| Commit message (Expand) | Author | Age | Files | Lines |
* | Tue Oct 3 22:19:10 UTC 2023...a/aaa_glibc-solibs-2.37-x86_64-3.txz: Rebuilt.
a/dialog-1.3_20231002-x86_64-1.txz: Upgraded.
ap/mpg123-1.32.3-x86_64-1.txz: Upgraded.
d/llvm-17.0.2-x86_64-1.txz: Upgraded.
d/meson-1.2.2-x86_64-2.txz: Rebuilt.
[PATCH] Revert rust: apply global, project, and environment C args to bindgen.
This fixes building Mesa.
Thanks to lucabon and marav.
kde/calligra-3.2.1-x86_64-34.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/cantor-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kfilemetadata-5.110.0-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kile-2.9.93-x86_64-28.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/kitinerary-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/krita-5.1.5-x86_64-15.txz: Rebuilt.
Recompiled against poppler-23.10.0.
kde/okular-23.08.1-x86_64-2.txz: Rebuilt.
Recompiled against poppler-23.10.0.
l/glibc-2.37-x86_64-3.txz: Rebuilt.
l/glibc-i18n-2.37-x86_64-3.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
l/glibc-profile-2.37-x86_64-3.txz: Rebuilt.
l/mozilla-nss-3.94-x86_64-1.txz: Upgraded.
l/poppler-23.10.0-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/NetworkManager-1.44.2-x86_64-1.txz: Upgraded.
n/irssi-1.4.5-x86_64-1.txz: Upgraded.
x/fcitx5-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-anthy-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-chinese-addons-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-gtk-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-hangul-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-kkc-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-m17n-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-qt-5.1.1-x86_64-1.txz: Upgraded.
x/fcitx5-sayura-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-extra-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-table-other-5.1.0-x86_64-1.txz: Upgraded.
x/fcitx5-unikey-5.1.1-x86_64-1.txz: Upgraded.
x/libX11-1.8.7-x86_64-1.txz: Upgraded.
This update fixes security issues:
libX11: out-of-bounds memory access in _XkbReadKeySyms().
libX11: stack exhaustion from infinite recursion in PutSubImage().
libX11: integer overflow in XCreateImage() leading to a heap overflow.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43785
https://www.cve.org/CVERecord?id=CVE-2023-43786
https://www.cve.org/CVERecord?id=CVE-2023-43787
(* Security fix *)
x/libXpm-3.5.17-x86_64-1.txz: Upgraded.
This update fixes security issues:
libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
libXpm: out of bounds read on XPM with corrupted colormap.
For more information, see:
https://lists.x.org/archives/xorg-announce/2023-October/003424.html
https://www.cve.org/CVERecord?id=CVE-2023-43788
https://www.cve.org/CVERecord?id=CVE-2023-43789
(* Security fix *)
testing/packages/aaa_glibc-solibs-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-2.38-x86_64-2.txz: Rebuilt.
Patched to fix the "Looney Tunables" vulnerability, a local privilege
escalation in ld.so. This vulnerability was introduced in April 2021
(glibc 2.34) by commit 2ed18c.
Thanks to Qualys Research Labs for reporting this issue.
For more information, see:
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
https://www.cve.org/CVERecord?id=CVE-2023-4911
(* Security fix *)
testing/packages/glibc-i18n-2.38-x86_64-2.txz: Rebuilt.
testing/packages/glibc-profile-2.38-x86_64-2.txz: Rebuilt.
20231003221910 | Patrick J Volkerding | 2023-10-04 | 2 | -29/+1 |
* | Mon May 22 19:05:02 UTC 2023...ap/qpdf-11.4.0-x86_64-1.txz: Upgraded.
l/exiv2-0.27.7-x86_64-1.txz: Upgraded.
l/imagemagick-7.1.1_10-x86_64-1.txz: Upgraded.
n/c-ares-1.19.1-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
0-byte UDP payload causes Denial of Service.
Insufficient randomness in generation of DNS query IDs.
Buffer Underwrite in ares_inet_net_pton().
