64-1.txz: Upgraded. kde/knetwalk-21.12.1-x86_64-1.txz: Upgraded. kde/knights-21.12.1-x86_64-1.txz: Upgraded. kde/knotes-21.12.1-x86_64-1.txz: Upgraded. kde/kolf-21.12.1-x86_64-1.txz: Upgraded. kde/kollision-21.12.1-x86_64-1.txz: Upgraded. kde/kolourpaint-21.12.1-x86_64-1.txz: Upgraded. kde/kompare-21.12.1-x86_64-1.txz: Upgraded. kde/konqueror-21.12.1-x86_64-1.txz: Upgraded. kde/konquest-21.12.1-x86_64-1.txz: Upgraded. kde/konsole-21.12.1-x86_64-1.txz: Upgraded. kde/kontact-21.12.1-x86_64-1.txz: Upgraded. kde/kontactinterface-21.12.1-x86_64-1.txz: Upgraded. kde/kontrast-21.12.1-x86_64-1.txz: Upgraded. kde/konversation-21.12.1-x86_64-1.txz: Upgraded. kde/kopeninghours-21.12.1-x86_64-1.txz: Upgraded. kde/kopete-21.12.1-x86_64-1.txz: Upgraded. kde/korganizer-21.12.1-x86_64-1.txz: Upgraded. kde/kosmindoormap-21.12.1-x86_64-1.txz: Upgraded. kde/kpat-21.12.1-x86_64-1.txz: Upgraded. kde/kpimtextedit-21.12.1-x86_64-1.txz: Upgraded. kde/kpkpass-21.12.1-x86_64-1.txz: Upgraded. kde/kpmcore-21.12.1-x86_64-1.txz: Upgraded. kde/kpublictransport-21.12.1-x86_64-1.txz: Upgraded. kde/kqtquickcharts-21.12.1-x86_64-1.txz: Upgraded. kde/krdc-21.12.1-x86_64-1.txz: Upgraded. kde/kreversi-21.12.1-x86_64-1.txz: Upgraded. kde/krfb-21.12.1-x86_64-1.txz: Upgraded. kde/krita-5.0.2-x86_64-1.txz: Upgraded. kde/kross-interpreters-21.12.1-x86_64-1.txz: Upgraded. kde/kruler-21.12.1-x86_64-1.txz: Upgraded. kde/kshisen-21.12.1-x86_64-1.txz: Upgraded. kde/ksirk-21.12.1-x86_64-1.txz: Upgraded. kde/ksmtp-21.12.1-x86_64-1.txz: Upgraded. kde/ksnakeduel-21.12.1-x86_64-1.txz: Upgraded. kde/kspaceduel-21.12.1-x86_64-1.txz: Upgraded. kde/ksquares-21.12.1-x86_64-1.txz: Upgraded. kde/ksudoku-21.12.1-x86_64-1.txz: Upgraded. kde/ksystemlog-21.12.1-x86_64-1.txz: Upgraded. kde/kteatime-21.12.1-x86_64-1.txz: Upgraded. kde/ktimer-21.12.1-x86_64-1.txz: Upgraded. kde/ktnef-21.12.1-x86_64-1.txz: Upgraded. kde/ktorrent-21.12.1-x86_64-1.txz: Upgraded. kde/ktouch-21.12.1-x86_64-1.txz: Upgraded. kde/kturtle-21.12.1-x86_64-1.txz: Upgraded. kde/kubrick-21.12.1-x86_64-1.txz: Upgraded. kde/kwalletmanager-21.12.1-x86_64-1.txz: Upgraded. kde/kwave-21.12.1-x86_64-1.txz: Upgraded. kde/kwordquiz-21.12.1-x86_64-1.txz: Upgraded. kde/libgravatar-21.12.1-x86_64-1.txz: