| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Wed May 22 18:57:13 UTC 2024...a/e2fsprogs-1.47.1-x86_64-1.txz: Upgraded.
a/iniparser-4.2.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/ndctl-79-x86_64-2.txz: Rebuilt.
Recompiled against iniparser-4.2.2.
d/python-setuptools-70.0.0-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-39.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/cantor-23.08.5-x86_64-6.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/kfilemetadata-5.116.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/kile-2.9.93-x86_64-33.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/kitinerary-23.08.5-x86_64-4.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/krita-5.2.2-x86_64-9.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/okular-23.08.5-x86_64-4.txz: Rebuilt.
Recompiled against poppler-24.05.0.
kde/qqc2-desktop-style-5.116.1-x86_64-1.txz: Upgraded.
l/hicolor-icon-theme-0.18-noarch-1.txz: Upgraded.
l/libcupsfilters-2.0.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-24.05.0.
l/lmdb-0.9.33-x86_64-1.txz: Upgraded.
l/poppler-24.05.0-x86_64-1.txz: Upgraded.
This seems to require C++20 now...
Shared library .so-version bump.
l/python-requests-2.32.1-x86_64-1.txz: Upgraded.
l/qt6-6.7.1_20240516_6977d02f-x86_64-1.txz: Upgraded.
n/curl-8.8.0-x86_64-1.txz: Upgraded.
n/openldap-2.6.8-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-24.1.0-x86_64-1.txz: Upgraded.
Thanks to marav for the patch.
20240522185713 |   Patrick J Volkerding | 2024-05-22 | 1 | -1/+1 |
| * | Tue Jan 30 22:01:28 UTC 2024...a/lzip-1.24-x86_64-1.txz: Upgraded.
a/openssl-solibs-3.2.1-x86_64-1.txz: Upgraded.
ap/alsa-utils-1.2.11-x86_64-1.txz: Upgraded.
ap/sqlite-3.45.1-x86_64-1.txz: Upgraded.
d/binutils-2.42-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/cmake-3.28.2-x86_64-1.txz: Upgraded.
d/oprofile-1.4.0-x86_64-13.txz: Rebuilt.
Recompiled against binutils-2.42.
d/strace-6.7-x86_64-1.txz: Upgraded.
kde/digikam-8.2.0-x86_64-5.txz: Rebuilt.
Recompiled against libpng-1.6.42.
l/alsa-lib-1.2.11-x86_64-1.txz: Upgraded.
l/libpng-1.6.42-x86_64-1.txz: Upgraded.
Fixed the implementation of the macro function png_check_sig().
This was an API regression, introduced in libpng-1.6.41.
Reported by Matthieu Darbois.
l/lmdb-0.9.32-x86_64-1.txz: Upgraded.
l/neon-0.33.0-x86_64-1.txz: Upgraded.
l/opencv-4.9.0-x86_64-3.txz: Rebuilt.
Recompiled against libpng-1.6.42.
l/qt5-5.15.12_20240103_b8fd1448-x86_64-4.txz: Rebuilt.
Recompiled against libpng-1.6.42.
l/talloc-2.4.2-x86_64-1.txz: Upgraded.
l/tdb-1.4.10-x86_64-1.txz: Upgraded.
l/tevent-0.16.1-x86_64-1.txz: Upgraded.
n/openldap-2.6.7-x86_64-1.txz: Upgraded.
n/openssl-3.2.1-x86_64-1.txz: Upgraded.
This update fixes possible denial-of-service security issues:
A file in PKCS12 format can contain certificates and keys and may come from
an untrusted source. The PKCS12 specification allows certain fields to be
NULL, but OpenSSL did not correctly check for this case. A fix has been
applied to prevent a NULL pointer dereference that results in OpenSSL
crashing. If an application processes PKCS12 files from an untrusted source
using the OpenSSL APIs then that application will be vulnerable to this
issue prior to this fix.
OpenSSL APIs that were vulnerable to this are: PKCS12_parse(),
PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()
and PKCS12_newpass().
When function EVP_PKEY_public_check() is called on RSA public keys,
a computation is done to confirm that the RSA modulus, n, is composite.
For valid RSA keys, n is a product of two or more large primes and this
computation completes quickly. However, if n is an overly large prime,
then this computation would take a long time.
An application that calls EVP_PKEY_public_check() and supplies an RSA key
obtained from an untrusted source could be vulnerable to a Denial of Service
attack.
