| Commit message (Expand) | Author | Age | Files | Lines |
* | Tue Feb 1 04:37:04 UTC 2022...The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
https://www.samba.org/samba/security/CVE-2021-44142.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
https://www.samba.org/samba/security/CVE-2022-0336.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
20220201043704 | Patrick J Volkerding | 2022-02-01 | 1 | -2/+2 |
* | Wed Jan 19 18:18:02 UTC 2022...ap/inxi-3.3.12_1-noarch-1.txz: Upgraded.
ap/man-db-2.9.4-x86_64-3.txz: Rebuilt.
Don't use --no-purge in the daily cron job to update the databases.
l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt.
Link against neon-0.32.2. Thanks to marav.
n/bind-9.16.25-x86_64-1.txz: Upgraded.
n/ethtool-5.16-x86_64-1.txz: Upgraded.
n/samba-4.15.4-x86_64-1.txz: Upgraded.
n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded.
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side-channel attacks as a result of cache
access patterns.
NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304
(* Security fix *)
x/xterm-370-x86_64-6.txz: Rebuilt.
XTerm-console: improve the font settings. Thanks to GazL.
20220119181802 | Patrick J Volkerding | 2022-01-20 | 1 | -2/+2 |
* | Wed Dec 8 20:42:30 UTC 2021...a/kernel-generic-5.15.7-x86_64-1.txz: Upgraded.
a/kernel-huge-5.15.7-x86_64-1.txz: Upgraded.
a/kernel-modules-5.15.7-x86_64-1.txz: Upgraded.
d/kernel-headers-5.15.7-x86-1.txz: Upgraded.
k/kernel-source-5.15.7-noarch-1.txz: Upgraded.
n/samba-4.15.3-x86_64-1.txz: Upgraded.
This release fixes bugs and these regressions in the 4.15.2 release:
CVE-2020-25717: A user on the domain can become root on domain members.
https://www.samba.org/samba/security/CVE-2020-25717.html
PLEASE [RE-]READ!
The instructions have been updated and some workarounds initially advised
for 4.15.2 are no longer required and should be reverted in most cases.
BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become
un-deletable. While this release should fix this bug, it is advised to have
a look at the bug report for more detailed information, see:
https://bugzilla.samba.org/show_bug.cgi?id=14902
For more information, see:
https://www.samba.org/samba/security/CVE-2020-25717.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
(* Security fix *)
x/libX11-1.7.3-x86_64-1.txz: Upgraded.
x/xscope-1.4.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.4.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.4.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528
(* Security fix *)
xfce/exo-4.16.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20211208204230 | Patrick J Volkerding | 2021-12-09 | 1 | -2/+2 |
* | Wed Nov 10 20:32:37 UTC 2021...d/python3-3.9.8-x86_64-1.txz: Upgraded.
l/libtasn1-4.18.0-x86_64-1.txz: Upgraded.
n/curl-7.80.0-x86_64-1.txz: Upgraded.
n/ethtool-5.15-x86_64-1.txz: Upgraded.
n/samba-4.15.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
SMB1 client connections can be downgraded to plaintext authentication.
A user on the domain can become root on domain members.
Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC.
Samba AD DC did not always rely on the SID and PAC in Kerberos tickets.
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid).
Samba AD DC did not do suffienct access and conformance checking of data
stored.
Use after free in Samba AD DC RPC server.
Subsequent DCE/RPC fragment injection vulnerability.
For more information, see:
https://www.samba.org/samba/security/CVE-2016-2124.html
https://www.samba.org/samba/security/CVE-2020-25717.html
^^ (PLEASE READ! There are important behaviour changes described)
https://www.samba.org/samba/security/CVE-2020-25718.html
https://www.samba.org/samba/security/CVE-2020-25719.html
https://www.samba.org/samba/security/CVE-2020-25721.html
https://www.samba.org/samba/security/CVE-2020-25722.html
https://www.samba.org/samba/security/CVE-2021-3738.html
https://www.samba.org/samba/security/CVE-2021-23192.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192
(* Security fix *)
x/xorg-server-xwayland-21.1.3-x86_64-1.txz: Upgraded.
20211110203237 | Patrick J Volkerding | 2021-11-11 | 1 | -2/+2 |
* | Thu Oct 28 01:11:07 UTC 2021...a/kernel-generic-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.15-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.15-x86_64-1.txz: Upgraded.
d/cmake-3.21.4-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.15-x86-1.txz: Upgraded.
k/kernel-source-5.14.15-noarch-1.txz: Upgraded.
We're going to go ahead and take both of those changes that were considered
in /testing. GazL almost had me talked out of the autogroup change, but it's
easy to disable if traditional "nice" behavior is important to someone.
-DRM_I810 n
-INLINE_READ_UNLOCK y
-INLINE_READ_UNLOCK_IRQ y
-INLINE_SPIN_UNLOCK_IRQ y
-INLINE_WRITE_UNLOCK y
-INLINE_WRITE_UNLOCK_IRQ y
PREEMPT n -> y
PREEMPT_VOLUNTARY y -> n
SCHED_AUTOGROUP n -> y
+CEC_GPIO n
+DEBUG_PREEMPT y
+PREEMPTION y
+PREEMPT_COUNT y
+PREEMPT_DYNAMIC y
+PREEMPT_RCU y
+PREEMPT_TRACER n
+RCU_BOOST n
+TASKS_RCU y
+UNINLINE_SPIN_UNLOCK y
kde/plasma-desktop-5.23.2.1-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.0_12-x86_64-1.txz: Upgraded.
l/librsvg-2.52.3-x86_64-1.txz: Upgraded.
n/bind-9.16.22-x86_64-1.txz: Upgraded.
