summaryrefslogtreecommitdiffstats
path: root/source/n/samba/samba.url (follow)
Commit message (Expand)AuthorAgeFilesLines
* Tue Oct 17 19:34:56 UTC 2023...a/util-linux-2.39.2-x86_64-2.txz: Rebuilt. Copy /etc/pam.d/login to /etc/pam.d/remote. This is needed for /bin/login's '-h' option, used (for example) by telnetd. If -h is used without /etc/pam.d/remote, pam will not be configured properly, and /etc/securetty will be ignored, possibly allowing root to login from a tty that is not considered secure. Of course, the usual disclaimers about the security of telnet/telnetd apply. Thanks to HytronBG and Petri Kaukasoina. (* Security fix *) ap/qpdf-11.6.3-x86_64-1.txz: Upgraded. d/llvm-17.0.3-x86_64-1.txz: Upgraded. l/libjpeg-turbo-3.0.1-x86_64-1.txz: Upgraded. l/tevent-0.16.0-x86_64-1.txz: Upgraded. n/samba-4.19.2-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: Heap buffer overflow with freshness tokens in the Heimdal KDC in Samba 4.19. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-5568 (* Security fix *) x/OpenCC-1.1.7-x86_64-1.txz: Upgraded. xfce/xfconf-4.18.2-x86_64-1.txz: Upgraded. 20231017193456 Patrick J Volkerding2023-10-171-2/+2
* Wed Oct 11 06:37:21 UTC 2023...a/kernel-generic-6.1.57-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.57-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.57-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.57-x86-1.txz: Upgraded. k/kernel-source-6.1.57-noarch-1.txz: Upgraded. n/c-ares-1.20.1-x86_64-1.txz: Upgraded. n/curl-8.4.0-x86_64-1.txz: Upgraded. This update fixes security issues: Cookie injection with none file. SOCKS5 heap buffer overflow. For more information, see: https://curl.se/docs/CVE-2023-38546.html https://curl.se/docs/CVE-2023-38545.html https://www.cve.org/CVERecord?id=CVE-2023-38546 https://www.cve.org/CVERecord?id=CVE-2023-38545 (* Security fix *) n/nghttp2-1.57.0-x86_64-1.txz: Upgraded. This release has a fix to mitigate the HTTP/2 Rapid Reset vulnerability. For more information, see: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg https://www.cve.org/CVERecord?id=CVE-2023-44487 (* Security fix *) n/samba-4.19.1-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. For more information, see: https://www.samba.org/samba/security/CVE-2023-3961.html https://www.samba.org/samba/security/CVE-2023-4091.html https://www.samba.org/samba/security/CVE-2023-4154.html https://www.samba.org/samba/security/CVE-2023-42669.html https://www.samba.org/samba/security/CVE-2023-42670.html https://www.cve.org/CVERecord?id=CVE-2023-3961 https://www.cve.org/CVERecord?id=CVE-2023-4091 https://www.cve.org/CVERecord?id=CVE-2023-4154 https://www.cve.org/CVERecord?id=CVE-2023-42669 https://www.cve.org/CVERecord?id=CVE-2023-42670 (* Security fix *) xap/mozilla-thunderbird-115.3.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/115.3.2/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20231011063721 Patrick J Volkerding2023-10-111-2/+2
* Mon Sep 4 20:13:03 UTC 2023...ap/vim-9.0.1863-x86_64-1.txz: Upgraded. Compiled with --enable-luainterp=dynamic. l/gtk4-4.12.1-x86_64-1.txz: Upgraded. n/nghttp2-1.56.0-x86_64-1.txz: Upgraded. n/samba-4.19.0-x86_64-1.txz: Upgraded. xap/freerdp-2.11.1-x86_64-1.txz: Upgraded. xap/vim-gvim-9.0.1863-x86_64-1.txz: Upgraded. Compiled with --enable-luainterp=dynamic. 20230904201303 Patrick J Volkerding2023-09-041-2/+2
* Thu Aug 17 20:58:16 UTC 2023...a/util-linux-2.39.2-x86_64-1.txz: Upgraded. ap/screen-4.9.1-x86_64-1.txz: Upgraded. d/cmake-3.27.3-x86_64-1.txz: Upgraded. kde/attica-5.109.0-x86_64-1.txz: Upgraded. kde/baloo-5.109.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.109.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.109.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.109.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.109.0-x86_64-1.txz: Upgraded. kde/kactivities-5.109.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.109.0-x86_64-1.txz: Upgraded. kde/kapidox-5.109.0-x86_64-1.txz: Upgraded. kde/karchive-5.109.0-x86_64-1.txz: Upgraded. kde/kauth-5.109.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.109.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.109.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.109.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.109.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.109.0-x86_64-1.txz: Upgraded. kde/kconfig-5.109.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.109.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.109.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.109.0-x86_64-1.txz: Upgraded. kde/kcrash-5.109.0-x86_64-1.txz: Upgraded. kde/kdav-5.109.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.109.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.109.0-x86_64-1.txz: Upgraded. kde/kded-5.109.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.109.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.109.0-x86_64-1.txz: Upgraded. kde/kdesu-5.109.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.109.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.109.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.109.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.109.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.109.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.109.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.109.0-x86_64-1.txz: Upgraded. kde/kholidays-5.109.0-x86_64-1.txz: Upgraded. kde/khtml-5.109.0-x86_64-1.txz: Upgraded. kde/ki18n-5.109.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.109.0-x86_64-1.txz: Upgraded. kde/kidletime-5.109.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.109.0-x86_64-1.txz: Upgraded. kde/kinit-5.109.0-x86_64-1.txz: Upgraded. kde/kio-5.109.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.109.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.109.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.109.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.109.0-x86_64-1.txz: Upgraded. kde/kjs-5.109.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.109.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.109.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.109.0-x86_64-1.txz: Upgraded. kde/knotifications-5.109.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.109.0-x86_64-1.txz: Upgraded. kde/kpackage-5.109.0-x86_64-1.txz: Upgraded. kde/kparts-5.109.0-x86_64-1.txz: Upgraded. kde/kpeople-5.109.0-x86_64-1.txz: Upgraded. kde/kplotting-5.109.0-x86_64-1.txz: Upgraded. kde/kpty-5.109.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.109.0-x86_64-1.txz: Upgraded. kde/kross-5.109.0-x86_64-1.txz: Upgraded. kde/krunner-5.109.0-x86_64-1.txz: Upgraded. kde/kservice-5.109.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.109.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.109.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.109.0-x86_64-1.txz: Upgraded. kde/kwallet-5.109.0-x86_64-1.txz: Upgraded. kde/kwayland-5.109.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.109.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.109.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.109.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.109.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.109.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.109.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.109.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.109.0-x86_64-1.txz: Upgraded. kde/prison-5.109.0-x86_64-1.txz: Upgraded. kde/purpose-5.109.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.109.0-x86_64-1.txz: Upgraded. kde/solid-5.109.0-x86_64-1.txz: Upgraded. kde/sonnet-5.109.0-x86_64-1.txz: Upgraded. kde/syndication-5.109.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.109.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.109.0-x86_64-1.txz: Upgraded. n/samba-4.18.6-x86_64-1.txz: Upgraded. x/libxcb-1.16-x86_64-1.txz: Upgraded. x/xcb-proto-1.16.0-x86_64-1.txz: Upgraded. 20230817205816 Patrick J Volkerding2023-08-171-2/+2
