| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Mon Oct 16 17:03:35 UTC 2023...a/kernel-firmware-20231013_1be48f8-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.58-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.58-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.58-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.58-x86-1.txz: Upgraded.
k/kernel-source-6.1.58-noarch-1.txz: Upgraded.
l/lager-0.1.1-x86_64-1.txz: Upgraded.
l/libical-3.0.17-x86_64-1.txz: Upgraded.
l/libnsl-2.0.1-x86_64-1.txz: Upgraded.
l/libpaper-2.1.2-x86_64-1.txz: Upgraded.
l/nodejs-20.8.1-x86_64-1.txz: Upgraded.
l/oniguruma-6.9.9-x86_64-1.txz: Upgraded.
l/qt5-5.15.11_20231011_f1a894e5-x86_64-1.txz: Upgraded.
l/zug-0.1.1-x86_64-1.txz: Upgraded.
x/xterm-387-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-1.1.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20231016170335 |   Patrick J Volkerding | 2023-10-16 | 4 | -2/+10 |
| * | Fri Oct 13 20:51:23 UTC 2023...a/aaa_glibc-solibs-2.38-x86_64-3.txz: Rebuilt.
a/xfsprogs-6.5.0-x86_64-1.txz: Upgraded.
l/glibc-2.38-x86_64-3.txz: Rebuilt.
Don't strip ld-2.38.so as this breaks valgrind.
Thanks to rastos and alienBOB.
Fixed unreplaced @@VERSION@@ in the doinst.sh "dead code."
Thanks to pee_bee.
l/glibc-i18n-2.38-x86_64-3.txz: Rebuilt.
l/glibc-profile-2.38-x86_64-3.txz: Rebuilt.
l/pipewire-0.3.82-x86_64-1.txz: Upgraded.
20231013205123 | Patrick J Volkerding | 2023-10-13 | 2 | -2/+2 |
| * | Wed Oct 11 22:22:40 UTC 2023...l/libcaca-0.99.beta20-x86_64-1.txz: Upgraded.
Fixed a crash bug (a crafted file defining width of zero leads to divide by
zero and a crash). Seems to be merely a bug rather than a security issue, but
I'd been meaning to get beta20 building so this was a good excuse.
Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-0856
(* Security fix *)
l/libcue-2.3.0-x86_64-1.txz: Upgraded.
xap/xscreensaver-6.08-x86_64-1.txz: Upgraded.
testing/packages/rust-1.73.0-x86_64-1.txz: Upgraded.
20231011222240 | Patrick J Volkerding | 2023-10-12 | 7 | -29/+322 |
| * | Wed Oct 11 06:37:21 UTC 2023...a/kernel-generic-6.1.57-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.57-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.57-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.57-x86-1.txz: Upgraded.
k/kernel-source-6.1.57-noarch-1.txz: Upgraded.
n/c-ares-1.20.1-x86_64-1.txz: Upgraded.
n/curl-8.4.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
Cookie injection with none file.
SOCKS5 heap buffer overflow.
For more information, see:
https://curl.se/docs/CVE-2023-38546.html
https://curl.se/docs/CVE-2023-38545.html
https://www.cve.org/CVERecord?id=CVE-2023-38546
https://www.cve.org/CVERecord?id=CVE-2023-38545
(* Security fix *)
n/nghttp2-1.57.0-x86_64-1.txz: Upgraded.
This release has a fix to mitigate the HTTP/2 Rapid Reset vulnerability.
For more information, see:
https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
https://www.cve.org/CVERecord?id=CVE-2023-44487
(* Security fix *)
n/samba-4.19.1-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
Unsanitized pipe names allow SMB clients to connect as root to existing
unix domain sockets on the file system.
SMB client can truncate files to 0 bytes by opening files with OVERWRITE
disposition when using the acl_xattr Samba VFS module with the smb.conf
setting "acl_xattr:ignore system acls = yes"
An RODC and a user with the GET_CHANGES right can view all attributes,
including secrets and passwords. Additionally, the access check fails
open on error conditions.
Calls to the rpcecho server on the AD DC can request that the server block
for a user-defined amount of time, denying service.
Samba can be made to start multiple incompatible RPC listeners, disrupting
service on the AD DC.
For more information, see:
https://www.samba.org/samba/security/CVE-2023-3961.html
https://www.samba.org/samba/security/CVE-2023-4091.html
https://www.samba.org/samba/security/CVE-2023-4154.html
https://www.samba.org/samba/security/CVE-2023-42669.html
https://www.samba.org/samba/security/CVE-2023-42670.html
https://www.cve.org/CVERecord?id=CVE-2023-3961
https://www.cve.org/CVERecord?id=CVE-2023-4091
https://www.cve.org/CVERecord?id=CVE-2023-4154
https://www.cve.org/CVERecord?id=CVE-2023-42669
https://www.cve.org/CVERecord?id=CVE-2023-42670
(* Security fix *)
xap/mozilla-thunderbird-115.3.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.2/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20231011063721 | Patrick J Volkerding | 2023-10-11 | 1 | -1/+5 |
| * | Tue Oct 10 19:27:56 UTC 2023...ap/sqlite-3.43.2-x86_64-1.txz: Upgraded.
l/libcue-2.2.1-x86_64-4.txz: Rebuilt.
Fixed a bug which could allow memory corruption resulting in arbitrary
code execution.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-43641
(* Security fix *)
l/libnotify-0.8.3-x86_64-1.txz: Upgraded.
This release contains a critical stability/minor security update which
affects Electron applications that utilize Portal notifications (eg,
through Flatpak). It is highly recommended that all users of libnotify
0.8.x update to this release.
(* Security fix *)
n/iptables-1.8.10-x86_64-1.txz: Upgraded.
20231010192756 | Patrick J Volkerding | 2023-10-10 | 3 | -2/+28 |
| * | Mon Oct 9 18:10:01 UTC 2023...a/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt.
ap/qpdf-11.6.2-x86_64-1.txz: Upgraded.
ap/vim-9.0.2009-x86_64-1.txz: Upgraded.
l/desktop-file-utils-0.27-x86_64-1.txz: Upgraded.
l/glibc-2.38-x86_64-2.txz: Rebuilt.
These glibc packages are the exact ones that were previously in /testing.
A test mass rebuild was done here finding no new FTBFS, so I think these
are good to go. :)
l/glibc-i18n-2.38-x86_64-2.txz: Rebuilt.
l/glibc-profile-2.38-x86_64-2.txz: Rebuilt.
l/imagemagick-7.1.1_20-x86_64-1.txz: Upgraded.
l/libxkbcommon-1.6.0-x86_64-1.txz: Upgraded.
l/shared-mime-info-2.3-x86_64-1.txz: Upgraded.
n/c-ares-1.20.0-x86_64-1.txz: Upgraded.
n/libtirpc-1.3.4-x86_64-1.txz: Upgraded.
n/proftpd-1.3.8a-x86_64-1.txz: Upgraded.
n/whois-5.5.19-x86_64-1.txz: Upgraded.