This update fixes bugs and the following security issue:
The "lame-ttl" option is now forcibly set to 0. This effectively disables
the lame server cache, as it could previously be abused by an attacker to
significantly degrade resolver performance.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
(* Security fix *)
n/c-ares-1.18.1-x86_64-1.txz: Upgraded.
n/samba-4.15.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20211028011107 | Patrick J Volkerding | 2021-10-28 | 1 | -2/+2 |
* | Mon Sep 20 18:49:19 UTC 2021...a/acpid-2.0.33-x86_64-1.txz: Upgraded.
n/nghttp2-1.45.0-x86_64-1.txz: Upgraded.
n/samba-4.15.0-x86_64-1.txz: Upgraded.
x/libXi-1.8-x86_64-1.txz: Upgraded.
x/libva-2.13.0-x86_64-1.txz: Upgraded.
Build with enable_va_messaging=false to avoid console spam. Thanks to GazL.
x/wayland-protocols-1.23-noarch-1.txz: Upgraded.
x/xf86-input-libinput-1.2.0-x86_64-1.txz: Upgraded.
x/xorgproto-2021.5-x86_64-1.txz: Upgraded.
xap/pan-0.147-x86_64-1.txz: Upgraded.
20210920184919 | Patrick J Volkerding | 2021-09-21 | 1 | -2/+2 |
* | Tue Aug 24 19:40:54 UTC 2021...a/openssl-solibs-1.1.1l-x86_64-1.txz: Upgraded.
kde/krita-4.4.8-x86_64-1.txz: Upgraded.
l/json-glib-1.6.6-x86_64-1.txz: Upgraded.
l/libarchive-3.5.2-x86_64-1.txz: Upgraded.
n/bluez-5.61-x86_64-1.txz: Upgraded.
n/openssl-1.1.1l-x86_64-1.txz: Upgraded.
Fixed an SM2 Decryption Buffer Overflow.
Fixed various read buffer overruns processing ASN.1 strings.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
(* Security fix *)
n/samba-4.14.7-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-91.0.2-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.0.2/releasenotes/
20210824194054 | Patrick J Volkerding | 2021-08-25 | 1 | -2/+2 |
* | Tue Jul 13 20:51:28 UTC 2021...xap/seamonkey-2.53.8-x86_64-2.txz: Rebuilt.
Fixed desktop files changing Terminal=0 to Terminal=false. Thanks to marav.
20210713205128 | Patrick J Volkerding | 2021-07-14 | 1 | -2/+2 |
* | Tue Jun 1 18:41:29 UTC 2021...l/gsl-2.7-x86_64-1.txz: Upgraded.
l/mozjs78-78.11.0esr-x86_64-1.txz: Upgraded.
n/samba-4.14.5-x86_64-1.txz: Upgraded.
20210601184129 | Patrick J Volkerding | 2021-06-02 | 1 | -2/+2 |
* | Thu Apr 29 18:49:00 UTC 2021...a/less-581.2-x86_64-1.txz: Upgraded.
ap/nano-5.7-x86_64-1.txz: Upgraded.
d/cmake-3.20.2-x86_64-1.txz: Upgraded.
n/httpd-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.14.4-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
Negative idmap cache entries can cause incorrect group entries in the
Samba file server process token.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254
https://www.samba.org/samba/security/CVE-2021-20254.html
(* Security fix *)
extra/php8/php8-8.0.5-x86_64-1.txz: Upgraded.
20210429184900 | Patrick J Volkerding | 2021-04-30 | 1 | -2/+2 |
* | Tue Apr 20 19:44:02 UTC 2021...ap/slackpkg-15.0.2-noarch-1.txz: Upgraded.
Fix break error messages (dive)
Remove now pointless if/then/else (dive)
Safer config sourcing (dive)
files/slackpkg: replace #!/bin/sh with #!/bin/bash (Eugen Wissner)
Don't create blacklist when running update (dive)
Add show-changelog & help to non-root commands (dive)
Improve search blacklisting (dive)
Fix package duplicate bug (PiterPunk)
Thanks to Robby Workman.
ap/sqlite-3.35.5-x86_64-1.txz: Upgraded.
kde/kwin-5.21.4-x86_64-2.txz: Rebuilt.
Delay closing Wayland streams. Thanks to LuckyCyborg.
kde/okteta-0.26.6-x86_64-1.txz: Upgraded.
l/libtiff-4.3.0-x86_64-1.txz: Upgraded.
n/libgcrypt-1.9.3-x86_64-1.txz: Upgraded.
n/samba-4.14.3-x86_64-1.txz: Upgraded.
x/xorg-cf-files-1.0.6-x86_64-6.txz: Rebuilt.
Patched to fix an incompatibility introduced by binutils-2.36.
Thanks to BenCollver.
xap/seamonkey-2.53.7.1-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.seamonkey-project.org/releases/seamonkey2.53.7.1
(* Security fix *)
20210420194402 | Patrick J Volkerding | 2021-04-21 | 1 | -2/+2 |
* | Wed Mar 10 20:32:52 UTC 2021...ap/vim-8.2.2585-x86_64-1.txz: Upgraded.
d/git-2.30.2-x86_64-1.txz: Upgraded.
l/python-dnspython-2.1.0-x86_64-1.txz: Added.
This is needed by samba-4.14.0.
l/python-markdown-3.3.4-x86_64-1.txz: Added.
This is needed by samba-4.14.0.
n/samba-4.14.0-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.2585-x86_64-1.txz: Upgraded.
xfce/elementary-xfce-0.15.2-x86_64-1.txz: Upgraded.