Upgraded. kde/libkcddb-21.12.1-x86_64-1.txz: Upgraded. kde/libkcompactdisc-21.12.1-x86_64-1.txz: Upgraded. kde/libkdcraw-21.12.1-x86_64-1.txz: Upgraded. kde/libkdegames-21.12.1-x86_64-1.txz: Upgraded. kde/libkdepim-21.12.1-x86_64-1.txz: Upgraded. kde/libkeduvocdocument-21.12.1-x86_64-1.txz: Upgraded. kde/libkexiv2-21.12.1-x86_64-1.txz: Upgraded. kde/libkgapi-21.12.1-x86_64-1.txz: Upgraded. kde/libkipi-21.12.1-x86_64-1.txz: Upgraded. kde/libkleo-21.12.1-x86_64-1.txz: Upgraded. kde/libkmahjongg-21.12.1-x86_64-1.txz: Upgraded. kde/libkomparediff2-21.12.1-x86_64-1.txz: Upgraded. kde/libksane-21.12.1-x86_64-1.txz: Upgraded. kde/libksieve-21.12.1-x86_64-1.txz: Upgraded. kde/libktorrent-21.12.1-x86_64-1.txz: Upgraded. kde/lokalize-21.12.1-x86_64-1.txz: Upgraded. kde/lskat-21.12.1-x86_64-1.txz: Upgraded. kde/mailcommon-21.12.1-x86_64-1.txz: Upgraded. kde/mailimporter-21.12.1-x86_64-1.txz: Upgraded. kde/marble-21.12.1-x86_64-1.txz: Upgraded. kde/markdownpart-21.12.1-x86_64-1.txz: Upgraded. kde/mbox-importer-21.12.1-x86_64-1.txz: Upgraded. kde/messagelib-21.12.1-x86_64-1.txz: Upgraded. kde/minuet-21.12.1-x86_64-1.txz: Upgraded. kde/okular-21.12.1-x86_64-1.txz: Upgraded. kde/palapeli-21.12.1-x86_64-1.txz: Upgraded. kde/parley-21.12.1-x86_64-1.txz: Upgraded. kde/partitionmanager-21.12.1-x86_64-1.txz: Upgraded. kde/picmi-21.12.1-x86_64-1.txz: Upgraded. kde/pim-data-exporter-21.12.1-x86_64-1.txz: Upgraded. kde/pim-sieve-editor-21.12.1-x86_64-1.txz: Upgraded. kde/pimcommon-21.12.1-x86_64-1.txz: Upgraded. kde/poxml-21.12.1-x86_64-1.txz: Upgraded. kde/print-manager-21.12.1-x86_64-1.txz: Upgraded. kde/rocs-21.12.1-x86_64-1.txz: Upgraded. kde/skanlite-21.12.1-x86_64-1.txz: Upgraded. kde/spectacle-21.12.1-x86_64-1.txz: Upgraded. kde/step-21.12.1-x86_64-1.txz: Upgraded. kde/svgpart-21.12.1-x86_64-1.txz: Upgraded. kde/sweeper-21.12.1-x86_64-1.txz: Upgraded. kde/umbrello-21.12.1-x86_64-1.txz: Upgraded. kde/yakuake-21.12.1-x86_64-1.txz: Upgraded. kde/zanshin-21.12.1-x86_64-1.txz: Upgraded. kde/zeroconf-ioslave-21.12.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.74-x86_64-1.txz: Upgraded. l/readline-8.1.002-x86_64-1.txz: Upgraded. n/bluez-5.63-x86_64-1.txz: Upgraded. xap/vim-gvim-8.2.4018-x86_64-1.txz: Upgraded.