* Wed Jul 19 20:36:46 UTC 2023...a/kernel-firmware-20230707_d3f6606-noarch-1.txz: Upgraded. a/kernel-generic-6.1.39-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.39-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.39-x86_64-1.txz: Upgraded. a/xfsprogs-6.4.0-x86_64-1.txz: Upgraded. d/cmake-3.27.0-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.39-x86-1.txz: Upgraded. k/kernel-source-6.1.39-noarch-1.txz: Upgraded. l/mpfr-4.2.0p12-x86_64-1.txz: Upgraded. n/bind-9.18.17-x86_64-1.txz: Upgraded. n/curl-8.2.0-x86_64-1.txz: Upgraded. This update fixes a security issue: fopen race condition. For more information, see: https://curl.se/docs/CVE-2023-32001.html https://www.cve.org/CVERecord?id=CVE-2023-32001 (* Security fix *) n/dhcpcd-10.0.2-x86_64-1.txz: Upgraded. n/openssh-9.3p2-x86_64-1.txz: Upgraded. This update fixes a security issue: ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code execution relating to PKCS#11 providers. The PKCS#11 support ssh-agent(1) could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met: * Exploitation requires the presence of specific libraries on the victim system. * Remote exploitation requires that the agent was forwarded to an attacker-controlled system. Exploitation can also be prevented by starting ssh-agent(1) with an empty PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that contains only specific provider libraries. This vulnerability was discovered and demonstrated to be exploitable by the Qualys Security Advisory team. Potentially-incompatible changes: * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules issued by remote clients by default. A flag has been added to restore the previous behaviour: "-Oallow-remote-pkcs11". For more information, see: https://www.openssh.com/txt/release-9.3p2 https://www.cve.org/CVERecord?id=CVE-2023-38408 (* Security fix *) n/samba-4.18.5-x86_64-1.txz: Upgraded. This update fixes security issues: When winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in winbind and possibly crash it. SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be triggered by an unauthenticated attacker by issuing a malformed RPC request. Missing type validation in Samba's mdssvc RPC service for Spotlight can be used by an unauthenticated attacker to trigger a process crash in a shared RPC mdssvc worker process. As part of the Spotlight protocol Samba discloses the server-side absolute path of shares and files and directories in search results. For more information, see: https://www.samba.org/samba/security/CVE-2022-2127.html https://www.samba.org/samba/security/CVE-2023-3347.html https://www.samba.org/samba/security/CVE-2023-34966.html https://www.samba.org/samba/security/CVE-2023-34967.html https://www.samba.org/samba/security/CVE-2023-34968.html https://www.cve.org/CVERecord?id=CVE-2022-2127 https://www.cve.org/CVERecord?id=CVE-2023-3347 https://www.cve.org/CVERecord?id=CVE-2023-34966 https://www.cve.org/CVERecord?id=CVE-2023-34967 https://www.cve.org/CVERecord?id=CVE-2023-34968 (* Security fix *) xap/mozilla-firefox-115.0.3esr-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/115.0.3esr/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230719203646 Patrick J Volkerding2023-07-191-2/+2
* Wed Jul 5 21:02:14 UTC 2023...a/kernel-generic-6.1.38-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.38-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.38-x86_64-1.txz: Upgraded. a/upower-1.90.1-x86_64-1.txz: Upgraded. a/util-linux-2.39.1-x86_64-3.txz: Rebuilt. Use --disable-libmount-mountfd-support for now to avoid breaking overlayfs. d/kernel-headers-6.1.38-x86-1.txz: Upgraded. k/kernel-source-6.1.38-noarch-1.txz: Upgraded. l/nodejs-20.4.0-x86_64-1.txz: Upgraded. n/samba-4.18.4-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230705210214 Patrick J Volkerding2023-07-051-2/+2
* Fri Jun 2 20:56:35 UTC 2023...a/hwdata-0.371-noarch-1.txz: Upgraded. ap/cups-2.4.3-x86_64-1.txz: Upgraded. Fixed a heap buffer overflow in _cups_strlcpy(), when the configuration file cupsd.conf sets the value of loglevel to DEBUG, that could allow a remote attacker to launch a denial of service (DoS) attack, or possibly execute arbirary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-32324 (* Security fix *) d/git-2.41.0-x86_64-1.txz: Upgraded. d/llvm-16.0.5-x86_64-1.txz: Upgraded. kde/calligra-3.2.1-x86_64-29.txz: Rebuilt. Recompiled against Imath-3.1.9. kde/kimageformats-5.106.0-x86_64-3.txz: Rebuilt. Recompiled against Imath-3.1.9. kde/kio-extras-23.04.1-x86_64-3.txz: Rebuilt. Recompiled against Imath-3.1.9. kde/krita-5.1.5-x86_64-9.txz: Rebuilt. Recompiled against Imath-3.1.9. l/Imath-3.1.9-x86_64-1.txz: Upgraded. Evidently the shared library .so-version bump in Imath-3.1.8 should not have happened, so this update reverts it to the previous value. l/gst-plugins-bad-free-1.22.3-x86_64-3.txz: Rebuilt. Recompiled against Imath-3.1.9. l/imagemagick-7.1.1_11-x86_64-2.txz: Rebuilt. Recompiled against Imath-3.1.9. l/mozjs102-102.12.0esr-x86_64-1.txz: Upgraded. l/openexr-3.1.7-x86_64-3.txz: Rebuilt. Recompiled against Imath-3.1.9. l/serf-1.3.10-x86_64-1.txz: Upgraded. l/vte-0.72.2-x86_64-1.txz: Upgraded. n/nettle-3.9.1-x86_64-1.txz: Upgraded. n/ntp-4.2.8p16-x86_64-1.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-26551 https://www.cve.org/CVERecord?id=CVE-2023-26552 https://www.cve.org/CVERecord?id=CVE-2023-26553 https://www.cve.org/CVERecord?id=CVE-2023-26554 https://www.cve.org/CVERecord?id=CVE-2023-26555 (* Security fix *) n/samba-4.18.3-x86_64-1.txz: Upgraded. tcl/tclx-8.6.2-x86_64-1.txz: Upgraded. x/ibus-libpinyin-1.15.3-x86_64-1.txz: Upgraded. x/libX11-1.8.5-x86_64-1.txz: Upgraded. xap/gimp-2.10.34-x86_64-4.txz: Rebuilt. Recompiled against Imath-3.1.9. xfce/xfce4-pulseaudio-plugin-0.4.7-x86_64-1.txz: Upgraded. 20230602205635 Patrick J Volkerding2023-06-021-2/+2
* Wed Apr 19 19:17:14 UTC 2023...d/cargo-vendor-filterer-0.5.9-x86_64-1.txz: Upgraded. l/libqalculate-4.6.1-x86_64-1.txz: Upgraded. l/libwmf-0.2.13-x86_64-1.txz: Upgraded. l/nodejs-20.0.0-x86_64-1.txz: Upgraded. n/bind-9.18.14-x86_64-1.txz: Upgraded. This is a bugfix release. n/samba-4.18.2-x86_64-1.txz: Upgraded. 20230419191714 Patrick J Volkerding2023-04-191-2/+2
* Fri Mar 31 18:01:09 UTC 2023...a/kernel-generic-6.1.22-x86_64-1.txz: Upgraded. a/kernel-huge-6.1.22-x86_64-1.txz: Upgraded. a/kernel-modules-6.1.22-x86_64-1.txz: Upgraded. a/mkinitrd-1.4.11-x86_64-32.txz: Rebuilt. Add /lib/firmware directory to _initrd-tree.tar.gz. Thanks to walecha. d/cmake-3.26.2-x86_64-1.txz: Upgraded. d/kernel-headers-6.1.22-x86-1.txz: Upgraded. d/llvm-16.0.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. Thanks to Heinz Wiesinger for the assistance. Compiled with -DLLVM_BUILD_LLVM_DYLIB=ON -DLLVM_LINK_LLVM_DYLIB=ON -DCLANG_LINK_CLANG_DYLIB=ON. I think we'll get 16.0.1 next week if we need to make any adjustments. d/ruby-3.2.2-x86_64-1.txz: Upgraded. This update fixes security issues: ReDoS vulnerability in URI. ReDoS vulnerability in Time. For more information, see: https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ https://www.cve.org/CVERecord?id=CVE-2023-28755 https://www.cve.org/CVERecord?id=CVE-2023-28756 (* Security fix *) k/kernel-source-6.1.22-noarch-1.txz: Upgraded. kde/kdevelop-22.12.3-x86_64-2.txz: Rebuilt. Recompiled against llvm-16.0.0. l/openexr-3.1.7-x86_64-1.txz: Upgraded. l/qt5-5.15.8_20230325_c1a3e988-x86_64-1.txz: Upgraded. Compiled against llvm-16.0.0. l/spirv-llvm-translator-16.0.0-x86_64-1.txz: Upgraded. Compiled against llvm-16.0.0. Thanks to Heinz Wiesinger for finding the fix for -DBUILD_SHARED_LIBS=ON. n/pssh-2.3.5-x86_64-1.txz: Upgraded. n/samba-4.18.1-x86_64-1.txz: Upgraded. This update fixes security issues: An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure via LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. Installations with such secrets in their Samba AD should assume they have been obtained and need replacing. For more information, see: https://www.samba.org/samba/security/CVE-2023-0225.html https://www.samba.org/samba/security/CVE-2023-0922.html https://www.samba.org/samba/security/CVE-2023-0614.html https://www.cve.org/CVERecord?id=CVE-2023-0225 https://www.cve.org/CVERecord?id=CVE-2023-0922 https://www.cve.org/CVERecord?id=CVE-2023-0614 (* Security fix *) x/mesa-23.0.1-x86_64-2.txz: Rebuilt. Recompiled against llvm-16.0.0 and spirv-llvm-translator-16.0.0. xap/seamonkey-2.53.16-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.16 (* Security fix *) isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/rust-1.68.2-x86_64-2.txz: Rebuilt. Use the bundled LLVM rather than the system LLVM. This version of Rust actually does compile with llvm-16.0.0, but since it bundles LLVM 15 let's let it use that for now. usb-and-pxe-installers/usbboot.img: Rebuilt. 20230331180109 Patrick J Volkerding2023-03-311-2/+2