20210310203252 | Patrick J Volkerding | 2021-03-11 | 1 | -2/+2 |
* | Wed Mar 10 01:30:34 UTC 2021...a/kernel-generic-5.10.22-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.22-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.22-x86_64-1.txz: Upgraded.
a/sysklogd-2.2.2-x86_64-1.txz: Upgraded.
d/bison-3.7.6-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.22-x86-1.txz: Upgraded.
d/mercurial-5.7.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.10.22-noarch-1.txz: Upgraded.
l/netpbm-10.93.01-x86_64-1.txz: Upgraded.
n/samba-4.13.5-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.8.1-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.8.1/releasenotes/
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/linux-5.11.x/kernel-generic-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-headers-5.11.5-x86-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-huge-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-modules-5.11.5-x86_64-1.txz: Upgraded.
testing/packages/linux-5.11.x/kernel-source-5.11.5-noarch-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20210310013034 | Patrick J Volkerding | 2021-03-10 | 1 | -2/+2 |
* | Wed Jan 27 20:44:08 UTC 2021...a/kernel-generic-5.10.11-x86_64-1.txz: Upgraded.
a/kernel-huge-5.10.11-x86_64-1.txz: Upgraded.
a/kernel-modules-5.10.11-x86_64-1.txz: Upgraded.
a/libbytesize-2.5-x86_64-1.txz: Upgraded.
d/kernel-headers-5.10.11-x86-1.txz: Upgraded.
k/kernel-source-5.10.11-noarch-1.txz: Upgraded.
l/imagemagick-7.0.10_60-x86_64-1.txz: Upgraded.
l/python-urllib3-1.26.3-x86_64-1.txz: Upgraded.
n/samba-4.13.4-x86_64-1.txz: Upgraded.
x/wayland-1.19.0-x86_64-1.txz: Upgraded.
xfce/xfce4-panel-4.16.1-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20210127204408 | Patrick J Volkerding | 2021-01-28 | 1 | -2/+2 |
* | Tue Dec 15 20:39:53 UTC 2020...d/python-pip-20.3.3-x86_64-1.txz: Upgraded.
kde/sddm-0.19.0-x86_64-3.txz: Rebuilt.
In SDDM's Xsession script, don't source $HOME/.xsession as this may launch
the wrong session type or cause dbus-run-session to start twice breaking
logout.
l/orc-0.4.32-x86_64-1.txz: Upgraded.
l/pipewire-0.3.18-x86_64-1.txz: Upgraded.
l/python-chardet-4.0.0-x86_64-1.txz: Upgraded.
l/python-packaging-20.8-x86_64-1.txz: Upgraded.
n/samba-4.13.3-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-78.6.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/78.6.0/releasenotes/
xfce/mousepad-0.5.0-x86_64-1.txz: Upgraded.
20201215203953 | Patrick J Volkerding | 2020-12-16 | 1 | -2/+2 |
* | Wed Nov 4 19:33:47 UTC 2020...ap/mariadb-10.5.7-x86_64-1.txz: Upgraded.
l/libcap-2.45-x86_64-1.txz: Upgraded.
l/poppler-data-0.4.10-noarch-1.txz: Upgraded.
n/samba-4.13.2-x86_64-1.txz: Upgraded.
x/libdrm-2.4.103-x86_64-1.txz: Upgraded.
testing/packages/vtown/kde/sddm-0.18.1-x86_64-1_vtown_2.txz: Rebuilt.
Fixed installation of pam.d files. Thanks to alienBOB.
20201104193347 | Patrick J Volkerding | 2020-11-05 | 1 | -2/+2 |
* | Thu Oct 29 21:55:56 UTC 2020...a/aaa_elflibs-15.0-x86_64-26.txz: Rebuilt.
Upgraded: liblber-2.4.so.2.11.3, libldap-2.4.so.2.11.3, libmpc.so.3.2.1.
Added temporarily to allow for third-party packages to be recompiled:
libHalf.so.12.0.0, libIex-2_2.so.12.0.0, libIexMath-2_2.so.12.0.0,
libIlmImf-2_2.so.22.0.0, libIlmImfUtil-2_2.so.22.0.0,
libIlmThread-2_2.so.12.0.0, libImath-2_2.so.12.0.0,
libpoppler-qt4.so.4.11.0, libpoppler.so.79.0.0.
a/kernel-generic-5.4.73-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.73-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.73-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.73-x86-1.txz: Upgraded.
k/kernel-source-5.4.73-noarch-1.txz: Upgraded.
l/LibRaw-0.20.2-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/exiv2-0.27.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/gegl-0.4.26-x86_64-2.txz: Rebuilt.
Recompiled against openexr-2.5.3.
l/gexiv2-0.12.1-x86_64-1.txz: Upgraded.
Compiled against exiv2-0.27.3.
l/graphene-1.10.2-x86_64-1.txz: Added.
l/gst-plugins-base-1.18.1-x86_64-2.txz: Rebuilt.
Recompiled against system libgraphene.
l/ilmbase-2.2.0-x86_64-2.txz: Removed.
These libraries are now part of openexr.
l/imagemagick-7.0.10_34-x86_64-2.txz: Rebuilt.
Recompiled against LibRaw-0.20.2 and openexr-2.5.3.
l/openexr-2.5.3-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/poppler-20.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
Qt4 support dropped.
n/samba-4.13.1-x86_64-1.txz: Upgraded.
This update fixes security issues:
Missing handle permissions check in SMB1/2/3 ChangeNotify.
Denial-of-service vulnerabilities.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
(* Security fix *)
xap/geeqie-1.5.1-x86_64-2.txz: Rebuilt.
Recompiled against exiv2-0.27.3.
xap/gimp-2.10.22-x86_64-2.txz: Rebuilt.
Recompiled against openexr-2.5.3.
xap/xlockmore-5.66-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20201029215556 | Patrick J Volkerding | 2020-10-30 | 1 | -2/+2 |
* | Thu Jul 2 19:18:33 UTC 2020...d/mercurial-5.4.2-x86_64-1.txz: Upgraded.
d/nasm-2.15.02-x86_64-1.txz: Upgraded.
l/glib2-2.64.4-x86_64-1.txz: Upgraded.
n/samba-4.12.5-x86_64-1.txz: Upgraded.
x/libXaw3dXft-1.6.2g-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-68.10.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/
20200702191833 | Patrick J Volkerding | 2020-07-03 | 1 | -2/+2 |
* | Wed May 20 23:53:44 UTC 2020...a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz: Upgraded.
a/kernel-generic-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.42-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.42-x86_64-1.txz: Upgraded.
a/util-linux-2.35.2-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.42-x86-1.txz: Upgraded.
d/python-pip-20.1.1-x86_64-1.txz: Upgraded.
k/kernel-source-5.4.42-noarch-1.txz: Upgraded.
l/glib2-2.64.3-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.52.1-x86_64-1.txz: Upgraded.
n/samba-4.12.3-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20200520235344 | Patrick J Volkerding | 2020-05-21 | 1 | -2/+2 |
* | Tue Apr 28 20:18:40 UTC 2020...ap/cups-2.3.3-x86_64-1.txz: Upgraded.