Fixed english support for Japanese queries to not add again the /e argument
if it had already been provided by the user. (Closes: #1050171)
Added the .ye and .*************** (.xn--54b7fta0cc, Bangladesh) TLD servers.
Updated the .ba, .bb, .dk, .es, .gt, .jo, .ml, .mo, .pa, .pn, .sv, .uy,
.a+-la-r+-d+.n+, (.xn--mgbayh7gpa, Jordan) and .****** (.xn--mix891f, Macao)
TLD servers.
Upgraded the TLD URLs to HTTPS whenever possible.
Updated the charset for whois.jprs.jp.
Removed 3 new gTLDs which are no longer active.
Removed support for the obsolete as32 dot notation.
x/xterm-386-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.2009-x86_64-1.txz: Upgraded.
20231009181001 | Patrick J Volkerding | 2023-10-09 | 13 | -270/+1084 |
| * | Thu Oct 5 21:44:34 UTC 2023...kde/krita-5.2.0-x86_64-1.txz: Upgraded.
l/fftw-3.3.10-x86_64-2.txz: Rebuilt.
Build and package missing FFTW3LibraryDepends.cmake.
This is needed for krita-5.2.0.
l/immer-0.8.1-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/lager-0.1.0-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/libunibreak-5.1-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
l/zug-0.1.0-x86_64-1.txz: Added.
This is needed for krita-5.2.0.
xap/network-manager-applet-1.34.0-x86_64-1.txz: Upgraded.
20231005214434 | Patrick J Volkerding | 2023-10-06 | 13 | -2/+617 |
| * | Tue Oct 3 22:19:10 UTC 2023...a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt.
a/dialog-1.3_20231002-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.3-x86_64-1.txz: Upgraded.
d/llvm-17.0.2-x86_64-1.txz: Upgraded.
d/meson-1.2.2-x86_64-2.txz: Rebuilt.
[PATCH] Revert rust: apply global, project, and environment C args to bindgen.
This fixes building Mesa.
Thanks to lucabon and marav.
kde/calligra-3.2.1-x86_64-34.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/cantor-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kile-2.9.93-x86_64-28.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/krita-5.1.5-x86_64-15.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/okular-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
l/glibc-2.37-x86_64-3.txz: Rebuilt.
l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
l/glibc-profile-2.37-x86_64-3.txz: Rebuilt.
l/mozilla-nss-3.94-x86_64-1.txz: Upgraded.
l/poppler-23.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded.
n/irssi-1.4.5-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded.
x/libX11-1.8.7-x86_64-1.txz: Upgraded.
This update fixes security issues:
libX11: out-of-bounds memory access in _XkbReadKeySyms().
libX11: stack exhaustion from infinite recursion in PutSubImage().
libX11: integer overflow in XCreateImage() leading to a heap overflow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43785
https://www.cve.org/CVERecord?id=CVE-2023-43786
https://www.cve.org/CVERecord?id=CVE-2023-43787
(* Security fix *)
x/libXpm-3.5.17-x86_64-1.txz: Upgraded.
This update fixes security issues:
libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
libXpm: out of bounds read on XPM with corrupted colormap.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43788
https://www.cve.org/CVERecord?id=CVE-2023-43789
(* Security fix *)
testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt.
20231003221910 | Patrick J Volkerding | 2023-10-04 | 4 | -3/+75 |
| * | Mon Oct 2 19:12:58 UTC 2023...kde/kwin-5.27.8-x86_64-2.txz: Rebuilt.
[PATCH] fix segfault in EglGbmBackend::textureForOutput.
Thanks to marav.
l/SDL2-2.28.4-x86_64-1.txz: Upgraded.
l/mlt-7.20.0-x86_64-1.txz: Upgraded.
l/netpbm-11.04.02-x86_64-1.txz: Upgraded.
x/xterm-385-x86_64-1.txz: Upgraded.
xfce/xfce4-pulseaudio-plugin-0.4.8-x86_64-1.txz: Upgraded.
20231002191258 | Patrick J Volkerding | 2023-10-02 | 2 | -48/+42 |
| * | Sun Oct 1 19:08:38 UTC 2023...l/cairo-1.18.0-x86_64-2.txz: Rebuilt.
Rebuilt with -Dsymbol-lookup=disabled to avoid linking to libbfd.
l/imagemagick-7.1.1_19-x86_64-1.txz: Upgraded.
20231001190838 | Patrick J Volkerding | 2023-10-01 | 1 | -1/+2 |
| * | Sat Sep 30 21:33:49 UTC 2023...a/kmod-31-x86_64-1.txz: Upgraded.
l/libvpx-1.13.1-x86_64-1.txz: Upgraded.
This release contains two security related fixes -- one each for VP8 and VP9.
For more information, see:
https://crbug.com/1486441
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
n/conntrack-tools-1.4.8-x86_64-1.txz: Upgraded.
x/libime-1.1.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.3.1-x86_64-1.txz: Upgraded.
This release contains a security fix for a critical heap buffer overflow in
the libvpx VP8 encoder.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
20230930213349 | Patrick J Volkerding | 2023-10-01 | 2 | -0/+49 |
| * | Fri Sep 29 19:45:18 UTC 2023...d/meson-1.2.2-x86_64-1.txz: Upgraded.
l/nodejs-20.8.0-x86_64-1.txz: Upgraded.
l/sof-firmware-2023.09-noarch-1.txz: Upgraded.
n/bluez-5.70-x86_64-1.txz: Upgraded.
n/php-8.2.11-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.2.11
x/mesa-23.2.1-x86_64-1.txz: Upgraded.
x/xman-1.1.6-x86_64-1.txz: Upgraded.
xfce/xfce4-clipman-plugin-1.6.5-x86_64-1.txz: Upgraded.
20230929194518 | Patrick J Volkerding | 2023-09-29 | 1 | -8/+8 |
| * | Thu Sep 28 21:37:06 UTC 2023...ap/mpg123-1.32.2-x86_64-1.txz: Upgraded.
l/cairo-1.18.0-x86_64-1.txz: Upgraded.
l/gtk4-4.12.3-x86_64-1.txz: Upgraded.
x/fonttosfnt-1.2.3-x86_64-1.txz: Upgraded.
xap/geeqie-2.1-x86_64-2.txz: Rebuilt.
Patched and recompiled against lua-5.4.6.
xap/mozilla-firefox-115.3.1esr-x86_64-1.txz: Upgraded.
This update contains a security fix.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.3.1/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/
https://www.cve.org/CVERecord?id=CVE-2023-5217
(* Security fix *)
xfce/xfce4-panel-4.18.5-x86_64-1.txz: Upgraded.
testing/packages/aaa_glibc-solibs-2.38-x86_64-1.txz: Added.
testing/packages/glibc-2.38-x86_64-1.txz: Added.
Instead of building the deprecated glibc crypt library, bundle
libxcrypt-4.4.36 (both .so.1 compat version and .so.2 new API version).
testing/packages/glibc-i18n-2.38-x86_64-1.txz: Added.
testing/packages/glibc-profile-2.38-x86_64-1.txz: Added.