* Wed Mar 8 20:26:54 UTC 2023...Hey folks, just some more updates on the road to an eventual beta. :-) At this point nothing remains linked with openssl-1.1.1 except for python2 and modules, and vsftpd. I think nobody cares about trying to force python2 to use openssl3... it's EOL but still a zombie, unfortunately. I have seen some patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2 and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2 already out for several revisions, 8.1 does not seem particularly valuable. If you make use of PHP you should be used to it being a moving target by now. Enjoy, and let me know if anything isn't working right. Cheers! a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt. Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0, libldap.so.2.0.200, libssh2.so.1.0.1. a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. a/kmod-30-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded. Shared library .so-version bump. a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added. ap/cups-2.4.2-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. ap/hplip-3.20.5-x86_64-7.txz: Rebuilt. Recompiled against openssl-3.0.8. ap/lxc-4.0.12-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. d/cvs-1.11.23-x86_64-9.txz: Rebuilt. Recompiled against openssl-3.0.8. d/git-2.39.2-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. d/perl-5.36.0-x86_64-5.txz: Rebuilt. Recompiled against openssl-3.0.8. d/python3-3.9.16-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. d/ruby-3.2.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. d/rust-1.66.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. d/scons-4.5.1-x86_64-1.txz: Upgraded. kde/falkon-22.12.3-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. l/SDL2-2.26.4-x86_64-1.txz: Upgraded. l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/libarchive-3.6.2-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. l/libevent-2.1.12-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. l/libssh2-1.10.0-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/mlt-7.14.0-x86_64-1.txz: Upgraded. l/neon-0.32.5-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/nodejs-19.7.0-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/opusfile-0.12-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. l/pipewire-0.3.66-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/pulseaudio-16.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/pycurl-7.44.1-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. l/qca-2.3.5-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded. Compiled against openssl-3.0.8. l/serf-1.3.9-x86_64-8.txz: Rebuilt. Recompiled against openssl-3.0.8. n/alpine-2.26-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/bind-9.18.12-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/curl-7.88.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/dovecot-2.3.20-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/epic5-2.1.12-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt. Recompiled against openssl-3.0.8. n/httpd-2.4.56-x86_64-1.txz: Upgraded. This update fixes two security issues: HTTP Response Smuggling vulnerability via mod_proxy_uwsgi. HTTP Request Smuggling attack via mod_rewrite and mod_proxy. For more information, see: https://downloads.apache.org/httpd/CHANGES_2.4.56 https://www.cve.org/CVERecord?id=CVE-2023-27522 https://www.cve.org/CVERecord?id=CVE-2023-25690 (* Security fix *) NOTE: This package is compiled against openssl-3.0.8. n/irssi-1.4.3-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/krb5-1.20.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/lftp-4.9.2-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. n/links-2.28-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/mutt-2.2.9-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/netatalk-3.1.14-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/nmap-7.93-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt. Recompiled against openssl-3.0.8. n/openldap-2.6.4-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/openssh-9.2p1-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/openssl-3.0.8-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/openssl11-1.1.1t-x86_64-1.txz: Added. n/openvpn-2.6.0-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/php-8.2.3-x86_64-1.txz: Upgraded. Compiled against openssl-3.0.8. n/pidentd-3.0.19-x86_64-7.txz: Rebuilt. Recompiled against openssl-3.0.8. n/popa3d-1.0.3-x86_64-7.txz: Rebuilt. Recompiled against openssl-3.0.8. n/postfix-3.7.4-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/ppp-2.4.9-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. n/proftpd-1.3.8-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/rsync-3.2.7-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/s-nail-14.9.24-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/samba-4.18.0-x86_64-1.txz: Upgraded. Build with the bundled Heimdal instead of the system MIT Kerberos. Thanks again to rpenny. n/slrn-1.0.3a-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. n/snownews-1.9-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/socat-1.7.4.4-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/stunnel-5.69-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. n/wget-1.21.3-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/sane-1.0.32-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt. Recompiled against openssl-3.0.8. xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. y/bsd-games-2.17-x86_64-4.txz: Rebuilt. Recompiled against openssl-3.0.8. extra/php80/php80-8.0.28-x86_64-1.txz: Removed. extra/php81/php81-8.1.16-x86_64-1.txz: Removed. extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt. Recompiled against openssl-3.0.8. extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt. testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt. Recompiled against openssl-3.0.8. testing/packages/samba-4.17.5-x86_64-2.txz: Removed. 20230308202654 Patrick J Volkerding2023-03-081-2/+2
* Fri Jan 27 20:08:12 UTC 2023...n/samba-4.17.5-x86_64-1.txz: Upgraded. BUG 15240: CVE-2022-38023 [SECURITY] Samba should refuse RC4 (aka md5) based SChannel on NETLOGON (additional changes). For more information, see: https://www.samba.org/samba/security/CVE-2022-38023.html https://www.cve.org/CVERecord?id=CVE-2022-38023 (* Security fix *) x/mesa-22.3.4-x86_64-1.txz: Upgraded. x/xf86-video-vmware-13.4.0-x86_64-1.txz: Upgraded. 20230127200812 Patrick J Volkerding2023-01-271-2/+2