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *)
l/imagemagick-7.0.10_10-x86_64-1.txz: Upgraded.
n/samba-4.12.2-x86_64-1.txz: Upgraded.
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *)
testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz: Upgraded.
This update fixes two security issues:
The ppdOpen function did not handle invalid UI constraint.
ppdcSource::get_resolution function did not handle invalid resolution strings.
The ippReadIO function may under-read an extension.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
(* Security fix *)
testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz: Upgraded.
This update fixes two security issues:
A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a
use-after-free in Samba's AD DC LDAP server.
A deeply nested filter in an un-authenticated LDAP search can exhaust the
LDAP server's stack memory causing a SIGSEGV.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704
(* Security fix *)
20200428201840 | Patrick J Volkerding | 2020-04-29 | 1 | -2/+2 |
* | Tue Apr 7 22:23:02 UTC 2020...testing/packages/PAM/samba-4.12.1-x86_64-1_pam.txz: Upgraded.
20200407222302 | Patrick J Volkerding | 2020-04-08 | 1 | -2/+2 |
* | Wed Mar 4 01:39:54 UTC 2020...xap/seamonkey-2.53.1-x86_64-2.txz: Rebuilt.
Fixed $LIBDIRSUFFIX for 32-bit. Thanks to ljb643.
20200304013954 | Patrick J Volkerding | 2020-03-04 | 1 | -2/+2 |
* | Tue Jan 28 21:39:57 UTC 2020...ap/mariadb-10.4.12-x86_64-1.txz: Upgraded.
This fixes a potential denial-of-service vulnerability.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574
(* Security fix *)
l/imagemagick-7.0.9_20-x86_64-1.txz: Upgraded.
n/dhcpcd-8.1.6-x86_64-1.txz: Upgraded.
n/samba-4.11.6-x86_64-1.txz: Upgraded.
x/mesa-19.3.3-x86_64-1.txz: Upgraded.
20200128213957 | Patrick J Volkerding | 2020-01-29 | 1 | -2/+2 |
* | Tue Jan 21 21:23:01 UTC 2020...a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
20200121212301 | Patrick J Volkerding | 2020-01-21 | 1 | -2/+2 |
* | Mon Dec 16 23:13:10 UTC 2019...a/usb_modeswitch-2.5.2-x86_64-2.txz: Rebuilt.
Seems there's a regression in usb_modeswitch-2.6.0, so let's revert to
usb_modeswitch-2.5.2 but keep the latest usb-modeswitch-data-20191128.
Thanks to Lockywolf.
l/fuse3-3.9.0-x86_64-2.txz: Rebuilt.
Install fuse.conf as fuse.conf.new. This won't prevent an existing config
file from being overwritten with this upgrade, but it will prevent that
from happening again moving forward. Thanks to chrisVV.
20191216231310 | Patrick J Volkerding | 2019-12-17 | 1 | -2/+2 |
* | Tue Dec 10 18:52:42 UTC 2019...l/dconf-0.34.0-x86_64-2.txz: Rebuilt.
Rebuilt using the sed replacements suggested by LFS. This fixes a
subsequent build of dconf-editor.
l/glib-networking-2.62.2-x86_64-1.txz: Upgraded.
n/samba-4.11.3-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Samba AD DC zone-named record Denial of Service in DNS management server.
DelegationNotAllowed was not enforced in protocol transition on Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870
(* Security fix *)
x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded.
20191210185242 | Patrick J Volkerding | 2019-12-11 | 1 | -2/+2 |
* | Tue Oct 29 20:09:01 UTC 2019...a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt.
Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2,
libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2.
Added: libgomp.so.1.0.0.
a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded.
ap/sudo-1.8.29-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.81-x86-1.txz: Upgraded.
d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.81-noarch-1.txz: Upgraded.
l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded.
n/samba-4.11.2-x86_64-1.txz: Upgraded.
This update fixes bugs and these security issues:
Client code can return filenames containing path separators.
Samba AD DC check password script does not receive the full password.
User with "get changes" permission can crash AD DC LDAP server via dirsync.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10218.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218
https://www.samba.org/samba/security/CVE-2019-14833.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833
https://www.samba.org/samba/security/CVE-2019-14847.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847
(* Security fix *)
x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt.
Applied upstream patches to fix EGL/eglplatform.h.
x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt.
#define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0.
x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt.
x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20191029200901 | Patrick J Volkerding | 2019-10-30 | 1 | -2/+2 |
* | Fri Oct 18 21:00:50 UTC 2019...a/getty-ps-2.1.0b-x86_64-4.txz: Removed.
a/lha-114i-x86_64-2.txz: Removed.
Removed due to vague licensing terms.
a/lhasa-0.3.1-x86_64-1.txz: Added.
This is an extraction-only LHA utility with an OSI approved license.
a/shadow-4.7-x86_64-2.txz: Rebuilt.
Added /etc/environment.new to fix "sudo -i" noise.
ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded.
ap/vim-8.1.2174-x86_64-1.txz: Upgraded.
l/netpbm-10.88.00-x86_64-1.txz: Upgraded.
n/ca-certificates-20191018-noarch-1.txz: Upgraded.
n/samba-4.11.1-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded.
xap/xfractint-20.04p13-x86_64-2.txz: Removed.
xap/xv-3.10a-x86_64-9.txz: Removed.
extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt.
Moved here from the A series due to commercial use restrictions.
extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded.
Moved here from the XAP series due to commercial use restrictions.
extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt.
Moved here from the XAP series due to non-commercial use shareware license.
20191018210050 | Patrick J Volkerding | 2019-10-19 | 1 | -2/+2 |
* | Mon Oct 7 04:41:29 UTC 2019...a/aaa_elflibs-15.0-x86_64-12.txz: Rebuilt.