The function EVP_PKEY_public_check() is not called from other OpenSSL
functions however it is called from the OpenSSL pkey command line
application. For that reason that application is also vulnerable if used
with the "-pubin" and "-check" options on untrusted data.
To resolve this issue RSA keys larger than OPENSSL_RSA_MAX_MODULUS_BITS will
now fail the check immediately with an RSA_R_MODULUS_TOO_LARGE error reason.
Fix excessive time spent in DH check / generation with large Q parameter
value.
Applications that use the functions DH_generate_key() to generate an
X9.42 DH key may experience long delays. Likewise, applications that use
DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()
to check an X9.42 DH key or X9.42 DH parameters may experience long delays.
Where the key or parameters that are being checked have been obtained from
an untrusted source this may lead to a Denial of Service.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-0727
https://www.cve.org/CVERecord?id=CVE-2023-6237
https://www.cve.org/CVERecord?id=CVE-2023-5678
(* Security fix *)
xap/MPlayer-20240130-x86_64-1.txz: Upgraded.
Fixed build script to exit on errors.
Patched to build against gettext-0.22.4.
Thanks to Matteo Bernardini.
xap/xine-lib-1.2.13-x86_64-7.txz: Rebuilt.
Recompiled against libpng-1.6.42.
20240130220128 | Patrick J Volkerding | 2024-01-30 | 1 | -1/+1 |
| * | Wed Jul 12 20:41:16 UTC 2023...ap/inxi-3.3.28_1-noarch-1.txz: Upgraded.
ap/sudo-1.9.14p1-x86_64-1.txz: Upgraded.
d/rust-1.70.0-x86_64-1.txz: Upgraded.
l/harfbuzz-8.0.1-x86_64-1.txz: Upgraded.
l/lmdb-0.9.31-x86_64-1.txz: Upgraded.
l/pipewire-0.3.74-x86_64-1.txz: Upgraded.
n/krb5-1.21.1-x86_64-1.txz: Upgraded.
Fix potential uninitialized pointer free in kadm5 XDR parsing.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-36054
(* Security fix *)
n/libnftnl-1.2.6-x86_64-1.txz: Upgraded.
n/nghttp2-1.55.0-x86_64-1.txz: Upgraded.
n/openldap-2.6.5-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.1-x86_64-1.txz: Upgraded.
x/xterm-384-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.0.2esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.0.2esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-26/
https://www.cve.org/CVERecord?id=CVE-2023-3600
(* Security fix *)
testing/packages/mozilla-thunderbird-115.0-x86_64-1.txz: Added.
20230712204116 | Patrick J Volkerding | 2023-07-12 | 1 | -1/+1 |
| * | Thu Feb 9 22:39:11 UTC 2023...a/dbus-1.14.6-x86_64-1.txz: Upgraded.
a/kernel-generic-6.1.11-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.11-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.11-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.11-x86-1.txz: Upgraded.
k/kernel-source-6.1.11-noarch-1.txz: Upgraded.
l/freetype-2.13.0-x86_64-1.txz: Upgraded.
l/libjpeg-turbo-2.1.5.1-x86_64-1.txz: Upgraded.
Fix an illegal instruction error on older x86 CPUs.
l/lmdb-0.9.30-x86_64-1.txz: Upgraded.
n/openldap-2.6.4-x86_64-1.txz: Upgraded.
x/libdrm-2.4.115-x86_64-1.txz: Upgraded.
x/mesa-22.3.5-x86_64-1.txz: Upgraded.
xfce/libxfce4ui-4.18.2-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.18.2-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230209223911 | Patrick J Volkerding | 2023-02-10 | 1 | -1/+1 |
| * | Thu Mar 18 04:01:02 UTC 2021...Hope everyone had a fine St. Paddy's day! :-)
a/kernel-generic-5.10.24-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.24-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.24-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.24-x86-1.txz: Upgraded.
d/vala-0.52.0-x86_64-1.txz: Upgraded.
k/kernel-source-5.10.24-noarch-1.txz: Upgraded.
l/harfbuzz-2.8.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.29-x86_64-1.txz: Upgraded.
n/openldap-2.4.58-x86_64-1.txz: Upgraded.
x/xkbcomp-1.4.5-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-5.11.x/kernel-generic-5.11.7-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-headers-5.11.7-x86-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-huge-5.11.7-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-modules-5.11.7-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-source-5.11.7-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20210318040102 | Patrick J Volkerding | 2021-03-18 | 1 | -1/+1 |
| * | Fri Feb 5 21:18:59 UTC 2021...a/udisks2-2.9.2-x86_64-1.txz: Upgraded.