* Sat Dec 17 21:14:11 UTC 2022...a/xz-5.4.0-x86_64-1.txz: Upgraded. l/harfbuzz-6.0.0-x86_64-1.txz: Upgraded. l/libmpc-1.3.1-x86_64-1.txz: Upgraded. n/NetworkManager-1.40.8-x86_64-1.txz: Upgraded. n/samba-4.17.4-x86_64-1.txz: Upgraded. This update fixes security issues: This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022. A Samba Active Directory DC will issue weak rc4-hmac session keys for use between modern clients and servers despite all modern Kerberos implementations supporting the aes256-cts-hmac-sha1-96 cipher. On Samba Active Directory DCs and members 'kerberos encryption types = legacy' would force rc4-hmac as a client even if the server supports aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96. This is the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022. A service account with the special constrained delegation permission could forge a more powerful ticket than the one it was presented with. The "RC4" protection of the NetLogon Secure channel uses the same algorithms as rc4-hmac cryptography in Kerberos, and so must also be assumed to be weak. Note that there are several important behavior changes included in this release, which may cause compatibility problems interacting with system still expecting the former behavior. Please read the advisories of CVE-2022-37966, CVE-2022-37967 and CVE-2022-38023 carefully! For more information, see: https://www.samba.org/samba/security/CVE-2022-37966.html https://www.samba.org/samba/security/CVE-2022-37967.html https://www.samba.org/samba/security/CVE-2022-38023.html https://www.cve.org/CVERecord?id=CVE-2022-37966 https://www.cve.org/CVERecord?id=CVE-2022-37967 https://www.cve.org/CVERecord?id=CVE-2022-38023 (* Security fix *) xfce/exo-4.18.0-x86_64-1.txz: Upgraded. xfce/garcon-4.18.0-x86_64-1.txz: Upgraded. xfce/libxfce4ui-4.18.0-x86_64-1.txz: Upgraded. xfce/libxfce4util-4.18.0-x86_64-1.txz: Upgraded. xfce/thunar-4.18.0-x86_64-1.txz: Upgraded. xfce/thunar-volman-4.18.0-x86_64-1.txz: Upgraded. xfce/tumbler-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-appfinder-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-dev-tools-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-notifyd-0.6.5-x86_64-1.txz: Upgraded. xfce/xfce4-panel-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-power-manager-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-session-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-settings-4.18.0-x86_64-1.txz: Upgraded. xfce/xfce4-weather-plugin-0.11.0-x86_64-1.txz: Upgraded. xfce/xfconf-4.18.0-x86_64-1.txz: Upgraded. xfce/xfdesktop-4.18.0-x86_64-1.txz: Upgraded. xfce/xfwm4-4.18.0-x86_64-1.txz: Upgraded. 20221217211411 Patrick J Volkerding2022-12-171-2/+2
* Tue Oct 25 18:38:58 UTC 2022...ap/alsa-utils-1.2.8-x86_64-1.txz: Upgraded. l/alsa-lib-1.2.8-x86_64-1.txz: Upgraded. l/expat-2.5.0-x86_64-1.txz: Upgraded. This update fixes a security issue: Fix heap use-after-free after overeager destruction of a shared DTD in function XML_ExternalEntityParserCreate in out-of-memory situations. Expected impact is denial of service or potentially arbitrary code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680 (* Security fix *) n/samba-4.17.2-x86_64-1.txz: Upgraded. This update fixes the following security issues: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). A malicious client can use a symlink to escape the exported directory. For more information, see: https://www.samba.org/samba/security/CVE-2022-3437.html https://www.samba.org/samba/security/CVE-2022-3592.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3592 (* Security fix *) 20221025183858 Patrick J Volkerding2022-10-261-2/+2
* Wed Oct 19 20:06:33 UTC 2022...a/aaa_libraries-15.1-x86_64-11.txz: Rebuilt. Upgraded: libcap.so.2.66, liblzma.so.5.2.7, libpopt.so.0.0.2, libexpat.so.1.8.9, libglib-2.0.so.0.7200.4, libgmodule-2.0.so.0.7200.4, libgobject-2.0.so.0.7200.4, libgthread-2.0.so.0.7200.4, libhistory.so.8.2, libreadline.so.8.2. Added: libunistring.so.2.1.0, libunistring.so.5.0.0. Removed: libffi.so.7.1.0. a/gettext-0.21.1-x86_64-2.txz: Rebuilt. ap/lsof-4.96.4-x86_64-1.txz: Upgraded. ap/man-pages-6.01-noarch-1.txz: Upgraded. d/clisp-2.50_20220927_acb1266ee-x86_64-1.txz: Upgraded. Compiled against libunistring-1.1. d/gettext-tools-0.21.1-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. d/guile-3.0.8-x86_64-3.txz: Rebuilt. Recompiled against libunistring-1.1. kde/kguiaddons-5.99.0-x86_64-2.txz: Rebuilt. [PATCH] systemclipboard: Don't signal data source cancellation. Thanks to marav. l/libidn2-2.3.3-x86_64-2.txz: Rebuilt. l/libpsl-0.21.1-x86_64-5.txz: Rebuilt. Recompiled against libunistring-1.1. l/libunistring-1.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/bind-9.18.8-x86_64-1.txz: Upgraded. n/gnutls-3.7.8-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. n/samba-4.17.1-x86_64-1.txz: Upgraded. This update fixes the following security issue: Bad password count not incremented atomically. For more information, see: https://bugzilla.samba.org/show_bug.cgi?id=14611 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20251 (* Security fix *) n/wget-1.21.3-x86_64-2.txz: Rebuilt. Recompiled against libunistring-1.1. x/imake-1.0.9-x86_64-1.txz: Upgraded. x/xcb-util-errors-1.0.1-x86_64-1.txz: Upgraded. x/xcb-util-image-0.4.1-x86_64-1.txz: Upgraded. x/xcb-util-keysyms-0.4.1-x86_64-1.txz: Upgraded. x/xcb-util-renderutil-0.3.10-x86_64-1.txz: Upgraded. x/xcb-util-wm-0.4.2-x86_64-1.txz: Upgraded. Patrick J Volkerding2022-10-201-2/+2
* Wed Sep 14 04:53:53 UTC 2022...a/btrfs-progs-5.19.1-x86_64-1.txz: Upgraded. a/file-5.43-x86_64-1.txz: Upgraded. a/kernel-firmware-20220913_f09bebf-noarch-1.txz: Upgraded. d/cmake-3.24.2-x86_64-1.txz: Upgraded. kde/krita-5.1.1-x86_64-1.txz: Upgraded. l/kdsoap-2.1.0-x86_64-1.txz: Upgraded. n/krb5-1.20-x86_64-2.txz: Rebuilt. n/samba-4.17.0-x86_64-1.txz: Upgraded. x/libXp-1.0.4-x86_64-1.txz: Upgraded. 20220914045353 Patrick J Volkerding2022-09-141-2/+2
* Thu Sep 8 01:33:19 UTC 2022...a/hdparm-9.65-x86_64-1.txz: Upgraded. n/samba-4.16.5-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.2.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.2.2/releasenotes/ 20220908013319 Patrick J Volkerding2022-09-081-2/+2
* Wed Jul 27 19:17:38 UTC 2022...l/tevent-0.13.0-x86_64-1.txz: Upgraded. n/samba-4.16.4-x86_64-1.txz: Upgraded. This update fixes the following security issues: Samba AD users can bypass certain restrictions associated with changing passwords. Samba AD users can forge password change requests for any user. Samba AD users can crash the server process with an LDAP add or modify request. Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. Server memory information leak via SMB1. For more information, see: https://www.samba.org/samba/security/CVE-2022-2031.html https://www.samba.org/samba/security/CVE-2022-32744.html https://www.samba.org/samba/security/CVE-2022-32745.html https://www.samba.org/samba/security/CVE-2022-32746.html https://www.samba.org/samba/security/CVE-2022-32742.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742 (* Security fix *) 20220727191738 Patrick J Volkerding2022-07-281-2/+2
* Wed Jul 20 18:59:12 UTC 2022...a/aaa_libraries-15.1-x86_64-6.txz: Rebuilt. Upgraded: libcap.so.2.65, libglib-2.0.so.0.7200.3, libgmodule-2.0.so.0.7200.3, libgobject-2.0.so.0.7200.3, libgthread-2.0.so.0.7200.3, libidn2.so.0.3.8. Removed: libboost_*.so.1.78.0. a/kernel-firmware-20220719_4421586-noarch-1.txz: Upgraded. d/python-setuptools-63.2.0-x86_64-1.txz: Upgraded. d/rust-1.62.1-x86_64-1.txz: Upgraded. kde/kio-5.96.0-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. l/libcap-2.65-x86_64-1.txz: Upgraded. l/netpbm-10.99.01-x86_64-1.txz: Upgraded. l/pipewire-0.3.56-x86_64-1.txz: Upgraded. l/qt5-5.15.5_20220705_ea4efc06-x86_64-1.txz: Upgraded. Compiled against krb5-1.19.3. n/alpine-2.26-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. n/bind-9.18.5-x86_64-1.txz: Upgraded. Compiled against krb5-1.19.3. n/curl-7.84.0-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. n/fetchmail-6.4.31-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. n/krb5-1.19.3-x86_64-2.txz: Rebuilt. Since Samba still won't link against krb5-1.20, I think it's best to drop back to this version until it does. Perhaps it would be better to just use the internal Heimdal libraries instead, but I don't really know if that has all the same functionality or not. Hints welcome if you'd like to drop them in the "regression on -current with samba (new krb5)" thread. Also, just to be 100% sure the krb5 revert doesn't cause any ABI issues, we'll recompile everything that we've linked to krb5 while krb5-1.20 was in -current. Thanks to nobodino. n/php-7.4.30-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. n/samba-4.16.3-x86_64-1.txz: Upgraded. Compiled against krb5-1.19.3. xap/gnuplot-5.4.4-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-102.0.3-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/102.0.3/releasenotes/ extra/php80/php80-8.0.21-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. extra/php81/php81-8.1.8-x86_64-2.txz: Rebuilt. Recompiled against krb5-1.19.3. 20220720185912 Patrick J Volkerding2022-07-211-2/+2