*	Wed Jan 5 20:09:37 UTC 202220220105200937	Patrick J Volkerding	2022-01-06	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/aaa_libraries-15.0-x86_64-12.txz: Rebuilt. Upgraded: libcap.so.2.62, libelf-0.186.so, libzstd.so.1.5.1, libcares.so.2.5.1, libexpat.so.1.8.2, libglib-2.0.so.0.7000.2, libgmodule-2.0.so.0.7000.2, libgobject-2.0.so.0.7000.2, libgthread-2.0.so.0.7000.2, libpcre2-8.so.0.10.4. Added: libunwind.so.8.0.1 (thanks to Jeebizz). a/kernel-generic-5.15.13-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.13-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.13-x86_64-1.txz: Upgraded. d/doxygen-1.9.3-x86_64-2.txz: Rebuilt. Fix manpage versions, build and install docs. Thanks to duncan_roe. d/kernel-headers-5.15.13-x86-1.txz: Upgraded. k/kernel-source-5.15.13-noarch-1.txz: Upgraded. l/libuv-1.43.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.43-x86_64-1.txz: Upgraded. Remove redundant .sample files on package upgrade. When disabling pipewire, toss the .desktop files and keep the .sample files if both exist. Added missing X-KDE-autostart-phase=1 to pipewire-pulse.desktop.sample. Thanks to ZhaoLin1457. n/curl-7.81.0-x86_64-1.txz: Upgraded. x/fcitx-qt5-1.2.7-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Tue Jan 4 22:51:41 UTC 202220220104225141	Patrick J Volkerding	2022-01-05	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/bash-5.1.016-x86_64-1.txz: Upgraded. a/haveged-1.9.16-x86_64-1.txz: Upgraded. a/hwdata-0.355-noarch-1.txz: Upgraded. ap/gphoto2-2.5.28-x86_64-1.txz: Upgraded. kde/bluedevil-5.23.5-x86_64-1.txz: Upgraded. kde/breeze-5.23.5-x86_64-1.txz: Upgraded. kde/breeze-grub-5.23.5-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.23.5-x86_64-1.txz: Upgraded. kde/drkonqi-5.23.5-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.23.5-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.23.5-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.23.5-x86_64-1.txz: Upgraded. kde/kdecoration-5.23.5-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.23.5-x86_64-1.txz: Upgraded. kde/kgamma5-5.23.5-x86_64-1.txz: Upgraded. kde/khotkeys-5.23.5-x86_64-1.txz: Upgraded. kde/kinfocenter-5.23.5-x86_64-1.txz: Upgraded. kde/kmenuedit-5.23.5-x86_64-1.txz: Upgraded. kde/konsole-21.12.0-x86_64-2.txz: Rebuilt. Applied upstream patch: [PATCH] Use tighter matching when finding the default profile file name. Thanks to alienBOB. kde/kscreen-5.23.5-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.23.5-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.23.5-x86_64-1.txz: Upgraded. kde/ksystemstats-5.23.5-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.23.5-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.23.5-x86_64-1.txz: Upgraded. kde/kwayland-server-5.23.5-x86_64-1.txz: Upgraded. kde/kwin-5.23.5-x86_64-1.txz: Upgraded. kde/kwrited-5.23.5-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.23.5-x86_64-1.txz: Upgraded. kde/libkscreen-5.23.5-x86_64-1.txz: Upgraded. kde/libksysguard-5.23.5-x86_64-1.txz: Upgraded. kde/milou-5.23.5-x86_64-1.txz: Upgraded. kde/oxygen-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-browser-integration-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-disks-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-integration-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-nm-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-pa-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-vault-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.23.5-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.23.5-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.23.5-x86_64-1.txz: Upgraded. kde/powerdevil-5.23.5-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.23.5-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.23.5-x86_64-1.txz: Upgraded. kde/systemsettings-5.23.5-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.23.5-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_19-x86_64-2.txz: Rebuilt. It seems that even with --enable-opencl, ImageMagick has disabled OpenCL support by default unless the environment variable MAGICK_OCL_DEVICE=true is set, so there should be no harm enabling this feature again. Thanks to denydias. l/iso-codes-4.9.0-noarch-1.txz: Upgraded. l/libgphoto2-2.5.28-x86_64-1.txz: Upgraded. l/pipewire-0.3.42-x86_64-2.txz: Rebuilt. Added sample startup files in /etc/xdg/autostart. Thanks to stormtracknole. Added scripts (pipewire-enable.sh, pipewire-disable.sh) to setup pipewire as the default multimedia server, or to disable it and return to pulseaudio as the default. Thanks to stormtracknole and LuckyCyborg for many useful tips. l/pulseaudio-15.0-x86_64-4.txz: Rebuilt. Install pulseaudio.desktop as a .new file so that future package updates won't overwrite custom content. n/whois-5.5.11-x86_64-1.txz: Upgraded. n/yptools-4.2.3-x86_64-5.txz: Rebuilt. Fixed ypcat installation. Thanks to Stuart Winter. x/libdrm-2.4.109-x86_64-1.txz: Upgraded. x/xdg-desktop-portal-1.12.1-x86_64-1.txz: Upgraded. x/xf86-video-vmware-13.3.0-x86_64-6.txz: Rebuilt. Patched to build against libdrm-2.4.109. Thanks to gmgf.