20230928213706 | Patrick J Volkerding | 2023-09-29 | 1 | -46/+20 |
| * | Wed Sep 27 23:51:07 UTC 2023...kde/ktextaddons-1.5.2-x86_64-1.txz: Upgraded.
l/fluidsynth-2.3.4-x86_64-1.txz: Upgraded.
l/opencv-4.8.1-x86_64-1.txz: Upgraded.
l/openexr-3.2.1-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.3.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.3.0/releasenotes/
20230927235107 | Patrick J Volkerding | 2023-09-28 | 1 | -1/+1 |
| * | Mon Sep 25 19:19:27 UTC 2023...ap/man-db-2.12.0-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.1-x86_64-1.txz: Upgraded.
d/llvm-17.0.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
d/lua-5.4.6-x86_64-4.txz: Rebuilt.
Fixed prefix and $LIBDIRSUFFIX in lua.pc. Thanks to ArTourter.
d/parallel-20230922-noarch-1.txz: Upgraded.
kde/kdevelop-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against llvm-17.0.1.
l/imagemagick-7.1.1_18-x86_64-1.txz: Upgraded.
l/libclc-17.0.1-x86_64-1.txz: Upgraded.
l/qt5-5.15.10_20230923_6e8e373e-x86_64-1.txz: Upgraded.
Compiled against llvm-17.0.1.
l/spirv-llvm-translator-17.0.0-x86_64-1.txz: Upgraded.
Compiled against llvm-17.0.1.
x/mesa-23.2.0_rc4-x86_64-1.txz: Upgraded.
Compiled against llvm-17.0.1.
20230925191927 | Patrick J Volkerding | 2023-09-25 | 5 | -95/+4 |
| * | Thu Sep 21 19:32:42 UTC 2023...a/gettext-0.22.2-x86_64-1.txz: Upgraded.
ap/cups-2.4.7-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
Fixed Heap-based buffer overflow when reading Postscript in PPD files.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-4504
(* Security fix *)
d/cmake-3.27.6-x86_64-1.txz: Upgraded.
d/gettext-tools-0.22.2-x86_64-1.txz: Upgraded.
l/dconf-editor-45.0.1-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.6-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.22.6-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.22.6-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.22.6-x86_64-1.txz: Upgraded.
l/gstreamer-1.22.6-x86_64-1.txz: Upgraded.
l/gtk4-4.12.2-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_17-x86_64-1.txz: Upgraded.
n/bind-9.18.19-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Limit the amount of recursion that can be performed by isccc_cc_fromwire.
Fix use-after-free error in TLS DNS code when sending data.
For more information, see:
https://kb.isc.org/docs/cve-2023-3341
https://www.cve.org/CVERecord?id=CVE-2023-3341
https://kb.isc.org/docs/cve-2023-4236
https://www.cve.org/CVERecord?id=CVE-2023-4236
(* Security fix *)
n/stunnel-5.71-x86_64-1.txz: Upgraded.
x/mesa-23.1.8-x86_64-1.txz: Upgraded.
x/xorg-server-xwayland-23.2.1-x86_64-1.txz: Upgraded.
xap/freerdp-2.11.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.2.3-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.3/releasenotes/
xap/seamonkey-2.53.17.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.17.1
https://www.cve.org/CVERecord?id=CVE-2023-4863
(* Security fix *)
20230921193242 | Patrick J Volkerding | 2023-09-21 | 2 | -2/+2 |
| * | Mon Sep 18 18:40:04 UTC 2023...a/sysklogd-2.5.2-x86_64-1.txz: Upgraded.
d/cargo-vendor-filterer-0.5.11-x86_64-1.txz: Upgraded.
l/adwaita-icon-theme-45.0-noarch-1.txz: Upgraded.
l/gsettings-desktop-schemas-45.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_16-x86_64-1.txz: Upgraded.
l/libdeflate-1.19-x86_64-1.txz: Upgraded.
l/libqalculate-4.8.1-x86_64-1.txz: Upgraded.
l/vte-0.74.0-x86_64-1.txz: Upgraded.
n/netatalk-3.1.17-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
Validate data type in dalloc_value_for_key(). This flaw could allow a
malicious actor to cause Netatalk's afpd daemon to crash, or possibly to
execute arbitrary code.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-42464
(* Security fix *)
20230918184004 | Patrick J Volkerding | 2023-09-18 | 3 | -45/+35 |
| * | Sat Sep 16 18:48:39 UTC 2023...ap/vim-9.0.1903-x86_64-1.txz: Upgraded.
l/at-spi2-atk-2.38.0-x86_64-3.txz: Removed.
l/at-spi2-core-2.50.0-x86_64-1.txz: Upgraded.
This now includes the features from the former at-spi2-atk and atk packages.
l/atk-2.38.0-x86_64-1.txz: Removed.
l/cairo-1.17.6-x86_64-1.txz: Upgraded.
l/glib-networking-2.78.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.78.1-x86_64-1.txz: Upgraded.
l/json-glib-1.8.0-x86_64-1.txz: Upgraded.
l/libsoup3-3.4.3-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.1903-x86_64-1.txz: Upgraded.
20230916184839 | Patrick J Volkerding | 2023-09-16 | 8 | -307/+19 |
| * | Fri Sep 15 19:48:39 UTC 2023...ap/ksh93-1.0.7-x86_64-1.txz: Upgraded.
d/cmake-3.27.5-x86_64-1.txz: Upgraded.
d/python3-3.9.18-x86_64-1.txz: Upgraded.
This update fixes a security issue:
Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass
of the TLS handshake and included protections (like certificate verification)
and treating sent unencrypted data as if it were post-handshake TLS encrypted
data. Security issue reported by Aapo Oksman; patch by Gregory P. Smith.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-40217
(* Security fix *)
l/gvfs-1.52.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.1esr-x86_64-1.txz: Upgraded.
n/dovecot-2.3.21-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.3-x86_64-1.txz: Upgraded.
x/igt-gpu-tools-1.28-x86_64-1.txz: Upgraded.
x/libva-2.20.0-x86_64-1.txz: Upgraded.
x/libva-utils-2.20.0-x86_64-1.txz: Upgraded.
xfce/elementary-xfce-0.18-x86_64-1.txz: Upgraded.
20230915194839 | Patrick J Volkerding | 2023-09-15 | 1 | -0/+1 |
| * | Thu Sep 14 02:38:14 UTC 2023...a/kernel-firmware-20230907_dfa1146-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.53-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.53-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.53-x86_64-1.txz: Upgraded.
ap/ghostscript-10.02.0-x86_64-1.txz: Upgraded.
ap/vim-9.0.1897-x86_64-2.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
d/cbindgen-0.26.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.53-x86-1.txz: Upgraded.
k/kernel-source-6.1.53-noarch-1.txz: Upgraded.
kde/keysmith-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
l/glib2-2.78.0-x86_64-2.txz: Rebuilt.