* Wed Jun 15 18:29:59 UTC 2022...a/kernel-generic-5.18.4-x86_64-1.txz: Upgraded. a/kernel-huge-5.18.4-x86_64-1.txz: Upgraded. a/kernel-modules-5.18.4-x86_64-1.txz: Upgraded. ap/inxi-3.3.18_1-noarch-1.txz: Upgraded. ap/sudo-1.9.11p2-x86_64-1.txz: Upgraded. ap/tmux-3.3a-x86_64-1.txz: Upgraded. d/kernel-headers-5.18.4-x86-1.txz: Upgraded. k/kernel-source-5.18.4-noarch-1.txz: Upgraded. kde/bluedevil-5.25.0-x86_64-1.txz: Upgraded. kde/breeze-5.25.0-x86_64-1.txz: Upgraded. kde/breeze-grub-5.25.0-x86_64-1.txz: Upgraded. kde/breeze-gtk-5.25.0-x86_64-1.txz: Upgraded. kde/drkonqi-5.25.0-x86_64-1.txz: Upgraded. kde/kactivitymanagerd-5.25.0-x86_64-1.txz: Upgraded. kde/kde-cli-tools-5.25.0-x86_64-1.txz: Upgraded. kde/kde-gtk-config-5.25.0-x86_64-1.txz: Upgraded. kde/kdecoration-5.25.0-x86_64-1.txz: Upgraded. kde/kdeplasma-addons-5.25.0-x86_64-1.txz: Upgraded. kde/kgamma5-5.25.0-x86_64-1.txz: Upgraded. kde/khotkeys-5.25.0-x86_64-1.txz: Upgraded. kde/kinfocenter-5.25.0-x86_64-1.txz: Upgraded. kde/kmenuedit-5.25.0-x86_64-1.txz: Upgraded. kde/kscreen-5.25.0-x86_64-1.txz: Upgraded. kde/kscreenlocker-5.25.0-x86_64-1.txz: Upgraded. kde/ksshaskpass-5.25.0-x86_64-1.txz: Upgraded. kde/ksystemstats-5.25.0-x86_64-1.txz: Upgraded. kde/kwallet-pam-5.25.0-x86_64-1.txz: Upgraded. kde/kwayland-integration-5.25.0-x86_64-1.txz: Upgraded. kde/kwayland-server-5.24.5-x86_64-1.txz: Removed. kde/kwin-5.25.0-x86_64-1.txz: Upgraded. kde/kwrited-5.25.0-x86_64-1.txz: Upgraded. kde/layer-shell-qt-5.25.0-x86_64-1.txz: Upgraded. kde/libkscreen-5.25.0-x86_64-1.txz: Upgraded. kde/libksysguard-5.25.0-x86_64-1.txz: Upgraded. kde/milou-5.25.0-x86_64-1.txz: Upgraded. kde/oxygen-5.25.0-x86_64-1.txz: Upgraded. kde/oxygen-sounds-5.25.0-x86_64-1.txz: Added. kde/plasma-browser-integration-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-desktop-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-disks-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-firewall-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-framework-5.95.0-x86_64-2.txz: Rebuilt. Backported upstream patch: Revert "Use QT_FEATURE_foo to detect opengl* support, and TARGET for glesv2" This fixes the taskbar thumbnails. Thanks to LuckyCyborg, ctrlaltca, and Heinz Wiesinger. kde/plasma-integration-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-nm-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-pa-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-sdk-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-systemmonitor-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-vault-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-workspace-5.25.0-x86_64-1.txz: Upgraded. kde/plasma-workspace-wallpapers-5.25.0-x86_64-1.txz: Upgraded. kde/polkit-kde-agent-1-5.25.0-x86_64-1.txz: Upgraded. kde/powerdevil-5.25.0-x86_64-1.txz: Upgraded. kde/qqc2-breeze-style-5.25.0-x86_64-1.txz: Upgraded. kde/sddm-kcm-5.25.0-x86_64-1.txz: Upgraded. kde/systemsettings-5.25.0-x86_64-1.txz: Upgraded. kde/xdg-desktop-portal-kde-5.25.0-x86_64-1.txz: Upgraded. l/libzip-1.9.0-x86_64-1.txz: Upgraded. l/pipewire-0.3.52-x86_64-1.txz: Upgraded. l/qt5-5.15.4_20220611_cc851c42-x86_64-1.txz: Upgraded. Thanks to ctrlaltca for the link to the gcc12 patch. l/talloc-2.3.4-x86_64-1.txz: Upgraded. l/tdb-1.4.7-x86_64-1.txz: Upgraded. l/tevent-0.12.1-x86_64-1.txz: Upgraded. n/bind-9.18.4-x86_64-1.txz: Upgraded. n/dovecot-2.3.19.1-x86_64-1.txz: Upgraded. n/ethtool-5.18-x86_64-1.txz: Upgraded. n/samba-4.16.2-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. Added liblz4 for fsck.f2fs. Thanks to Brent Earl. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. Added liblz4 for fsck.f2fs. Thanks to Brent Earl. 20220615182959 Patrick J Volkerding2022-06-161-2/+2
* Mon May 2 20:02:49 UTC 2022...a/hwdata-0.359-noarch-1.txz: Upgraded. a/kernel-firmware-20220502_c3624eb-noarch-1.txz: Upgraded. ap/htop-3.2.0-x86_64-1.txz: Upgraded. d/gdb-12.1-x86_64-1.txz: Upgraded. kde/calligra-3.2.1-x86_64-17.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/cantor-22.04.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/kfilemetadata-5.93.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/kile-2.9.93-x86_64-16.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/kitinerary-22.04.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/krita-5.0.6-x86_64-3.txz: Rebuilt. Recompiled against poppler-22.04.0. kde/okular-22.04.0-x86_64-2.txz: Rebuilt. Recompiled against poppler-22.04.0. l/fuse3-3.11.0-x86_64-1.txz: Upgraded. l/libxml2-2.9.14-x86_64-1.txz: Upgraded. This update fixes bugs and the following security issues: Fix integer overflow in xmlBuf and xmlBuffer. Fix potential double-free in xmlXPtrStringRangeFunction. Fix memory leak in xmlFindCharEncodingHandler. Normalize XPath strings in-place. Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars(). Fix leak of xmlElementContent. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824 (* Security fix *) l/poppler-22.04.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. n/samba-4.16.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.samba.org/samba/history/samba-4.16.1.html xap/mozilla-firefox-100.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/100.0/releasenotes/ 20220502200249 Patrick J Volkerding2022-05-031-2/+2
* Wed Mar 23 17:25:36 UTC 2022...ap/dash-0.5.11.5-x86_64-1.txz: Upgraded. d/parallel-20220322-noarch-1.txz: Upgraded. l/adwaita-icon-theme-42.0-noarch-1.txz: Upgraded. l/gsettings-desktop-schemas-42.0-x86_64-1.txz: Upgraded. l/harfbuzz-4.1.0-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_28-x86_64-1.txz: Upgraded. l/libqalculate-4.1.0-x86_64-1.txz: Upgraded. l/rubygem-asciidoctor-2.0.17-x86_64-1.txz: Upgraded. Upgraded and built for Ruby 3.1.1. Thanks to marrowsuck. n/NetworkManager-1.36.4-x86_64-1.txz: Upgraded. n/fetchmail-6.4.29-x86_64-1.txz: Upgraded. n/iproute2-5.17.0-x86_64-1.txz: Upgraded. n/samba-4.16.0-x86_64-1.txz: Upgraded. xap/mozilla-firefox-98.0.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/98.0.2/releasenotes/ xap/network-manager-applet-1.26.0-x86_64-1.txz: Upgraded. 20220323172536 Patrick J Volkerding2022-03-241-2/+2
* Wed Mar 16 01:46:29 UTC 2022...l/jasper-3.0.3-x86_64-1.txz: Upgraded. l/qt5-5.15.3_20220312_33a3f16f-x86_64-1.txz: Upgraded. If a 32-bit userspace is detected, then: export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox" This works around crashes occuring with 32-bit QtWebEngine applications. Thanks to alienBOB. n/krb5-1.19.3-x86_64-1.txz: Upgraded. n/samba-4.15.6-x86_64-1.txz: Upgraded. n/stunnel-5.63-x86_64-1.txz: Upgraded. 20220316014629 Patrick J Volkerding2022-03-161-2/+2