*	Wed Dec 29 02:42:32 UTC 202120211229024232	Patrick J Volkerding	2021-12-29	1	-0/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	l/libgsf-1.14.48-x86_64-1.txz: Upgraded. l/netpbm-10.97.00-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.9-x86_64-8.txz: Rebuilt. This update fixes the following security issues: AP mode PMF disconnection protection bypass. UPnP SUBSCRIBE misbehavior in hostapd WPS AP. P2P group information processing vulnerability. P2P provision discovery processing vulnerability. ASN.1: Validate DigestAlgorithmIdentifier parameters. Flush pending control interface message for an interface to be removed. These issues could result in a denial-of-service, privilege escalation, arbitrary code execution, or other unexpected behavior. Thanks to nobodino for pointing out the patches. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0535 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004 (* Security fix ) xap/seamonkey-2.53.10.2-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.10.2 ( Security fix *)
*	Mon Dec 27 23:06:00 UTC 202120211227230600	Patrick J Volkerding	2021-12-28	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The --enable-systemd-logind change to xorg-server that caused resume from suspend regressions (and others) has been reverted, and in retrospect it was a bad idea to take it at that point, but it had appeared as if it wouldn't cause problems in the case where Xorg was running as root. Oh well, lesson learned. But the build script has been enhanced to make it easy to build rootless versions of the xorg-server packages. Just do this: ROOTLESSX=YES ./x11.SlackBuild xserver xorg-server Depending on your GPU, this could work for your use case with no problems. Also, I've gone ahead and taken a couple of shared library version bumps since the projects (opencv and poppler) have decent track records as far as not introducing regressions, and if there are any, we've got time to test and fix. I'm still avoiding some things that aren't as trusted in that regard, and will likely continue to do so. :-) ap/cups-filters-1.28.10-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/ark-21.12.0-x86_64-2.txz: Rebuilt. Applied upstream patches: [PATCH] Fix extraction "Dolphin Actions" not abiding "Open destination folder after extracting" setting. [PATCH] Do not highlight file after compression. Thanks to ctrlaltca. kde/calligra-3.2.1-x86_64-15.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/cantor-21.12.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/digikam-7.4.0-x86_64-2.txz: Rebuilt. Recompiled against opencv-4.5.5. kde/kfilemetadata-5.89.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/kile-2.9.93-x86_64-15.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/kitinerary-21.12.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/krita-5.0.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. kde/okular-21.12.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. l/gegl-0.4.34-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. l/gst-plugins-bad-free-1.18.5-x86_64-3.txz: Rebuilt. Recompiled against opencv-4.5.5. l/imagemagick-7.1.0_19-x86_64-1.txz: Upgraded. l/mlt-7.4.0-x86_64-1.txz: Upgraded. l/opencv-4.5.5-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/poppler-21.12.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/fetchmail-6.4.26-x86_64-1.txz: Upgraded. n/tin-2.6.1-x86_64-1.txz: Upgraded. x/ibus-anthy-1.5.14-x86_64-1.txz: Upgraded. x/xorg-server-1.20.14-x86_64-2.txz: Rebuilt. Recompiled using these options: --enable-suid-wrapper --enable-install-setuid --disable-systemd-logind. x/xorg-server-xephyr-1.20.14-x86_64-2.txz: Rebuilt. x/xorg-server-xnest-1.20.14-x86_64-2.txz: Rebuilt. x/xorg-server-xvfb-1.20.14-x86_64-2.txz: Rebuilt. xap/geeqie-1.6-x86_64-4.txz: Rebuilt. Recompiled against poppler-21.12.0. xap/gimp-2.10.30-x86_64-2.txz: Rebuilt. Recompiled against poppler-21.12.0. xfce/tumbler-4.16.0-x86_64-4.txz: Rebuilt. Recompiled against poppler-21.12.0. extra/rust-for-mozilla/rust-1.54.0-x86_64-3.txz: Added. This is an alternate version of Rust that may be useful for compiling software from Mozilla since using the very latest Rust often won't compile, or produces an unstable build.