[PATCH] gthreadedresolver: Fix race between source callbacks and finalize.
Thanks to marav.
l/libarchive-3.7.2-x86_64-1.txz: Upgraded.
This update fixes multiple security vulnerabilities in the PAX writer:
Heap overflow in url_encode() in archive_write_set_format_pax.c.
NULL dereference in archive_write_pax_header_xattrs().
Another NULL dereference in archive_write_pax_header_xattrs().
NULL dereference in archive_write_pax_header_xattr().
(* Security fix *)
l/librsvg-2.56.4-x86_64-1.txz: Upgraded.
l/libsodium-1.0.19-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/curl-8.3.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
HTTP headers eat all memory.
https://curl.se/docs/CVE-2023-38039.html
https://www.cve.org/CVERecord?id=CVE-2023-38039
(* Security fix *)
n/dovecot-2.3.20-x86_64-4.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
n/netatalk-3.1.16-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues.
Shared library .so-version bump.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-23121
https://www.cve.org/CVERecord?id=CVE-2022-23123
(* Security fix *)
n/openldap-2.6.6-x86_64-2.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
n/php-8.2.10-x86_64-2.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
n/proftpd-1.3.8-x86_64-4.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
x/libglvnd-1.7.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.2.2-x86_64-1.txz: Upgraded.
This release contains a security fix for a critical heap buffer overflow.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.2/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
https://www.cve.org/CVERecord?id=CVE-2023-4863
(* Security fix *)
xap/vim-gvim-9.0.1897-x86_64-2.txz: Rebuilt.
Recompiled against libsodium-1.0.19.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230914023814 | Patrick J Volkerding | 2023-09-14 | 3 | -5/+139 |
| * | Sat Sep 9 18:05:16 UTC 2023...a/mcelog-195-x86_64-1.txz: Upgraded.
d/rust-1.70.0-x86_64-2.txz: Rebuilt.
Fixed path in rust-lldb. Thanks to gildbg.
l/glib2-2.78.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.78.0-x86_64-1.txz: Upgraded.
l/harfbuzz-8.2.0-x86_64-1.txz: Upgraded.
l/nodejs-20.6.1-x86_64-1.txz: Upgraded.
n/mutt-2.2.12-x86_64-1.txz: Upgraded.
x/font-util-1.4.1-x86_64-1.txz: Upgraded.
testing/packages/rust-1.72.0-x86_64-2.txz: Rebuilt.
Fixed path in rust-lldb. Thanks to gildbg.
20230909180516 | Patrick J Volkerding | 2023-09-09 | 2 | -78/+1 |
| * | Thu Sep 7 19:41:00 UTC 2023...d/rust-bindgen-0.68.1-x86_64-1.txz: Upgraded.
l/glib2-2.76.5-x86_64-2.txz: Rebuilt.
[PATCH] gkeyfile: Temporarily re-allow invalid escapes when parsing strings.
l/netpbm-11.03.05-x86_64-1.txz: Upgraded.
n/iproute2-6.5.0-x86_64-2.txz: Rebuilt.
Fixed build/install script issues due to config files moving from /etc.
20230907194100 | Patrick J Volkerding | 2023-09-07 | 2 | -1/+78 |
| * | Thu Sep 7 02:04:52 UTC 2023...a/kernel-firmware-20230906_ad03b85-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.52-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.52-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.52-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.52-x86-1.txz: Upgraded.
d/lua-5.4.6-x86_64-3.txz: Rebuilt.
Set MYCFLAGS rather than CFLAGS in the build script to keep the other
default CFLAGS in src/Makefile. This automatically sets -DLUA_USE_LINUX
as well as -DLUA_COMPAT_5_3.
d/mercurial-6.5.2-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.52-noarch-1.txz: Upgraded.
kde/alkimia-8.1.2-x86_64-1.txz: Upgraded.
kde/calligra-3.2.1-x86_64-33.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/cantor-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kfilemetadata-5.109.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kile-2.9.93-x86_64-27.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/kitinerary-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/krita-5.1.5-x86_64-14.txz: Rebuilt.
Recompiled against poppler-23.09.0.
kde/ktextaddons-1.5.0-x86_64-1.txz: Upgraded.
kde/okular-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.09.0.
l/poppler-23.09.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/zstd-1.5.5-x86_64-3.txz: Rebuilt.
Fix library path in zstdTargets-release.cmake.
Thanks to Steven Voges and gian_d.
Use additional build options:
-DZSTD_BUILD_STATIC=OFF -DZSTD_PROGRAMS_LINK_SHARED=ON -DZSTD_LZ4_SUPPORT=ON
-DZSTD_LZMA_SUPPORT=ON -DZSTD_ZLIB_SUPPORT=ON
Thanks to USUARIONUEVO.
n/iproute2-6.5.0-x86_64-1.txz: Upgraded.
t/texlive-2023.230322-x86_64-5.txz: Rebuilt.
Recompiled against zlib-1.3 to fix lualatex.
Thanks to unInstance and marav.
x/ibus-libpinyin-1.15.4-x86_64-1.txz: Upgraded.
x/mesa-23.1.7-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.9-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230907020452 | Patrick J Volkerding | 2023-09-07 | 1 | -3/+11 |
| * | Mon Sep 4 20:13:03 UTC 2023...ap/vim-9.0.1863-x86_64-1.txz: Upgraded.
Compiled with --enable-luainterp=dynamic.
l/gtk4-4.12.1-x86_64-1.txz: Upgraded.
n/nghttp2-1.56.0-x86_64-1.txz: Upgraded.
n/samba-4.19.0-x86_64-1.txz: Upgraded.
xap/freerdp-2.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-9.0.1863-x86_64-1.txz: Upgraded.
Compiled with --enable-luainterp=dynamic.
20230904201303 | Patrick J Volkerding | 2023-09-04 | 1 | -3/+4 |
| * | Sun Sep 3 19:37:21 UTC 2023...l/zstd-1.5.5-x86_64-2.txz: Rebuilt.
Build with cmake. Thanks to F0nix.
n/postfix-3.8.2-x86_64-1.txz: Upgraded.
20230903193721 | Patrick J Volkerding | 2023-09-03 | 1 | -13/+18 |
| * | Sun Sep 3 04:27:04 UTC 2023...a/dbus-1.14.10-x86_64-1.txz: Upgraded.
a/kernel-firmware-20230901_bb4f658-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.51-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.51-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.51-x86_64-1.txz: Upgraded.
a/pkgtools-15.1-noarch-7.txz: Rebuilt.
pkgtool: Make the "Setup" menu (rerun selected installer scripts) larger.