* Tue Feb 1 04:37:04 UTC 2022...The sepulchral voice intones, "The cave is now closed." kde/falkon-3.2.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt. [PATCH] only start programs in user's path. [PATCH] only execute diff in path. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 (* Security fix *) l/libcanberra-0.30-x86_64-9.txz: Rebuilt. Fix a bug crashing some applications in Wayland desktops. Thanks to 01micko. n/samba-4.15.5-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: UNIX extensions in SMB1 disclose whether the outside target of a symlink exists. Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit. Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. For more information, see: https://www.samba.org/samba/security/CVE-2021-44141.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141 https://www.samba.org/samba/security/CVE-2021-44142.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142 https://www.samba.org/samba/security/CVE-2022-0336.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336 (* Security fix *) x/xterm-370-x86_64-7.txz: Rebuilt. Rebuilt with --disable-sixel-graphics to fix a buffer overflow. Thanks to gmgf. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130 (* Security fix *) testing/source/linux-5.16.4-configs/*: Added. Sample config files to build 5.16.4 Linux kernels. 20220201043704 Patrick J Volkerding2022-02-011-2/+2
* Wed Jan 19 18:18:02 UTC 2022...ap/inxi-3.3.12_1-noarch-1.txz: Upgraded. ap/man-db-2.9.4-x86_64-3.txz: Rebuilt. Don't use --no-purge in the daily cron job to update the databases. l/gst-plugins-bad-free-1.18.5-x86_64-4.txz: Rebuilt. Link against neon-0.32.2. Thanks to marav. n/bind-9.16.25-x86_64-1.txz: Upgraded. n/ethtool-5.16-x86_64-1.txz: Upgraded. n/samba-4.15.4-x86_64-1.txz: Upgraded. n/wpa_supplicant-2.10-x86_64-1.txz: Upgraded. The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23303 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23304 (* Security fix *) x/xterm-370-x86_64-6.txz: Rebuilt. XTerm-console: improve the font settings. Thanks to GazL. 20220119181802 Patrick J Volkerding2022-01-201-2/+2
* Wed Dec 8 20:42:30 UTC 2021...a/kernel-generic-5.15.7-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.7-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.7-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.7-x86-1.txz: Upgraded. k/kernel-source-5.15.7-noarch-1.txz: Upgraded. n/samba-4.15.3-x86_64-1.txz: Upgraded. This release fixes bugs and these regressions in the 4.15.2 release: CVE-2020-25717: A user on the domain can become root on domain members. https://www.samba.org/samba/security/CVE-2020-25717.html PLEASE [RE-]READ! The instructions have been updated and some workarounds initially advised for 4.15.2 are no longer required and should be reverted in most cases. BUG-14902: User with multiple spaces (eg Fred<space><space>Nurk) become un-deletable. While this release should fix this bug, it is advised to have a look at the bug report for more detailed information, see: https://bugzilla.samba.org/show_bug.cgi?id=14902 For more information, see: https://www.samba.org/samba/security/CVE-2020-25717.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717 (* Security fix *) x/libX11-1.7.3-x86_64-1.txz: Upgraded. x/xscope-1.4.2-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-91.4.0-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/91.4.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43536 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43537 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43538 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43539 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43541 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43542 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43545 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43546 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43528 (* Security fix *) xfce/exo-4.16.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20211208204230 Patrick J Volkerding2021-12-091-2/+2
* Wed Nov 10 20:32:37 UTC 2021...d/python3-3.9.8-x86_64-1.txz: Upgraded. l/libtasn1-4.18.0-x86_64-1.txz: Upgraded. n/curl-7.80.0-x86_64-1.txz: Upgraded. n/ethtool-5.15-x86_64-1.txz: Upgraded. n/samba-4.15.2-x86_64-1.txz: Upgraded. This is a security release in order to address the following defects: SMB1 client connections can be downgraded to plaintext authentication. A user on the domain can become root on domain members. Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC. Samba AD DC did not always rely on the SID and PAC in Kerberos tickets. Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba AD DC did not do suffienct access and conformance checking of data stored. Use after free in Samba AD DC RPC server. Subsequent DCE/RPC fragment injection vulnerability. For more information, see: https://www.samba.org/samba/security/CVE-2016-2124.html https://www.samba.org/samba/security/CVE-2020-25717.html ^^ (PLEASE READ! There are important behaviour changes described) https://www.samba.org/samba/security/CVE-2020-25718.html https://www.samba.org/samba/security/CVE-2020-25719.html https://www.samba.org/samba/security/CVE-2020-25721.html https://www.samba.org/samba/security/CVE-2020-25722.html https://www.samba.org/samba/security/CVE-2021-3738.html https://www.samba.org/samba/security/CVE-2021-23192.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2124 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25717 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25718 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25719 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25721 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25722 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3738 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23192 (* Security fix *) x/xorg-server-xwayland-21.1.3-x86_64-1.txz: Upgraded. 20211110203237 Patrick J Volkerding2021-11-111-2/+2
* Thu Oct 28 01:11:07 UTC 2021...a/kernel-generic-5.14.15-x86_64-1.txz: Upgraded. a/kernel-huge-5.14.15-x86_64-1.txz: Upgraded. a/kernel-modules-5.14.15-x86_64-1.txz: Upgraded. d/cmake-3.21.4-x86_64-1.txz: Upgraded. d/kernel-headers-5.14.15-x86-1.txz: Upgraded. k/kernel-source-5.14.15-noarch-1.txz: Upgraded. We're going to go ahead and take both of those changes that were considered in /testing. GazL almost had me talked out of the autogroup change, but it's easy to disable if traditional "nice" behavior is important to someone. -DRM_I810 n -INLINE_READ_UNLOCK y -INLINE_READ_UNLOCK_IRQ y -INLINE_SPIN_UNLOCK_IRQ y -INLINE_WRITE_UNLOCK y -INLINE_WRITE_UNLOCK_IRQ y PREEMPT n -> y PREEMPT_VOLUNTARY y -> n SCHED_AUTOGROUP n -> y +CEC_GPIO n +DEBUG_PREEMPT y +PREEMPTION y +PREEMPT_COUNT y +PREEMPT_DYNAMIC y +PREEMPT_RCU y +PREEMPT_TRACER n +RCU_BOOST n +TASKS_RCU y +UNINLINE_SPIN_UNLOCK y kde/plasma-desktop-5.23.2.1-x86_64-1.txz: Upgraded. l/imagemagick-7.1.0_12-x86_64-1.txz: Upgraded. l/librsvg-2.52.3-x86_64-1.txz: Upgraded. n/bind-9.16.22-x86_64-1.txz: Upgraded. This update fixes bugs and the following security issue: The "lame-ttl" option is now forcibly set to 0. This effectively disables the lame server cache, as it could previously be abused by an attacker to significantly degrade resolver performance. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219 (* Security fix *) n/c-ares-1.18.1-x86_64-1.txz: Upgraded. n/samba-4.15.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20211028011107 Patrick J Volkerding2021-10-281-2/+2
* Mon Sep 20 18:49:19 UTC 2021...a/acpid-2.0.33-x86_64-1.txz: Upgraded. n/nghttp2-1.45.0-x86_64-1.txz: Upgraded. n/samba-4.15.0-x86_64-1.txz: Upgraded. x/libXi-1.8-x86_64-1.txz: Upgraded. x/libva-2.13.0-x86_64-1.txz: Upgraded. Build with enable_va_messaging=false to avoid console spam. Thanks to GazL. x/wayland-protocols-1.23-noarch-1.txz: Upgraded. x/xf86-input-libinput-1.2.0-x86_64-1.txz: Upgraded. x/xorgproto-2021.5-x86_64-1.txz: Upgraded. xap/pan-0.147-x86_64-1.txz: Upgraded. 20210920184919 Patrick J Volkerding2021-09-211-2/+2
* Tue Aug 24 19:40:54 UTC 2021...a/openssl-solibs-1.1.1l-x86_64-1.txz: Upgraded. kde/krita-4.4.8-x86_64-1.txz: Upgraded. l/json-glib-1.6.6-x86_64-1.txz: Upgraded. l/libarchive-3.5.2-x86_64-1.txz: Upgraded. n/bluez-5.61-x86_64-1.txz: Upgraded. n/openssl-1.1.1l-x86_64-1.txz: Upgraded. Fixed an SM2 Decryption Buffer Overflow. Fixed various read buffer overruns processing ASN.1 strings. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712 (* Security fix *) n/samba-4.14.7-x86_64-1.txz: Upgraded. xap/mozilla-firefox-91.0.2-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/firefox/91.0.2/releasenotes/ 20210824194054 Patrick J Volkerding2021-08-251-2/+2