*	Thu Dec 16 21:34:10 UTC 202120211216213410	Patrick J Volkerding	2021-12-17	1	-4/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/kernel-firmware-20211216_f682ecb-noarch-1.txz: Upgraded. a/kernel-generic-5.15.9-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.9-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.9-x86_64-1.txz: Upgraded. a/openssl-solibs-1.1.1m-x86_64-1.txz: Upgraded. ap/inxi-3.3.10_1-noarch-1.txz: Upgraded. Thanks to h2-1. d/kernel-headers-5.15.9-x86-1.txz: Upgraded. d/vala-0.54.5-x86_64-1.txz: Upgraded. k/kernel-source-5.15.9-noarch-1.txz: Upgraded. SUNRPC_DEBUG n -> y +NFS_DEBUG y Thanks to bassmadrigal. kde/latte-dock-0.10.5-x86_64-1.txz: Upgraded. l/mozilla-nss-3.73.1-x86_64-1.txz: Upgraded. l/pipewire-0.3.42-x86_64-1.txz: Upgraded. n/iputils-20211215-x86_64-1.txz: Upgraded. n/openssl-1.1.1m-x86_64-1.txz: Upgraded. n/php-7.4.27-x86_64-1.txz: Upgraded. x/xorg-server-1.20.14-x86_64-1.txz: Upgraded. Built using --enable-systemd-logind to use elogind for device setup. Some code changes would be required in xorg-server, xinit, and various login managers to make rootless X work out of the box or to fall back in cases where elogind isn't supported, and those changes aren't appropriate here in the RC stage, but you can try it without recompiling: chmod 755 /usr/libexec/Xorg* Thanks to LuckyCyborg. x/xorg-server-xephyr-1.20.14-x86_64-1.txz: Upgraded. x/xorg-server-xnest-1.20.14-x86_64-1.txz: Upgraded. x/xorg-server-xvfb-1.20.14-x86_64-1.txz: Upgraded. xap/mozilla-firefox-91.4.1esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/91.4.1/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Wed Dec 15 04:34:02 UTC 202120211215043402	Patrick J Volkerding	2021-12-15	1	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	a/dialog-1.3_20211214-x86_64-1.txz: Upgraded. a/kernel-generic-5.15.8-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.8-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.8-x86_64-1.txz: Upgraded. a/sysvinit-3.01-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.8-x86-1.txz: Upgraded. d/patchelf-0.14.3-x86_64-1.txz: Upgraded. k/kernel-source-5.15.8-noarch-1.txz: Upgraded. l/oniguruma-6.9.7.1-x86_64-1.txz: Upgraded. l/pipewire-0.3.41-x86_64-1.txz: Upgraded. x/libinput-1.19.3-x86_64-1.txz: Upgraded. x/xorg-server-1.20.13-x86_64-2.txz: Rebuilt. Fixes for multiple input validation failures in X server extensions: render: Fix out of bounds access in SProcRenderCompositeGlyphs() xfixes: Fix out of bounds access in ProcXFixesCreatePointerBarrier() Xext: Fix out of bounds access in SProcScreenSaverSuspend() record: Fix out of bounds access in SwapCreateRegister() For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011 ( Security fix ) x/xorg-server-xephyr-1.20.13-x86_64-2.txz: Rebuilt. x/xorg-server-xnest-1.20.13-x86_64-2.txz: Rebuilt. x/xorg-server-xvfb-1.20.13-x86_64-2.txz: Rebuilt. x/xorg-server-xwayland-21.1.4-x86_64-1.txz: Upgraded. Fixes for multiple input validation failures in X server extensions: render: Fix out of bounds access in SProcRenderCompositeGlyphs() xfixes: Fix out of bounds access in ProcXFixesCreatePointerBarrier() Xext: Fix out of bounds access in SProcScreenSaverSuspend() record: Fix out of bounds access in SwapCreateRegister() For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011 (* Security fix ) xap/xsnow-3.4.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
*	Mon Dec 13 20:10:04 UTC 202120211213201004	Patrick J Volkerding	2021-12-14	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \|	ap/slackpkg-15.0.9-noarch-1.txz: Upgraded. files/mirrors-x86: Remove bad mirrors from list (Emmet Ford) Automatically rebuild package lists if missing (Piter PUNK) xap/seamonkey-2.53.10.1-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.10.1 ( Security fix *) xap/xsnow-3.4.0-x86_64-1.txz: Upgraded.
*	Sat Dec 11 20:02:51 UTC 202120211211200251	Patrick J Volkerding	2021-12-12	1	-0/+1
\| \| \| \| \| \| \|	kde/kdepim-runtime-21.12.0-x86_64-2.txz: Rebuilt. Applied upstream patch: [PATCH] POP3: Fix SSL/TLS connections Thanks to gmgf.