Thanks to Stuart Winter.
ap/alsa-utils-1.2.10-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.51-x86-1.txz: Upgraded.
d/strace-6.5-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.51-noarch-1.txz: Upgraded.
l/SDL2-2.28.3-x86_64-1.txz: Upgraded.
l/alsa-lib-1.2.10-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.48.4-x86_64-1.txz: Upgraded.
l/gmime-3.2.14-x86_64-1.txz: Upgraded.
l/libgphoto2-2.5.31-x86_64-1.txz: Upgraded.
xfce/thunar-4.18.7-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230903042704 | Patrick J Volkerding | 2023-09-03 | 1 | -1/+1 |
| * | Fri Sep 1 20:16:14 UTC 2023...a/btrfs-progs-6.5-x86_64-1.txz: Upgraded.
kde/kimageformats-5.109.0-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
kde/kio-extras-23.08.0-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
kde/krita-5.1.5-x86_64-13.txz: Rebuilt.
Recompiled against openexr-3.2.0.
l/brotli-1.1.0-x86_64-1.txz: Upgraded.
l/gegl-0.4.46-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
l/glib2-2.76.5-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.5-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
l/imagemagick-7.1.1_15-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
l/libdeflate-1.18-x86_64-1.txz: Added.
This is needed for openexr-3.2.0.
l/mozilla-nss-3.93-x86_64-1.txz: Upgraded.
l/opencv-4.8.0-x86_64-2.txz: Rebuilt.
Recompiled against openexr-3.2.0.
l/openexr-3.2.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/php-8.2.10-x86_64-1.txz: Upgraded.
n/wget2-2.1.0-x86_64-1.txz: Upgraded.
x/libwacom-2.8.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.34-x86_64-6.txz: Rebuilt.
Recompiled against openexr-3.2.0.
xap/xscreensaver-6.07-x86_64-1.txz: Upgraded.
20230901201614 | Patrick J Volkerding | 2023-09-01 | 11 | -43/+144 |
| * | Wed Aug 30 21:58:04 UTC 2023...a/dcron-4.5-x86_64-13.txz: Rebuilt.
rc.crond: ensure world-writable permissions on /run/cron, needed for
crontab -e with some editors. Thanks to lostintime.
a/kernel-firmware-20230830_5ebb591-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.50-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.50-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.50-x86_64-1.txz: Upgraded.
d/ccache-4.8.3-x86_64-1.txz: Upgraded.
d/clinfo-3.0.23.01.25-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
d/kernel-headers-6.1.50-x86-1.txz: Upgraded.
d/vala-0.56.13-x86_64-1.txz: Upgraded.
k/kernel-source-6.1.50-noarch-1.txz: Upgraded.
l/libnl3-3.8.0-x86_64-1.txz: Upgraded.
l/mozjs102-102.15.0esr-x86_64-1.txz: Upgraded.
x/mesa-23.1.6-x86_64-1.txz: Upgraded.
It appears that mesa-23.2.0 was pulled and replaced with mesa-23.2.0-rc2
sometime after we upgraded to it. I've tested this version and it does not
suffer from the "radeon: failed testing IB on GFX ring" bug that was
happening with mesa-23.1.3, so let's use it for now.
xap/mozilla-firefox-115.2.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-36/
https://www.cve.org/CVERecord?id=CVE-2023-4573
https://www.cve.org/CVERecord?id=CVE-2023-4574
https://www.cve.org/CVERecord?id=CVE-2023-4575
https://www.cve.org/CVERecord?id=CVE-2023-4576
https://www.cve.org/CVERecord?id=CVE-2023-4577
https://www.cve.org/CVERecord?id=CVE-2023-4051
https://www.cve.org/CVERecord?id=CVE-2023-4578
https://www.cve.org/CVERecord?id=CVE-2023-4053
https://www.cve.org/CVERecord?id=CVE-2023-4580
https://www.cve.org/CVERecord?id=CVE-2023-4581
https://www.cve.org/CVERecord?id=CVE-2023-4582
https://www.cve.org/CVERecord?id=CVE-2023-4583
https://www.cve.org/CVERecord?id=CVE-2023-4584
https://www.cve.org/CVERecord?id=CVE-2023-4585
(* Security fix *)
xap/mozilla-thunderbird-115.2.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.2.0/releasenotes/
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230830215804 | Patrick J Volkerding | 2023-08-31 | 1 | -2/+3 |
| * | Tue Aug 29 18:55:59 UTC 2023...a/coreutils-9.4-x86_64-1.txz: Upgraded.
d/cbindgen-0.25.0-x86_64-1.txz: Upgraded.
l/ffmpeg-5.1.3-x86_64-2.txz: Rebuilt.
Patched and recompiled against vulkan-sdk-1.3.250.0.
Thanks to lucabon.
l/pipewire-0.3.79-x86_64-1.txz: Upgraded.
xfce/xfce4-whiskermenu-plugin-2.8.0-x86_64-1.txz: Upgraded.
20230829185559 | Patrick J Volkerding | 2023-08-29 | 2 | -1/+19 |
| * | Tue Aug 29 00:06:09 UTC 2023...l/fmt-10.1.1-x86_64-1.txz: Upgraded.
l/libedit-20230828_3.1-x86_64-1.txz: Upgraded.
n/daemon-0.8.4-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.3.250.0-x86_64-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
xap/freerdp-2.11.0-x86_64-1.txz: Upgraded.
20230829000609 | Patrick J Volkerding | 2023-08-29 | 2 | -12/+0 |
| * | Mon Aug 28 00:38:01 UTC 2023...a/kernel-generic-6.1.49-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.49-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.49-x86_64-1.txz: Upgraded.
ap/sqlite-3.43.0-x86_64-2.txz: Rebuilt.
Build/package sqldiff and sqlite3_analyzer. Thanks to Heinz Wiesinger.
d/doxygen-1.9.8-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.49-x86-1.txz: Upgraded.
k/kernel-source-6.1.49-noarch-1.txz: Upgraded.
l/libedit-20230827_3.1-x86_64-1.txz: Upgraded.
x/m17n-lib-1.8.4-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230828003801 | Patrick J Volkerding | 2023-08-28 | 2 | -0/+12 |
| * | Sat Aug 26 05:08:30 UTC 2023...kde/calligra-3.2.1-x86_64-32.txz: Rebuilt.
Recompiled against okular-23.08.0.
l/freetype-2.13.2-x86_64-1.txz: Upgraded.
n/bluez-5.69-x86_64-1.txz: Upgraded.
t/fig2dev-3.2.9-x86_64-1.txz: Upgraded.
t/xfig-3.2.9-x86_64-1.txz: Upgraded.
x/libinput-1.24.0-x86_64-1.txz: Upgraded.
x/xf86-input-libinput-1.4.0-x86_64-1.txz: Upgraded.
testing/packages/rust-1.72.0-x86_64-1.txz: Upgraded.
20230826050830 | Patrick J Volkerding | 2023-08-26 | 1 | -1/+1 |
| * | Tue Aug 22 19:28:18 UTC 2023...l/mpfr-4.2.1-x86_64-1.txz: Upgraded.
l/pipewire-0.3.78-x86_64-1.txz: Upgraded.
n/getmail-6.18.13-x86_64-1.txz: Upgraded.
x/ibus-anthy-1.5.15-x86_64-1.txz: Upgraded.
x/ibus-m17n-1.4.22-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.2-x86_64-1.txz: Upgraded.
x/libime-1.1.0-x86_64-1.txz: Upgraded.
xfce/xfce4-terminal-1.1.0-x86_64-1.txz: Upgraded.