* Tue Jul 13 20:51:28 UTC 2021...xap/seamonkey-2.53.8-x86_64-2.txz: Rebuilt. Fixed desktop files changing Terminal=0 to Terminal=false. Thanks to marav. 20210713205128 Patrick J Volkerding2021-07-141-2/+2
* Tue Jun 1 18:41:29 UTC 2021...l/gsl-2.7-x86_64-1.txz: Upgraded. l/mozjs78-78.11.0esr-x86_64-1.txz: Upgraded. n/samba-4.14.5-x86_64-1.txz: Upgraded. 20210601184129 Patrick J Volkerding2021-06-021-2/+2
* Thu Apr 29 18:49:00 UTC 2021...a/less-581.2-x86_64-1.txz: Upgraded. ap/nano-5.7-x86_64-1.txz: Upgraded. d/cmake-3.20.2-x86_64-1.txz: Upgraded. n/httpd-2.4.47-x86_64-1.txz: Upgraded. n/samba-4.14.4-x86_64-1.txz: Upgraded. This is a security release in order to address the following defect: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254 https://www.samba.org/samba/security/CVE-2021-20254.html (* Security fix *) extra/php8/php8-8.0.5-x86_64-1.txz: Upgraded. 20210429184900 Patrick J Volkerding2021-04-301-2/+2
* Tue Apr 20 19:44:02 UTC 2021...ap/slackpkg-15.0.2-noarch-1.txz: Upgraded. Fix break error messages (dive) Remove now pointless if/then/else (dive) Safer config sourcing (dive) files/slackpkg: replace #!/bin/sh with #!/bin/bash (Eugen Wissner) Don't create blacklist when running update (dive) Add show-changelog & help to non-root commands (dive) Improve search blacklisting (dive) Fix package duplicate bug (PiterPunk) Thanks to Robby Workman. ap/sqlite-3.35.5-x86_64-1.txz: Upgraded. kde/kwin-5.21.4-x86_64-2.txz: Rebuilt. Delay closing Wayland streams. Thanks to LuckyCyborg. kde/okteta-0.26.6-x86_64-1.txz: Upgraded. l/libtiff-4.3.0-x86_64-1.txz: Upgraded. n/libgcrypt-1.9.3-x86_64-1.txz: Upgraded. n/samba-4.14.3-x86_64-1.txz: Upgraded. x/xorg-cf-files-1.0.6-x86_64-6.txz: Rebuilt. Patched to fix an incompatibility introduced by binutils-2.36. Thanks to BenCollver. xap/seamonkey-2.53.7.1-x86_64-1.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.7.1 (* Security fix *) 20210420194402 Patrick J Volkerding2021-04-211-2/+2
* Wed Mar 10 20:32:52 UTC 2021...ap/vim-8.2.2585-x86_64-1.txz: Upgraded. d/git-2.30.2-x86_64-1.txz: Upgraded. l/python-dnspython-2.1.0-x86_64-1.txz: Added. This is needed by samba-4.14.0. l/python-markdown-3.3.4-x86_64-1.txz: Added. This is needed by samba-4.14.0. n/samba-4.14.0-x86_64-1.txz: Upgraded. xap/vim-gvim-8.2.2585-x86_64-1.txz: Upgraded. xfce/elementary-xfce-0.15.2-x86_64-1.txz: Upgraded. 20210310203252 Patrick J Volkerding2021-03-111-2/+2
* Wed Mar 10 01:30:34 UTC 2021...a/kernel-generic-5.10.22-x86_64-1.txz: Upgraded. a/kernel-huge-5.10.22-x86_64-1.txz: Upgraded. a/kernel-modules-5.10.22-x86_64-1.txz: Upgraded. a/sysklogd-2.2.2-x86_64-1.txz: Upgraded. d/bison-3.7.6-x86_64-1.txz: Upgraded. d/kernel-headers-5.10.22-x86-1.txz: Upgraded. d/mercurial-5.7.1-x86_64-1.txz: Upgraded. k/kernel-source-5.10.22-noarch-1.txz: Upgraded. l/netpbm-10.93.01-x86_64-1.txz: Upgraded. n/samba-4.13.5-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-78.8.1-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/78.8.1/releasenotes/ isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/linux-5.11.x/kernel-generic-5.11.5-x86_64-1.txz: Upgraded. testing/packages/linux-5.11.x/kernel-headers-5.11.5-x86-1.txz: Upgraded. testing/packages/linux-5.11.x/kernel-huge-5.11.5-x86_64-1.txz: Upgraded. testing/packages/linux-5.11.x/kernel-modules-5.11.5-x86_64-1.txz: Upgraded. testing/packages/linux-5.11.x/kernel-source-5.11.5-noarch-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20210310013034 Patrick J Volkerding2021-03-101-2/+2
* Wed Jan 27 20:44:08 UTC 2021...a/kernel-generic-5.10.11-x86_64-1.txz: Upgraded. a/kernel-huge-5.10.11-x86_64-1.txz: Upgraded. a/kernel-modules-5.10.11-x86_64-1.txz: Upgraded. a/libbytesize-2.5-x86_64-1.txz: Upgraded. d/kernel-headers-5.10.11-x86-1.txz: Upgraded. k/kernel-source-5.10.11-noarch-1.txz: Upgraded. l/imagemagick-7.0.10_60-x86_64-1.txz: Upgraded. l/python-urllib3-1.26.3-x86_64-1.txz: Upgraded. n/samba-4.13.4-x86_64-1.txz: Upgraded. x/wayland-1.19.0-x86_64-1.txz: Upgraded. xfce/xfce4-panel-4.16.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20210127204408 Patrick J Volkerding2021-01-281-2/+2
* Tue Dec 15 20:39:53 UTC 2020...d/python-pip-20.3.3-x86_64-1.txz: Upgraded. kde/sddm-0.19.0-x86_64-3.txz: Rebuilt. In SDDM's Xsession script, don't source $HOME/.xsession as this may launch the wrong session type or cause dbus-run-session to start twice breaking logout. l/orc-0.4.32-x86_64-1.txz: Upgraded. l/pipewire-0.3.18-x86_64-1.txz: Upgraded. l/python-chardet-4.0.0-x86_64-1.txz: Upgraded. l/python-packaging-20.8-x86_64-1.txz: Upgraded. n/samba-4.13.3-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-78.6.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/78.6.0/releasenotes/ xfce/mousepad-0.5.0-x86_64-1.txz: Upgraded. 20201215203953 Patrick J Volkerding2020-12-161-2/+2
* Wed Nov 4 19:33:47 UTC 2020...ap/mariadb-10.5.7-x86_64-1.txz: Upgraded. l/libcap-2.45-x86_64-1.txz: Upgraded. l/poppler-data-0.4.10-noarch-1.txz: Upgraded. n/samba-4.13.2-x86_64-1.txz: Upgraded. x/libdrm-2.4.103-x86_64-1.txz: Upgraded. testing/packages/vtown/kde/sddm-0.18.1-x86_64-1_vtown_2.txz: Rebuilt. Fixed installation of pam.d files. Thanks to alienBOB. 20201104193347 Patrick J Volkerding2020-11-051-2/+2
* Thu Oct 29 21:55:56 UTC 2020...a/aaa_elflibs-15.0-x86_64-26.txz: Rebuilt. Upgraded: liblber-2.4.so.2.11.3, libldap-2.4.so.2.11.3, libmpc.so.3.2.1. Added temporarily to allow for third-party packages to be recompiled: libHalf.so.12.0.0, libIex-2_2.so.12.0.0, libIexMath-2_2.so.12.0.0, libIlmImf-2_2.so.22.0.0, libIlmImfUtil-2_2.so.22.0.0, libIlmThread-2_2.so.12.0.0, libImath-2_2.so.12.0.0, libpoppler-qt4.so.4.11.0, libpoppler.so.79.0.0. a/kernel-generic-5.4.73-x86_64-1.txz: Upgraded. a/kernel-huge-5.4.73-x86_64-1.txz: Upgraded. a/kernel-modules-5.4.73-x86_64-1.txz: Upgraded. d/kernel-headers-5.4.73-x86-1.txz: Upgraded. k/kernel-source-5.4.73-noarch-1.txz: Upgraded. l/LibRaw-0.20.2-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/exiv2-0.27.3-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/gegl-0.4.26-x86_64-2.txz: Rebuilt. Recompiled against openexr-2.5.3. l/gexiv2-0.12.1-x86_64-1.txz: Upgraded. Compiled against exiv2-0.27.3. l/graphene-1.10.2-x86_64-1.txz: Added. l/gst-plugins-base-1.18.1-x86_64-2.txz: Rebuilt. Recompiled against system libgraphene. l/ilmbase-2.2.0-x86_64-2.txz: Removed. These libraries are now part of openexr. l/imagemagick-7.0.10_34-x86_64-2.txz: Rebuilt. Recompiled against LibRaw-0.20.2 and openexr-2.5.3. l/openexr-2.5.3-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/poppler-20.10.0-x86_64-1.txz: Upgraded. Shared library .so-version bump. Qt4 support dropped. n/samba-4.13.1-x86_64-1.txz: Upgraded. This update fixes security issues: Missing handle permissions check in SMB1/2/3 ChangeNotify. Denial-of-service vulnerabilities. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14323 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383 (* Security fix *) xap/geeqie-1.5.1-x86_64-2.txz: Rebuilt. Recompiled against exiv2-0.27.3. xap/gimp-2.10.22-x86_64-2.txz: Rebuilt. Recompiled against openexr-2.5.3. xap/xlockmore-5.66-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20201029215556 Patrick J Volkerding2020-10-301-2/+2
* Thu Jul 2 19:18:33 UTC 2020...d/mercurial-5.4.2-x86_64-1.txz: Upgraded. d/nasm-2.15.02-x86_64-1.txz: Upgraded. l/glib2-2.64.4-x86_64-1.txz: Upgraded. n/samba-4.12.5-x86_64-1.txz: Upgraded. x/libXaw3dXft-1.6.2g-x86_64-1.txz: Upgraded. xap/mozilla-thunderbird-68.10.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/68.10.0/releasenotes/ 20200702191833 Patrick J Volkerding2020-07-031-2/+2