Upgraded: libexpat.so.1.6.11, libglib-2.0.so.0.6200.1,
libgmodule-2.0.so.0.6200.1, libgobject-2.0.so.0.6200.1,
libgthread-2.0.so.0.6200.1.
Added temporarily until third party packages have been recompiled:
libicudata.so.64.2, libicui18n.so.64.2, libicuio.so.64.2,
libicutest.so.64.2, libicutu.so.64.2, libicuuc.so.64.2.
a/xfsprogs-5.2.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
ap/sqlite-3.30.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
kde/calligra-2.9.11-x86_64-32.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/boost-1.71.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/harfbuzz-2.6.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/icu4c-65.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libical-3.0.6-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/libvisio-0.1.7-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/qt-4.8.7-x86_64-14.txz: Rebuilt.
Recompiled against icu4c-65.1.
l/raptor2-2.0.15-x86_64-8.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/dovecot-2.3.7.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/php-7.3.10-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/postfix-3.4.7-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-65.1.
n/samba-4.11.0-x86_64-1.txz: Upgraded.
n/tin-2.4.3-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
t/texlive-2019.190626-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-65.1.
20191007044129 | Patrick J Volkerding | 2019-10-07 | 1 | -2/+2 |
* | Tue Sep 3 19:30:54 UTC 2019...l/dbus-python-1.2.10-x86_64-1.txz: Upgraded.
l/glib2-2.60.7-x86_64-1.txz: Upgraded.
l/librsvg-2.44.15-x86_64-1.txz: Upgraded.
l/pyparsing-2.4.2-x86_64-1.txz: Upgraded.
n/samba-4.10.8-x86_64-1.txz: Upgraded.
This update addresses a security issue:
On a Samba SMB server for all versions of Samba from 4.9.0 clients are
able to escape outside the share root directory if certain
configuration parameters set in the smb.conf file.
For more information, see:
https://www.samba.org/samba/security/CVE-2019-10197.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10197
(* Security fix *)
20190903193054 | Patrick J Volkerding | 2019-09-04 | 1 | -2/+2 |
* | Thu Aug 22 18:57:26 UTC 2019...a/kernel-firmware-20190821_c0fb3d9-noarch-1.txz: Upgraded.
a/xfsprogs-5.2.1-x86_64-1.txz: Upgraded.
ap/cups-filters-1.25.3-x86_64-1.txz: Upgraded.
d/python-setuptools-41.2.0-x86_64-1.txz: Upgraded.
d/swig-4.0.1-x86_64-1.txz: Upgraded.
n/bind-9.14.5-x86_64-1.txz: Upgraded.
n/dhcpcd-8.0.3-x86_64-1.txz: Upgraded.
n/samba-4.10.7-x86_64-1.txz: Upgraded.
xap/geeqie-1.5.1-x86_64-1.txz: Upgraded.
20190822185726 | Patrick J Volkerding | 2019-08-23 | 1 | -2/+2 |
* | Wed Jul 10 23:56:13 UTC 2019...a/glibc-zoneinfo-2019b-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.58-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.58-x86_64-1.txz: Upgraded.
d/Cython-0.29.12-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.58-x86-1.txz: Upgraded.
d/mercurial-5.0.2-x86_64-1.txz: Upgraded.
d/python3-3.7.4-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.58-noarch-1.txz: Upgraded.
l/glib2-2.60.5-x86_64-1.txz: Upgraded.
n/gnupg2-2.2.17-x86_64-1.txz: Upgraded.
n/iproute2-5.2.0-x86_64-1.txz: Upgraded.
n/samba-4.10.6-x86_64-1.txz: Upgraded.
x/libva-utils-2.5.0-x86_64-1.txz: Upgraded.
x/mesa-19.1.2-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements. Some of the patched
flaws are considered critical, and could be used to run attacker code and
install software, requiring no user interaction beyond normal browsing.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
(* Security fix *)
xap/mozilla-thunderbird-60.8.0-x86_64-1.txz: Upgraded.
This is a bugfix release.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/60.8.0/releasenotes/
xfce/garcon-0.6.3-x86_64-2.txz: Rebuilt.
Patched crash bug.
Installed gtk-doc HTML docs.
Thanks to Robby Workman.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/blueman-2.1.1-x86_64-1.txz: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20190710235613 | Patrick J Volkerding | 2019-07-11 | 1 | -2/+2 |
* | Wed May 22 23:30:54 UTC 2019...a/kernel-generic-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.45-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.45-x86_64-1.txz: Upgraded.
ap/texinfo-6.6-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
ap/vim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
d/bison-3.4.1-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.45-x86-1.txz: Upgraded.
d/parallel-20190522-noarch-1.txz: Upgraded.
d/perl-5.30.0-x86_64-1.txz: Upgraded.
Module upgraded: Net-SSLeay-1.88
d/strace-5.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.45-noarch-1.txz: Upgraded.
kde/perlkde-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against perl-5.30.0.
kde/perlqt-4.14.3-x86_64-9.txz: Rebuilt.
Recompiled against perl-5.30.0.
l/glib2-2.60.3-x86_64-1.txz: Upgraded.
n/curl-7.65.0-x86_64-1.txz: Upgraded.
This release fixes the following security issues:
Integer overflows in curl_url_set
tftp: use the current blksize for recvfrom()
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
(* Security fix *)
n/epic5-2.1.1-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/irssi-1.2.0-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/net-snmp-5.8-x86_64-5.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/ntp-4.2.8p13-x86_64-2.txz: Rebuilt.
Recompiled against perl-5.30.0.
n/samba-4.10.4-x86_64-1.txz: Upgraded.
x/mesa-19.0.5-x86_64-1.txz: Upgraded.
xap/hexchat-2.14.2-x86_64-4.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/rxvt-unicode-9.22-x86_64-7.txz: Rebuilt.
Recompiled against perl-5.30.0.
xap/vim-gvim-8.1.1365-x86_64-1.txz: Upgraded.