20230822192818 | Patrick J Volkerding | 2023-08-22 | 12 | -2194/+0 |
| * | Wed Aug 16 20:45:00 UTC 2023...a/kernel-firmware-20230814_0e048b0-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.46-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.46-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.46-x86_64-1.txz: Upgraded.
ap/inxi-3.3.29_1-noarch-1.txz: Upgraded.
d/kernel-headers-6.1.46-x86-1.txz: Upgraded.
k/kernel-source-6.1.46-noarch-1.txz: Upgraded.
-ACPI_TINY_POWER_BUTTON n
ACPI_AC m -> y
ACPI_BATTERY m -> y
ACPI_BUTTON m -> y
ACPI_FAN m -> y
ACPI_THERMAL m -> y
kde/kirigami-addons-0.11.0-x86_64-1.txz: Upgraded.
n/bind-9.18.18-x86_64-1.txz: Upgraded.
n/httpd-2.4.57-x86_64-2.txz: Rebuilt.
rc.httpd: wait using pwait after stopping, fix usage to show force-restart.
Thanks to metaed.
n/net-snmp-5.9.4-x86_64-1.txz: Upgraded.
n/openvpn-2.6.6-x86_64-1.txz: Upgraded.
n/php-8.2.9-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Security issue with external entity loading in XML without enabling it.
Buffer mismanagement in phar_dir_read().
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824
(* Security fix *)
x/xorg-server-xwayland-23.2.0-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-115.1.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230816204500 | Patrick J Volkerding | 2023-08-16 | 1 | -0/+4 |
| * | Mon Aug 14 19:04:41 UTC 2023...ap/mariadb-10.11.5-x86_64-1.txz: Upgraded.
ap/mc-4.8.30-x86_64-1.txz: Upgraded.
d/vala-0.56.11-x86_64-1.txz: Upgraded.
l/json-c-0.17_20230812-x86_64-1.txz: Upgraded.
l/libsndfile-1.2.2-x86_64-1.txz: Upgraded.
l/openexr-3.1.11-x86_64-1.txz: Upgraded.
20230814190441 | Patrick J Volkerding | 2023-08-14 | 4 | -32/+8 |
| * | Sat Aug 12 00:43:19 UTC 2023...a/aaa_libraries-15.1-x86_64-21.txz: Rebuilt.
Upgraded: libcap.so.2.69, liblzma.so.5.4.4, libboost*.so.1.82.0,
libglib-2.0.so.0.7600.4, libgmodule-2.0.so.0.7600.4, libgmp.so.10.5.0,
libgmpxx.so.4.7.0, libgobject-2.0.so.0.7600.4, libgthread-2.0.so.0.7600.4,
libjpeg.so.62.4.0, libpng16.so.16.40.0, libstdc++.so.6.0.32,
libtdb.so.1.4.9, libturbojpeg.so.0.3.0.
a/kernel-firmware-20230809_789aa81-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.45-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.45-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.45-x86_64-1.txz: Upgraded.
ap/pamixer-1.5-x86_64-7.txz: Rebuilt.
Recompiled against boost-1.83.0.
d/kernel-headers-6.1.45-x86-1.txz: Upgraded.
k/kernel-source-6.1.45-noarch-1.txz: Upgraded.
kde/kig-23.04.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.83.0.
kde/kopeninghours-23.04.3-x86_64-2.txz: Rebuilt.
Recompiled against boost-1.83.0.
kde/krita-5.1.5-x86_64-12.txz: Rebuilt.
Recompiled against boost-1.83.0.
l/boost-1.83.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
The shared libraries from the previous version will stick around in
the aaa_libraries package for at least a month.
l/cryfs-0.10.3-x86_64-9.txz: Rebuilt.
Recompiled against boost-1.83.0.
x/fcitx5-chinese-addons-5.0.17-x86_64-3.txz: Rebuilt.
Recompiled against boost-1.83.0.
x/libime-1.0.17-x86_64-3.txz: Rebuilt.
Recompiled against boost-1.83.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230812004319 | Patrick J Volkerding | 2023-08-12 | 1 | -1/+1 |
| * | Thu Aug 10 20:23:33 UTC 2023...Thanks to Heinz Wiesinger for these added python packages to implement
PEP 427 and PEP 517! Python modules are phasing out setup.py in favor of
building wheels, and then using python-installer to install them. These
are the bits needed to make that happen.
l/python-build-0.10.0-x86_64-1.txz: Added.
l/python-flit-core-3.9.0-x86_64-1.txz: Added.
l/python-glad2-2.0.4-x86_64-1.txz: Added.
l/python-installer-0.7.0-x86_64-1.txz: Added.
l/python-lxml-4.9.3-x86_64-1.txz: Added.
l/python-pyproject-hooks-1.0.0-x86_64-1.txz: Added.
l/python-tomli-w-1.0.0-x86_64-1.txz: Added.
l/python-wheel-0.41.1-x86_64-1.txz: Added.
n/nftables-1.0.8-x86_64-2.txz: Rebuilt.
Correctly generate nftables Python module using PEP 427/517 method.
Thanks to marav.
n/openssh-9.4p1-x86_64-1.txz: Upgraded.
20230810202333 | Patrick J Volkerding | 2023-08-10 | 24 | -0/+921 |
| * | Mon Aug 7 19:22:02 UTC 2023...a/sdparm-1.12-x86_64-3.txz: Rebuilt.
Recompiled against sg3_utils-1.48.
a/udisks-1.0.5-x86_64-11.txz: Rebuilt.
Recompiled against sg3_utils-1.48. Does anything still need this?
ap/vim-9.0.1678-x86_64-1.txz: Upgraded.
Applied the last patch from Bram Moolenaar.
RIP Bram, and thanks for your great work on VIM and your kindness to the
orphan children in Uganda.
If you'd like to honor Bram with a donation to his charity, please visit:
https://iccf-holland.org/
d/mercurial-6.5.1-x86_64-1.txz: Upgraded.
d/vala-0.56.10-x86_64-1.txz: Upgraded.
kde/plasma-desktop-5.27.7.1-x86_64-1.txz: Upgraded.
kde/sddm-0.20.0-x86_64-2.txz: Rebuilt.
Eliminate duplicate log messages polluting the first virtual console.
l/gtk4-4.10.5-x86_64-1.txz: Upgraded.
l/gvfs-1.50.6-x86_64-1.txz: Upgraded.
l/libgpod-0.8.3-x86_64-12.txz: Rebuilt.
Recompiled against sg3_utils-1.48.
l/netpbm-11.03.02-x86_64-1.txz: Upgraded.
l/sg3_utils-1.48-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/speech-dispatcher-0.11.5-x86_64-1.txz: Upgraded.
n/gnutls-3.8.1-x86_64-1.txz: Upgraded.
n/nfs-utils-2.6.3-x86_64-2.txz: Rebuilt.