* Wed May 20 23:53:44 UTC 2020...a/kernel-firmware-20200519_8ba6fa6-noarch-1.txz: Upgraded. a/kernel-generic-5.4.42-x86_64-1.txz: Upgraded. a/kernel-huge-5.4.42-x86_64-1.txz: Upgraded. a/kernel-modules-5.4.42-x86_64-1.txz: Upgraded. a/util-linux-2.35.2-x86_64-1.txz: Upgraded. d/kernel-headers-5.4.42-x86-1.txz: Upgraded. d/python-pip-20.1.1-x86_64-1.txz: Upgraded. k/kernel-source-5.4.42-noarch-1.txz: Upgraded. l/glib2-2.64.3-x86_64-1.txz: Upgraded. l/mozilla-nss-3.52.1-x86_64-1.txz: Upgraded. n/samba-4.12.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20200520235344 Patrick J Volkerding2020-05-211-2/+2
* Tue Apr 28 20:18:40 UTC 2020...ap/cups-2.3.3-x86_64-1.txz: Upgraded. This update fixes two security issues: The ppdOpen function did not handle invalid UI constraint. ppdcSource::get_resolution function did not handle invalid resolution strings. The ippReadIO function may under-read an extension. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842 (* Security fix *) l/imagemagick-7.0.10_10-x86_64-1.txz: Upgraded. n/samba-4.12.2-x86_64-1.txz: Upgraded. This update fixes two security issues: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server. A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704 (* Security fix *) testing/packages/PAM/cups-2.3.3-x86_64-1_pam.txz: Upgraded. This update fixes two security issues: The ppdOpen function did not handle invalid UI constraint. ppdcSource::get_resolution function did not handle invalid resolution strings. The ippReadIO function may under-read an extension. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842 (* Security fix *) testing/packages/PAM/samba-4.12.2-x86_64-1_pam.txz: Upgraded. This update fixes two security issues: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server. A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing a SIGSEGV. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10700 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10704 (* Security fix *) 20200428201840 Patrick J Volkerding2020-04-291-2/+2
* Tue Apr 7 22:23:02 UTC 2020...testing/packages/PAM/samba-4.12.1-x86_64-1_pam.txz: Upgraded. 20200407222302 Patrick J Volkerding2020-04-081-2/+2
* Wed Mar 4 01:39:54 UTC 2020...xap/seamonkey-2.53.1-x86_64-2.txz: Rebuilt. Fixed $LIBDIRSUFFIX for 32-bit. Thanks to ljb643. 20200304013954 Patrick J Volkerding2020-03-041-2/+2
* Tue Jan 28 21:39:57 UTC 2020...ap/mariadb-10.4.12-x86_64-1.txz: Upgraded. This fixes a potential denial-of-service vulnerability. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574 (* Security fix *) l/imagemagick-7.0.9_20-x86_64-1.txz: Upgraded. n/dhcpcd-8.1.6-x86_64-1.txz: Upgraded. n/samba-4.11.6-x86_64-1.txz: Upgraded. x/mesa-19.3.3-x86_64-1.txz: Upgraded. 20200128213957 Patrick J Volkerding2020-01-291-2/+2
* Tue Jan 21 21:23:01 UTC 2020...a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt. Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0. Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3, libkrb5support.so.0.1. a/util-linux-2.35-x86_64-1.txz: Upgraded. d/python-pip-20.0.1-x86_64-1.txz: Upgraded. l/Mako-1.1.1-x86_64-1.txz: Upgraded. l/keyutils-1.6.1-x86_64-1.txz: Upgraded. n/krb5-1.17-x86_64-1.txz: Added. Nothing links to this yet, but we'll need it soon enough. :-) n/php-7.4.2-x86_64-1.txz: Upgraded. This update fixes bugs and security issues: Standard: OOB read in php_strip_tags_ex Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar' For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060 (* Security fix *) n/samba-4.11.5-x86_64-1.txz: Upgraded. This update fixes the following security issues: Replication of ACLs set to inherit down a subtree on AD Directory not automatic. Crash after failed character conversion at log level 3 or above. Use after free during DNS zone scavenging in Samba AD DC. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344 (* Security fix *) xap/gparted-1.1.0-x86_64-1.txz: Upgraded. 20200121212301 Patrick J Volkerding2020-01-211-2/+2
* Mon Dec 16 23:13:10 UTC 2019...a/usb_modeswitch-2.5.2-x86_64-2.txz: Rebuilt. Seems there's a regression in usb_modeswitch-2.6.0, so let's revert to usb_modeswitch-2.5.2 but keep the latest usb-modeswitch-data-20191128. Thanks to Lockywolf. l/fuse3-3.9.0-x86_64-2.txz: Rebuilt. Install fuse.conf as fuse.conf.new. This won't prevent an existing config file from being overwritten with this upgrade, but it will prevent that from happening again moving forward. Thanks to chrisVV. 20191216231310 Patrick J Volkerding2019-12-171-2/+2
* Tue Dec 10 18:52:42 UTC 2019...l/dconf-0.34.0-x86_64-2.txz: Rebuilt. Rebuilt using the sed replacements suggested by LFS. This fixes a subsequent build of dconf-editor. l/glib-networking-2.62.2-x86_64-1.txz: Upgraded. n/samba-4.11.3-x86_64-1.txz: Upgraded. This update fixes the following security issues: Samba AD DC zone-named record Denial of Service in DNS management server. DelegationNotAllowed was not enforced in protocol transition on Samba AD DC. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14861 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870 (* Security fix *) x/vulkan-sdk-1.1.126.0-x86_64-1.txz: Upgraded. 20191210185242 Patrick J Volkerding2019-12-111-2/+2
* Tue Oct 29 20:09:01 UTC 2019...a/aaa_elflibs-15.0-x86_64-14.txz: Rebuilt. Upgraded: libglib-2.0.so.0.6200.2, libgmodule-2.0.so.0.6200.2, libgobject-2.0.so.0.6200.2, libgthread-2.0.so.0.6200.2. Added: libgomp.so.1.0.0. a/kernel-firmware-20191029_4065643-noarch-1.txz: Upgraded. a/kernel-generic-4.19.81-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.81-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.81-x86_64-1.txz: Upgraded. ap/sudo-1.8.29-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.81-x86-1.txz: Upgraded. d/python-setuptools-41.6.0-x86_64-1.txz: Upgraded. k/kernel-source-4.19.81-noarch-1.txz: Upgraded. l/harfbuzz-2.6.3-x86_64-1.txz: Upgraded. n/samba-4.11.2-x86_64-1.txz: Upgraded. This update fixes bugs and these security issues: Client code can return filenames containing path separators. Samba AD DC check password script does not receive the full password. User with "get changes" permission can crash AD DC LDAP server via dirsync. For more information, see: https://www.samba.org/samba/security/CVE-2019-10218.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10218 https://www.samba.org/samba/security/CVE-2019-14833.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14833 https://www.samba.org/samba/security/CVE-2019-14847.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14847 (* Security fix *) x/libglvnd-1.2.0-x86_64-4.txz: Rebuilt. Applied upstream patches to fix EGL/eglplatform.h. x/xorg-server-1.20.5-x86_64-3.txz: Rebuilt. #define EGL_NO_X11 to fix glamor build against libglvnd-1.2.0. x/xorg-server-xephyr-1.20.5-x86_64-3.txz: Rebuilt. x/xorg-server-xnest-1.20.5-x86_64-3.txz: Rebuilt. x/xorg-server-xvfb-1.20.5-x86_64-3.txz: Rebuilt. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 20191029200901 Patrick J Volkerding2019-10-301-2/+2
* Fri Oct 18 21:00:50 UTC 2019...a/getty-ps-2.1.0b-x86_64-4.txz: Removed. a/lha-114i-x86_64-2.txz: Removed. Removed due to vague licensing terms. a/lhasa-0.3.1-x86_64-1.txz: Added. This is an extraction-only LHA utility with an OSI approved license. a/shadow-4.7-x86_64-2.txz: Rebuilt. Added /etc/environment.new to fix "sudo -i" noise. ap/lm_sensors-3.6.0-x86_64-1.txz: Upgraded. ap/vim-8.1.2174-x86_64-1.txz: Upgraded. l/netpbm-10.88.00-x86_64-1.txz: Upgraded. n/ca-certificates-20191018-noarch-1.txz: Upgraded. n/samba-4.11.1-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.2174-x86_64-1.txz: Upgraded. xap/xfractint-20.04p13-x86_64-2.txz: Removed. xap/xv-3.10a-x86_64-9.txz: Removed. extra/getty-ps/getty-ps-2.1.0b-x86_64-4.txz: Rebuilt. Moved here from the A series due to commercial use restrictions. extra/xfractint/xfractint-20.04p14-x86_64-1.txz: Upgraded. Moved here from the XAP series due to commercial use restrictions. extra/xv/xv-3.10a-x86_64-9.txz: Rebuilt. Moved here from the XAP series due to non-commercial use shareware license. 20191018210050 Patrick J Volkerding2019-10-191-2/+2
generated by cgit v1.2.3-79-gdb01 (git 2.46.1) at 2024-09-19 08:05:29 +0000