Compiled against perl-5.30.0.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20190522233054 | Patrick J Volkerding | 2019-05-23 | 1 | -2/+2 |
* | Thu May 16 04:55:49 UTC 2019...a/kernel-firmware-20190514_711d329-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.43-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.43-x86_64-1.txz: Upgraded.
ap/hplip-3.19.5-x86_64-1.txz: Upgraded.
ap/mariadb-10.3.15-x86_64-1.txz: Upgraded.
This update fixes denial-of-service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2628
(* Security fix *)
d/cmake-3.14.4-x86_64-1.txz: Upgraded.
d/gcc-9.1.0-x86_64-5.txz: Rebuilt.
Rebuilt with --enable-clocale=gnu. This is recommended by Linux From
Scratch, and while it doesn't seem to fix the issue with kernel compiles
failing with some locales, it probably doesn't hurt.
d/gcc-brig-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-g++-9.1.0-x86_64-5.txz: Rebuilt.
Applied patch: PR libstdc++/90397 fix std::variant friend declaration
This fixes problems compiling programs that use std::variant with clang.
Thanks to orbea.
d/gcc-gdc-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gfortran-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-gnat-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-go-9.1.0-x86_64-5.txz: Rebuilt.
d/gcc-objc-9.1.0-x86_64-5.txz: Rebuilt.
d/kernel-headers-4.19.43-x86-1.txz: Upgraded.
d/rust-1.34.2-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.43-noarch-1.txz: Upgraded.
l/librsvg-2.44.14-x86_64-1.txz: Upgraded.
n/samba-4.10.3-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defect:
The checksum validation in the S4U2Self handler in the embedded Heimdal KDC
did not first confirm that the checksum was keyed, allowing replacement of
the requested target (client) principal.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16860
(* Security fix *)
x/xterm-345-x86_64-1.txz: Upgraded.
xap/rdesktop-1.8.5-x86_64-1.txz: Upgraded.
This update fixes security issues:
Add bounds checking to protocol handling in order to fix many
security problems when communicating with a malicious server.
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20190516045549 | Patrick J Volkerding | 2019-05-16 | 1 | -2/+2 |
* | Mon Apr 8 20:39:32 UTC 2019...a/glibc-zoneinfo-2019a-noarch-1.txz: Upgraded.
a/grub-2.02-x86_64-5.txz: Rebuilt.
Support F2FS filesystem. Thanks to Nille_kungen.
ap/cups-filters-1.22.5-x86_64-1.txz: Upgraded.
ap/itstool-2.0.6-x86_64-1.txz: Upgraded.
d/python-setuptools-41.0.0-x86_64-1.txz: Upgraded.
l/gobject-introspection-1.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_39-x86_64-1.txz: Upgraded.
l/libcroco-0.6.13-x86_64-1.txz: Upgraded.
l/libnotify-0.7.8-x86_64-1.txz: Upgraded.
n/cifs-utils-6.9-x86_64-1.txz: Upgraded.
n/nfs-utils-2.3.3-x86_64-2.txz: Rebuilt.
Include recovery directory. Thanks to upnort.
n/samba-4.10.2-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
World writable files in Samba AD DC private/ dir.
Save registry file outside share as unprivileged user.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3880
(* Security fix *)
x/libva-2.4.1-x86_64-1.txz: Upgraded.
x/pixman-0.38.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.10-x86_64-1.txz: Upgraded.
20190408203932 | Patrick J Volkerding | 2019-04-09 | 1 | -2/+2 |
* | Thu Apr 4 00:45:18 UTC 2019...a/aaa_elflibs-15.0-x86_64-7.txz: Rebuilt.
Added: libhistory.so.8.0, libreadline.so.8.0.
a/gawk-4.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
a/kernel-generic-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.33-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.33-x86_64-1.txz: Upgraded.
a/util-linux-2.33.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/bc-1.07.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gphoto2-2.5.20-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/gutenprint-5.3.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
ap/mariadb-10.3.14-x86_64-1.txz: Upgraded.
ap/xorriso-1.5.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/clisp-2.49_20181112_df3b9f6fd-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/gdb-8.2.1-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/guile-2.2.4-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/kernel-headers-4.19.33-x86-1.txz: Upgraded.
d/python-2.7.16-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/python3-3.7.3-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
d/ruby-2.6.2-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
k/kernel-source-4.19.33-noarch-1.txz: Upgraded.
kde/analitza-4.14.3-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/fluidsynth-1.1.11-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/gdbm-1.18.1-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/hunspell-1.6.2-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/mozjs52-52.9.0esr-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/parted-3.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pcre2-10.32-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/pilot-link-0.12.5-x86_64-14.txz: Rebuilt.
Recompiled against readline-8.0.000.
l/readline-8.0.000-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.16.0-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/bluez-5.50-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg-1.4.23-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnupg2-2.2.15-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/gnutls-3.6.7.1-x86_64-1.txz: Upgraded.
n/lftp-4.8.4-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/netkit-ftp-0.17-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/nftables-0.9.0-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/php-7.2.17-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
rename() across the device may allow unwanted access during processing.
(* Security fix *)
n/samba-4.10.1-x86_64-1.txz: Upgraded.
Compiled against readline-8.0.000.
n/tftp-hpa-5.2-x86_64-5.txz: Rebuilt.
Recompiled against readline-8.0.000.
n/wpa_supplicant-2.7-x86_64-4.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/fvwm-2.6.8-x86_64-2.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gftp-2.0.19-x86_64-8.txz: Rebuilt.
Recompiled against readline-8.0.000.
xap/gnuchess-6.2.5-x86_64-4.txz: Rebuilt.
xap/xine-ui-0.99.10-x86_64-3.txz: Rebuilt.
Recompiled against readline-8.0.000.
extra/pure-alsa-system/fluidsynth-1.1.11-x86_64-2_alsa.txz: Rebuilt.