AutoTools does not set CARES_RANDOM_FILE during cross compilation.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-32067
https://www.cve.org/CVERecord?id=CVE-2023-31147
https://www.cve.org/CVERecord?id=CVE-2023-31130
https://www.cve.org/CVERecord?id=CVE-2023-31124
(* Security fix *)
n/wget-1.21.4-x86_64-1.txz: Upgraded.
xap/gnuplot-5.4.7-x86_64-1.txz: Upgraded.
20230522190502 | Patrick J Volkerding | 2023-05-22 | 2 | -0/+28 |
* | Mon Aug 15 20:23:47 UTC 2022...a/etc-15.1-x86_64-2.txz: Rebuilt.
Added support for $HOME/.profile.d/*.{csh,sh} scripts.
Thanks to Heinz Wiesinger.
a/mcelog-188-x86_64-1.txz: Upgraded.
kde/fcitx5-configtool-5.0.14-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
kde/fcitx5-theme-breeze-2.0.0-noarch-1.txz: Added.
Thanks to Heinz Wiesinger.
kde/kcm-fcitx-0.5.6-x86_64-4.txz: Removed.
l/fmt-9.0.0-x86_64-1.txz: Added.
Thanks to Steven Voges.
l/librsvg-2.54.4-x86_64-2.txz: Rebuilt.
Removed dangling symlink. Thanks to marav.
n/rsync-3.2.5-x86_64-1.txz: Upgraded.
Added some file-list safety checking that helps to ensure that a rogue
sending rsync can't add unrequested top-level names and/or include recursive
names that should have been excluded by the sender. These extra safety
checks only require the receiver rsync to be updated. When dealing with an
untrusted sending host, it is safest to copy into a dedicated destination
directory for the remote content (i.e. don't copy into a destination
directory that contains files that aren't from the remote host unless you
trust the remote host).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
(* Security fix *)
x/anthy-9100h-x86_64-4.txz: Removed.
x/anthy-unicode-1.0.0.20211224-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx-4.2.9.8-x86_64-3.txz: Removed.
x/fcitx-anthy-0.2.4-x86_64-1.txz: Removed.
x/fcitx-configtool-0.4.10-x86_64-3.txz: Removed.
x/fcitx-hangul-0.3.1-x86_64-3.txz: Removed.
x/fcitx-kkc-0.1.4-x86_64-3.txz: Removed.
x/fcitx-libpinyin-0.5.4-x86_64-2.txz: Removed.
x/fcitx-m17n-0.2.4-x86_64-3.txz: Removed.
x/fcitx-qt5-1.2.7-x86_64-1.txz: Removed.
x/fcitx-sayura-0.1.2-x86_64-3.txz: Removed.
x/fcitx-table-extra-0.3.8-x86_64-3.txz: Removed.
x/fcitx-table-other-0.2.4-x86_64-3.txz: Removed.
x/fcitx-unikey-0.2.7-x86_64-3.txz: Removed.
x/fcitx5-5.0.18-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-anthy-5.0.12-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-chinese-addons-5.0.14-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-gtk-5.0.17-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-hangul-5.0.10-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-kkc-5.0.10-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-m17n-5.0.10-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-qt-5.0.14-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-sayura-5.0.8-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-table-extra-5.0.11-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-table-other-5.0.10-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/fcitx5-unikey-5.0.11-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/ibus-1.5.26-x86_64-2.txz: Rebuilt.
Use correct path to kimpanel in ibus-autostart.
Thanks to Lockywolf.
x/ibus-anthy-1.5.14-x86_64-2.txz: Rebuilt.
Recompiled against anthy-unicode-1.0.0.20211224.
Thanks to Heinz Wiesinger.
x/libime-1.0.13-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
x/m17n-lib-1.8.0-x86_64-5.txz: Rebuilt.
Rebuilt to drop the dependency on anthy-9100h.
Thanks to Heinz Wiesinger.
x/skkdic-20210919-noarch-1.txz: Upgraded.
Thanks to Heinz Wiesinger.
x/x11-skel-7.7-x86_64-9.txz: Rebuilt.
Added imconfig script for selecting the input method.
Thanks to Heinz Wiesinger.
x/xcb-imdkit-1.0.3-x86_64-1.txz: Added.
Thanks to Heinz Wiesinger.
20220815202347 | Patrick J Volkerding | 2022-08-16 | 5 | -0/+183 |