Move 99-nfs.rules to the proper directory. Thanks to Petri Kaukasoina.
xap/vim-gvim-9.0.1678-x86_64-1.txz: Upgraded.
20230807192202 | Patrick J Volkerding | 2023-08-07 | 1 | -1/+1 |
| * | Fri Aug 4 20:17:36 UTC 2023...a/hwdata-0.373-noarch-1.txz: Upgraded.
a/kernel-firmware-20230731_253cc17-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.43-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.43-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.43-x86_64-1.txz: Upgraded.
a/sysklogd-2.5.1-x86_64-1.txz: Upgraded.
a/xz-5.4.4-x86_64-1.txz: Upgraded.
ap/man-pages-6.05.01-noarch-1.txz: Upgraded.
d/kernel-headers-6.1.43-x86-1.txz: Upgraded.
k/kernel-source-6.1.43-noarch-1.txz: Upgraded.
kde/ktextaddons-1.4.0-x86_64-1.txz: Upgraded.
l/SDL2-2.28.2-x86_64-1.txz: Upgraded.
l/harfbuzz-8.1.1-x86_64-1.txz: Upgraded.
l/mozjs102-102.14.0esr-x86_64-1.txz: Upgraded.
l/netpbm-11.03.01-x86_64-1.txz: Upgraded.
l/openexr-3.1.10-x86_64-1.txz: Upgraded.
l/pipewire-0.3.77-x86_64-1.txz: Upgraded.
l/poppler-23.08.0-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.1.0esr-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.1.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/
https://www.cve.org/CVERecord?id=CVE-2023-4045
https://www.cve.org/CVERecord?id=CVE-2023-4046
https://www.cve.org/CVERecord?id=CVE-2023-4047
https://www.cve.org/CVERecord?id=CVE-2023-4048
https://www.cve.org/CVERecord?id=CVE-2023-4049
https://www.cve.org/CVERecord?id=CVE-2023-4050
https://www.cve.org/CVERecord?id=CVE-2023-4052
https://www.cve.org/CVERecord?id=CVE-2023-4054
https://www.cve.org/CVERecord?id=CVE-2023-4055
https://www.cve.org/CVERecord?id=CVE-2023-4056
https://www.cve.org/CVERecord?id=CVE-2023-4057
(* Security fix *)
xap/mozilla-thunderbird-115.1.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.1.0/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/rust-1.71.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230804201736 | Patrick J Volkerding | 2023-08-04 | 4 | -1/+84 |
| * | Sun Jul 30 20:33:52 UTC 2023...d/binutils-2.41-x86_64-1.txz: Upgraded.
d/oprofile-1.4.0-x86_64-12.txz: Rebuilt.
Recompiled against binutils-2.41.
d/tree-sitter-0.20.8-x86_64-1.txz: Added.
This is a dependency for an interesting new feature of emacs-29.1.
e/emacs-29.1-x86_64-1.txz: Upgraded.
Compiled against tree-sitter-0.20.8. Grammar libraries for this can be
downloaded and installed from within Emacs - see the NEWS file for details.
l/gmp-6.3.0-x86_64-1.txz: Upgraded.
l/libarchive-3.7.1-x86_64-1.txz: Upgraded.
l/polkit-123-x86_64-1.txz: Upgraded.
20230730203352 | Patrick J Volkerding | 2023-07-30 | 1 | -1/+1 |
| * | Fri Jul 28 19:47:22 UTC 2023...a/file-5.45-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.92-x86_64-1.txz: Upgraded.
l/pipewire-0.3.76-x86_64-1.txz: Upgraded.
20230728194722 | Patrick J Volkerding | 2023-07-28 | 3 | -30/+2 |
| * | Mon Jul 24 19:26:18 UTC 2023...ap/tmux-3.3a-x86_64-2.txz: Rebuilt.
Patched to fix a crash when copying text. Thanks to nullptr, gnw, and Daedra.
d/parallel-20230722-noarch-1.txz: Upgraded.
l/libarchive-3.7.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.75-x86_64-2.txz: Rebuilt.
[PATCH] pipewire: add missing stdbool.h include to version.h.in.
Thanks to marav.
n/network-scripts-15.1-noarch-1.txz: Upgraded.
Added netconfig.8 manpage. Thanks to metaed.
extra/brltty/brltty-6.6-x86_64-1.txz: Upgraded.
20230724192618 | Patrick J Volkerding | 2023-07-24 | 3 | -3/+39 |
| * | Fri Jul 21 19:35:45 UTC 2023...l/librsvg-2.56.3-x86_64-1.txz: Upgraded.
l/nodejs-20.5.0-x86_64-1.txz: Upgraded.
l/pipewire-0.3.75-x86_64-1.txz: Upgraded.
l/talloc-2.4.1-x86_64-1.txz: Upgraded.
l/tdb-1.4.9-x86_64-1.txz: Upgraded.
l/tevent-0.15.0-x86_64-1.txz: Upgraded.
l/xxHash-0.8.2-x86_64-1.txz: Upgraded.
n/ca-certificates-20230721-noarch-1.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
20230721193545 | Patrick J Volkerding | 2023-07-21 | 1 | -1/+1 |
| * | Thu Jul 20 19:55:25 UTC 2023...d/re2c-3.1-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-base-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-good-1.22.5-x86_64-1.txz: Upgraded.
l/gst-plugins-libav-1.22.5-x86_64-1.txz: Upgraded.
l/gstreamer-1.22.5-x86_64-1.txz: Upgraded.
l/libptytty-2.0-x86_64-1.txz: Added.
This is required by rxvt-unicode-9.31.
x/libpthread-stubs-0.5-x86_64-1.txz: Upgraded.
xap/rxvt-unicode-9.31-x86_64-1.txz: Upgraded.
Compiled against libptytty-2.0.
testing/packages/mozilla-thunderbird-115.0.1-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.0.1/releasenotes/
(* Security fix *)
20230720195525 | Patrick J Volkerding | 2023-07-20 | 5 | -2/+142 |
| * | Wed Jul 19 20:36:46 UTC 2023...a/kernel-firmware-20230707_d3f6606-noarch-1.txz: Upgraded.
a/kernel-generic-6.1.39-x86_64-1.txz: Upgraded.
a/kernel-huge-6.1.39-x86_64-1.txz: Upgraded.
a/kernel-modules-6.1.39-x86_64-1.txz: Upgraded.
a/xfsprogs-6.4.0-x86_64-1.txz: Upgraded.
d/cmake-3.27.0-x86_64-1.txz: Upgraded.
d/kernel-headers-6.1.39-x86-1.txz: Upgraded.
k/kernel-source-6.1.39-noarch-1.txz: Upgraded.
l/mpfr-4.2.0p12-x86_64-1.txz: Upgraded.
n/bind-9.18.17-x86_64-1.txz: Upgraded.
n/curl-8.2.0-x86_64-1.txz: Upgraded.
This update fixes a security issue:
fopen race condition.