Recompiled against readline-8.0.000.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20190404004518 | Patrick J Volkerding | 2019-04-04 | 1 | -2/+2 |
* | Tue Mar 19 20:06:28 UTC 2019...a/bash-5.0.003-x86_64-1.txz: Upgraded.
a/kernel-firmware-20190314_7bc2464-noarch-1.txz: Upgraded.
a/kernel-generic-4.19.30-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.30-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.30-x86_64-1.txz: Upgraded.
d/help2man-1.47.9-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.30-x86-1.txz: Upgraded.
d/strace-5.0-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.30-noarch-1.txz: Upgraded.
n/gnupg2-2.2.14-x86_64-1.txz: Upgraded.
n/libgpg-error-1.36-x86_64-1.txz: Upgraded.
n/samba-4.10.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20190319200628 | Patrick J Volkerding | 2019-03-20 | 1 | -2/+2 |
* | Tue Mar 12 20:03:46 UTC 2019...a/kernel-firmware-20190312_b0d9583-noarch-1.txz: Upgraded.
l/at-spi2-atk-2.32.0-x86_64-1.txz: Upgraded.
l/at-spi2-core-2.32.0-x86_64-1.txz: Upgraded.
l/atk-2.32.0-x86_64-1.txz: Upgraded.
l/dconf-0.32.0-x86_64-1.txz: Upgraded.
l/dconf-editor-3.32.0-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.0-x86_64-1.txz: Upgraded.
l/gsettings-desktop-schemas-3.32.0-x86_64-1.txz: Upgraded.
l/gvfs-1.40.0-x86_64-1.txz: Upgraded.
l/libsoup-2.66.0-x86_64-1.txz: Upgraded.
l/vte-0.56.0-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20190116-x86_64-1.txz: Upgraded.
n/samba-4.9.5-x86_64-1.txz: Upgraded.
x/liberation-fonts-ttf-2.00.5-noarch-1.txz: Upgraded.
xap/gucharmap-12.0.0-x86_64-1.txz: Upgraded.
20190312200346 | Patrick J Volkerding | 2019-03-13 | 1 | -2/+2 |
* | Sat Dec 22 04:38:27 UTC 2018...a/coreutils-8.30-x86_64-3.txz: Rebuilt.
Support tmux terms in DIR_COLORS. Thanks to qunying.
a/grep-3.3-x86_64-1.txz: Upgraded.
a/kernel-generic-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.12-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.12-x86_64-1.txz: Upgraded.
a/sed-4.7-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.12-x86-1.txz: Upgraded.
d/rust-1.31.1-x86_64-1.txz: Upgraded.
k/kernel-source-4.19.12-noarch-1.txz: Upgraded.
l/graphite2-1.3.13-x86_64-1.txz: Upgraded.
l/harfbuzz-2.3.0-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_19-x86_64-1.txz: Upgraded.
l/lmdb-0.9.23-x86_64-1.txz: Upgraded.
l/v4l-utils-1.16.3-x86_64-1.txz: Upgraded.
n/netatalk-3.1.12-x86_64-1.txz: Upgraded.
Netatalk before 3.1.12 is vulnerable to an out of bounds write in
dsi_opensess.c. This is due to lack of bounds checking on attacker
controlled data. A remote unauthenticated attacker can leverage
this vulnerability to achieve arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
(* Security fix *)
n/openldap-client-2.4.47-x86_64-1.txz: Upgraded.
n/samba-4.9.4-x86_64-1.txz: Upgraded.
x/intel-vaapi-driver-2.3.0-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20181222043827 | Patrick J Volkerding | 2018-12-22 | 1 | -2/+2 |
* | Thu Nov 29 05:53:27 UTC 2018...a/sysvinit-scripts-2.1-noarch-23.txz: Rebuilt.
rc.S: simplify test for F2FS filesystem on /. Thanks to GazL.
ap/soma-3.2.0-noarch-1.txz: Upgraded.
d/cmake-3.13.1-x86_64-1.txz: Upgraded.
l/jansson-2.12-x86_64-1.txz: Upgraded.
n/rp-pppoe-3.13-x86_64-1.txz: Upgraded.
n/samba-4.9.3-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD
Internal DNS server
CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT
CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server
CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers
CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos
configuration (unsupported)
CVE-2018-16857: Bad password count in AD DC not always effective
For more information, see:
https://www.samba.org/samba/security/CVE-2018-14629.html
https://www.samba.org/samba/security/CVE-2018-16841.html
https://www.samba.org/samba/security/CVE-2018-16851.html
https://www.samba.org/samba/security/CVE-2018-16852.html
https://www.samba.org/samba/security/CVE-2018-16853.html
https://www.samba.org/samba/security/CVE-2018-16857.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16857
(* Security fix *)
x/mesa-18.2.6-x86_64-1.txz: Upgraded.
x/vulkan-sdk-1.1.92.1-x86_64-1.txz: Upgraded.
20181129055327 | Patrick J Volkerding | 2018-11-29 | 1 | -2/+2 |
* | Fri Nov 9 02:42:22 UTC 2018...a/efibootmgr-16-x86_64-2.txz: Rebuilt.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/efivar-35-x86_64-1.txz: Upgraded.
Reverted to previous version. We'd tried this before and it still doesn't
work. Thanks to _RDS_.
a/hwdata-0.317-noarch-1.txz: Upgraded.
a/lvm2-2.03.01-x86_64-1.txz: Upgraded.
a/quota-4.04-x86_64-1.txz: Upgraded.
ap/cups-2.2.9-x86_64-1.txz: Upgraded.
ap/sysstat-12.0.2-x86_64-1.txz: Upgraded.
d/cscope-15.9-x86_64-1.txz: Upgraded.
d/distcc-3.3.2-x86_64-1.txz: Upgraded.
d/nasm-2.14-x86_64-1.txz: Upgraded.
d/oprofile-1.3.0-x86_64-1.txz: Upgraded.
d/rust-1.30.1-x86_64-1.txz: Upgraded.
l/elfutils-0.174-x86_64-1.txz: Upgraded.
l/shared-mime-info-1.10-x86_64-1.txz: Upgraded.
n/samba-4.9.2-x86_64-1.txz: Upgraded.
xap/gimp-2.10.8-x86_64-1.txz: Upgraded.
