| * | Thu Apr 2 06:07:52 UTC 2020...a/hwdata-0.334-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.29-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.29-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.29-x86_64-1.txz: Upgraded.
a/pkgtools-15.0-noarch-32.txz: Rebuilt.
installpkg: handle the uninstall script packaged as /install/douninst.sh.
removepkg: add --skip-douninst option to skip running the uninstall script.
Save removed douninst.sh in /var/log/pkgtools/removed_uninstall_scripts.
ap/groff-1.22.4-x86_64-2.txz: Rebuilt.
Fixed docdir. Thanks to Xsane.
d/gcc-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-brig-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-g++-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gdc-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-gfortran-9.3.0-x86_64-2.txz: Rebuilt.
Patched a compiler bug concerning assumed-shape vs. deferred-shape arrays.
Thanks to Lockywolf.
d/gcc-gnat-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-go-9.3.0-x86_64-2.txz: Rebuilt.
d/gcc-objc-9.3.0-x86_64-2.txz: Rebuilt.
d/kernel-headers-5.4.29-x86-1.txz: Upgraded.
d/ruby-2.7.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Unsafe Object Creation Vulnerability in JSON (Additional fix).
Heap exposure vulnerability in the socket library.
For more information, see:
https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10663
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10933
(* Security fix *)
k/kernel-source-5.4.29-noarch-1.txz: Upgraded.
l/graphite2-1.3.14-x86_64-1.txz: Upgraded.
l/librsvg-2.48.2-x86_64-1.txz: Upgraded.
l/utf8proc-2.5.0-x86_64-1.txz: Upgraded.
x/libva-2.7.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.7.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200402060752 |   Patrick J Volkerding | 2020-04-02 | 1 | -0/+40 |
Patrick J Volkerding