For more information, see:
https://curl.se/docs/CVE-2023-32001.html
https://www.cve.org/CVERecord?id=CVE-2023-32001
(* Security fix *)
n/dhcpcd-10.0.2-x86_64-1.txz: Upgraded.
n/openssh-9.3p2-x86_64-1.txz: Upgraded.
This update fixes a security issue:
ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code
execution relating to PKCS#11 providers.
The PKCS#11 support ssh-agent(1) could be abused to achieve remote code
execution via a forwarded agent socket if the following conditions are met:
* Exploitation requires the presence of specific libraries on the victim
system.
* Remote exploitation requires that the agent was forwarded to an
attacker-controlled system.
Exploitation can also be prevented by starting ssh-agent(1) with an empty
PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that
contains only specific provider libraries.
This vulnerability was discovered and demonstrated to be exploitable by the
Qualys Security Advisory team.
Potentially-incompatible changes:
* ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules
issued by remote clients by default. A flag has been added to restore the
previous behaviour: "-Oallow-remote-pkcs11".
For more information, see:
https://www.openssh.com/txt/release-9.3p2
https://www.cve.org/CVERecord?id=CVE-2023-38408
(* Security fix *)
n/samba-4.18.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
When winbind is used for NTLM authentication, a maliciously crafted request
can trigger an out-of-bounds read in winbind and possibly crash it.
SMB2 packet signing is not enforced if an admin configured
"server signing = required" or for SMB2 connections to Domain Controllers
where SMB2 packet signing is mandatory.
An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be
triggered by an unauthenticated attacker by issuing a malformed RPC request.
Missing type validation in Samba's mdssvc RPC service for Spotlight can be
used by an unauthenticated attacker to trigger a process crash in a shared
RPC mdssvc worker process.
As part of the Spotlight protocol Samba discloses the server-side absolute
path of shares and files and directories in search results.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2127.html
https://www.samba.org/samba/security/CVE-2023-3347.html
https://www.samba.org/samba/security/CVE-2023-34966.html
https://www.samba.org/samba/security/CVE-2023-34967.html
https://www.samba.org/samba/security/CVE-2023-34968.html
https://www.cve.org/CVERecord?id=CVE-2022-2127
https://www.cve.org/CVERecord?id=CVE-2023-3347
https://www.cve.org/CVERecord?id=CVE-2023-34966
https://www.cve.org/CVERecord?id=CVE-2023-34967
https://www.cve.org/CVERecord?id=CVE-2023-34968
(* Security fix *)
xap/mozilla-firefox-115.0.3esr-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.0.3esr/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20230719203646 | Patrick J Volkerding | 2023-07-19 | 3 | -0/+148 |
| * | Mon Jul 17 19:17:19 UTC 2023...ap/sudo-1.9.14p2-x86_64-1.txz: Upgraded.
This is a bugfix release.
d/meson-1.2.0-x86_64-1.txz: Upgraded.
xap/sane-1.2.1-x86_64-1.txz: Upgraded.
extra/xv/xv-4.2.0-x86_64-1.txz: Upgraded.
20230717191719 | Patrick J Volkerding | 2023-07-17 | 1 | -1/+3 |
| * | Sun Jul 16 20:35:56 UTC 2023...Hey folks! It's time to acknowledge another one of those milestones... 30 (!)
years since I made the post linked below announcing Slackware's first stable
release after months of beta testing. Thanks to all of our dedicated
contributors, loyal users, and those who have helped us to keep the lights on
here. It's really been a remarkable journey that I couldn't have anticipated
starting out back in 1993. Cheers! :-)
https://www.slackware.com/announce/1.0.php
kde/sddm-0.20.0-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_13-x86_64-1.txz: Upgraded.
n/nghttp2-1.55.1-x86_64-1.txz: Upgraded.
xap/xlockmore-5.72-x86_64-1.txz: Upgraded.
20230716203556 | Patrick J Volkerding | 2023-07-16 | 1 | -1/+1 |
| * | Wed Jul 12 20:41:16 UTC 2023...ap/inxi-3.3.28_1-noarch-1.txz: Upgraded.
ap/sudo-1.9.14p1-x86_64-1.txz: Upgraded.
d/rust-1.70.0-x86_64-1.txz: Upgraded.
l/harfbuzz-8.0.1-x86_64-1.txz: Upgraded.
l/lmdb-0.9.31-x86_64-1.txz: Upgraded.
l/pipewire-0.3.74-x86_64-1.txz: Upgraded.
n/krb5-1.21.1-x86_64-1.txz: Upgraded.
Fix potential uninitialized pointer free in kadm5 XDR parsing.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-36054
(* Security fix *)
n/libnftnl-1.2.6-x86_64-1.txz: Upgraded.
n/nghttp2-1.55.0-x86_64-1.txz: Upgraded.
n/openldap-2.6.5-x86_64-1.txz: Upgraded.
x/ibus-table-1.17.1-x86_64-1.txz: Upgraded.
x/xterm-384-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-115.0.2esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.0.2esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2023-26/
https://www.cve.org/CVERecord?id=CVE-2023-3600
(* Security fix *)
testing/packages/mozilla-thunderbird-115.0-x86_64-1.txz: Added.
20230712204116 | Patrick J Volkerding | 2023-07-12 | 1 | -1/+1 |
| * | Mon Jul 3 20:19:22 UTC 2023...a/hwdata-0.372-noarch-1.txz: Upgraded.
ap/vim-9.0.1672-x86_64-1.txz: Upgraded.
Patched (should be merged upstream soon) to build against perl-5.38.0.
d/perl-5.38.0-x86_64-1.txz: Upgraded.
Upgraded: IO-Socket-SSL-2.083, URI-5.19.
d/subversion-1.14.2-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.38.0.
l/imagemagick-7.1.1_12-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.38.0.
l/libnss_nis-3.2-x86_64-1.txz: Upgraded.
l/libqalculate-4.7.0-x86_64-1.txz: Upgraded.
n/epic5-2.1.12-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.38.0.
n/irssi-1.4.4-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.38.0.
n/net-snmp-5.9.3-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.38.0.
n/ntp-4.2.8p17-x86_64-3.txz: Rebuilt.
Recompiled against perl-5.38.0.
n/openldap-2.6.4-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.38.0.
x/wayland-protocols-1.32-noarch-1.txz: Upgraded.
xap/hexchat-2.16.1-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.38.0.
xap/rxvt-unicode-9.26-x86_64-6.txz: Rebuilt.
Recompiled against perl-5.38.0.
xap/vim-gvim-9.0.1672-x86_64-1.txz: Upgraded.
Patched (should be merged upstream soon) to build against perl-5.38.0.
20230703201922 | Patrick J Volkerding | 2023-07-03 | 2 | -2/+2 |
| * | Sun Jul 2 18:44:20 UTC 2023...d/vala-0.56.9-x86_64-1.txz: Upgraded.
l/SDL2-2.28.1-x86_64-1.txz: Upgraded.
20230702184420 | Patrick J Volkerding | 2023-07-02 | 1 | -1/+1 |
Patrick J Volkerding