20181109024222 | Patrick J Volkerding | 2018-11-09 | 1 | -2/+2 |
* | Tue Oct 23 05:11:47 UTC 2018...a/kernel-generic-4.19.0-x86_64-1.txz: Upgraded.
a/kernel-huge-4.19.0-x86_64-1.txz: Upgraded.
a/kernel-modules-4.19.0-x86_64-1.txz: Upgraded.
d/kernel-headers-4.19.0-x86-1.txz: Upgraded.
d/parallel-20181022-noarch-1.txz: Upgraded.
k/kernel-source-4.19.0-noarch-1.txz: Upgraded.
[581 lines of diffconfig output omitted here]
l/alsa-plugins-1.1.7-x86_64-3.txz: Rebuilt.
Reverted two patches that have been reported to cause crashes with USB audio
devices. Thanks to Jean-Philippe Guillemin.
l/harfbuzz-1.9.0-x86_64-2.txz: Rebuilt.
Reverted (for now) to harfbuzz-1.9.0 to fix build failures with texlive, php,
and calligra caused by API changes. Thanks to nobodino.
l/libpng-1.6.35-x86_64-1.txz: Upgraded.
n/samba-4.9.1-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-60.3.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
extra/pure-alsa-system/alsa-plugins-1.1.7-x86_64-3_alsa.txz: Rebuilt.
Reverted two patches that have been reported to cause crashes with USB audio
devices. Thanks to Jean-Philippe Guillemin.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20181023051147 | Patrick J Volkerding | 2018-10-23 | 1 | -2/+2 |
* | Fri Sep 14 23:06:26 UTC 2018...ap/hplip-3.18.7-x86_64-3.txz: Rebuilt.
Throw away the broken and ill-advised libImageProcessor closed-source blob.
Thanks to Matteo Bernardini.
ap/zsh-5.6.2-x86_64-1.txz: Upgraded.
d/rust-1.29.0-x86_64-1.txz: Upgraded.
l/lmdb-0.9.22-x86_64-1.txz: Added.
This is a new dependency of Samba.
n/php-7.2.10-x86_64-1.txz: Upgraded.
This is a security release which also contains several minor bug fixes.
For more information, see:
https://php.net/ChangeLog-7.php#7.2.10
(* Security fix *)
n/samba-4.9.0-x86_64-1.txz: Upgraded.
x/xf86-video-amdgpu-18.1.0-x86_64-1.txz: Upgraded.
x/xf86-video-ati-18.1.0-x86_64-1.txz: Upgraded.
20180914230626 | Patrick J Volkerding | 2018-09-15 | 1 | -2/+2 |
* | Mon Aug 27 20:27:22 UTC 2018...a/kernel-firmware-20180825_fea76a0-noarch-1.txz: Upgraded.
ap/vim-8.1.0328-x86_64-1.txz: Upgraded.
d/meson-0.47.2-x86_64-1.txz: Upgraded.
d/python-setuptools-40.2.0-x86_64-1.txz: Upgraded.
l/python-certifi-2018.8.24-x86_64-1.txz: Upgraded.
l/python-idna-2.7-x86_64-1.txz: Upgraded.
l/python-packaging-17.1-x86_64-1.txz: Upgraded.
l/python-pillow-5.2.0-x86_64-1.txz: Upgraded.
l/python-requests-2.19.1-x86_64-1.txz: Upgraded.
l/python-urllib3-1.23-x86_64-1.txz: Upgraded.
l/talloc-2.1.14-x86_64-1.txz: Upgraded.
l/tdb-1.3.16-x86_64-1.txz: Upgraded.
l/tevent-0.9.37-x86_64-1.txz: Upgraded.
n/ethtool-4.18-x86_64-1.txz: Upgraded.
n/openssh-7.8p1-x86_64-1.txz: Upgraded.
n/samba-4.8.5-x86_64-1.txz: Upgraded.
x/xauth-1.0.10-x86_64-3.txz: Rebuilt.
Patched to fix a bug where changing the hostname caused X access to be lost.
Thanks to TurboBlaze.
xap/vim-gvim-8.1.0328-x86_64-1.txz: Upgraded.
20180827202722 | Patrick J Volkerding | 2018-08-28 | 1 | -2/+2 |
* | Sat Aug 18 02:09:51 UTC 2018...a/kernel-generic-4.14.64-x86_64-1.txz: Upgraded.
a/kernel-huge-4.14.64-x86_64-1.txz: Upgraded.
a/kernel-modules-4.14.64-x86_64-1.txz: Upgraded.
d/kernel-headers-4.14.64-x86-1.txz: Upgraded.
k/kernel-source-4.14.64-noarch-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
20180818020951 | Patrick J Volkerding | 2018-08-18 | 1 | -2/+2 |
* | Mon May 28 19:12:29 UTC 2018...a/pkgtools-15.0-noarch-13.txz: Rebuilt.
installpkg: default line length for --terselength is the number of columns.
removepkg: added --terse mode.
upgradepkg: default line length for --terselength is the number of columns.
upgradepkg: accept -option in addition to --option.
ap/vim-8.1.0026-x86_64-1.txz: Upgraded.
d/bison-3.0.5-x86_64-1.txz: Upgraded.
e/emacs-26.1-x86_64-1.txz: Upgraded.
kde/kopete-4.14.3-x86_64-8.txz: Rebuilt.
Recompiled against libidn-1.35.
n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded.
n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded.
n/libnftnl-1.1.0-x86_64-1.txz: Upgraded.
n/links-2.16-x86_64-2.txz: Rebuilt.
Rebuilt to enable X driver for -g mode.
n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded.
n/nftables-0.8.5-x86_64-1.txz: Upgraded.
n/p11-kit-0.23.11-x86_64-1.txz: Upgraded.
n/ulogd-2.0.7-x86_64-1.txz: Upgraded.
n/whois-5.3.1-x86_64-1.txz: Upgraded.
xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded.
20180528191229 | Patrick J Volkerding | 2018-05-31 | 1 | -0/+2 |