d/ccache-4.2-x86_64-1.txz: Upgraded.
l/fuse3-3.10.2-x86_64-1.txz: Upgraded.
l/glib2-2.66.6-x86_64-1.txz: Upgraded.
l/libcap-2.48-x86_64-1.txz: Upgraded.
l/lmdb-0.9.28-x86_64-1.txz: Upgraded.
l/mozjs78-78.7.1esr-x86_64-1.txz: Upgraded.
l/openal-soft-1.21.1-x86_64-1.txz: Upgraded.
x/xterm-365-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-78.7.1esr-x86_64-1.txz: Upgraded.
This release contains a security fix.
For more information, see:
https://www.mozilla.org/en-US/firefox/78.7.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/#MOZ-2021-0001
(* Security fix *)
xap/mozilla-thunderbird-78.7.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.7.1/releasenotes/
20210205211859 | Patrick J Volkerding | 2021-02-06 | 1 | -1/+1 |
| * | Tue Oct 27 18:30:38 UTC 2020...a/glibc-zoneinfo-2020d-noarch-1.txz: Upgraded.
This package provides the latest timezone updates.
l/gst-plugins-base-1.18.1-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.18.1-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.18.1-x86_64-1.txz: Upgraded.
l/gstreamer-1.18.1-x86_64-1.txz: Upgraded.
l/lmdb-0.9.27-x86_64-1.txz: Upgraded.
n/getmail-6.8-x86_64-1.txz: Upgraded.
n/libnftnl-1.1.8-x86_64-1.txz: Upgraded.
n/nftables-0.9.7-x86_64-1.txz: Upgraded.
n/openldap-2.4.55-x86_64-1.txz: Upgraded.
xap/blueman-2.1.4-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/gst-plugins-good-1.18.1-x86_64-1_alsa.txz: Upgraded.
20201027183038 | Patrick J Volkerding | 2020-10-28 | 1 | -1/+1 |
| * | Wed Aug 12 18:07:02 UTC 2020...ap/nano-5.1-x86_64-1.txz: Upgraded.
d/python-pip-20.2.2-x86_64-1.txz: Upgraded.
l/lmdb-0.9.26-x86_64-1.txz: Upgraded.
n/dovecot-2.3.11.3-x86_64-1.txz: Upgraded.
n/openldap-2.4.51-x86_64-1.txz: Upgraded.
xfce/garcon-0.7.0-x86_64-1.txz: Upgraded.
20200812180702 | Patrick J Volkerding | 2020-08-13 | 1 | -1/+1 |
| * | Mon Aug 3 20:03:30 UTC 2020...a/kernel-firmware-20200803_9bc3789-noarch-1.txz: Upgraded.
d/rust-1.45.2-x86_64-1.txz: Upgraded.
l/babl-0.1.80-x86_64-1.txz: Upgraded.
l/lmdb-0.9.25-x86_64-1.txz: Upgraded.
l/mozjs68-68.11.0esr-x86_64-2.txz: Rebuilt.
Fixed slack-desc. Thanks to USUARIONUEVO.
n/rsync-3.2.3pre1-x86_64-1.txz: Upgraded.
x/libinput-1.16.0-x86_64-1.txz: Upgraded.
20200803200330 | Patrick J Volkerding | 2020-08-04 | 1 | -1/+2 |
| * | Sat Dec 22 04:38:27 UTC 2018...a/coreutils-8.30-x86_64-3.txz: Rebuilt.
Support tmux terms in DIR_COLORS. Thanks to qunying.
a/grep-3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.12-x86_64-1.txz: Upgraded.
a/sed-4.7-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.12-x86-1.txz: Upgraded.
d/rust-1.31.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.12-noarch-1.txz: Upgraded.
l/graphite2-1.3.13-x86_64-1.txz: Upgraded.
l/harfbuzz-2.3.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_19-x86_64-1.txz: Upgraded.
l/lmdb-0.9.23-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.3-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-1.txz: Upgraded.
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)
n/openldap-client-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.9.4-x86_64-1.txz: Upgraded.
x/intel-vaapi-driver-2.3.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20181222043827 | Patrick J Volkerding | 2018-12-22 | 1 | -0/+1 |
Patrick J Volkerding